The GRC industry is changing
Today, Governance, Risk and Compliance (GRC) covers the full breadth of stringent boundaries organizations must operate within to achieve their business objectives, both by ensuring they are compliant and performing at their optimum. As a result, GRC strategies must accommodate more than just compliance, and popular GRC software solutions now only form part of a comprehensive GRC approach.
But what are its origins, and what does the future hold for GRC?
GRC policy was first introduced in the wake of the Enron and WorldCom scandals. Poor accounting practices and cynical bookkeeping to hide debt breached investor trust and led to the collapse of these two US juggernauts in the energy and telecom sectors, respectively.
In the wake of the scandal, Congress passed new legislation to prevent financial crime from similar incidents from happening again. The Sarbanes-Oxley Act mandated certain practices in financial record keeping and reporting, and this spawned the concept of Governance, Risk and Compliance as a business need.
Failure to adhere to the terms of the Act included severe financial repercussions. In fact, according to LexisNexis’ Global True Cost of Compliance 2022 report, the total projected cost of financial crime compliance across financial institutions worldwide last year was $213.9 billion, which was up from $180.9 billion in the previous year.
Companies found themselves under increasingly intense scrutiny to meet regulations, with the threat of huge fines, and so there grew a need for innovative solutions to help them manage their compliance as effectively as possible.
