Deployment of Enterprise-Wide Risk Management Framework and Supporting Capabilities

Client: Top 25 Global Bank

The Challenge:

This institution faced a set of risk- and compliance-related regulatory actions and Matters Requiring Attention (MRAs). They needed to deploy an enhanced enterprise-level Risk Management Framework and supporting capabilities across all Front-Line Units with requirements spanning across all lines of business. The dedicated line of business team struggled to achieve these goals in alignment with expectations and could not effectively execute the required planning and implementation activities. They were failing to meet key regulatory requirements and deadlines.

The Solution:

Due to our extensive history of successful engagements embedding sustainable, repeatable controls into the client’s processes, Eliassen Group was chosen to aid in the implementation of the Risk Management Framework across one of the lines of business. Our deep risk and compliance experience in the financial services industry allowed us to design a precise, customized solution to help the client meet its goals.

Eliassen Group successfully led deployment of key Risk Management Framework process, system, and policy components.

Eliassen Group facilitated the implementation and execution of the team plan and workstream level regulatory, policy, and program requirements. We covered risk and control self-assessment (RCSA) execution, risk program components, compliance, issue management and escalations, policy implementation, and customer remediation and redress. Our consultants aligned the team’s program and workstreams with the enterprise-wide action plan and regulatory requirements. We facilitated multiple plan review working sessions with workstream leaders, executives, and enterprise-level sponsors. We developed and facilitated the execution of program and workstream level charters, team structures, execution protocols, gap analysis of regulatory and policy requirements, training and communication plans, roll-out approaches, executive overviews, and progress tracking. We reviewed and confirmed closure of compliance related effectiveness gaps for the team, including the collection of hundreds of artifacts. We deployed and executed executive level reporting and required updates to enterprise leadership. We also advised on and implemented program governance protocols and tools to align with the enterprise program office and implemented an approach and toolset to capture evidence of task completion and related artifacts, including quality assurance reviews.

The Result:

Our consultants were able to complete all workstream- and program-level tasks and multiple replanning efforts to meet regulatory and enterprise requirements successfully and on time. Some of the other accomplishments associated with this project include:

  • Development of guidance to capture and retain task completion evidence and deploy related quality assurance workflows.
  • Our approach was adopted and leveraged by all Business Groups across the enterprise.
  • Development, deployment, and management of a SharePoint-based toolset to inventory project-related artifacts.
  • Implementation of a change management process to track updates to program plans and maintain alignment of enterprise and regulatory requirements.
  • Transition of the program to new executive and workstream leadership in response to Business Group reorganization.
  • Significant improvement in the compliance program effectiveness rating for the Business Group.
  • Development and deployment of a Risk and Control Self-Assessment (RCSA) completion tracking approach with successful completion of pilot and initialphase RCSAs.
  • Transition of multiple workflows to team members for ongoing Business as Usual performance.
  • Recognition by Business Group executives, workstream business leads, and enterprise program office for the excellent guidance provided to the Business Group, the tools provided to enhance program deliverables, and our overall ability to execute under tight deadlines.