More complex risks, increased regulatory scrutiny and a more rigorous compliance environment have significantly increased the challenges for companies’ Governance, Risk and Compliance (GRC) functions. Silo-based approaches in responding to these requirements have led to duplication of functions and multi-layered GRC processes. Despite spiralling costs associated with these effects, board executives struggle to see the value generated by these activities beyond achieving the mandatory compliance and adherence to reporting requirements, while at the same time managing the risks to their business, often leading to a disjointed and costly GRC organisation.
To date, companies have faced the following risk assurance and governance related challenges:
- Difficulty in de-mystifying the concept of combined assurance
- Assurance inefficiency and overspend
- Incomplete risk and opportunity universe resulting in the wrong risk being audited
- Audits are often performed by ill-equipped and inexperienced assurance providers
- More complex risks, increased regulatory scrutiny and more rigorous compliance environment
- Silo based responses from governance, risk and assurance departments have led to duplication of functions and multi-layered processes
- Insufficient stakeholder reporting
- Significant Audit Committee burden to govern and approve assurance plans without appropriate support from other board sub-committees
- Perceived lack of value from risk and assurance activities
- Board members and executives not adequately protected by risk and assurance processes
- Inadequate assurance provided to Social and Ethic, Investment and Remuneration Committees
- Risk and assurance does not always fit in with the way business operate
- Inadequate involvement of Board Sub-Committees in the risk assurance process
KPMG’s Integrated Assurance programme responds to these challenges by integrating the key risk and assurance concepts in an innovative and practical manner.
A number of our clients have already been exposed to our Integrated Assurance strategy, and have all started benefiting as follows:
- A leading Integrated Assurance approach and framework now forms part of their governance process
- Board Sub-Committees are increasingly involved in the monitoring of risk and assurance activities, alongside the CEO and Executives. The right Board members govern risk assurance for the exposures they are responsible for
- Company values drivers are better safeguarded and understood
- C-Suite Executives and the Board are better protected in a personal capacity
- Risk and assurance is simplified, and there is alignment with the way the business operates
- Optimal and cost efficient assurance coverage is promoted with coverage directed where the business needs it most.