RISK MANAGEMENT FOR FINANCIAL SERVICES

Transcription

1 -/+? REPORT RISK MANAGEMENT FOR FINANCIAL SERVICES Report EQ7 -/+ 87?

2 2 RISK MANAGEMENT FOR FINANCIAL SERVICES RISK MANAGEMENT FOR FINANCIAL SERVICES A New Generation Software for the New World for Risk Management The world of risk managment is changing dramatically. It is moving from the historical must have static risk register to be presented to a regulator, to a more dynamic, proactive discipline where understanding and managing risk is seen as an enabler to successful business growth and change. This new world is attracting a new breed of commerciallyoriented talent into risk management together with a new generation of enterprise risk management tools. Xactium is leading this new generation of software applications and changing the way that the discipline of risk management is perceived. In our response to the dynamic world of risk management, Xactium ensures that advanced insight and analysis can be applied to predict when risk controls are failing. Xactium also ensures that mitigating actions are in place to prevent a serious incident. By using Xactium, risk managers are fundamentally able to influence the growth of the business, foster ethical and cultural change, easily demonstrate compliance to regulators and evidence that their findings are aligned to business decision making. With Xactium, organisations can enhance their risk programs with the flexibility to stay current and to respond nimbly to both business and regulatory change, all without the need for costly programming intervention. Xactium improves analytical and reporting capabilities as well as providing intuitive access to enable all areas of the business to engage in the process; providing comprehensive sensing of all risk factors. This helps to uncover risks and incidents that have lain undetected in different departments or geographies. REPORT

3 RISK MANAGEMENT FOR FINANCIAL SERVICES 3 EQ5 90 REPORT

4 4 RISK MANAGEMENT FOR FINANCIAL SERVICES THE FLEXIBILITY TO RESPOND TO BUSINESS AND REGULATORY CHANGE Xactium offers a modern, dynamic risk solution that is designed specifically for the needs of Financial Services organisations. The flexibility, scalability and stability provided through our cloudbased platform enables Financial Services organisations to accommodate any changes imposed by regulators and meet the needs of an evolving organisation. As a consequence Xactium provides 90-95% of functionality required by the industry out of the box. The software platform then allows users to add and amend fields, descriptions, workflows and reports and also create different user profiles and views to provide the right level of visibility across the business. We felt we needed something pretty much off the shelf, something really intuitive to use, something that looked and felt a bit more like LinkedIn, Facebook, a style that you could easily review, something quite configurable without incurring a massive cost. Xactium could give us 90 95% of the functionality that we needed David Smith, Head of Operational Risk Management, Direct Line Group

5 RISK MANAGEMENT FOR FINANCIAL SERVICES 5 XACTIUM RISK MANAGEMENT IS AN ENABLER FOR BUSINESS DECISION MAKING The rate of change within Financial Services has never been greater. The ability to respond to change requires a high degree of visibility of the risks and uncertainties faced with the realisation that risk management is a critical tool in the development of a company s strategy. The whole basis of success for Financial Services organisations and strategic decision making is predicated on understanding the equations of risk. So when considering new ventures or a strategic business decision, understanding the uncertainty and the potential risks that can impact their success is critical. Xactium enables senior risk professionals to expand the definition of risk management beyond just controlling risk into decision making through the alignment of risk and business objectives. Xactium can help identify and gauge the merits of growth opportunities, embed risk management within the company s strategy and make a significant commercial contribution. Xactium enables business leaders to use performance metrics on risk, to reduce surprises, determine when controls are failing, and have greater visibility into the health of the business. Taken together this represents an essential tool to enabling better, strategic decision making. Xactium enables risk managers to: Determine what key risks the business is facing, relative to its performance objectives. Align the company s risk profile with its risk appetite. Embed risk insights into day to day decision making. Create a risk-conscious culture where accountability for managing risks is set and managed from the leaders down. Connecting risk insights to both value protection and creation, risk management becomes a value tool in improving business performance and competitiveness.

6 6 RISK MANAGEMENT FOR FINANCIAL SERVICES MAKING ORGANISATIONS FRICTIONLESS: REDUCING COST AND ENABLING GROWTH Meeting regulatory requirements and all the justifying documentation, has created a massive burden on the operations of Financial Services companies. It has meant in many instances that there is less time for senior risk managers to champion the cause of good risk management strategically. What s more, the view from many senior managers outside of risk management is that this function actually gets in the way and is an inhibitor to innovation and growth. Xactium does the opposite. It empowers the organisation to grow and innovate by ensuring the management of risk is as frictionless as possible and that vital risk information is always up to date and easy to access Ensuring that the day to day operation of managing risk is automated where possible. Using dynamic real-time dashboards to provide high visibility to the senior team on the current status. Enabling all employees from casual users to experts to easily input and engage in the process. Aggregating risk data from different divisions and functional hierarchies. Having flexibility at the core, ensuring that the system can easily grow and change with the business, so the use of the system doesn t hinder growth. Eliminating multiple data entry and time consuming consolidation of spreadsheets.

7 RISK MANAGEMENT FOR FINANCIAL SERVICES 7 REPORTING AND ANALYTICS: UNDERSTANDING THE BUSINESS OF RISK A key challenge for many legacy risk management systems is their inability to produce flexible Management Information. Today, people at every level of the business need to access risk information in a way that is relevant and tailored to their needs. These not only help control and report on individual or departmental risks but importantly they should be able to provide a global view of a risk position that is central to strategic decision making. Xactium provides a variety of executive reports, analytical insights and dashboards that are in-built as standard but can be easily tailored to meet specific needs. DASHBOARDS These support the reporting of key risks, incidents and KRIs in one convenient report. Reports are printable in a variety of formats, thus making them easy to distribute and executive dashboards can also be customised to a customer s specific requirements. Support for externally generated executive reports is also provided through third party document generators such as Conga. REPORT ON KEY METRICS AND COMBINE OPERATIONAL AND FINANCIAL RISK Dashboards show the progression of all your key metrics, including key risk, control and performance indicators. These show the specific thresholds and track the value of the indicators over time. Multiple dashboards can be created for specific areas of risk, e.g. operational risk or financial and regulatory risk. Dashboards can also be used to track and report on specific areas of risk appetite, for example, risk appetite relating to conduct risk. Dashboards can be printed at any time, enabling the current risk status to be easily shared and distributed during meetings.

8 8 XACTIUM RISK MANAGEMENT F² 10.5r 90 Risks can be prioritised across the most complex of organisations at the click of a button. AGGREGATE KEY RISKS ON ONE PAGE Xactium enables you to aggregate risks from across the organisation into a central view. This might be at the group, divisional or functional level. In addition, aggregation is supported across multiple scoring schemes. For example, while a risk within a small business unit may be rated as red, at the divisional or group level this may be less significant. Risks from different levels are calibrated according to their reporting level. Thus risks can be prioritised across the most complex of organisations at the click of a button. REPORT F² 10.5r VIEW REPORTS ON MULTIPLE DEVICES With platform support for multiple devices, REPORT you can readily access and visualise all your key risk data on any browser and mobile device. This includes mobiles, tablets and even smart watches such as the Apple Watch. You can also receive notifications on your devices, giving you rapid updates on the progress of specific risk management LSL activities. USL VISUALISING DATA Xactium provides a wide variety of data visualisation tools. These include the ability to view your data in a number of different1434 chart REPORT types and formats, and also to combine this data into multiple dashboards. It is easy to configure these visualisations using the flexible inbuilt report builder, which supports drag and drop visualisation capabilities. The platform can also be integrated with a wide array of third party data visualisation tools such as Business Objects, qlikview and Crystal Reports /+

9 RISK MANAGEMENT FOR FINANCIAL SERVICES EQ7 -/+ 87?

10 10 RISK MANAGEMENT FOR FINANCIAL SERVICES ACCESSIBILITY A cloud- based risk management application supports anywhere, any device, any time access to data via an Internet browser. This means that there is no software to download or maintain and employees have the freedom and flexibility to work from home or off site if permitted. ENGAGE THE WHOLE BUSINESS WITH RISK MANAGEMENT Sometimes it can be hard to engage people with risk management, particularly infrequent users where screen access can be complex. Utilising the cloud makes it easy to connect people and encourage collaboration around risk. Employees can use intuitive web screens that can be accessed without recall to intensive training. The usability of the cloud means that risk professionals can gather vital data from across the business to obtain a true picture of risk. ONE VERSION OF THE TRUTH At the heart of a cloud-based risk management application is a single database, which maintains a single version of an organisation s risk data. No longer is there the problem of managing multiple spreadsheets and documents, each with different versions of the data, or the challenge of manually merging data.

11 RISK MANAGEMENT FOR FINANCIAL SERVICES 11 FLEXIBILITY Many organisations want to manage risk and compliance in their own way. For instance, capturing additional data, creating new reports, or implementing specific workflows and approval processes. A cloud platform provides complete flexibility through the use of in built customisation and configuration tools, thus enabling it to be tailored to the specific needs of the business. EASE OF REPORTING Cloud-based platforms provide extensive tools and wizards for creating custom reports, which can be used to generate reports for all aspects of risk management including heatmap reports, KRI reports, risk registers, and so on. SCALABILITY The ability to seamlessly scale both up and down to reflect changes in demand within the business is inherent within cloud-based applications. With no requirements to acquire and commission additional IT server capacity or make desktop changes, it is simply a case of turning on or off additional users or functionality. Moreover by being part of an extensive enterprise platform exo-system, Xactium s solutions can be readily integrated with a wide variety of third party applications, external and internal platforms. This enables it to become a central hub in connecting risk information across an entire organisation and to its external partners. SECURITY With a cloud solution such as Xactium, you can be assured of a highly secure infrastructure that conforms to all the latest security standards, is always backed-up and with tight control over who can access and edit critical risk data.

12 12 RISK MANAGEMENT FOR FINANCIAL SERVICES RISK MANAGEMENT PRODUCT FEATURES IDENTIFICATION OF RISKS Identify and record all of the risks that impact your organisation and specific business units, projects, objectives, suppliers and processes, including their potential impacts and causes. Easily visualise your business unit and project hierarchy and drill down into specific risk details. ASSESSING RISKS Xactium allows you to efficiently manage risk assessments across your entire organisation, enabling you to: Establish Risk Assessment Criteria: Set up multiple scoring schemes/matrices for specific business units. Collect Risk Assessments: Our intuitive risk assessment entry wizard ensures all risk owners can easily complete all risk assessments. Quantitative and Qualitative Risk Assessments: Assess your risks qualitatively and/or quantitatively and easily switch between the two views. Multiple scoring schemes. Inherent, residual and target scoring. Instantly see risk assessment results. Trending reports on historical risk assessments. CONTROL, MONITOR AND MITIGATE YOUR RISKS Xactium will make sure you capture all risk events that occur and the regulations you must adhere to: Controls: Link risks to multiple controls from your control library (and vice versa) and perform control effectiveness assessments using a simple to use wizard. Assign ownership of all mitigating controls and actions. Key Risk Indicators: Link KRIs to risks and track and monitor their values over time. Easy KRI collection wizard enables the updating of KRI metrics manually or automatically. Key Control Indicators: Establish your risk controls to track how effectively they are preventing specific risk events. Risk Events/Incidents: Capture risk events/ incidents through a customisable web-form. Track them against risks and automatically notify key stakeholders of their occurrence using configurable workflows. Assess effectiveness of controls and their impact on risks. Escalate and receive notifications of overdue actions and underperforming controls. Easily compare your residual risk position against the current status of your mitigating controls and actions. FLEXIBILITY Xactium can easily grow and adapt to your organisation s changing GRC needs without the need for expensive and time consuming configuration effort. Virtually all aspects of the solution can be configured using simple wizards, including: tabs, fields, layouts, reports, dashboards, workflows, approvals, security controls, and more.

13 RISK MANAGEMENT FOR FINANCIAL SERVICES 13 RISK REPORTING, ANALYTICS AND INSIGHT Xactium allows you to produce the reports you want, when you need them and gain deep analytical insight into your key risk data, trends and activities: Heat Maps: Track the impact of mitigating activities using interactive risk map reports. Document Reports: Generate a variety of PDF or Excel documents from your data, including risk register reports and other key board and management reports. Trend Reports: See the rating of all risks, KRIs and KCIs over any period of time. Data Reports: Get an instant overview of all risk data using many different charting options. The flexibility of the platform means you can easily create or customise a wide variety of reports using a simple drag and drop wizard. Aggregate risks at every level of your organisation. Quickly produce real-time reports across all your organisation s risk data. Easily create custom risk register reports, in a range of formats, for inclusion in your management and board reports. Metrics reporting. AUDIT MANAGEMENT Having a full and clear view of your organisation s audit activities is an essential part of implementing a successful GRC programme. Without a centralised, automated solution for managing audits, organisations often struggle to aggregate audit related activities, monitor trends and gain a true picture of risk across the enterprise: Document Audits: Build an easy-to-access, online repository of audit information, and related processes, controls and risks. Automate the collection of SOX compliant audit data, including managing and tracking audit activities, audit plans and gathering the audit result. Utilise the powerful in-built workflow and approvals engine to automate reminders, tasks and sign-off. Capture and Execute Audit Plans: Capture common audit steps by creating test plans. Execute audit activities against individual test plan steps and record the outcome of each test. Real-time Reporting and Dashboards: Utilise the platform s powerful, highly customisable, reporting and dashboard capabilities to report on key audit management activities, provide regular updates to managers and track and monitor audit trends. MANAGING INCIDENTS Xactium has within its solution an out of the box incident management capability, which can be rapidly adapted to meet the needs of your compliance reporting and management activities: Track and Log Incidents: Report incidents of any type, including fraud, non compliance and security threats. Associate incidents with specific business units and describe their root cause. Manage Incident Resolution: Put in place incident management actions. Link tasks to specific remediation actions, assign them to relevant stakeholders and track their progress. Maintain an Incident Audit Trail: Maintain a full history of incident reports and activities, including changes to status, associated s and events and incident resolution activity logs. Real-time Reporting and Dashboards: Analyse and communicate critical case management activities to key stakeholders using customisable reports and dashboards. Easily Integrates with External Data Sources: Benefit from full integration with virtually any data source and application.

14 14 RISK MANAGEMENT FOR FINANCIAL SERVICES EXAMPLE CUSTOMERS

15 RISK MANAGEMENT FOR FINANCIAL SERVICES 15 IMPLEMENTATION AND EDUCATION IMPLEMENTATION Xactium is implemented using the SCRUM agile methodology. This is an ideal approach as it not only ensures delivery on time and on budget, it also gives our customers the opportunity to shape their implementation. Our aim is to provide 90% of the functionality as standard, so the majority of the implementation phase involves tuning the application to ensure it fits into the desired risk management process. HOW THIS WORKS The SCRUM development methodology is an iterative process that works on a two week cycle known as a Sprint, where elements of the customer s implementation are developed and completed as a working element. This might be the addition of fields, report design or an automation process. At the end of the two weeks the customer is shown the iteration to gain approval or feedback and any changes are fed into the next cycle. The benefits of this approach are considerable and ideal when dealing with a really flexible platform such as Xactium. BENEFITS OF XACTIUM IMPLEMENTATION PROCESS 1 2 The customer influences changes early so any corrections can be made much earlier in the process, rather than waiting several months only to find that it doesn t meet the requirement. The customer can rethink and explore ideas for how to improve their internal risk management process when implementing a new platform. The flexibility in Xactium enables the customer to see and test adaptation with each iteration. 3 By involving customers in the implementation process, the transition from an old to a new way of managing risk is made easier. 4 The time taken for user acceptance testing is dramatically reduced from weeks to days as the users of the system are involved with each iteration of the development.

16 ABOUT XACTIUM Xactium is a cloud-based GRC software provider that helps Risk, Audit and Compliance professionals to transform the way that Financial Services organisations evaluate and manage their enterprise risk. The value of the risk process and its profile is raised through the use of risk intelligence that improves efficiency and creates insights that influence decisions across the business. As the central risk platform used by the FCA to supervise the market, it has also been adopted by a wide range of financial services organisations from across the industry. Companies such as Direct Line Group, JLT, MS Amlin and Argo Group. Xactium is the world s first enterprise risk-intelligent system, with the revolutionary use of embedded AI (Artificial Intelligence), 3D visualisation and automation that dramatically improves efficiency and creates innovative analytics. Reporting is made easy and timely, and predictive insights enable senior managers to prioritise resources. Xactium is also built for managing change and is probably the most flexible and configurable enterprise risk management system available today. This adaptability ensures that our customers stay up to date and able to respond to both business and regulatory change, without the need for costly bespoke programming. Overall, Xactium releases more time and resource for the risk team to help promote best practice and demonstrate the value of risk across the business through actionable insight. Visit us online at Tel: +44 (0) info@xactium.com Head Office Xactium House 28 Kenwood Park Road Sheffield S7 1NF London Office Xactium Ltd 1st Floor 6 Bevis Marks London EC3A 7BA