Welcome to this special podcast series, In Conversation with K2 Intelligence FIN: Jeremy Kroll on GRC Risks, Strategies, and the Future, sponsored by K2 Intelligence FIN. This week I visit with K2 Intelligence FIN, Chief Executive Officer (CEO) Jeremy Kroll on GRC Risks, Strategies, and the Future.
Over the week, we will review the current Governance, Risk, and Compliance (GRC) landscape, look at GRC at work, consider GRC and the investment community, review GRC and K2 Intelligence FIN and conclude with a look at GRC then and now. In this Part 1, we consider the current GRC landscape.
GRC aims to synchronize information, processes and practices across the enterprise to help entities operate more efficiently by enabling effective information sharing about risk, aligning risk mitigation with organizational goals, allowing for more accurate and effective risk insights, while avoiding wasteful redundancies. Kroll related that a high-level explanation of GRC is “governance is at the top of an organization, literally the very tone from the top. So, at the end of the day, it’s, how can you share information, align your plans, to organize your goals and create an environment where you get more accurate, more effective insights to help you mitigate or manage risk”. GRC ensures that the people who are in the position to avoid risk and effectuate risk avoidance activities can effect that change, alter the course before things go wrong, based upon having the right information.
We turned to risk appetite. Jeremy Kroll believes “organizations have evolved and now there is precious little time to really experiment and figure out not whether something is going to go haywire”. This make is more about business resiliency. To be able to start or expand a business in this competitive world, you have to have a certain appetite for risk. GRC provides a framework to not only “have that appetite, but also be able to take certain decisions; whether that is a geographic expansion and going into a new market or going from investing in a people based businesses, and then starting to pivot into technology.” You can take certain risks as you either evolve or even transform the organization or team. Kroll pointed out that GRC can allow for an “organizational design that allows the highest levels of the business to listen and have the information flow to them and then react quickly that an organization does not lose its way.”
We next turned to the components of a strong GRC framework. They include: tone at the top governance; an effective method to identify, assess and quantify the risk; the ability to train and enforce compliance requirements; independent testing of mitigation measures and to close gaps and remediate deficiencies; audit programs focused on continual improvement and reporting; and the ability to communicate all of the above up the chain of command to the decisionmakers and change agents where decisions can be made and adjustments that cascade back down through the organization.
With these components in place, Jeremy Kroll then expanded out on how they are used. It begins with identifying the risks and then assessing them. From there you create a risk management plan and “once you have that plan in place, being able to monitor it, which leads to training and the constant reassessment, not just of the systems, but the people in your organization.” Moreover, if there is a failure, how quickly can you react and remediate? Jeremy Kroll concluded that it is actually “putting your plan into practice.” He provided the example that if you are a senior inhouse counsel and you are having a conversation with an engineer out in the field, you must, “feel their pain, to understand what it’s like to perform at a high-pressure environment.”
He concluded that GRC has become a much broader part of the conversation across the board. For example, this has become a larger part of the due diligence process for investors examining portfolio companies or acquisitions. Please join us as we explore this and other GRC-related issues over this podcast series. Tomorrow we examine GRC at work.
Check out the LinkedIn page for K2 Intelligence FIN here.
Check out the K2 Intelligence FIN website here.
Day: August 31, 2020
Categories
Episode 026–Michael Bret Hood
On this episode of The Ethics Experts, Gio speaks with Bret hood about ethical behavior, how you see yourself, and the little lies we tell.
Check out more episodes, and don’t forget to subscribe on your favorite podcast platform!
The FCPA Compliance Report is the longest running podcast in compliance. Today, I am extraordinarily honored to post my 500th Anniversary podcast. Today, I switch seats to be the guest as I am interviewed by Gregg Greenberg, the General Manager of CSuite Radio. We take a look back at some of the key trends, I have seen in compliance over the past 10 years, the top episodes, my favorite guests, the Liverpool Football Club, buffalo wings and much more.
Some of the highlights include:
- The biggest changes seen in compliance over the past 10 years.
- When, why and how did the FCPA Compliance Report begin?
- What are of my favorite episodes and some of my top guests? By the number and by guests.
- What I have learned in this journey?
- As The Voice of Compliance; why I am so passionate about podcasting as a communication tool.
- If you are an LFC fan, why you will walk alone.
- What makes the perfect buffalo wing?
Check out the Lead Up Podcast Series
If you are interested in my podcast series from 5 top commentators on their reflections on the evolution of compliance over the past 10 years, check out the following:
- Episode 495 – Mike Volkov on changes in FCPA enforcement;
- Episode 496 – Matt Kelly on changes in compliance report from business journalism;
- Episode 497 – Jonathan Armstrong in changes GDPR, the UKBA and Modern Slavery law;
- Episode 498 – Jay Rosen on moving from reactive to proactive compliance; and
- Episode 499 – Jonathan Marks on how changes in internal audit both mirror changes in compliance professionalism.
