Skip to main content

Case Study

Developing a common framework and approach to harmonize risk language

The Situation

Due to a plethora of different regulatory requirements, a large global Systemically Important Bank (G-SIB) found itself struggling with risk assessments being performed multiple times, by multiple assurance groups on the same risks, resulting in a complex set of redundant, and sometimes overlapping, information e.g. RCSA, RRA, AML, SOX, IT, MRI.
They needed a common framework and approach that harmonized risk language across the firm (particularly Enterprise Risk Management, Compliance, IT, Finance, Audit), promoting clarity and transparency.

The business needed to move to a situation where it assessed risk once, and then used those results to respond to the different risk assurance programs.

The Satori Solution

We supported a program to develop and maintain a risk and controls taxonomy containing standard definitions, descriptions and risk rating scales to be adopted by participating risk and control functions e.g. Audit, compliance, Finance, IT, Enterprise Risk Management.

We developed an understanding between the various functional areas on how the different components of reference data related to each other. This included: organizational hierarchy (Business Unit, Legal Entity), Jurisdiction, Products & Services, Business Process, Risk, Control, Regulator, Regulatory Theme and Regulatory Obligation.

Our role involved working across the various stakeholder groups to address objections and reach consensus.

The Results

The harmonization framework we developed provided a mechanism to facilitate cross-functional discussion and alignment.

Risk Convergence provides the foundation upon which clarity, transparency and operational efficiency can be achieved.


Want to Know More?

contact us

Learn More About the Challenges We’ve Solved

View More Resources