Enabling Cost-Effective ERM with GRC Software

Governance, Risk & Compliance ("GRC") software has become a hot topic in the world of risk management over the past several years.  Many business people often ask what is GRC software and what is its purpose?  GRC software is akin to Enterprise Resource Planning ("ERP") software in that it is intended to provide a single repository for disparate information in order to enable better analysis and decision making.  However, while ERP software is focused on integrating financial and operations management activities, GRC software is focused primarily on integrating risk management activities.  An article in the September 2009 issue of Insurance Networking News provides additional insight into the evolution of GRC software and its usefulness in the aftermath of the recent financial meltdown.

Much as the Greek goddess Athena emerged from the forehead of Zeus, the marketplace for governance, risk and compliance (GRC) software was birthed in an epic headache. The accounting scandals and subsequent bankruptcies of Enron and WorldCom prompted the creation of the Sarbanes-Oxley Act (SOX) and GRC software soon emerged to help companies comply with the regulations.

"If you look at the genesis of the GRC market, it was brought on by the passage of SOX in 2002," says Tom Eid, VP research, at Stamford, Conn.-based Gartner Inc. "The first GRC solutions emerged in 2004, and at that point the focus was really on the finance and audit function."

Five years and one credit crisis later, the risk management component of GRC seems poised for a similar boom. While no legislation has yet passed as a direct result of the financial services meltdown, few expect this to persist for too much longer. Bills intended to rewrite the regulation of financial services in general, and insurance in particular, are winding through both houses of Congress. Leaving aside the diverging opinions on the merits of the bills, a broad consensus exists that more regulations-and a larger emphasis on risk management by regulators-are inevitable.

"The administration continues to make the case that they need some sort of consolidated oversight over insurance and financial services at the federal level," says Gary Bhojwani, president & CEO of Minneapolis-based Allianz Life. "They are talking about true regulatory oversight, whether they get it is a whole other discussion." While the industry awaits development in Washington, rules propagated by standards bodies such as the Financial Accounting Standards Board are already being enacted, and rating agencies are putting a renewed emphasis on risk.

With so many different regulatory bodies and agencies placing new demands on businesses as well as the ever-increasing complexity of business transactions, the need to integrate risk management activities in a cost-effective manner is very real.  Wheelhouse Advisors is equipped to help companies build enterprise risk management programs and implement GRC software to enable the integration.  To learn more, visit www.WheelhouseAdvisors.com.