Let’s be honest – GRC (Governance, Risk Management, and Compliance) gets a bad rap. Your credit union team members don’t break for lunch and say, “Hey! Let’s play GRC bingo!” But…maybe they should.
Ok, that’s a stretch.
But the truth is, this topic is massively important when it comes to your financial institution. And no one can offer better insights around it than Amanda Cohen, Director of GRC Products at Resolver and our guest expert this week on CRMNEXT’s Banking on Experience.
Why Amanda is passionate about GRC.
Our expert credits a professor from her master’s program for her initial interest in this career she loves. And what makes her really excited? Working with smaller teams – like those at CUs. “Those are the teams that are really innovative. They’re strategic thinkers, and they have to find ways to get the most value out of their tools and out of their teams.”
Shifting mindsets: how your CU can (and should).
Amanda emphasizes that compliance culture starts at the top. Shift the mindset from, ‘We have to do this for a regulatory purpose’ to ‘Collecting insights from our organization is going to help us run our business more effectively, achieve our objectives, and make more informed decisions.’
She also points out that “Buying a software solution or having a program does not automatically reduce your risk exposure, nor does it make your organization care about risk and compliance.” If you are thinking about a technology or building out your team, build a vision for how you want to scale the program over time.
Biggest GRC challenges for credit unions
- The true impact of risk is unknown across the credit union. Your risk info’s sitting in a bunch of different systems, and lots of teams struggle to collect that and continually perform an analysis of it.
- The GRC function can be seen as a nuisance rather than a business driver. If there’s not a lot of collaboration, you see overlap in what people are being asked for.
Your frontline + GRC: top tips on making them besties.
Great info here— listen in! But the main takeaway: This isn’t your frontline’s day-to-day job, so make it as easy as possible for them to come in, give you the information you need, and move on.
Better ways your CU can leverage the GRC Team.
- Cross-functional Alignment: Make sure you’re all speaking the same language.
- Issue and Gap Remediation: Make sure people have clear lines of accountability.
- Control Inventory: This one can get unruly if different teams are building it up independently.
- In Amanda’s words, “If you come together, understand what controls you have in place, remove duplicates, and then work with the business accordingly, you’re going to see a lot better results.”
How data applies.
The thing here that people get stuck on is – I want to integrate everything into my system. Amanda suggests thinking through the most valuable information you need to collect. Focus on that data and on making sure you always have it up to date, so you can make meaningful decisions off of it.
The Impact of GRC on Member Experience.
Ask – what is the risk exposure of us not putting our members first and foremost? Did we make the right decision in terms of where we invested?
As Amanda says, “Your risk program is really going to help you apply risks to your objectives and then make sure you’re retaining them or at least that you’re prioritizing them accordingly.”
Want to contact our expert?
You can reach Amanda via LinkedIn and learn more about her company at resolver.com.