AWS Marketplace

Make data-driven decisions with governance, risk, and compliance solutions

The need for governance, risk, and compliance (GRC) measures within an organization is not a recent development. These elements have been a part of successful business operations for quite some time. But today’s environment is challenging this historically siloed approach. Most enterprises are amassing ever-expanding volumes of digital data that must be managed. They are facilitating the remote access needed for both employees and customers. And their teams are encountering constantly increasing complexity, spanning internal operations, and reporting to audits and external regulations. Throughout all of this, the increasing interconnectedness of operational and information technology systems presents key security risks.

These recent developments have necessitated a new approach—one that brings together the individual elements of GRC across an organization. Many enterprises are now turning to GRC software platforms to facilitate this intersection. This shift has resulted in a GRC platform market reportedly valued at $35.2 billion USD in 2021. With a compound annual growth rate (CAGR) of 11.7 percent, this market is predicted to grow to $68.7 billion USD by 2027.

Amazon Web Services (AWS) Marketplace recently brought together thought leaders to discuss the value that GRC platforms bring to organizations. In the webinar Optimize governance, risk management, and compliance through AWS Marketplace,  experts from Guidewire, MetricStream, and AWS shared stories and insights on the topic. In this blog post, I will summarize the contents of that webinar, including two customer stories.

Delivering value at the intersection of governance, risk, and compliance

The presenters highlighted the need for holistic GRC strategies and solutions that support data- and value-driven decision-making. They emphasized that it is vital to move away from thinking and operating within the silos of governance, risk, and compliance. In the context of GRC, maintaining these divisions translates to extra costs. Those costs can also lead to inconsistencies, fragmentation, and duplication of efforts.

When organizations move toward a modern approach to GRC, it is the intersection of the elements themselves that deliver value. For example:

  • Governance + compliance: Build efficiencies through the identification and resolution of common and systemic problems.
  • Compliance + risk: Identify and understand the implications and risks of noncompliance.
  • Risk + governance: Develop an understanding and stance on your organization’s risk appetite and threshold

AWS Marketplace offers several integrated GRC solutions that permit organizations to fine-tune risk management while overseeing compliance. Based on business context and priorities, these solutions can support organizations in making smart decisions on risk.

Transforming risk to strategic advantage with MetricStream

Guidewire offers a property and casualty (P/C) insurance cloud platform that supports the insurance lifecycle for insurers in 38 countries. During the company’s development, the team recognized that there were numerous ways to approach GRC for their organization. Though the process could be managed via spreadsheets and workbooks, they realized this approach would present an insurmountable barrier to scaling activities. This type of manual approach also introduced the risk of human error.

Guidewire looked to MetricStream’s ConnectedGRC solution to identify and transform its risk into a strategic advantage. MetricStream believes that GRC is foundational to maintaining business continuity, building resilience, and ensuring organizations successfully manage foreseeable constraints and challenges.. Its approach to connecting governance, risk management, and compliance across the extended enterprise aligned with Guidewire’s thinking.

With ConnectedGRC, Guidewire gained a solution that manages policies and documents, IT compliance, IT risk, business continuity, and third-party risk. What they also gained was a solution that is workload automated. When data is entered in the issue management module of the tool, it populates any relevant data to the risk management module. This drives efficiencies by eliminating duplication of effort. ConnectedGRC also enables Guidewire to gain value from metadata. Personnel can tag issues and risks and then use automation to uncover trends and identify common and systemic problems. With ConnectedGRC, Guidewire was able to use automation to create scale and efficiency across its operations.

Transforming complex business logic into APIs with Coherent Spark

Moneysmart is a platform that simplifies and demystifies the world of personal finance. Its solution enables users to compare and apply for financial products on the market. The company was searching for a way to improve sales and service velocity for its insurance policies. It needed to deploy products from eight insurers in four countries with functionality for digital policy inquiry and submission. In addition, it required the ability to enable access to policy information for both customers and operations teams.

Moneysmart turned to Coherent Spark. This cloud-based logic engine converts complex business logic from Microsoft Excel models into application programming interface (API) services. This solution enabled the company to convert its term life, travel, and motor product pricing and logic into a Spark API. Moneysmart then integrated the resulting API into digital quotation and sales tools and policy administration systems. This integration enabled a fully digital sales process as well as the automation of key business processes, including billing and underwriting.

Spark enabled the company to automate complex modeling and accelerate speed to market. Max Del Vita, chief product officer at MoneySmart, commented, “Spark is an amazing tool. We’d surely recommend this to our insurance and banking partners.”

Conclusion and next steps

In this blog post, I summarized the overall concepts and two customer stories from the GRC webinar. By identifying commonalities in risks, applicable policies, and other factors, GRC platforms simplify risk reporting and help drive cost savings and efficiencies. Want to learn more? You can:

About the author

Shaheen Kanda is the Global Category Lead for FSI and Insurance at AWS Marketplace. Before joining AWS, she founded two fintech startups and spent a decade working as a leveraged finance banker in New York City.