Is GRC more mature in emerging markets compared to Europe and the US?
Travelling to all continents gives me the ability to compare the level of "GRC maturity" around the globe. The view that seems to resonate with all insiders is that the US and Europe are the most mature markets with well established "GRC silos" in place such as departments for Internal Control (for financial reporting - ICFR), Risk Management (RM), Compliance and Internal Audit. In heavily regulated industries such as banking, the companies in Europe and the US implemented GRC technology tools to support their daily work and to automate information gathering from the business in order to keep track of what is happening throughout the enterprise and to create board and committee reporting.
Nowadays we see projects surfacing where these "mature" companies are defining an eGRC strategy, replacing the implemented point solutions for ICFR, RM, IA and Compliance over time by an eGRC strategy, framework and integrated software platform. At BWise as the leading provider of integrated eGRC software, obviously we welcome that development,.
It is interesting to see that in regions such as the Middle East, Africa, Asia and Latin America, the leading companies seem to skip the step of implementing "silo solutions." They understand very well that the collection of data from the business for control, compliance and risk assessments should be combined, that the GRC data model and taxonomy should be unified, and that such a unified data model and taxonomy enables (more) meaningful reporting. They also seem to understand very well that all groups working within one eGRC platform reduces (IT) costs, prevents the second and third line departments from the ever-increasing need for additional staff, and reduces the burden of compliance to the business by asking questions once and reusing the answers..
I think it's fair to say that the "emerging markets" skip the step of the silod approach and implement integrated GRC or eGRC as a concept to become better companies and enable themselves to compete successfully from a risk management perspective with their peers in Europe and North America.
Read more about the integrated GRC approach.