Welcome to this special podcast series, In Conversation with K2 Intelligence FIN: Jeremy Kroll on GRC Risks, Strategies, and the Future, sponsored by K2 Intelligence FIN. This week am visiting with K2 Intelligence FIN, Chief Executive Officer (CEO) Jeremy Kroll on GRC Risks, Strategies, and the Future. Over the week, we have reviewed the current Governance, Risk, and Compliance (GRC) landscape, looked at GRC at work, considered GRC and the investment community. In Part 4, we consider GRC and K2 Intelligence FIN and will conclude tomorrow with a look at GRC then and now.

Jeremy Kroll counseled that you must “start with an investigative mindset and understanding what the core risks are. Where is that inflection point? Sometimes you might find out a little bit late, but so long as you are quick to react and pivot, you can change the calculus. That means you have to be ready with enough resources internally. You need to make sure that you have a couple of key crisis response or organizations on speed dial because you can’t do everything yourself and your team is usually focused on doing business as usual.” He ended with “how do you be prepared and be in a position to make sure it is a normalized environment when you are dealing with a significant risk to your organization?”

Jeremy Kroll went on to note that it begins with asking some interesting questions such as (1) Do you have the internal resources to address this? (2) Do you need to look externally for support? Looking down the road (in an Einsteinian sort of way); (3) Can you see around the corner? And perhaps most importantly, (4) Do you know what trends or crises may impact you in 6 months, a year from now or 5 years from now?

Jeremy Kroll cautioned that complacency is the foe of preparedness. As he said, “I think the minute someone gets sort of comfortable and says, oh, we got this or we’ve gained this whole thing out. We figured it all out. That’s the beginning of the end.” To prevent this a business executive, senior management and the Board of Directors have to be great listeners and ask questions, such as what’s the next issue that’s going to become a trend? and what should I be looking out for in my business and also the businesses of my clients?

K2 Intelligence FIN has many services which act in concert and parallel. In the area of third-party risk management, it begins with enhanced due diligence platforms. K2 FIN is often called in by companies to conduct third party vetting; reverse or self-due diligence, typically in the case of preparing for a sale; social media due diligence – a proprietary platform we actually developed that helps analyze large volumes of associated content to show a bigger picture. This demonstrates that due diligence is not something you do once and walk away from – it’s something that should be conducted on an ongoing basis to make sure you have the lay of the land, you understand the risk environment, you know what has changed and evolved. This is particularly important in GRC frameworks.

Next is Portfolio Risk Management, where K2 FIN works closely with clients to develop a risk assessment methodology based on a systematic approach to risk which applies objective assessment criteria consistent with regulatory guidance and global standards. The methodology will utilize both qualitative data and key quantitative metrics to embed a given entity’s risk appetite into investment decisions and ongoing business operations and provide appropriate risk assessment and management of both portfolio and target investments. Adopting a consistent risk scoring methodology across risk areas will allow for more clear comparisons of risk across domains and investment targets and enable more effective ongoing risk monitoring, reporting, and mitigation.

A growing area is outsourced compliance, which was once again recognized in the 2020 Update to the Department of Justice’s (DOJ) Evaluation of Corporate Compliance Programs. Jeremy Kroll noted, “For entities of any size, it’s important to have the ability to constantly monitor and update compliance procedures and protocols as risk profiles change. However, we also know compliance budgets are under tremendous pressure to adhere to budget cuts and to create greater efficiencies. As a result, our third-party managed services offer outsourced technology and manpower service that enables these organizations to meet regulatory requirements and control costs. We leverage flexibility and scalability across areas including coping with a shortage of experienced employees; improving compliance processes; developing and maintaining a robust technology infrastructure; and tackling global compliance demands.” Jeremy Kroll concluded, “This way, for entities who don’t know where to begin or simply do not have the internal resources, they can rely on organizations like ours to help.”

Please join us for our final episode of this podcast series where we examine GRC: then and now.

Check out the LinkedIn page for K2 Intelligence FIN here.

Check out the K2 Intelligence FIN website here.