Dan Zitting, previously Chief Product Officer, now holds the title of CEO at Galvanize, a software company that helps its clients achieve their goals and objectives. Tom Fox welcomes him back to this week’s show to talk about fraud risks, and what it means for the compliance professional.
A Period of Change
Rapid change during the pandemic is the main catalyst for the increase in fraud. The move to remote work created new susceptibility to cyber fraud. “The pandemic and the news, and noise created around it, created all kinds of new ways for clever social engineers to talk people into doing things they shouldn’t be doing,” Dan explains to Tom. It’s important for GRC professionals to be aware of and ready for change, he adds. We have to realize that change has sped up and will continue to do so in the business environment, regulatory environment, and social justice areas. The rate at which change will increase will be much greater in the future than it has been in the past.
Choosing The Right Technology
Choosing the right technology to support anti-fraud programs is important. GRC professionals have to shift controls and assess risk fast enough to deal with all the changes that are occurring around them. Having the proper technology on hand can help make their jobs easier. “A lot of technology is effectively built around manually filling out forms, and creating workflows between people to capture risk or assess risk or evaluate controls, and that is just far too slow-moving,” Dan remarks. We need to create automation primarily from data and technology that can evaluate very quickly. We also need to be able to leverage machine learning which will help us identify data that we might not have otherwise known.
Fraud as a Bigger Focus & The Importance of Governance
How fraud connects to the broader array of cybersecurity risks makes it a major focus for CEOs and senior executives. Leaders are seeking to learn more and educate themselves on how compliance officials are analyzing and monitoring the risks, something that was not done as often in the past. Interest in governance within the compliance sector is also gaining headway. Dan explains to Tom that organizations need to have overarching governance strategies that dictate how they look at the incoming risks to the business.
Resources
Dan Zitting | LinkedIn | Twitter
Galvanize
Tag: Dan Zitting
Dan Zitting is the CEO of Galvanize and is Tom Fox’s guest this week on the Innovation in Compliance Podcast. Dan was the Chief Product Officer of Galvanize before taking up the CEO role. Galvanize is a software company that helps its clients achieve their goals and objectives. Dan and Tom discuss GRC software, the role of GRC professionals, and why data is so important to a company’s operations.
The Evolving Role of GRC
GRC refers to a company’s governance, risk management, and compliance capabilities in achieving its objectives. The pandemic has proven that GRC is a valued and impactful asset. As a result, the scope and demand for GRC professionals and their services have accelerated. “We had the ability to work through one of the most pervasive risk issues to come along in decades, and it demonstrated the value of risk management and the value of strong governance,” Dan tells Tom. “Our role is to think about how we can demonstrate that same level of value in all of the other areas of risk that were already on the radar.”
The Cost of Reputational Risk
Tom asks Dan to explain why reputational risk may be more costly than a fine. Dan explains that though reputational risks may be harder to quantify, the time it takes to undo the damage done is significant and tends to have a more lasting impact. “A significant loss of talent or employees and having to go rebuild that reputation and re-recruit…are real costs, and they are often much bigger,” Dan says.
Preventing NonCompliant Conduct
Preventing noncompliant conduct is just as important, even more so, than detecting it. “There are two key things,” Dan begins, “[The first being] the very nature of building strong governance programs in and of itself creates prevention.” As culture shifts, what was previously introduced as a detection mechanism becomes a prevention mechanism. In addition, advancement in technology is helping organizations prevent corrupt activities. Dan gives the example of data analytics and its machine learning model.
GRC in The Future
GRC is going to have a much larger and broader impact on the world because it’s a more efficient and impactful way to bring governance into organizations. Dan tells Tom that compliance professionals need to embrace technology more: trying to evaluate governance programs and controls manually is ineffective and time-consuming.
Resources
Dan Zitting | LinkedIn | Twitter
Galvanize
Welcome to the newest addition to the Compliance Podcast Network, Compliance and Coronavirus. In this episode, I am joined by Dan Zitting, Chief Product & Strategy Officer at Galvanize. Dan joins me to discuss issues and challenges around stakeholder engagement brought on by Covid-19.
Some of the highlights include:
· Role at Galvanize?
· What does the Galvanize solution bring?
· What is the HighBond platform and what role does it play?
· How can these solutions assist a compliance professional?
· You have said, your “purpose is to “challenge the planet’s organizations to maximize ‘total stakeholder impact’ by operating with a conscience”. What does this mean?
· How did Galvanize assist , UnitingCare, an Australian largest non-profit health, aged care, disability, and community service providers
Resources
Check out the Galvanize COVID-19 Toolkit