11

SAY: Welcome to this session on Risk Transformation training where you will learn

how the Risk Consulting (RC) strategy comes to life for you.

INTRODUCE YOURSELF: If a business facilitator, he/she should introduce

him/herself, his/her role in the business and in the course.

If the host is not a business facilitator, he/she would say:

I am your facilitator for this course. You will also be introduced to various

partners that were on the different RC engagements you will see in this course.

SAY:

This course is in a web-based format and your participation and engagement

are expected in this interactive session via the Knowledge Checks.

Also, to receive CPE credits, you must participate in key activities and the exam

questions at the end.

[Insert Course Name]

2

SAY:

An expert is someone who provides deeper insights.

Clients want risk optimization not purely risk mitigation, and we can achieve this

through transformative solutions.

Our clients seek our agility, specialized skills, and deep industry experience to

identify the industry risks in the future.

This keeps us ahead of changing regulations and business trends, and allows

us to navigate our clients through the most complex and challenging

landscapes to achieve long-term, strategic returns.

3

SAY:

A global mindset is about thinking beyond boundaries.

And clients that require large-scale, transformational capability know this

demands the very best team a firm can offer.

Using a one-firm, global approach we can leverage our global footprint and

quickly mobilize our expertise across service lines and geographies to provide

holistic transformational solutions.

4

SAY:

You will see this “top down” RC solution where the client’s senior management

had a desire for a risk management framework and we identified additional

strategic solutions.

THIS IS A BUILD SLIDE.

5

SAY:

And this example shows that we brought the full power of our functions, service

lines, and global scope to the Board and C-suite to drive value.

6

SAY:

This particular client had just changed their structure and needed a new and

effective compliance and operational risk program.

They felt the challenge of complying with more stringent rules and regulations

that went along with its new structure. This often meant a restructuring of

compliance functions to meet requirements while facing specific timeframes.

As a result, business units began to complain that meeting the needs of the

new requirements were encroaching on their productivity.

Furthermore, the oversight functions had a large redundant footprint on the

business

7

SAY:

The client felt the burden across a variety of areas including internal audit,

operational risk management, privacy, information security, procurement and

compliance. Yet they recognized there was a distinct business need to increase

the efficiency and effectiveness of its GRC framework in order to avoid disruption

to its operations.

The CFO and General Counsel requested a review of the current organizational

structure and governance model for its risk and compliance functions.

The client also wanted a future state that increased efficiency and effectiveness

in many areas.

8

SAY:

After a thorough analysis, we developed a detailed plan to implement effective

change and align some of the company’s functions and streamline the oversight

process.

We provided the client with a recommended future state organizational and

governance model and a high level road map to get there.

This included benefits and challenges associated with the future state

considering various strategic dimensions such as capital, liquidity, risk, tax,

regulatory, finance, operations and technology.

9

SAY:

We provided a comprehensive solution and delivered an industry scan of risk

management functions, a Strategic Target Operating Model for risk

management functions, and an Actionable Target Operating Model roadmap.

The final result included a blueprint for the convergence of approximately four

different GRC processes through a shared service center and included

efficiency and effectiveness recommendations.

It also included a detailed roadmap with step-by-step implementation plans

along with clearly defined GRC roles and responsibilities to avoid overlap and

redundancies in the future.

10

SAY: As you have seen, this client example showed the expert attribute.

The client relied on us for help and we assembled a senior, well-rounded,

cross-functional team, including IARCS and FRM amongst others, that included

some of the firm’s most prominent risk management professionals.

Each professional possessed a comprehensive understanding of the GRC

principles and programs as well as practical execution experience.

Many had experience with the client from previous work, which proved

beneficial for insight into the company’s culture and the challenges it faced

during its transformation.

The result was we brought deeper insights; this enabled our solution to be met

within the tight timeframe.

11

SAY:

This example also showed the global mindset attribute.

The client required a large-scale, transformational capability and we used a

one-firm, global approach to quickly mobilize our expertise across geographies

by assembling a global team.

We also cross-teamed across service-lines to provide the right solutions and

took a global perspective and approach.

12

SAY:

The solutions we delivered were high profile and enterprise-wide.

The final deliverable generated a blueprint to restore efficiencies and business unit

productivity.

The C-suite valued the steps we used to avoid future redundancies and valued that we

helped build an adaptable plan for 2nd line functions in a continually evolving

regulatory environment.

ELABORATE: On the 3 lines of defense for RC, expanding on the points below as

appropriate:

Through this engagement, we were able to help the client and bring value to all three

lines of defense.

– We helped management and the business owners through the first line of defense

with ownership, responsibility and accountability for assessing, controlling and

mitigating their risk content.

– In the 2nd line of defense, we assisted with the Standard Setters in the risk

management function to facilitate and monitor the implementation of effective risk

management practices.

– As a third line of defense, we made certain the Assurance Providers and internal

auditing function provided assurance to the organization's board and senior

management on how effective they assessed and managed its risks, including the

manner in which the first and second lines of defense operate.

13

SAY:

• We also considered the future state of risks at the client based on our

understanding of their business model, current issues and potential future

regulatory implications they would be subject to.

• The client appreciated this perspective and the insights.

14

SAY:

This was a strategic project that was sponsored by the CFO, Internal Audit and

the General Counsel and we were able to influence several members of the C-

suite and their direct reports.

As a result of our expertise and global mindset, we generated a transformative

solution and changed the way their management viewed risk: from ad hoc

projects of compliance and “box-checking” to seeing risk as a strategic

advantage.

As a result of the project, we educated their top management to think about risk

holistically, align what the various risk functions were doing, and consider risk

differently as a newly regulated bank holding company.

They saw how we effectively applied a risk “lens” or filter to balance their

performance and growth strategies.

We continue to meet with the client today about the importance of managing

risks in an efficient and effective manner.

15

SAY:

In this second client example, you will see the how we demonstrated the

forward-thinking and passionate attributes while bringing the RC strategy to life.

16

SAY:

To be forward-thinking, one must be anticipating change, conversant in

business trends and new regulations, and aware of risk exposure/what’s around

the corner.

Clients want our forward-thinking, insights, and practical implementation.

By bringing together our deep sector knowledge, world class expertise, and

innovative data analytics to the latest risk issues, we deliver impactful solutions

for our clients that create a real business advantage.

17

SAY:

Being passionate means going further.

The world’s leading companies turn to us to navigate some of their most

complex business issues; they trust us to optimize risk to achieve their strategic

ambitions.

They do this because they see we are passionate and truly believe in what we

are doing.

To serve the best companies, we have the best people to work with: pragmatic

consultants that are passionate about helping our world-class clients transform

risk to an advantage.

18

SAY:

… and how we identified additional risk opportunities to achieve transformative

solutions.

THIS IS A BUILD SLIDE.

19

SAY:

You will see how we brought the full power of our functions, service lines, and

global scope to the Board and C-suite to drive value.

The result was numerous strategic projects through a long-term client

relationship.

20

SAY:

While we had previously performed discrete engagements within Tax for this

client, the client did not see a need for risk management or other strategic

solutions.

Their organization lacked sufficient controls and an IA department; a regulatory

requirement designed to improve governance made the client understand the

need for a centralized control framework. Prior to this, compliance and ERM

was not on their agenda.

Spurred by this regulatory mandate, the client realized they would need an

internal audit function and that they were exposed in other areas to potential

risk.

21

SAY:

They were also frustrated due to the lack of visibility into interrelated risks.

And they also realized they required a consolidation of multiple risk

assessments, having grown from acquisition.

22

SAY:

As a result of our efforts, we were able to transform and widen the client’s

thinking by linking a discreet risk need to broader risk areas.

We went above and beyond to understand the big picture, and we identified

additional areas beyond the required regulatory change that they could benefit

from, including ERM and Compliance. This helped the client understand all

their potential risks.

23

SAY:

We partnered with the client and took the time to truly understand their

challenges of transforming a culture by moving from a decentralized to a more

centralized oversight structure.

To best meet their needs, we brought together a cross-functional RC team to

share experiences and strategic approaches.

24

SAY:

We exhibited the forward-thinking attribute; we anticipated the needs the client

would have considering their culture, organization, and the market dynamics.

We thought ahead while also understanding the current processes.

We helped anticipate future risk data needs that translated into building a

sustainable program and structure.

25

SAY:

Understanding the client’s culture was critical to the success and allowed us to

exceed our standard high level of quality.

The passion we exhibited through our belief in our work and in helping the client

ultimately allowed us to influence the C-suite.

26

SAY:

As a result of our work, we helped transform their organization from one of Risk

Oversight into a Performance Culture.

Through the course of several years, we helped the client understand their

potential risk exposure and we developed proactive solutions. The client also

saw a benefit to tighten their risk controls globally to enable sound business

growth.

Our work on one discreet project eventually led to us establishing a GRC

program and we enabled it with a tool.

Consequently, we have had a successful relationship with the client for over a

decade and have strategic input as an integral partner.

27

SAY:

Through the series of projects, we influenced the Board and demonstrated how

the corporation could optimize risk to achieve their strategic ambitions.

The client appreciated our practical approach, process platform, transformation

plan, and the synergies we brought across Risk, IA, Compliance etc.

We were able to transform the client’s thinking of risk from a discreet need into

a discussion about the broader risk strategy and enterprise-wide critical issues.

28

SAY:

… influenced the C-suite. In particular, we were able to widen the client’s view

of risk from a discreet need into a discussion about enterprise-critical issues.

We kept the vision and bigger picture in mind and determined how to best help

the client and lead them on that vision.

Because of our strategic role, we were able to help the client transform their

organization and we now participate in projects that are both complex and high

on the leadership agenda.

29

DEVELOPER NOTE: the prior slide should fade into this slide.