Enterprise governance is in the early stages of a powerful trend toward digitally automating the entire enterprise. This shift in the dynamics of the governance software market will be as far-reaching and impactful over time as the enormous market adoption of Enterprise Resource Planning (ERP) and Customer Relationship Management (CRM) was a generation ago.
While the market will follow the rapid growth trajectories of ERP (e.g., SAP, PeopleSoft and WorkDay) and CRM (Salesforce.com), governance management automation started much later, and is therefore maturing later. It is lagging 10 to 15 years behind the ERP and CRM lifecycles. As a result, there should be rapid growth and tremendous opportunity ahead for those market participants and software providers that are positioned for these shifts.
Current practices in the Governance, Risk Management and Compliance (GRC) software market merely automate documentation and reporting of risk and compliance activity throughout the enterprise in order to drive greater efficiency and effectiveness in the management of these governance domains. The degree of automation delivered today, though, is insufficient.
Missing, but needed, is the ability to digitally model the entire enterprise. With rates of change accelerating in technology and regulation, it is necessary for banks and other financial institutions to address these disruptive forces by constantly crafting new business designs that continuously comply with changing regulatory and risk parameters, while also creating improved value for their customers.
To bring to life this trend of constantly re-crafting business designs in response to technology and regulatory changes, software providers must, as a foundation, holistically model their client enterprises from top to bottom. Specifically, banks must map, or dependency-model, all of the moving parts within each business process, that is, within each line of business, throughout their banking enterprise.
This is not a trivial task, as it requires modeling most of the people, process, technology, vendors, facilities, policies, controls, compliance rules, data, etc., as well as many of their inter-relationships.
Banks must also be able to assess the risk, compliance and continuity dimensions of each element contributing to every business process in every organizational corner of the enterprise.
Digitally modeling a bank’s operations is in many ways similar to mapping the human genome. By modeling the company’s genome, executive managers will have a holistic framework, with powerful analytical tools, to engineer enhancements for the bank and its operating processes where needed, in order to drive better operating efficiency, improve operating performance and promote decision-making agility.
To be on trend in this software market, in addition to being broadly integrated across all governance domains including business continuity, it is necessary for a vendor to create an almost infinitely flexible and powerful software platform that can model all aspects of business process and governance activity, at all levels across the enterprise, with ease-of-use and intuitive navigation that makes user adoption a non-issue. Behind the curtain, the software must be able to dependency-model, and logically connect, all activities across all people, process, technology, vendors and facilities and across all lines of business and across risk, compliance and continuity throughout the enterprise.
To conform to all of the idiosyncratic business processes of an organization, the software must also have enormous flexibility to easily design forms (for data input), workflow, rules, and reports (for information output). With a virtual model of their enterprise during an incident or disaster, companies are able to dynamically create custom recovery plans that are based upon an actual mix of failed assets, and are also able to dynamically adjust these plans in real time, based upon the always changing “facts on the ground.”
Drag and Drop
As a further example, by dependency-modeling the operations of the enterprise, SIFI (Systemically Important Financial Institution) banks can now deliver “Too Big to Fail” resolution plans to the Federal Reserve with greater ease and integrity.
Merely by navigating to the organizational structure in such models and clicking on a marketable entity (such as the credit card division), and then dragging it across the screen and dropping it into an empty NewCo entity, all of the dependencies within that division of business processes, people, technology, vendors, facilities, policies, controls, compliance rules and data will automatically move across with the “drop.” The drag-and-drop process is easily repeated for all other marketable entities that can be sold to healthier competitors (consumer lending, commercial lending, etc.).
While there is certainly more fine-tuning that’s required beyond simple drags and drops, the extensive dependency-modeling that is foundational to this software actually saves SIFIs man-years of compliance time in relation to the old-line software approach of building dozens of resolution plans from scratch. With less time spent on building plans, more time can be devoted to perfecting them for a higher quality presentation to the Federal Reserve.
To conclude: With high automation, banks will have synchronized the physical with the virtual world. Executives will now have the tools to lead their organizations with vision and clarity through the business-model changes that will occur, at accelerating rates, as technology and regulation changes profoundly alter our industry landscape.
Peter Christensen is co-chairman and co-founder of enterprise governance automation company Continuity Logic. He was previously co-founder, chairman and CEO of ComTec and a managing director and board member of PaineWebber.