Measuring the Intangible - Identifying ROI for GRC Tools
Jinfo Blog

By Penny Crossland

Abstract

With the regulatory burden on enterprises increasing every year, the major vendors  are developing workflow and information tools aimed at providing compliance and information professionals with the solutions they need to comply with the law. At the same time, information and compliance budgets are being squeezed, making it necessary for knowledge managers to measure the effectiveness of Governance, Risk and Compliance (GRC) products. Penny Crossland evaluates the best methods for establishing ROI in compliance tools and concludes that a qualitative approach  to metrics, using case studies, may be the best way forward.

Item

With the regulatory burden on enterprises increasing every year, the major vendors such as Thomson Reuters, LexisNexis and Wolters Kluwer are developing workflow and information tools aimed at providing compliance and information professionals with the solutions they need to comply with the law.

Regulatory Breaches Generate Substantial Fines

Every week, there are reports of regulatory breaches, mainly by financial services firms, but also by corporations in other sectors, such as pharmaceuticals, causing huge financial and reputational damage. In 2012 alone, UK-based financial services firms, including Barclays Bank, Coutts & Co and UBS were fined a total of £2 billion for failing to maintain adequate Anti-Money Laundering systems, failure to protect client money and for misconduct.

In the same year, Standard Chartered and JP Morgan were some of the firms which were fined a total of $2.8 billion for sanction breaking and other regulatory misdemeanours. Clearly, information tools that help prevent these breaches are more necessary than ever. However how do you measure whether the subscriptions to expensive compliance products, also known as Governance, Risk and Compliance (GRC) products are cost effective?

Counting the Cost of Non-Compliance

As with all information products, it is hard to measure value for money for tools whose application is in the future. With compliance products, an added complication is that you are effectively trying to measure the negative – if they are being applied properly, then the above mentioned breaches may not happen.

However, establishing return on investment on GRC products is necessary - particularly when budgets are tight. At the same time, measuring ROI provides shareholders and regulators with confidence that companies are adhering to good business practice and lets senior management know that money is well spent.

Metrics to Suit the Business Mindset

Many of the metrics used to measure the effectiveness of compliance-related tools will be the same as those employed by knowledge managers to measure their subscription packages in general. Before undergoing such an exercise, however, it is best to thoroughly understand the organisation’s business goals and the management style of those holding the budget. These factors will determine whether it is best to use quantitative or qualitative metrics.

A quantitative approach involving collecting data via feedback forms embedded in delivery systems, for example, will measure factors such as time saved, costs reduced, improved response to regulatory changes and employee productivity. The qualitative method of measuring ROI requires collating testimonials from users and monitoring the media for positive and negative case studies; perhaps the easiest and most convincing way of measuring the return on investment and one to which information professionals are well-suited.

FreePint Subscribers can log in now to read "Defining & Measuring the ROI in Compliance Tools".

Editor's Note: Compliance in Context

This article is part of the FreePint Topic Series: Compliance in Context, which runs from September to October 2013. Register your interest, and you'll get pre-notification of when registration opens for any webinars in this series, as well as a free copy of the FreePint Report: Buyer's Guide on Regulatory Compliance when we publish in October.

Reviews in the FreePint Topic Series: Compliance in Context, including the review of Thomson Reuters Compliance Complete and BvD Compliance Catalyst, feature a section on "value" to help purchasers to evaluate the value drivers in the products.

Platinum Sponsors:

« Blog