Three Lines of Defense: A Window For GRC In The Digital Boardroom

Bruce McCuaig

My colleagues and I have been blogging frequently about the three lines of defense. Surveys show that most of our customers around the world have implemented (or are planning to do so) the three lines of defense framework. 

What is not fully appreciated by most is that the three lines of defense is not an end result in and of itself. Implementing the framework is merely the stepping stone to a seat for governance, risk, and compliance (GRC) in the digital boardroom.

  • The three lines of defense has no purpose other than to build reliable information
  • GRC has no purpose but to provide a lens to manage the business

But two problems persist.

Problem #1: The three lines of defense don’t talk to each other

GRC professionals’ unspoken goal is to make GRC a manageable dimension of the business. Today, GRC professionals produce numerous varieties of exception reports, but all are in silos:

  • Heat maps illustrate risk but not the impact of risks on business performance
  • Reports on control effectiveness are silent on the risks they relate to
  • Audits are planned based on risks that are irrelevant to the business
  • None of the three pillars of the three lines of defense talk to each other, nor is there any attempt to reconcile their views or to ensure coverage is complete and accurate

The first step in making GRC a manageable dimension of the business is to create a reliable database of reliable information. That’s the job of the three lines of defense framework.

Problem #2: GRC data isn’t aggregated for reporting to management and the board

Management and boards deal in business strategy and performance. Traditional approaches to GRC don’t link to business objectives or the risks and controls that impact performance.

The second step in making GRC a manageable dimension of the business is to use technology to aggregate and integrate the data and provide a basis for managing GRC strategically.

Two proofs of concept

In the last few weeks, my colleagues in solution management, solution experience, and products have achieved breakthroughs. They have developed proofs of concept for reporting among the three lines of defense in our demo environment.

Our three lines of defense reports allow each line to review its contributions for quality and completeness and hand off their data for review, assurance, and reporting using standard reporting tools.

GRC in the digital boardroom

My colleagues have also demonstrated how the data created by the three lines of defense can be extracted and viewed. These two developments are true breakthroughs. But this blog is not the best medium to explain and illustrate the power of these proofs of concept. You need to see them in person.

They will be demonstrated at SAPinsider GRC2017 in Las Vegas, March 21-24. If you aren’t already planning to attend, these presentations by my colleagues are sufficient reason to register. I hope to see you there.

Learn more at GRC2017 in Las Vegas. Register here for SAPinsider GRC2017.

This article originally appeared on SAP BusinessObjects Analytics. It is republished by permission.

Comments

Bruce McCuaig

About Bruce McCuaig

Bruce McCuaig is director Product Marketing at SAP GRC solutions. He is responsible for development and execution of the product marketing strategy for SAP Risk Management, SAP Audit Management and SAP solutions for three lines of defense. Bruce has extensive experience in industry as a finance professional, as a chief risk officer, and as a chief audit executive. He has written and spoken extensively on GRC topics and has worked with clients around the world implementing GRC solutions and technology.

Can Fintech Startups Continue To Shake Things Up?

Lucy Thorpe

The financial technology revolution is taking the world by storm – nowhere more so than in the UK, where this red-hot sector directly employs 135,000 people. Britain’s fintech sector generates billions of pounds for the UK economy; London leads the way, but other British cities, including Manchester, Leeds, and Belfast, are up there as well.

Disruptive innovators

Whether operating in areas like international money transfers, loans, or investment management, these agile startups are making a big impression and attracting venture capital investment. Not surprisingly, their influence has attracted the attention of the established banking sector, which, rather than be overtaken, has opened a dialogue with many of them, including discussions about blockchain.

The result has been rapid growth, with the best of the bunch already helping themselves to a healthy slice of market share. But is their maverick reputation as disruptive innovators a cause for concern?

Growing up fast

Making life easier for customers by cutting fees and middlemen is all very well. But do such businesses have the backend support they need to ensure that they can carry on offering a reliable, consistent, and compliant service as they expand? Crucially, can they convince investors that they can scale and grow while remaining compliant in this highly regulated sector?

One consideration is adopting business management software accessed through the cloud, which can help support their scalability. Most solutions are now built on the highest standards of accountancy, reporting, project management, customer relationship management, and talent management, so would prove to be a smart choice for delivering a consistently high standard of service.

Invest to impress

Investors look favorably on those who can show they are taking the future of their businesses seriously. With cloud-based software, businesses can benefit straightaway from real-time insights and analytics from any device at any time. With robust systems in place, fintech entrepreneurs are in a better position to attract investors, who can be more confident that they are protecting their investments.

Want to learn more about how banks can improve customer relationships? Download the report “Engaging the Unengaged Customer.”

Comments

Lucy Thorpe

About Lucy Thorpe

Lucy Thorpe is a digital marketer and writer with SAP platinum partner In Cloud Solutions. Based in the UK, she is a former BBC journalist and presenter. Much of her work is now focused on explaining the benefits of digital enterprise resource planning (ERP) systems for small and midsize businesses.

How Lean Is Your (Financial) Supply Chain?

Drew Hofler

Billions of dollars and millions of people-hours are dedicated each year to improving supply chains. From process improvements in manufacturing and just-in-time supply, to technology infrastructure for managing goods in transit and assessing supply and supplier risk, companies are investing like never before in their supply chains. And for good reason! A healthy physical supply chain is the beating heart of every company that produces goods to sell.

But if the physical supply chain is the beating heart of a healthy company, the financial supply chain is its lifeblood.  For every movement of goods in the physical supply chain, there is a corresponding transactional cash flow (often referred to as the procure-to-pay or source-to-settle process) that impacts the working capital and financial health of all participants. And many leading companies are now approaching the financial supply chain with the same rigor as they are applying to the physical.

In fact, in a new report, “The CFO’s Guide to Streamlining the Financial Supply Chain,” published by CFO, an Argyle company, one executive stated that “the CFO and supply chain leadership are both shifting from a backward-looking view to a forward-looking view” of the financial supply chain. This is in order to gain the visibility and capability needed to transform payables from a balance-sheet liability into a strategic asset. They are doing so by addressing the inherent challenges of the P2P process, enabling them to leverage their payables to reduce supply chain liquidity risk, free up working capital and deliver value through collaboration with their suppliers

Addressing current challenges

Too often, the financial supply chain is made up of a disparate collection of systems and processes, which makes it difficult to have complete visibility into payable performance and opportunities to improve cash flow. The first step, therefore, in improving a financial supply chain is often implementing systems and processes built upon a common platform and business network to create efficiencies and enable end-to-end visibility into the entire source to settle process.  With such a platform in place, the right information can now be made available to the right parties at the right time to enable them to make right decisions and so drive the right business results.

Reducing liquidity risks and driving value

The right results in a financial supply chain often include reducing liquidity risk in the supply chain while at the same time delivering significant free cash flow and earnings on cash to the paying organization. More and more companies are pushing out their payment terms in order to improve their working capital and free up cash. Unfortunately, their suppliers often find themselves cash constrained and unable to access the cash flow they need due to those longer payment terms. The result is an increased level of liquidity risk in the supply chain, which ultimately can affect even the physical chain.

To combat this, many companies are turning to network-based tools like supply chain finance to give their suppliers access to third party funded early payment on approved invoices, while holding on their own cash as long as possible.  The result is an increase their own free cash flow while at the same time reducing liquidity risk in their supply chain.   Others are using their own cash to fund supplier cash flow in exchange for discounts that yield far more than similar cash investment vehicles in today’s low interest rate environment.

Improving the financial supply chain turns payables from liabilities into strategic assets

In a prime example cited in “The CFO’s Guide to Streamlining the Financial Supply Chain,” a Fortune 100 pharmaceutical company was seeking to optimize its working capital without disrupting supply chain cash flow. A combination of payment term extensions and dynamic discount programs were used to achieve that objective. The result was over $300 million in free cash flow and a contribution of more than $10 million to the income statement. The company moved $5 billion in spend from net-45-days to net-60-days payment terms across 38,000 suppliers in 40 countries. And early-payment discounts increased by 12% over the previous year, delivering more than $6.5 million in savings from the discounts.

According to business school textbooks, payables are by definition a balance sheet liability. However, by focusing on improving financial supply chain processes, forward-thinking companies, like the one cited above, can transform their payables into strategic assets that deliver significant value to their bottom lines.

To learn more about this, please join us for a live panel discussion on Tuesday, Oct. 24. Finance executives from a cross-section of industries will discuss “How Finance Leaders Are Looking to the Financial Supply Chain to Optimize Working Capital and Liquidity.” Don’t miss this opportunity to hear firsthand from top-performing financial professionals and ask them your questions. Register now!

Follow SAP Finance online: @SAPFinance (Twitter)  | LinkedIn | FacebookYouTube

Comments

Drew Hofler

About Drew Hofler

Drew Hofler is a Senior Director of Solutions Marketing for SAP Ariba. Mr. Hofler is recognized as an expert in the area of collaborative finance and dynamic discounting. He has been interviewed and quoted widely in finance and supply chain industry publications around the topics of e-invoicing, dynamic discounting, supply chain financing, and working capital management-related issues, and has published a number of articles on these subjects. Mr. Hofler is also a regular contributor to various blogs around the issues of the financial supply chain. Mr. Hofler brings almost 20 years of banking and financial services industry experience to SAP Ariba.

The Future Will Be Co-Created

Dan Wellers and Timo Elliott

 

Just 3% of companies have completed enterprise digital transformation projects.
92% of those companies have significantly improved or transformed customer engagement.
81% of business executives say platforms will reshape industries into interconnected ecosystems.
More than half of large enterprises (80% of the Global 500) will join industry platforms by 2018.

Link to Sources


Redefining Customer Experience

Many business leaders think of the customer journey or experience as the interaction an individual or business has with their firm.

But the business value of the future will exist in the much broader, end-to-end experiences of a customer—the experience of travel, for example, or healthcare management or mobility. Individual companies alone, even with their existing supplier networks, lack the capacity to transform these comprehensive experiences.


A Network Effect

Rather than go it alone, companies will develop deep collaborative relationships across industries—even with their customers—to create powerful ecosystems that multiply the breadth and depth of the products, services, and experiences they can deliver. Digital native companies like Baidu and Uber have embraced ecosystem thinking from their early days. But forward-looking legacy companies are beginning to take the approach.

Solutions could include:

  • Packaging provider Weig has integrated partners into production with customers co-inventing custom materials.
  • China’s Ping An insurance company is aggressively expanding beyond its sector with a digital platform to help customers manage their healthcare experience.
  • British roadside assistance provider RAC is delivering a predictive breakdown service for drivers by acquiring and partnering with high-tech companies.

What Color Is Your Ecosystem?

Abandoning long-held notions of business value creation in favor of an ecosystem approach requires new tactics and strategies. Companies can:

1.  Dispassionately map the end-to-end customer experience, including those pieces outside company control.

2.  Employ future planning tactics, such as scenario planning, to examine how that experience might evolve.

3.  Identify organizations in that experience ecosystem with whom you might co-innovate.

4.  Embrace technologies that foster secure collaboration and joint innovation around delivery of experiences, such as cloud computing, APIs, and micro-services.

5.  Hire, train for, and reward creativity, innovation, and customer-centricity.


Evolve or Be Commoditized

Some companies will remain in their traditional industry boxes, churning out products and services in isolation. But they will be commodity players reaping commensurate returns. Companies that want to remain competitive will seek out their new ecosystem or get left out in the cold.


Download the executive brief The Future Will be Co-Created.


Read the full article The Future Belongs to Industry-Busting Ecosystems.

Turn insight into action, make better decisions, and transform your business.  Learn how.

Comments

Dan Wellers

About Dan Wellers

Dan Wellers is founder and leader of Digital Futures at SAP, a strategic insights and thought leadership discipline that explores how digital technologies drive exponential change in business and society.

About Timo Elliott

Timo Elliott is an Innovation Evangelist for SAP and a passionate advocate of innovation, digital business, analytics, and artificial intelligence. He was the eighth employee of BusinessObjects and for the last 25 years he has worked closely with SAP customers around the world on new technology directions and their impact on real-world organizations. His articles have appeared in articles such as Harvard Business Review, Forbes, ZDNet, The Guardian, and Digitalist Magazine. He has worked in the UK, Hong Kong, New Zealand, and Silicon Valley, and currently lives in Paris, France. He has a degree in Econometrics and a patent in mobile analytics. 

Tags:

Blockchain: Much Ado About Nothing? How Very Wrong!

Juergen Roehricht

Let me start with a quote from McKinsey, that in my view hits the nail right on the head:

“No matter what the context, there’s a strong possibility that blockchain will affect your business. The very big question is when.”

Now, in the industries that I cover in my role as general manager and innovation lead for travel and transportation/cargo, engineering, construction and operations, professional services, and media, I engage with many different digital leaders on a regular basis. We are having visionary conversations about the impact of digital technologies and digital transformation on business models and business processes and the way companies address them. Many topics are at different stages of the hype cycle, but the one that definitely stands out is blockchain as a new enabling technology in the enterprise space.

Just a few weeks ago, a customer said to me: “My board is all about blockchain, but I don’t get what the excitement is about – isn’t this just about Bitcoin and a cryptocurrency?”

I can totally understand his confusion. I’ve been talking to many blockchain experts who know that it will have a big impact on many industries and the related business communities. But even they are uncertain about the where, how, and when, and about the strategy on how to deal with it. The reason is that we often look at it from a technology point of view. This is a common mistake, as the starting point should be the business problem and the business issue or process that you want to solve or create.

In my many interactions with Torsten Zube, vice president and blockchain lead at the SAP Innovation Center Network (ICN) in Potsdam, Germany, he has made it very clear that it’s mandatory to “start by identifying the real business problem and then … figure out how blockchain can add value.” This is the right approach.

What we really need to do is provide guidance for our customers to enable them to bring this into the context of their business in order to understand and define valuable use cases for blockchain. We need to use design thinking or other creative strategies to identify the relevant fields for a particular company. We must work with our customers and review their processes and business models to determine which key blockchain aspects, such as provenance and trust, are crucial elements in their industry. This way, we can identify use cases in which blockchain will benefit their business and make their company more successful.

My highly regarded colleague Ulrich Scholl, who is responsible for externalizing the latest industry innovations, especially blockchain, in our SAP Industries organization, recently said: “These kinds of use cases are often not evident, as blockchain capabilities sometimes provide minor but crucial elements when used in combination with other enabling technologies such as IoT and machine learning.” In one recent and very interesting customer case from the autonomous province of South Tyrol, Italy, blockchain was one of various cloud platform services required to make this scenario happen.

How to identify “blockchainable” processes and business topics (value drivers)

To understand the true value and impact of blockchain, we need to keep in mind that a verified transaction can involve any kind of digital asset such as cryptocurrency, contracts, and records (for instance, assets can be tangible equipment or digital media). While blockchain can be used for many different scenarios, some don’t need blockchain technology because they could be handled by a simple ledger, managed and owned by the company, or have such a large volume of data that a distributed ledger cannot support it. Blockchain would not the right solution for these scenarios.

Here are some common factors that can help identify potential blockchain use cases:

  • Multiparty collaboration: Are many different parties, and not just one, involved in the process or scenario, but one party dominates everything? For example, a company with many parties in the ecosystem that are all connected to it but not in a network or more decentralized structure.
  • Process optimization: Will blockchain massively improve a process that today is performed manually, involves multiple parties, needs to be digitized, and is very cumbersome to manage or be part of?
  • Transparency and auditability: Is it important to offer each party transparency (e.g., on the origin, delivery, geolocation, and hand-overs) and auditable steps? (e.g., How can I be sure that the wine in my bottle really is from Bordeaux?)
  • Risk and fraud minimization: Does it help (or is there a need) to minimize risk and fraud for each party, or at least for most of them in the chain? (e.g., A company might want to know if its goods have suffered any shocks in transit or whether the predefined route was not followed.)

Connecting blockchain with the Internet of Things

This is where blockchain’s value can be increased and automated. Just think about a blockchain that is not just maintained or simply added by a human, but automatically acquires different signals from sensors, such as geolocation, temperature, shock, usage hours, alerts, etc. One that knows when a payment or any kind of money transfer has been made, a delivery has been received or arrived at its destination, or a digital asset has been downloaded from the Internet. The relevant automated actions or signals are then recorded in the distributed ledger/blockchain.

Of course, given the massive amount of data that is created by those sensors, automated signals, and data streams, it is imperative that only the very few pieces of data coming from a signal that are relevant for a specific business process or transaction be stored in a blockchain. By recording non-relevant data in a blockchain, we would soon hit data size and performance issues.

Ideas to ignite thinking in specific industries

  • The digital, “blockchained” physical asset (asset lifecycle management): No matter whether you build, use, or maintain an asset, such as a machine, a piece of equipment, a turbine, or a whole aircraft, a blockchain transaction (genesis block) can be created when the asset is created. The blockchain will contain all the contracts and information for the asset as a whole and its parts. In this scenario, an entry is made in the blockchain every time an asset is: sold; maintained by the producer or owner’s maintenance team; audited by a third-party auditor; has malfunctioning parts; sends or receives information from sensors; meets specific thresholds; has spare parts built in; requires a change to the purpose or the capability of the assets due to age or usage duration; receives (or doesn’t receive) payments; etc.
  • The delivery chain, bill of lading: In today’s world, shipping freight from A to B involves lots of manual steps. For example, a carrier receives a booking from a shipper or forwarder, confirms it, and, before the document cut-off time, receives the shipping instructions describing the content and how the master bill of lading should be created. The carrier creates the original bill of lading and hands it over to the ordering party (the current owner of the cargo). Today, that original paper-based bill of lading is required for the freight (the container) to be picked up at the destination (the port of discharge). Imagine if we could do this as a blockchain transaction and by forwarding a PDF by email. There would be one transaction at the beginning, when the shipping carrier creates the bill of lading. Then there would be look-ups, e.g., by the import and release processing clerk of the shipper at the port of discharge and the new owner of the cargo at the destination. Then another transaction could document that the container had been handed over.

The future

I personally believe in the massive transformative power of blockchain, even though we are just at the very beginning. This transformation will be achieved by looking at larger networks with many participants that all have a nearly equal part in a process. Today, many blockchain ideas still have a more centralistic approach, in which one company has a more prominent role than the (many) others and often is “managing” this blockchain/distributed ledger-supported process/approach.

But think about the delivery scenario today, where goods are shipped from one door or company to another door or company, across many parties in the delivery chain: from the shipper/producer via the third-party logistics service provider and/or freight forwarder; to the companies doing the actual transport, like vessels, trucks, aircraft, trains, cars, ferries, and so on; to the final destination/receiver. And all of this happens across many countries, many borders, many handovers, customs, etc., and involves a lot of paperwork, across all constituents.

“Blockchaining” this will be truly transformational. But it will need all constituents in the process or network to participate, even if they have different interests, and to agree on basic principles and an approach.

As Torsten Zube put it, I am not a “blockchain extremist” nor a denier that believes this is just a hype, but a realist open to embracing a new technology in order to change our processes for our collective benefit.

Turn insight into action, make better decisions, and transform your business. Learn how.

Comments

Juergen Roehricht

About Juergen Roehricht

Juergen Roehricht is General Manager of Services Industries and Innovation Lead of the Middle and Eastern Europe region for SAP. The industries he covers include travel and transportation; professional services; media; and engineering, construction and operations. Besides managing the business in those segments, Juergen is focused on supporting innovation and digital transformation strategies of SAP customers. With more than 20 years of experience in IT, he stays up to date on the leading edge of innovation, pioneering and bringing new technologies to market and providing thought leadership. He has published several articles and books, including Collaborative Business and The Multi-Channel Company.