Skip to main content

Case Study

Delivering a Governance, Risk, and Compliance (GRC) Program


As part of a strategic review, a large global Systemically Important Bank (G-SIB) chose to consolidate its GRC systems to a single platform (RSA Archer) with the objective of acting as a single clearing house for all risk and control data. While the GRC platform had been chosen, there was a pressing need to develop applications to implement on it. The first two areas of focus were Volcker CEO Attestation and Senior Manager Regime/Certification Regime (SMR/CR).

Satori Solution

Working with the Bank’s IT function and the respective business sponsors, we provided Business Analyst resources to systematically develop business, functional/non-functional requirements and solution designs for both Volcker CEO Attestation and SMR/CR. This involved the analysis of current state, envisioning future state, process design, data analysis, business requirements definition, solution design, and development oversight. In addition, we developed an overall strategy and approach for Issues Management to enable various business functions (e.g. Third-Party Risk Management, Volcker CEO Attestation, Compliance, Operational Risk Event Capture & management) to access and utilize a common core issues management sub-system. We also advised on key aspects of systems development life cycle (SDLC) and supplier management.


In a relatively short time, we delivered Business Requirement Documents (BRDs) for Volcker CEO Attestation, SMR/CR and Common, Core Issues Management. Our close program oversight ensured that systems development activity was efficient and met tight timescales.


Want to Know More?

contact us

Learn More About the Challenges We’ve Solved

View More Resources