Governance, Risk & Compliance (GRC)

Enterprise Risk Management (ERM) 

Enterprise Risk Management remains a complex issue for many organisations and deriving true value from investment in this area continues to be a challenge. As a result, organisations should understand that ERM represents a core management discipline to exploit the evolving landscape that they operate in whilst also enabling meaningful discussions around how to address overall exposure to risk across their enterprise.

At AA, we aim to simplify and demystify this process for our clients, with a focus on helping to achieve a principles-driven view of ERM and its practical application, ensuring that organisational activities and decisions reflect risk appetite.

Our services draw upon decades of experience of successfully partnering with organisations of all shapes and sizes, allowing us to leverage key insights, and benchmarks to ensure we deliver ERM systems that are fully bespoke and work in reality whilst reflecting common good practice and leading approaches.

Crisis and Business Continuity Management (BCM)

A crisis can happen at an inopportune time when you least expect it to. What more with the speed of today’s business and technology, a disruption of a short period of time may lead to a catastrophic impact to the organisation. While you may not be able to predict a crisis, you certainly can be prepared for one.

BCM is an investment that enables your organisation to turn any crisis into a competitive advantage.

Corporate governance

Establish robust governance practices to proactively manage risks and navigate uncertainty.

Good corporate governance is a foundation attribute for a healthy organisation. Not only does it set the tone as to how the organisation operates and behaves both internally and to the market generally, it also defines the relationship between the Board of Directors, Senior Management and the rest of the organisation.

Key corporate governance issues can range from highly strategic topics like corporate strategy, IT oversight and innovation, Board composition and risk oversight to more real-time topics like crisis management and shareholder activism. We support you with the governance knowledge to answer tough questions and tackle complex challenges.

Regulatory and corporate compliance

We understand the broad and complex nature of the changing compliance climate and the resources required to effectively manage these regulatory and corporate compliance obligations. We are cognisant of global practices while applying a localised lens to how compliance management should be operationalised.

We help our clients to review their compliance set-up and ecosystem – from identification, assessment, monitoring, and responding to reporting – ensuring that they are aligned to the accountability structures in the organisation.

Sarbanes-Oxley compliance

Opportunities to reduce costs and improve compliance

Given the current market situation, and the continuously changing regulatory environment, a company that intends to go or recently went public should consider the latest trends in investors’ attitudes. Apart from business and financial performance, other aspects of Sarbanes-Oxley (SOX) – such as governance, risk and compliance (GRC) approach – endorse the company’s public image and may facilitate the decision-making of potential investors.

The first challenge to overcome when complying with SOX or related regulations (J-SOX, K-SOX, C-SOX) requirements, is the transition from the informal control environment of a private entity to a standardised and well controlled environment. SOX, J-SOX, K-SOX or C-SOX are not just bureaucratic requirements, but also an important tool for Management to formalise processes and establish adequate mechanisms that will enhance operational efficiency.

AA assists and supports clients by:

• Delivering customised, interactive training programs and workshops focused on the familiarisation of employees with SOX requirements
• Delivering Risk Assessment /Scoping exercises
• Assessing the degree of readiness and the level of maturity of company controls in meeting SOX requirements
• Documenting key business processes (through narratives / flowcharts / risk matrices), identifying key controls, performing walkthroughs and assessing the design effectiveness of controls, based on PCAOB standards and the COSO framework
• Testing the operating effectiveness of company controls
• Evaluating identified deficiencies and providing recommendations for improvement

Policies and Procedures

Policies and procedures are a fundamental and essential part of any organisation. Together, policies and procedures provide a roadmap for day-to-day operations by outlining control activities, expected standards and key staff responsibilities. Robust policies and procedures can ensure your organisation is in compliance with laws and regulations, profitable and enables sound decision making.

At AA, we build tailored solutions to help our clients achieve their strategic ambitions – reflecting their uniqueness but also grounded in rigorous analysis and data-driven insight – to create lasting, differentiated value.​

Governance, Risk and Compliance (GRC) Enablement Solutions

Implementing the suitable Governance, Risk and Compliance (GRC) framework will enable organisations to identify the right approaches which contributes to process efficiency, improved risk management and internal controls.