Transforming Compliance into Risk Management. A presentation by Michael Rasmussen

Regulators consistently talk about the need for a ‘risk-based approach’ to financial crime, and many organisations have created ‘risk management’ functions to complement, and in some cases replace, legacy compliance functions. This shift is based on a recognition that it is not just what you do, it is how you do it that matters. Financial criminals are agile and reflexive, and those that seek to stop them need to be so in response.

But the transformation from ‘compliance-led’ to ‘risk-focused’ is often easier to talk about than implement. An organisation can completely understand risks and regulatory requirements, it can have the most beautifully written and well-crafted policies, but all this will come to very little if its underlying culture is not aligned with its rhetoric. Culture is the foundation upon which success – or failure – is built. Michael Rasmussen, aka ‘The GRC Pundit’, is an internationally recognised commentator and consultant on Governance, Risk and Compliance (GRC), a term he coined in 2002 while at Forrester Research, Inc.

In this presentation, Michael will apply three decades of experience to the challenges of employee engagement and training, building collaboration between front and back offices, and improving structures for oversight and accountability, and ask what needs to change for financial crime functions to transform themselves into true risk management cultures.