Measuring the Intangible - Identifying ROI for GRC Tools
Jinfo Blog
25th September 2013
Abstract
With the regulatory burden on enterprises increasing every year, the major vendors are developing workflow and information tools aimed at providing compliance and information professionals with the solutions they need to comply with the law. At the same time, information and compliance budgets are being squeezed, making it necessary for knowledge managers to measure the effectiveness of Governance, Risk and Compliance (GRC) products. Penny Crossland evaluates the best methods for establishing ROI in compliance tools and concludes that a qualitative approach to metrics, using case studies, may be the best way forward.
Item
With the regulatory burden on enterprises increasing every year, the major vendors such as Thomson Reuters, LexisNexis and Wolters Kluwer are developing workflow and information tools aimed at providing compliance and information professionals with the solutions they need to comply with the law.
Regulatory Breaches Generate Substantial Fines
Every week, there are reports of regulatory breaches, mainly by financial services firms, but also by corporations in other sectors, such as pharmaceuticals, causing huge financial and reputational damage. In 2012 alone, UK-based financial services firms, including Barclays Bank, Coutts & Co and UBS were fined a total of £2 billion for failing to maintain adequate Anti-Money Laundering systems, failure to protect client money and for misconduct.
In the same year, Standard Chartered and JP Morgan were some of the firms which were fined a total of $2.8 billion for sanction breaking and other regulatory misdemeanours. Clearly, information tools that help prevent these breaches are more necessary than ever. However how do you measure whether the subscriptions to expensive compliance products, also known as Governance, Risk and Compliance (GRC) products are cost effective?
Counting the Cost of Non-Compliance
As with all information products, it is hard to measure value for money for tools whose application is in the future. With compliance products, an added complication is that you are effectively trying to measure the negative – if they are being applied properly, then the above mentioned breaches may not happen.
However, establishing return on investment on GRC products is necessary - particularly when budgets are tight. At the same time, measuring ROI provides shareholders and regulators with confidence that companies are adhering to good business practice and lets senior management know that money is well spent.
Metrics to Suit the Business Mindset
Many of the metrics used to measure the effectiveness of compliance-related tools will be the same as those employed by knowledge managers to measure their subscription packages in general. Before undergoing such an exercise, however, it is best to thoroughly understand the organisation’s business goals and the management style of those holding the budget. These factors will determine whether it is best to use quantitative or qualitative metrics.
A quantitative approach involving collecting data via feedback forms embedded in delivery systems, for example, will measure factors such as time saved, costs reduced, improved response to regulatory changes and employee productivity. The qualitative method of measuring ROI requires collating testimonials from users and monitoring the media for positive and negative case studies; perhaps the easiest and most convincing way of measuring the return on investment and one to which information professionals are well-suited.
FreePint Subscribers can log in now to read "Defining & Measuring the ROI in Compliance Tools".
Editor's Note: Compliance in Context
This article is part of the FreePint Topic Series: Compliance in Context, which runs from September to October 2013. Register your interest, and you'll get pre-notification of when registration opens for any webinars in this series, as well as a free copy of the FreePint Report: Buyer's Guide on Regulatory Compliance when we publish in October.
Reviews in the FreePint Topic Series: Compliance in Context, including the review of Thomson Reuters Compliance Complete and BvD Compliance Catalyst, feature a section on "value" to help purchasers to evaluate the value drivers in the products.
Platinum Sponsors:
Platinum Sponsor - Bureau van Dijk |
Platinum Sponsor - LexisNexis |
- Blog post title: Measuring the Intangible - Identifying ROI for GRC Tools
- Link to this page
- View printable version
- Q&A with Thomson Reuters: Developing a Connected Approach to GRC
Tuesday, 17th September 2013 - Product Review of Thomson Reuters Compliance Complete: Introduction, Value and FreePint's View
Wednesday, 11th September 2013 - Compliance Product Vendor Map: Who Does What in the Regulatory Space
Wednesday, 4th September 2013 - Product Review of BvD Compliance Catalyst: Introduction, Value and FreePint's View
Monday, 19th August 2013 - Five Themes in Understanding Value
Monday, 5th August 2013 - What You Already Know about Value
Friday, 26th July 2013 - Mini Review: Lexis Diligence
Thursday, 27th June 2013
- There can be chemistry in compliance & litigation
Friday, 8th June 2012 - Reed Elsevier strengthens Risk Solutions division
Wednesday, 28th September 2011
Community session
11th December 2024
2025 strategic planning; evaluating research reports; The Financial Times, news and AI
5th November 2024
How are information managers getting involved with AI? Navigating privacy, ethics, and intellectual property
- 2025 strategic planning; evaluating research reports; The Financial Times, news and AI
5th November 2024 - All recent Jinfo Subscription content
31st October 2024 - End-user training best practice research
24th October 2024
- Jinfo Community session (TBC) (Community) 23rd January 2025
- Clinic on contracting for AI (Community) 11th December 2024
- Discussing news and AI strategies with the Financial Times (Community) 21st November 2024