2018 was a year that seemed to have more than its share of relatively high-profile corporate governance failures. One of the biggest was Carillion, the UK multinational facilities management and construction firm.
At its height, Carillion was listed on the FTSE 250 and had annual revenues of around £5bn worth of revenues and employed around 43,000 workers across the globe. But over nine months in 2017, the company issued three profit warnings, disclosed £845m worth of write-downs, had 39% wiped from its shares and lost its CEO.
By the time it went into compulsory liquidation in January 2018, Carillion had racked up debts of £1.5bn with less than £30m left in the bank. What causes such wholesale corporate governance failure and how can organisations address it before it escalates out of control?

Insurance is a sector that has been slower than most when it comes to digital transformation and the use of digital solutions to address traditional challenges and introduce new products and services. With methods and processes established decades ago, there is a conservatism that pervades across much of the insurance industry, and it has also been held up by legacy technology that makes digitisation much harder than is desirable.

But market forces over the past five years have combined to make addressing digital transformation more urgent and a key priority for insurers. To respond to these market forces, digital risk and compliance is going to be essential for the insurance industry.

It is not uncommon for CEOs and other board members to talk a good game when it comes to cyber security. They discuss in public the seriousness with which they approach managing cyber security, and talk internally about the need for vigilance and for all employees to be mindful and smart on matters relating to security.

But the reality can be very different. Many CEOs are often just paying lip service to cyber security, without allocating the required investment in staff and infrastructure that modern security and risk management requires.

This past year or so in Europe has witnessed an almost unprecedented number of new regulations that Financial Services (FS) firms must adhere to. We have seen new legislation including GDPR, MiFID II and PSD2 introduced, additional regulatory hurdles to navigate for an FS industry that was already one of the most heavily regulated in the world.

This has significantly increased the pressure on GRC teams within FS firms. Not only is there more regulation but the penalties for non-compliance have increased too, which means compliance functions will be tested like never before.

As one of the world’s foremost GRC providers, recognised by analysts for the strength of our technology and working with an array of blue-chip customers across a variety of industries and territories, we are obviously major advocates for an efficient and effective GRC function.

Remaining compliant with relevant regulation has become a much more involved process over the past decade or so, while at the same time there is more risk to businesses than at any other point in time. Organisations have to do much more to demonstrate compliance and it can be a significant undertaking that requires time, resource and the right technology platform to get right, while managing and mitigating risk is a long-term and on-going task.

At Oxial we choose our partners very carefully, preferring to only work with companies and consultancies that really add value to our own proposition and technology. One such partner is EY, which fits our supervised and digital compliance model particularly well.

With Oxial’s technology to automate controls and processes around compliance legislation, in conjunction with the vast industry expertise and understanding offered by EY’s consultants, there is a powerful proposition for any organisation that wants to approach compliance in a more joined-up and modern way.

We’ve written previously about how Brexit is the ultimate in risk management. Organisations must fully understand their level of exposure to Brexit – what is their supply chain, who do they trade with and what the likely impact of Brexit will be?

They can either make changes ahead of time to mitigate that risk or at least put in place contingency plans for the future. That’s a hard task right now because of the sheer uncertainty involved with Brexit. Even now, with just over a month or so until Brexit takes place, we do not know what form it will take or even if there will be a deal or not.

We discussed recently the growing importance of Governance, Risk and Compliance (GRC), as organisations look to protect themselves against the multitude of threats faced by organisations in 2019.

We live and work in a world containing more risk than ever before and the penalties for non-compliance and poor governance are also growing and are increasingly being enforced by regulators. So GRC has become one of the most important functions in any business, valued by the board and playing a central role in the strategy of many organisations.

For those firms committed to GRC there is an on-going challenge to ensure that it operates as it should. What should those organizations be doing to optimise their GRC function?

We would like to thank you for the participation in the ”Dirigeants, managez vos risques à l’ère du digital” Conference. Each and every one of you has brought strong expertise and experience around the table and engaged in an interesting exchange on risk-management topics.

Throughout a day-long conference, our experts helped you to better understand the needs of a proper solution to manage risks, turn threats into opportunities and better be safe, than sorry.

Thanks to the speeches delivered by key speakers of the conference, we have had a fruitful question and answer sessions with the participants.

The rise of Governance, Risk and Compliance (GRC) software platforms over the past decade has been remarkable. What were once business disciplines that ticked along independently from the rest of the organisation, are now central to everything and amongst the most important functions in a business.

Staying on top of governance requirements, managing and mitigating risk and ensuring compliance, are all interconnected and taken extremely seriously by the smartest organisations. They all have the foresight to understand the benefits to business and acknowledge the need to invest in the right tools to ensure governance, risk and compliance functions all operate to the best of their ability.