SlideShare a Scribd company logo

StratexSystems_270115

Andrew Smart
Andrew Smart
1 of 3
Download to read offline
Interview of the Year 2 www.finance-monthly.com Email: andrew.smart@stratexsystems.com | Web: www.stratexsystems.com software which adds no business value while the risk management function spends all its time capturing and managing risk data without having time to generate meaningful analysis and insight for decision-making. In addition to having the wrong conceptual approach, a lot of operational risk management technology has poor, unfamiliar user interfaces with inflexible data structures or data structures which are incomplete or have in- built limitations. This means that in a more dynamic risk environment, these tools put a straightjacket on the business and encourage the growth of ad hoc spreadsheet or other systems to emerge. This significantly reduces the ability of firms to use risk management to change and generate insights for decision- making in a dynamic, changing regulatory environment where significant growth opportunities are emerging. Another key issue that is often seen in operational risk management technology solutions is the lack of flexibility in reporting. A common complaint is “we enter a lot of management software tools now find that they have four main challenges: 1. Working with operational risk management tools designed for the risk team, not the business; 2. Difficulties in making changes to the system to reflect changes in the business environment; 3. Focusing on data capture; and 4. Establishing and sustaining a risk aware culture when the operational risk manage- ment software is not ‘fit for purpose’. It is not uncommon for many firms to have invested in operational risk management technology (often a number of years ago) that was designed for the operational risk team to manage risk, rather than designed to enable the business to manage risk as part of its day-to-day job. This has the effect of limiting the business value of all risk management activities: the business become frustrated and disengaged in the risk management process because they have to deploy user-unfriendly In March 2014, Finance Monthly caught up with Andrew Smart, CEO and Founder at StratexSystems,totalktohimaboutoperationalriskmanagementframeworkandtechnology. This is what he told us n the wake of the credit crunch, many firms rushed to improve their operational risk management framework and technology under pressure from their regulators. As the first green shoots of economic growth blossom, however, firms should ask themselves: does our risk technology support our business strategy? For many firms, the primary driver of their operational risk agenda has been the need to meet the demands of regulators, which have become more intensive and intrusive in the wake of the credit crunch. Often the need to respond to ever increasing regulatory demands has meant that the crucial emphasis on enabling and supporting the execution of business strategy has been lacking. As the economic environment improves and as the regulatory emphasis on Conduct Risk increases, firms need to ensure that their operational risk management framework and technology is aligned to, and supportive of, the delivery of business objectives. In our experience, many firms that have implemented traditional operational risk I RISK MANAGEMENT ANDREW SMART STRATEX SYSTEMS
3 Interview of the Year data into the system but we cannot seem to get any information back out”. This focus on data capture and lack of emphasis (or time) on reporting, analytics and the generation of decision-making insight reinforces the view that risk management is a layer of bureaucracy which adds little or no business value. All of these limitations converge to discourage business engagement in the operational risk management process, meaning that the operational risk management agenda is not aligned to the business strategy and certainly does not support the execution of the business strategy. Perhaps, however, the most important impact of inflexible, rigorous, traditional operational risk management tools is that they do not support the emergence of an organisational culture that embeds risk management into day-to-day decision- making. Additionally, few things kill a ‘risk- aware’ culture faster than the inability of the operational risk management technology to provide management information that is relevant and timely to business decision- makers. This is particularly true when the risk environment changes and the technology prevents the risk framework from being rapidly adapted to reflect the new environment. This lack of flexibility and lack of business focus is particularly damaging given the shift in regulatory approach, especially with the creation of the FCA and its Conduct Risk agenda: moving away from a prescriptive, rulebook based approach to regulation to one which emphasises judgement, business model, practices and culture. “This philosophical change is important because in our experience, when things go significantly wrong in a firm within our remit, it is not because it hasn’t complied with a set of narrow regulatory rules, but because there is a fundamental flaw in the business model, in the culture or its business practices.” Clive Adamson, Director of Supervision, FCA, November 2013. Using the FCA as an example, it makes clear that it does not and will not provide a detailed description of how firms should go about meeting their regulatory requirements. About StratexSystems StratexSystems is the only software company in the world to provide an integrated, Risk-based Performance solution powered by Microsoft’s SharePoint platform. The company’s StratexPoint technology is an integrated Strategy Execution and Risk Management solution. The solution is comprehensive in nature but modular in deployment, delivering a high ROI, high user adoption and high levels of assurance to your Board and Regulator(s) that you are operating within appetite. Instead, they want to see firms ‘doing the right things’. At StratexSystems we have developed a technology solution, StratexPoint, which was designed to embed operational risk management into business strategy, making risk appetite a central consideration and control mechanism for firms as they execute strategy on a continuous, day-to-day basis. This focus on business outcomes, from the business model, business strategy and operational level enables firms to develop an approach to operational risk management which is business enabling, focused on creating business value rather than a regulatory-centric approach focused on ticking regulatory boxes.
Interview of the Year 4 www.finance-monthly.com RISK MANAGEMENT IN 2015 Andrew Smart, CEO and Founder at StratexSystems, tells us more about product refinements for StratexPoint, a Big Data product launch, and the risk of apportioning blame at an individual level are reflected in regulation and management decision- making to some extent. However, I would query whether fundamental questions related to strategy execution, risk management, risk appetite, conduct and culture have been learnt, and embedded within the industry. What other trends to you predict for 2015 and beyond? The emerging requirements around the senior manager regime shows that the direction of travel is towards assigning responsibility to individuals within firms and there is clearly a desire to be able to apportion blame at the individual level. This poses a challenge not only for the risk management professionals, but also has implications from a personal performance management perspective. Firms are going to have to be more considered and robust in aligning their personal performance management practices with overall enterprise performance, and enterprise risk management practices. to shareholders. Often, but not always, these twin objectives are in conflict because of a silo approach to risk management; one that focuses on implementing risk management to comply rather than to protect and create value. What new developments will we see in operational risk management technology in 2015? Leveraging Big Data/Big Visualisation capabilities should be a consideration for all operational risk vendors, as should mobile. However, as many firms are still grappling with previous generation ORM software,whichlacksaconceptuallysounddatamodel, robust dashboard and reporting capabilities and does nothing to embed a culture of accountabilities, I suspect many firms will end 2015 as they started it, frustrated by their risk management systems and spending too much time manually manipulating data in spreadsheets rather than applying their analytical skills to generating business and risk insights from their data. The Bank of England carried out its first ‘Stress Test’ at the end of 2014. In terms of risk management, are we in a better shape than in 2008? And what lessons have we learnt? Certainly some lessons have been learnt and these What new products or services have you rolled out or do you plan to roll out in 2015? In 2015 we will be enhancing the Policy Management, Attestation and Risk Event Reporting capabilities of the solution, StratexPoint. From a mobile perspective we will be enhancing our offerings for iPad, Windows Tablets and Smartphones. We also have an exciting Big Data/Big Analytics service which we are developing in conjunction with Innovate UK, formerly the Technology Strategy Board. Best practice libraries around Cyber Risk, Conduct Risk and Compliance Management are also in the development pipeline for the second half of the year. How have companies changed their risk strategies in wake of the somewhat improved economic fortunes of 2014? There is some evidence that companies are looking to leverage their investment in risk management infrastructure to drive growth. However, with the volume of regulatory change, the main focus is responding to regulation. How have new regulations in the finance sector impacted risk management? New regulation is certainly a major driver behind a number of risk management initiatives, specifically around the Conduct Risk agenda of the FCA. This is not always positive and some firms are exhibiting the wrong behaviours to meet the letter of the regulation rather than the sprint. What new challenges will the industry see in 2015 and how can risk management help mitigate risk? The challenge for the industry in 2015 is to balance the demands of increased regulation while also trying to growth their business and deliver value

Recommended

FMM&A15-StratexSystems
FMM&A15-StratexSystemsFMM&A15-StratexSystems
FMM&A15-StratexSystemsAndrew Smart
 
Strategically+Speaking+October+2015
Strategically+Speaking+October+2015Strategically+Speaking+October+2015
Strategically+Speaking+October+2015Andrew Smart
 
GRC FOR CAPITAL MARKETS: Beyond Corporate Governance
GRC FOR CAPITAL MARKETS: Beyond Corporate GovernanceGRC FOR CAPITAL MARKETS: Beyond Corporate Governance
GRC FOR CAPITAL MARKETS: Beyond Corporate GovernanceGary Cable
 
Managing Information Risk in Financial Services
Managing Information Risk in Financial Services Managing Information Risk in Financial Services
Managing Information Risk in Financial Services Andrew Smart
 
Governance risk and compliance
Governance risk and complianceGovernance risk and compliance
Governance risk and complianceMagdalena Matell
 
7 Grc Myths Webinar 20110127 Final (2)
7 Grc Myths Webinar 20110127 Final (2)7 Grc Myths Webinar 20110127 Final (2)
7 Grc Myths Webinar 20110127 Final (2)GBBLUME
 
Grc governance, risk management & compliance
Grc governance, risk management & complianceGrc governance, risk management & compliance
Grc governance, risk management & complianceHR Globe Consulting
 
CMLGroup - What is GRC?
CMLGroup - What is GRC?CMLGroup - What is GRC?
CMLGroup - What is GRC?CML Group
 

Recommended

FMM&A15-StratexSystems
FMM&A15-StratexSystemsFMM&A15-StratexSystems
FMM&A15-StratexSystemsAndrew Smart
 
Strategically+Speaking+October+2015
Strategically+Speaking+October+2015Strategically+Speaking+October+2015
Strategically+Speaking+October+2015Andrew Smart
 
GRC FOR CAPITAL MARKETS: Beyond Corporate Governance
GRC FOR CAPITAL MARKETS: Beyond Corporate GovernanceGRC FOR CAPITAL MARKETS: Beyond Corporate Governance
GRC FOR CAPITAL MARKETS: Beyond Corporate GovernanceGary Cable
 
Managing Information Risk in Financial Services
Managing Information Risk in Financial Services Managing Information Risk in Financial Services
Managing Information Risk in Financial Services Andrew Smart
 
Governance risk and compliance
Governance risk and complianceGovernance risk and compliance
Governance risk and complianceMagdalena Matell
 
7 Grc Myths Webinar 20110127 Final (2)
7 Grc Myths Webinar 20110127 Final (2)7 Grc Myths Webinar 20110127 Final (2)
7 Grc Myths Webinar 20110127 Final (2)GBBLUME
 
Grc governance, risk management & compliance
Grc governance, risk management & complianceGrc governance, risk management & compliance
Grc governance, risk management & complianceHR Globe Consulting
 
CMLGroup - What is GRC?
CMLGroup - What is GRC?CMLGroup - What is GRC?
CMLGroup - What is GRC?CML Group
 
Enterprise Governance, Risk and Compliance
Enterprise Governance, Risk and ComplianceEnterprise Governance, Risk and Compliance
Enterprise Governance, Risk and ComplianceAxis Technology, LLC
 
GRC - Isaca Training 16.9.2014
GRC - Isaca Training 16.9.2014GRC - Isaca Training 16.9.2014
GRC - Isaca Training 16.9.2014Paul Simidi
 
Accountability Corbit Overview 06262007
Accountability Corbit Overview 06262007Accountability Corbit Overview 06262007
Accountability Corbit Overview 06262007Humberto Bruno Pontes Silva
 
What is GRC – Governance, Risk and Compliance
What is GRC – Governance, Risk and Compliance What is GRC – Governance, Risk and Compliance
What is GRC – Governance, Risk and Compliance BOC Group
 
Ten Slides in Ten Minutes - Company Realities - GRC
Ten Slides in Ten Minutes - Company Realities - GRCTen Slides in Ten Minutes - Company Realities - GRC
Ten Slides in Ten Minutes - Company Realities - GRCBill Graham CP.APMP
 
Governance, Risk, and Compliance Services
Governance, Risk, and Compliance ServicesGovernance, Risk, and Compliance Services
Governance, Risk, and Compliance ServicesCapgemini
 
GRC
GRCGRC
GRCMaryam Hidayatallah CPFA,MIPA,MA,CICA
 
GRC Governance, Risk mgmt. & Compliance Executive
GRC Governance, Risk mgmt. & Compliance ExecutiveGRC Governance, Risk mgmt. & Compliance Executive
GRC Governance, Risk mgmt. & Compliance ExecutiveMax Neira Schliemann
 
Operational security | How to design your information security GRC (governanc...
Operational security | How to design your information security GRC (governanc...Operational security | How to design your information security GRC (governanc...
Operational security | How to design your information security GRC (governanc...Maxime CARPENTIER
 
Top Ten Challenges for Investment Banks 2015: Regulation: Challenge 1
Top Ten Challenges for Investment Banks 2015: Regulation: Challenge 1Top Ten Challenges for Investment Banks 2015: Regulation: Challenge 1
Top Ten Challenges for Investment Banks 2015: Regulation: Challenge 1accenture
 
Memo to CEOs
Memo to CEOsMemo to CEOs
Memo to CEOsKeith Darcy
 
Principled Performance delivered through Federated GRC
Principled Performance delivered through Federated GRCPrincipled Performance delivered through Federated GRC
Principled Performance delivered through Federated GRCNick Carus
 
Governance, Risk & Compliance Management Solution
Governance, Risk & Compliance Management SolutionGovernance, Risk & Compliance Management Solution
Governance, Risk & Compliance Management SolutionRishabh Software
 
Balancing risk with opportunity
Balancing risk with opportunityBalancing risk with opportunity
Balancing risk with opportunityGrant Thornton LLP
 
138 مبادرة #تواصل_تطوير المحاضرة ال 138 من المبادرة دكتور مهندس / أكرم حسن اس...
138 مبادرة #تواصل_تطوير المحاضرة ال 138 من المبادرة دكتور مهندس / أكرم حسن اس...138 مبادرة #تواصل_تطوير المحاضرة ال 138 من المبادرة دكتور مهندس / أكرم حسن اس...
138 مبادرة #تواصل_تطوير المحاضرة ال 138 من المبادرة دكتور مهندس / أكرم حسن اس...Egyptian Engineers Association
 
GP for Regulatory Management Product Sheet
GP for Regulatory Management Product SheetGP for Regulatory Management Product Sheet
GP for Regulatory Management Product SheetMarco Villacorta Olano
 
GPS brochure - EN
GPS brochure - ENGPS brochure - EN
GPS brochure - ENGlobal Performance System - GPS
 
Integrc Infographic
Integrc Infographic Integrc Infographic
Integrc Infographic BHD Creative Ltd
 
Security Governance by Risknavigator 2010
Security Governance by Risknavigator 2010Security Governance by Risknavigator 2010
Security Governance by Risknavigator 2010Lennart Bredberg
 
Mitigate Risk with Better Plan Execution and Organizational Alignment
Mitigate Risk with Better Plan Execution and Organizational AlignmentMitigate Risk with Better Plan Execution and Organizational Alignment
Mitigate Risk with Better Plan Execution and Organizational AlignmentPaige Pulaski
 
GRC Strategies in a Business_ Trends and Challenges.pdf
GRC Strategies in a Business_ Trends and Challenges.pdfGRC Strategies in a Business_ Trends and Challenges.pdf
GRC Strategies in a Business_ Trends and Challenges.pdfbasilmph
 
2015 global capital markets risk management study
2015 global capital markets risk management study2015 global capital markets risk management study
2015 global capital markets risk management studyLapman Lee ✔
 

More Related Content

What's hot

Enterprise Governance, Risk and Compliance
Enterprise Governance, Risk and ComplianceEnterprise Governance, Risk and Compliance
Enterprise Governance, Risk and ComplianceAxis Technology, LLC
 
GRC - Isaca Training 16.9.2014
GRC - Isaca Training 16.9.2014GRC - Isaca Training 16.9.2014
GRC - Isaca Training 16.9.2014Paul Simidi
 
What is GRC – Governance, Risk and Compliance
What is GRC – Governance, Risk and Compliance What is GRC – Governance, Risk and Compliance
What is GRC – Governance, Risk and Compliance BOC Group
 
Ten Slides in Ten Minutes - Company Realities - GRC
Ten Slides in Ten Minutes - Company Realities - GRCTen Slides in Ten Minutes - Company Realities - GRC
Ten Slides in Ten Minutes - Company Realities - GRCBill Graham CP.APMP
 
Governance, Risk, and Compliance Services
Governance, Risk, and Compliance ServicesGovernance, Risk, and Compliance Services
Governance, Risk, and Compliance ServicesCapgemini
 
GRC Governance, Risk mgmt. & Compliance Executive
GRC Governance, Risk mgmt. & Compliance ExecutiveGRC Governance, Risk mgmt. & Compliance Executive
GRC Governance, Risk mgmt. & Compliance ExecutiveMax Neira Schliemann
 
Operational security | How to design your information security GRC (governanc...
Operational security | How to design your information security GRC (governanc...Operational security | How to design your information security GRC (governanc...
Operational security | How to design your information security GRC (governanc...Maxime CARPENTIER
 
Top Ten Challenges for Investment Banks 2015: Regulation: Challenge 1
Top Ten Challenges for Investment Banks 2015: Regulation: Challenge 1Top Ten Challenges for Investment Banks 2015: Regulation: Challenge 1
Top Ten Challenges for Investment Banks 2015: Regulation: Challenge 1accenture
 
Principled Performance delivered through Federated GRC
Principled Performance delivered through Federated GRCPrincipled Performance delivered through Federated GRC
Principled Performance delivered through Federated GRCNick Carus
 
Governance, Risk & Compliance Management Solution
Governance, Risk & Compliance Management SolutionGovernance, Risk & Compliance Management Solution
Governance, Risk & Compliance Management SolutionRishabh Software
 
Balancing risk with opportunity
Balancing risk with opportunityBalancing risk with opportunity
Balancing risk with opportunityGrant Thornton LLP
 
138 مبادرة #تواصل_تطوير المحاضرة ال 138 من المبادرة دكتور مهندس / أكرم حسن اس...
138 مبادرة #تواصل_تطوير المحاضرة ال 138 من المبادرة دكتور مهندس / أكرم حسن اس...138 مبادرة #تواصل_تطوير المحاضرة ال 138 من المبادرة دكتور مهندس / أكرم حسن اس...
138 مبادرة #تواصل_تطوير المحاضرة ال 138 من المبادرة دكتور مهندس / أكرم حسن اس...Egyptian Engineers Association
 
GP for Regulatory Management Product Sheet
GP for Regulatory Management Product SheetGP for Regulatory Management Product Sheet
GP for Regulatory Management Product SheetMarco Villacorta Olano
 
Security Governance by Risknavigator 2010
Security Governance by Risknavigator 2010Security Governance by Risknavigator 2010
Security Governance by Risknavigator 2010Lennart Bredberg
 
Mitigate Risk with Better Plan Execution and Organizational Alignment
Mitigate Risk with Better Plan Execution and Organizational AlignmentMitigate Risk with Better Plan Execution and Organizational Alignment
Mitigate Risk with Better Plan Execution and Organizational AlignmentPaige Pulaski
 

What's hot (20)

Enterprise Governance, Risk and Compliance
Enterprise Governance, Risk and ComplianceEnterprise Governance, Risk and Compliance
Enterprise Governance, Risk and Compliance
 
GRC - Isaca Training 16.9.2014
GRC - Isaca Training 16.9.2014GRC - Isaca Training 16.9.2014
GRC - Isaca Training 16.9.2014
 
Accountability Corbit Overview 06262007
Accountability Corbit Overview 06262007Accountability Corbit Overview 06262007
Accountability Corbit Overview 06262007
 
What is GRC – Governance, Risk and Compliance
What is GRC – Governance, Risk and Compliance What is GRC – Governance, Risk and Compliance
What is GRC – Governance, Risk and Compliance
 
Ten Slides in Ten Minutes - Company Realities - GRC
Ten Slides in Ten Minutes - Company Realities - GRCTen Slides in Ten Minutes - Company Realities - GRC
Ten Slides in Ten Minutes - Company Realities - GRC
 
Governance, Risk, and Compliance Services
Governance, Risk, and Compliance ServicesGovernance, Risk, and Compliance Services
Governance, Risk, and Compliance Services
 
GRC
GRCGRC
GRC
 
GRC Governance, Risk mgmt. & Compliance Executive
GRC Governance, Risk mgmt. & Compliance ExecutiveGRC Governance, Risk mgmt. & Compliance Executive
GRC Governance, Risk mgmt. & Compliance Executive
 
Operational security | How to design your information security GRC (governanc...
Operational security | How to design your information security GRC (governanc...Operational security | How to design your information security GRC (governanc...
Operational security | How to design your information security GRC (governanc...
 
Top Ten Challenges for Investment Banks 2015: Regulation: Challenge 1
Top Ten Challenges for Investment Banks 2015: Regulation: Challenge 1Top Ten Challenges for Investment Banks 2015: Regulation: Challenge 1
Top Ten Challenges for Investment Banks 2015: Regulation: Challenge 1
 
Memo to CEOs
Memo to CEOsMemo to CEOs
Memo to CEOs
 
Principled Performance delivered through Federated GRC
Principled Performance delivered through Federated GRCPrincipled Performance delivered through Federated GRC
Principled Performance delivered through Federated GRC
 
Governance, Risk & Compliance Management Solution
Governance, Risk & Compliance Management SolutionGovernance, Risk & Compliance Management Solution
Governance, Risk & Compliance Management Solution
 
Balancing risk with opportunity
Balancing risk with opportunityBalancing risk with opportunity
Balancing risk with opportunity
 
138 مبادرة #تواصل_تطوير المحاضرة ال 138 من المبادرة دكتور مهندس / أكرم حسن اس...
138 مبادرة #تواصل_تطوير المحاضرة ال 138 من المبادرة دكتور مهندس / أكرم حسن اس...138 مبادرة #تواصل_تطوير المحاضرة ال 138 من المبادرة دكتور مهندس / أكرم حسن اس...
138 مبادرة #تواصل_تطوير المحاضرة ال 138 من المبادرة دكتور مهندس / أكرم حسن اس...
 
GP for Regulatory Management Product Sheet
GP for Regulatory Management Product SheetGP for Regulatory Management Product Sheet
GP for Regulatory Management Product Sheet
 
GPS brochure - EN
GPS brochure - ENGPS brochure - EN
GPS brochure - EN
 
Integrc Infographic
Integrc Infographic Integrc Infographic
Integrc Infographic
 
Security Governance by Risknavigator 2010
Security Governance by Risknavigator 2010Security Governance by Risknavigator 2010
Security Governance by Risknavigator 2010
 
Mitigate Risk with Better Plan Execution and Organizational Alignment
Mitigate Risk with Better Plan Execution and Organizational AlignmentMitigate Risk with Better Plan Execution and Organizational Alignment
Mitigate Risk with Better Plan Execution and Organizational Alignment
 

Similar to StratexSystems_270115

GRC Strategies in a Business_ Trends and Challenges.pdf
GRC Strategies in a Business_ Trends and Challenges.pdfGRC Strategies in a Business_ Trends and Challenges.pdf
GRC Strategies in a Business_ Trends and Challenges.pdfbasilmph
 
2015 global capital markets risk management study
2015 global capital markets risk management study2015 global capital markets risk management study
2015 global capital markets risk management studyLapman Lee ✔
 
Designing Enhanced Supervision for the Evolving Wealth Management Ecosystem
Designing Enhanced Supervision for the Evolving Wealth Management EcosystemDesigning Enhanced Supervision for the Evolving Wealth Management Ecosystem
Designing Enhanced Supervision for the Evolving Wealth Management Ecosystemaccenture
 
Innovation connections quick guide managing ict risk for business pdf
Innovation connections quick guide managing ict risk for business pdfInnovation connections quick guide managing ict risk for business pdf
Innovation connections quick guide managing ict risk for business pdfAbdulbasit Almauly
 
13 Top GRC Tools for an Integrated Governance, Risk and Compliance Strategy
13 Top GRC Tools for an Integrated Governance, Risk and Compliance Strategy13 Top GRC Tools for an Integrated Governance, Risk and Compliance Strategy
13 Top GRC Tools for an Integrated Governance, Risk and Compliance StrategyQuekelsBaro
 
Meraj Ahmad - Information security in a borderless world
Meraj Ahmad - Information security in a borderless worldMeraj Ahmad - Information security in a borderless world
Meraj Ahmad - Information security in a borderless worldnooralmousa
 
Power your businesswith risk informed decisions
Power your businesswith risk informed decisionsPower your businesswith risk informed decisions
Power your businesswith risk informed decisionsAlireza Ghahrood
 
Operational risk model
Operational risk modelOperational risk model
Operational risk modelDavidkerrkelly
 
Board matters quarterly – volume 3
Board matters quarterly – volume 3Board matters quarterly – volume 3
Board matters quarterly – volume 3elithomas202
 
Banking & Financial Services Strengthening GRC In The Banking & Financial Ser...
Banking & Financial Services Strengthening GRC In The Banking & Financial Ser...Banking & Financial Services Strengthening GRC In The Banking & Financial Ser...
Banking & Financial Services Strengthening GRC In The Banking & Financial Ser...Mubeen Yaqoob
 
Risk & Advisory Services: Quarterly Risk Advisor Feb. 2016
Risk & Advisory Services: Quarterly Risk Advisor Feb. 2016Risk & Advisory Services: Quarterly Risk Advisor Feb. 2016
Risk & Advisory Services: Quarterly Risk Advisor Feb. 2016CBIZ, Inc.
 
Trends in Technology for the year 2014
Trends in Technology for the year 2014Trends in Technology for the year 2014
Trends in Technology for the year 2014Winston DeLoney
 
Managing the Complexities of Governance, Risk & Compliance Requires
Managing the Complexities of Governance, Risk & Compliance RequiresManaging the Complexities of Governance, Risk & Compliance Requires
Managing the Complexities of Governance, Risk & Compliance RequiresWNS Global Services
 
Capgemini UK - Evolution of risk_management
Capgemini UK - Evolution of risk_managementCapgemini UK - Evolution of risk_management
Capgemini UK - Evolution of risk_managementJelger Groenland
 
Risk Mgmt - Define_And_Articulate
Risk Mgmt - Define_And_ArticulateRisk Mgmt - Define_And_Articulate
Risk Mgmt - Define_And_ArticulateAnthony Chiusano
 
Drive your business with predictive analytics
Drive your business with predictive analyticsDrive your business with predictive analytics
Drive your business with predictive analyticsThe Marketing Distillery
 

Similar to StratexSystems_270115 (20)

GRC Strategies in a Business_ Trends and Challenges.pdf
GRC Strategies in a Business_ Trends and Challenges.pdfGRC Strategies in a Business_ Trends and Challenges.pdf
GRC Strategies in a Business_ Trends and Challenges.pdf
 
2015 global capital markets risk management study
2015 global capital markets risk management study2015 global capital markets risk management study
2015 global capital markets risk management study
 
The 10 recommended audit management solution providers, 2018
The 10 recommended audit management solution providers, 2018The 10 recommended audit management solution providers, 2018
The 10 recommended audit management solution providers, 2018
 
Designing Enhanced Supervision for the Evolving Wealth Management Ecosystem
Designing Enhanced Supervision for the Evolving Wealth Management EcosystemDesigning Enhanced Supervision for the Evolving Wealth Management Ecosystem
Designing Enhanced Supervision for the Evolving Wealth Management Ecosystem
 
Innovation connections quick guide managing ict risk for business pdf
Innovation connections quick guide managing ict risk for business pdfInnovation connections quick guide managing ict risk for business pdf
Innovation connections quick guide managing ict risk for business pdf
 
CroweHorwath
CroweHorwathCroweHorwath
CroweHorwath
 
13 Top GRC Tools for an Integrated Governance, Risk and Compliance Strategy
13 Top GRC Tools for an Integrated Governance, Risk and Compliance Strategy13 Top GRC Tools for an Integrated Governance, Risk and Compliance Strategy
13 Top GRC Tools for an Integrated Governance, Risk and Compliance Strategy
 
Meraj Ahmad - Information security in a borderless world
Meraj Ahmad - Information security in a borderless worldMeraj Ahmad - Information security in a borderless world
Meraj Ahmad - Information security in a borderless world
 
Risk_Technology
Risk_TechnologyRisk_Technology
Risk_Technology
 
Power your businesswith risk informed decisions
Power your businesswith risk informed decisionsPower your businesswith risk informed decisions
Power your businesswith risk informed decisions
 
Operational risk model
Operational risk modelOperational risk model
Operational risk model
 
Concept of Governance - Management of Operational Risk for IT Officers/Execut...
Concept of Governance - Management of Operational Risk for IT Officers/Execut...Concept of Governance - Management of Operational Risk for IT Officers/Execut...
Concept of Governance - Management of Operational Risk for IT Officers/Execut...
 
Board matters quarterly – volume 3
Board matters quarterly – volume 3Board matters quarterly – volume 3
Board matters quarterly – volume 3
 
Banking & Financial Services Strengthening GRC In The Banking & Financial Ser...
Banking & Financial Services Strengthening GRC In The Banking & Financial Ser...Banking & Financial Services Strengthening GRC In The Banking & Financial Ser...
Banking & Financial Services Strengthening GRC In The Banking & Financial Ser...
 
Risk & Advisory Services: Quarterly Risk Advisor Feb. 2016
Risk & Advisory Services: Quarterly Risk Advisor Feb. 2016Risk & Advisory Services: Quarterly Risk Advisor Feb. 2016
Risk & Advisory Services: Quarterly Risk Advisor Feb. 2016
 
Trends in Technology for the year 2014
Trends in Technology for the year 2014Trends in Technology for the year 2014
Trends in Technology for the year 2014
 
Managing the Complexities of Governance, Risk & Compliance Requires
Managing the Complexities of Governance, Risk & Compliance RequiresManaging the Complexities of Governance, Risk & Compliance Requires
Managing the Complexities of Governance, Risk & Compliance Requires
 
Capgemini UK - Evolution of risk_management
Capgemini UK - Evolution of risk_managementCapgemini UK - Evolution of risk_management
Capgemini UK - Evolution of risk_management
 
Risk Mgmt - Define_And_Articulate
Risk Mgmt - Define_And_ArticulateRisk Mgmt - Define_And_Articulate
Risk Mgmt - Define_And_Articulate
 
Drive your business with predictive analytics
Drive your business with predictive analyticsDrive your business with predictive analytics
Drive your business with predictive analytics
 

More from Andrew Smart

Having trouble with your enterprise risk management strategy? Map it.
Having trouble with your enterprise risk management strategy? Map it.Having trouble with your enterprise risk management strategy? Map it.
Having trouble with your enterprise risk management strategy? Map it.Andrew Smart
 
Embedding RCSA into Strategic Planning and Business Strategy
Embedding RCSA into Strategic Planning and Business StrategyEmbedding RCSA into Strategic Planning and Business Strategy
Embedding RCSA into Strategic Planning and Business StrategyAndrew Smart
 
Cyber Risk Management
Cyber Risk Management Cyber Risk Management
Cyber Risk Management Andrew Smart
 
Enabling Effective Conduct Risk
Enabling Effective Conduct RiskEnabling Effective Conduct Risk
Enabling Effective Conduct RiskAndrew Smart
 
Strategic Planning Society Webinar- Integrating Strategy and Risk Management
Strategic Planning Society Webinar- Integrating Strategy and Risk ManagementStrategic Planning Society Webinar- Integrating Strategy and Risk Management
Strategic Planning Society Webinar- Integrating Strategy and Risk ManagementAndrew Smart
 
Integrating Strategy and Risk Management
Integrating Strategy and Risk ManagementIntegrating Strategy and Risk Management
Integrating Strategy and Risk ManagementAndrew Smart
 
Making Conduct Risk [Good] Business As Usual
Making Conduct Risk [Good] Business As UsualMaking Conduct Risk [Good] Business As Usual
Making Conduct Risk [Good] Business As UsualAndrew Smart
 
Governance Culture & Incentives- Fundamentals of Operational Risk
Governance Culture & Incentives- Fundamentals of Operational RiskGovernance Culture & Incentives- Fundamentals of Operational Risk
Governance Culture & Incentives- Fundamentals of Operational RiskAndrew Smart
 
StratexPoint Risk Management Solution Intro Video
StratexPoint Risk Management Solution Intro VideoStratexPoint Risk Management Solution Intro Video
StratexPoint Risk Management Solution Intro VideoAndrew Smart
 
Shaping Your Culture via Risk Appetite
Shaping Your Culture via Risk Appetite Shaping Your Culture via Risk Appetite
Shaping Your Culture via Risk Appetite Andrew Smart
 
Managing with KPI's and KRI's
Managing with KPI's and KRI's Managing with KPI's and KRI's
Managing with KPI's and KRI's Andrew Smart
 
Enabling Effective Conduct Risk
Enabling Effective Conduct RiskEnabling Effective Conduct Risk
Enabling Effective Conduct RiskAndrew Smart
 
Integrating Risk into your Balanced Scorecard
Integrating Risk into your Balanced Scorecard Integrating Risk into your Balanced Scorecard
Integrating Risk into your Balanced Scorecard Andrew Smart
 
Middle east insurance market
Middle east insurance marketMiddle east insurance market
Middle east insurance marketAndrew Smart
 
Amnded stratexpoint screens1
Amnded stratexpoint screens1Amnded stratexpoint screens1
Amnded stratexpoint screens1Andrew Smart
 
HML Risk Transformation
HML Risk TransformationHML Risk Transformation
HML Risk TransformationAndrew Smart
 
Greater Manchester Fire and Rescue Service Whitepaper
Greater Manchester Fire and Rescue Service WhitepaperGreater Manchester Fire and Rescue Service Whitepaper
Greater Manchester Fire and Rescue Service WhitepaperAndrew Smart
 
Integrating Risk Appetite With Strategy Feb 14 2011
Integrating Risk Appetite With Strategy Feb 14 2011Integrating Risk Appetite With Strategy Feb 14 2011
Integrating Risk Appetite With Strategy Feb 14 2011Andrew Smart
 
Manigent Embedding Risk Appetite Within The Strategy Process
Manigent Embedding Risk Appetite Within The Strategy ProcessManigent Embedding Risk Appetite Within The Strategy Process
Manigent Embedding Risk Appetite Within The Strategy ProcessAndrew Smart
 
Manigent Aligning Risk Appetite And Exposure
Manigent Aligning Risk Appetite And ExposureManigent Aligning Risk Appetite And Exposure
Manigent Aligning Risk Appetite And ExposureAndrew Smart
 

More from Andrew Smart (20)

Having trouble with your enterprise risk management strategy? Map it.
Having trouble with your enterprise risk management strategy? Map it.Having trouble with your enterprise risk management strategy? Map it.
Having trouble with your enterprise risk management strategy? Map it.
 
Embedding RCSA into Strategic Planning and Business Strategy
Embedding RCSA into Strategic Planning and Business StrategyEmbedding RCSA into Strategic Planning and Business Strategy
Embedding RCSA into Strategic Planning and Business Strategy
 
Cyber Risk Management
Cyber Risk Management Cyber Risk Management
Cyber Risk Management
 
Enabling Effective Conduct Risk
Enabling Effective Conduct RiskEnabling Effective Conduct Risk
Enabling Effective Conduct Risk
 
Strategic Planning Society Webinar- Integrating Strategy and Risk Management
Strategic Planning Society Webinar- Integrating Strategy and Risk ManagementStrategic Planning Society Webinar- Integrating Strategy and Risk Management
Strategic Planning Society Webinar- Integrating Strategy and Risk Management
 
Integrating Strategy and Risk Management
Integrating Strategy and Risk ManagementIntegrating Strategy and Risk Management
Integrating Strategy and Risk Management
 
Making Conduct Risk [Good] Business As Usual
Making Conduct Risk [Good] Business As UsualMaking Conduct Risk [Good] Business As Usual
Making Conduct Risk [Good] Business As Usual
 
Governance Culture & Incentives- Fundamentals of Operational Risk
Governance Culture & Incentives- Fundamentals of Operational RiskGovernance Culture & Incentives- Fundamentals of Operational Risk
Governance Culture & Incentives- Fundamentals of Operational Risk
 
StratexPoint Risk Management Solution Intro Video
StratexPoint Risk Management Solution Intro VideoStratexPoint Risk Management Solution Intro Video
StratexPoint Risk Management Solution Intro Video
 
Shaping Your Culture via Risk Appetite
Shaping Your Culture via Risk Appetite Shaping Your Culture via Risk Appetite
Shaping Your Culture via Risk Appetite
 
Managing with KPI's and KRI's
Managing with KPI's and KRI's Managing with KPI's and KRI's
Managing with KPI's and KRI's
 
Enabling Effective Conduct Risk
Enabling Effective Conduct RiskEnabling Effective Conduct Risk
Enabling Effective Conduct Risk
 
Integrating Risk into your Balanced Scorecard
Integrating Risk into your Balanced Scorecard Integrating Risk into your Balanced Scorecard
Integrating Risk into your Balanced Scorecard
 
Middle east insurance market
Middle east insurance marketMiddle east insurance market
Middle east insurance market
 
Amnded stratexpoint screens1
Amnded stratexpoint screens1Amnded stratexpoint screens1
Amnded stratexpoint screens1
 
HML Risk Transformation
HML Risk TransformationHML Risk Transformation
HML Risk Transformation
 
Greater Manchester Fire and Rescue Service Whitepaper
Greater Manchester Fire and Rescue Service WhitepaperGreater Manchester Fire and Rescue Service Whitepaper
Greater Manchester Fire and Rescue Service Whitepaper
 
Integrating Risk Appetite With Strategy Feb 14 2011
Integrating Risk Appetite With Strategy Feb 14 2011Integrating Risk Appetite With Strategy Feb 14 2011
Integrating Risk Appetite With Strategy Feb 14 2011
 
Manigent Embedding Risk Appetite Within The Strategy Process
Manigent Embedding Risk Appetite Within The Strategy ProcessManigent Embedding Risk Appetite Within The Strategy Process
Manigent Embedding Risk Appetite Within The Strategy Process
 
Manigent Aligning Risk Appetite And Exposure
Manigent Aligning Risk Appetite And ExposureManigent Aligning Risk Appetite And Exposure
Manigent Aligning Risk Appetite And Exposure
 

StratexSystems_270115

  • 1. Interview of the Year 2 www.finance-monthly.com Email: andrew.smart@stratexsystems.com | Web: www.stratexsystems.com software which adds no business value while the risk management function spends all its time capturing and managing risk data without having time to generate meaningful analysis and insight for decision-making. In addition to having the wrong conceptual approach, a lot of operational risk management technology has poor, unfamiliar user interfaces with inflexible data structures or data structures which are incomplete or have in- built limitations. This means that in a more dynamic risk environment, these tools put a straightjacket on the business and encourage the growth of ad hoc spreadsheet or other systems to emerge. This significantly reduces the ability of firms to use risk management to change and generate insights for decision- making in a dynamic, changing regulatory environment where significant growth opportunities are emerging. Another key issue that is often seen in operational risk management technology solutions is the lack of flexibility in reporting. A common complaint is “we enter a lot of management software tools now find that they have four main challenges: 1. Working with operational risk management tools designed for the risk team, not the business; 2. Difficulties in making changes to the system to reflect changes in the business environment; 3. Focusing on data capture; and 4. Establishing and sustaining a risk aware culture when the operational risk manage- ment software is not ‘fit for purpose’. It is not uncommon for many firms to have invested in operational risk management technology (often a number of years ago) that was designed for the operational risk team to manage risk, rather than designed to enable the business to manage risk as part of its day-to-day job. This has the effect of limiting the business value of all risk management activities: the business become frustrated and disengaged in the risk management process because they have to deploy user-unfriendly In March 2014, Finance Monthly caught up with Andrew Smart, CEO and Founder at StratexSystems,totalktohimaboutoperationalriskmanagementframeworkandtechnology. This is what he told us n the wake of the credit crunch, many firms rushed to improve their operational risk management framework and technology under pressure from their regulators. As the first green shoots of economic growth blossom, however, firms should ask themselves: does our risk technology support our business strategy? For many firms, the primary driver of their operational risk agenda has been the need to meet the demands of regulators, which have become more intensive and intrusive in the wake of the credit crunch. Often the need to respond to ever increasing regulatory demands has meant that the crucial emphasis on enabling and supporting the execution of business strategy has been lacking. As the economic environment improves and as the regulatory emphasis on Conduct Risk increases, firms need to ensure that their operational risk management framework and technology is aligned to, and supportive of, the delivery of business objectives. In our experience, many firms that have implemented traditional operational risk I RISK MANAGEMENT ANDREW SMART STRATEX SYSTEMS
  • 2. 3 Interview of the Year data into the system but we cannot seem to get any information back out”. This focus on data capture and lack of emphasis (or time) on reporting, analytics and the generation of decision-making insight reinforces the view that risk management is a layer of bureaucracy which adds little or no business value. All of these limitations converge to discourage business engagement in the operational risk management process, meaning that the operational risk management agenda is not aligned to the business strategy and certainly does not support the execution of the business strategy. Perhaps, however, the most important impact of inflexible, rigorous, traditional operational risk management tools is that they do not support the emergence of an organisational culture that embeds risk management into day-to-day decision- making. Additionally, few things kill a ‘risk- aware’ culture faster than the inability of the operational risk management technology to provide management information that is relevant and timely to business decision- makers. This is particularly true when the risk environment changes and the technology prevents the risk framework from being rapidly adapted to reflect the new environment. This lack of flexibility and lack of business focus is particularly damaging given the shift in regulatory approach, especially with the creation of the FCA and its Conduct Risk agenda: moving away from a prescriptive, rulebook based approach to regulation to one which emphasises judgement, business model, practices and culture. “This philosophical change is important because in our experience, when things go significantly wrong in a firm within our remit, it is not because it hasn’t complied with a set of narrow regulatory rules, but because there is a fundamental flaw in the business model, in the culture or its business practices.” Clive Adamson, Director of Supervision, FCA, November 2013. Using the FCA as an example, it makes clear that it does not and will not provide a detailed description of how firms should go about meeting their regulatory requirements. About StratexSystems StratexSystems is the only software company in the world to provide an integrated, Risk-based Performance solution powered by Microsoft’s SharePoint platform. The company’s StratexPoint technology is an integrated Strategy Execution and Risk Management solution. The solution is comprehensive in nature but modular in deployment, delivering a high ROI, high user adoption and high levels of assurance to your Board and Regulator(s) that you are operating within appetite. Instead, they want to see firms ‘doing the right things’. At StratexSystems we have developed a technology solution, StratexPoint, which was designed to embed operational risk management into business strategy, making risk appetite a central consideration and control mechanism for firms as they execute strategy on a continuous, day-to-day basis. This focus on business outcomes, from the business model, business strategy and operational level enables firms to develop an approach to operational risk management which is business enabling, focused on creating business value rather than a regulatory-centric approach focused on ticking regulatory boxes.
  • 3. Interview of the Year 4 www.finance-monthly.com RISK MANAGEMENT IN 2015 Andrew Smart, CEO and Founder at StratexSystems, tells us more about product refinements for StratexPoint, a Big Data product launch, and the risk of apportioning blame at an individual level are reflected in regulation and management decision- making to some extent. However, I would query whether fundamental questions related to strategy execution, risk management, risk appetite, conduct and culture have been learnt, and embedded within the industry. What other trends to you predict for 2015 and beyond? The emerging requirements around the senior manager regime shows that the direction of travel is towards assigning responsibility to individuals within firms and there is clearly a desire to be able to apportion blame at the individual level. This poses a challenge not only for the risk management professionals, but also has implications from a personal performance management perspective. Firms are going to have to be more considered and robust in aligning their personal performance management practices with overall enterprise performance, and enterprise risk management practices. to shareholders. Often, but not always, these twin objectives are in conflict because of a silo approach to risk management; one that focuses on implementing risk management to comply rather than to protect and create value. What new developments will we see in operational risk management technology in 2015? Leveraging Big Data/Big Visualisation capabilities should be a consideration for all operational risk vendors, as should mobile. However, as many firms are still grappling with previous generation ORM software,whichlacksaconceptuallysounddatamodel, robust dashboard and reporting capabilities and does nothing to embed a culture of accountabilities, I suspect many firms will end 2015 as they started it, frustrated by their risk management systems and spending too much time manually manipulating data in spreadsheets rather than applying their analytical skills to generating business and risk insights from their data. The Bank of England carried out its first ‘Stress Test’ at the end of 2014. In terms of risk management, are we in a better shape than in 2008? And what lessons have we learnt? Certainly some lessons have been learnt and these What new products or services have you rolled out or do you plan to roll out in 2015? In 2015 we will be enhancing the Policy Management, Attestation and Risk Event Reporting capabilities of the solution, StratexPoint. From a mobile perspective we will be enhancing our offerings for iPad, Windows Tablets and Smartphones. We also have an exciting Big Data/Big Analytics service which we are developing in conjunction with Innovate UK, formerly the Technology Strategy Board. Best practice libraries around Cyber Risk, Conduct Risk and Compliance Management are also in the development pipeline for the second half of the year. How have companies changed their risk strategies in wake of the somewhat improved economic fortunes of 2014? There is some evidence that companies are looking to leverage their investment in risk management infrastructure to drive growth. However, with the volume of regulatory change, the main focus is responding to regulation. How have new regulations in the finance sector impacted risk management? New regulation is certainly a major driver behind a number of risk management initiatives, specifically around the Conduct Risk agenda of the FCA. This is not always positive and some firms are exhibiting the wrong behaviours to meet the letter of the regulation rather than the sprint. What new challenges will the industry see in 2015 and how can risk management help mitigate risk? The challenge for the industry in 2015 is to balance the demands of increased regulation while also trying to growth their business and deliver value