The pace of digital transformation in most investment firms quickened significantly at the onset of the pandemic, as work-from-home orders led firms to facilitate and extend remote working for staff. That another pandemic – or equally operationally impactful event – may arise again within our lifetimes has not been ruled out by leading scientists, yet a recent study found that 40% of investment firms still do not complete a yearly compliance risk assessment. This leaves those firms vulnerable to compliance, legal, audit, financial and operational risks, and hampers their ability to mitigate new or evolving risks effectively. Meanwhile, some risk types are becoming more challenging to mitigate, such as the growing cybersecurity threat, for instance. Legacy governance, risk and compliance (GRC) tools may not be up to the task, and firms may soon find that the only way to enhance their view of all risks and mitigate them is by using a new generation of artificial intelligence (AI)-enabled GRC tools.
AI-enabled tools utilise one or more advanced technologies such as machine learning, deep learning and natural language processing. The use of AI-enabled tools is a growing phenomenon across a range of GRC programmes. As these technologies evolve, those firms that embrace AI-enabled tools – and are able to use them effectively – will be better positioned to face what is, by definition, an uncertain global future.
GreySpark’s Digital Governance Transformation Maturity (DGTM) Model for governance, risk and compliance (GRC), was described in the recent article, Digital Transformation of Governance. The model, illustrated in Figure 1, can be used to identify the current stage of an investment firm’s ‘digital maturity’, and presents a high-level roadmap along which firms can build incrementally upon their previous transformational work.