Tel: 08-611 30 20
Mail: info@allevogroup.com
Address: Rödabergsgatan 12
113 33 Stockholm, Sweden.

governance risk and compliance

GRC is closely related to ERM. In fact they are so closely related that it could be stated that they’re one and the same.

Risk is the common focal point. GRC resembles a molecule where the central atom is R (risk).

governance risk and complianceRisk is the inner essence of any enterprise. To provide sustainable value to stakeholders the enterprise will take and also be exposed to risks. Nothing ventured – nothing gained. But too much ventured is probably not appreciated by all stakeholders. What is the risk profile of the company? Is there a general understanding of risk appetite and risk tolerance? Which return is expected in relation to risks taken? Risk and reward thinking should be part of the company’s governance system – risk governance. The goal is to embed risk management into the complete corporate governance structure. Part of governance is to make sure that the company lives according to rules and regulations (both own and external, expressed or implied). Assuring the latter is called compliance.

Compliance is fundamental. To adhere to basic rules and regulations should be fundamental to a serious business enterprise. Any other option means risking brand, reputation, and the most important asset – trust. Regulatory authorities have put such strain on organizations through rules and regulations that companies may believe are the essence of good risk management – particularly in the financial world (such as Solvency 1 and Basel 2). Regulatory authorities tend to lag behind the quick pace of development and increasing complexity, volatility and unforeseen global interconnectivity. The governance of risks and opportunities should be conducted for the sustainable sake of key stakeholders, beyond laws and regulations.

There are many friends of GRC; with OCEG (Open Compliance and Ethics Group) (www.oceg.org) probably being the most active organization in this field.

ERM, GRC, Risk Management, Value Enhancement or …? 

At Allevo we believe that the management of future uncertainty can be called by many names. Most common is ERM since the launch of the COSO ERM Framework in 2004. Standard & Poor’s also uses ERM as a term for its analysis of management performance as part of its credit rating assessment. We know companies who have embedded ERM-thinking into the strategic and business planning process without putting a specific label on the embedded processes or activities.

The modern management of risks and opportunities is a mindset; and the label is of minor importance. 
The goal is to improve performance, create sustainable growth and profitability – increasing your freedom of action in an ever changing business environment.