Growth opportunities abound for banking institutions that have survived and thrived despite the global economic downturn. As a Canadian-based bank group prepared to make significant international acquisitions, management requested assistance in creating and extending their financial, risk and control framework across boundaries. They turned to Consult2Comply for assistance.
How We Helped
“We took the bank group’s control framework and built it inside Compliance Mapper, essentially ‘bringing it to life'” explained Steve Crutchley, Consult2Comply’s (now C2C SmartCompliance) CEO. “Our Compliance Mapper is a dynamic web-based product that gives organizations the ability to easily map, display and organize policies and procedures to multiple control infrastructures, regulations, standards and industry best practices. It creates a compliance landscape and organization strategy that can be monitored, measured and managed.”
This project created a new controls model to be used as the catalyst for regulatory alignment using two control frameworks linked to an internal risk and control framework with outward links addressing 44 international security breach and privacy regulations, national privacy needs and internal policies and procedures.
Compliance Mapper identifies the relationships among these internal policies and external banking standards, regulations and best practices – enabling the bank to remediate as needed.
A quick and positive outcome was achieved through the close collaboration of C2C’s consultants and the bank.s internal compliance team. Compliance Mapper enabled the bank to implement a unique and successful compliance implementation to ensure regulatory mappings across international boundaries. In addition to solving a complex legal and regulatory compliance maze, this project has provided the baseline for virtually any compliance need.
“We were the only governance and compliance services firm with the capability to quickly and cost effectively uses our powerful proprietary software to enhance the bank’s existing enterprise GRC deployments. We aligned compliance to their business operations – not the reverse,” said Crutchley.