Governance, Risk and Compliance
Don’t miss our panel on 2023 GRC Trends with experts in all things GRC and ERM. This event was originally hosted by RIMS.
As the governance, risk, and compliance space increases in complexity, you’re hearing acronyms and new takes for subjects like Cognitive GRC, ESG, technology like Artificial Intelligence (AI) and machine learning (ML), and third-party risk and trying to determine what this means for risk management and compliance in your organization and how you budget and plan for what’s coming.
What are GRC leaders talking about today that will shape the world of risk intelligence tomorrow? Here are some highlights from our experts:
“Now we’re building on GRC 4.0. We have what I call GRC 5.0, cognitive GRC, and leveraging artificial intelligence technologies on top of GRC 4.0, and then moving towards GRC 6.0 — that business integrated GRC.”
~ Michael Rasmussen, GRC pundit and founder, GRC 20/20 Research
“At the most basic level, [AI and Machine Learning] allows you to take large amounts of data, and then consolidate it, apply patterns and trends and identify things within that data. So you’re taking someone who might previously have been undertaking an activity, and you’re freeing them up to allow them to do more analysis and really focus on how the operations of their business are performing.”
~ Amanda Cohen, VP of GRC Products, Resolver
“Companies need to show that they’re going beyond putting out statements or engaging in low-impact activities — sort of box-ticking exercises. They need to better understand and make good on the environmental and social impacts of their investments, of their activities, and also the activities of their third parties.”
~ Kroll’s Managing Director of Compliance Risk & Due Diligence, Mariellen Davies-DeMarco.
“What’s the cost of current systems that you have managing all these different functions? For us, it ended up being quite a considerable amount. So the benefit was pretty clear. Not just having it all in one system and all in one place where we can leverage off of each other’s work, but then also just the cost itself ended up being quite a bit less just to have it in that one system. It ended up being a pretty easy sell to our management team, just based off of that alone.”
~ Eleni Willis, SVP & Director, ERM Operations at Sterling Bank & Trust
You need to make sure you have the right platform that can deliver on that future state you’re building towards. When I work on business cases in this space, I build those business cases around efficiency, effectiveness, and agility.”
~ Michael Rasmussen, GRC pundit and founder, GRC 20/20 Research
“If you go ahead and implement one of these programs, you’ll likely see these numbers are actually going to go up before they go down. Because for the first time, you’ve got a real understanding of what’s happening every day within your
business. It’s less ‘pie in the sky’ and more of a real understanding of how the business is operating. And so you are going to see that upward trajectory, and you’ll be able to take action on that, and then really start to do something and see those numbers (or your risk exposure) reduce overall.
~ Amanda Cohen, VP of GRC Products, Resolver
“There’s a lot of focus today on resilience, and resilience is absolutely necessary… But if I’m running down the street and I trip over a pothole, resilience is “How quickly can I get back up and start running again?” Resilience is about the recovery from a risk event. That’s important, but what I argue is what’s more important is the ability to be agile with risk. If I’m running down the street, to be able to see that pothole and leap over it or go around it. That’s what organizations need. They not only need risk resilience, which is coming in so many different regulations and things now, but they need risk agility.”
~ Michael Rasmussen, GRC pundit and founder, GRC 20/20 Research
Eleni Willis
Senior Vice President and Director of Enterprise Risk Management, Eleni Willis leads the design and implementation of Sterling Bank and Trust’s Enterprise Risk Management program. An early adopter of technology to support her GRC strategy, Eleni and her team apply common ERM methods and approaches to manage risk across all first and second lines of business. Prior to joining Sterling, Eleni oversaw risk management at a variety of financial institutions, including roles in BSA, Fraud, Accounting, and Tax. During the Great Recession, she was Senior Bank Examiner for the Washington State Department of Financial Institutions, often as the Examiner in Charge, leading risk management examinations of troubled and/or complex financial institutions.
Mariellen Davies-DeMarco
Managing director in the Compliance Risk and Diligence practice of Kroll, Mariellen focuses on optimizing business operations and leading Kroll’s due diligence research and analysis process. Mariellen has had many career highlights, including recruiting, training, and mentoring nearly 200 interns in Kroll’s immensely successful internship program. A former investigator in the Madoff/BLMIS fraud investigations, Mariellen’s current focus is on multi-language research, global due diligence, business intelligence, and compliance research.
Michael Rasmussen
Michael is an internationally recognized pundit on governance, risk management, and compliance (GRC). With 28+ years of experience, Michael helps organizations improve GRC processes, design and implement GRC architecture, and select effective, efficient, and agile technologies.
Amanda Cohen
As VP of governance, risk, and compliance products at Resolver, the leader in risk and security management software, Amanda is reimagining the way some of the world’s largest organizations think about their relationship to risk. After graduating with her master’s in international political economy, she began her career as a regulatory compliance specialist with Resolver. Today, Amanda is responsible for the vision and strategic direction of Resolver’s GRC portfolio.
Nadine Araksi
With many years in the media industry, from journalist to business executive, Nadine made the switch to Resolver in 2021. She approaches content around risk with a journalist’s mindset of “What’s interesting about this? What does the audience want to know?” She loves telling the story of Resolver’s robust and holistic Risk Intelligence platform as well as interviewing customers and thought leaders in the risk management industry.