Many financial organizations still treat governance, risk and compliance (GRC) as a back-office function to satisfy regulators and avoid fines. But what if that defensive posture is your firm’s biggest vulnerability and being proactive, your next big advantage?
In an episode of our Loop podcast, Jen-Larie Tumminello, GRC Executive at TD Bank, calls for a radical shift. Drawing from her experience at the Federal Reserve, PwC and Morgan Stanley, she reveals how GRC can be transformed from a cost center into a strategic asset.
“By rethinking GRC’s purpose, businesses can create a system that satisfies regulators and, at the same time, strengthens one’s brand, improves the customer experience and drives growth,” she says.
Treating GRC as a trust engine
Imagine a customer trying to open a new account. They encounter a clunky user interface, confusing security questions or frustrating support calls. All these inconveniences are often symptoms of a broken GRC system. While governance processes operate behind the scenes, they touch nearly every part of the customer journey, from onboarding all the way through daily interactions.
A strong, unified GRC strategy creates an environment where customers feel confident engaging with a brand. Jen-Larie refers to this as building “trust and safety, consistency and reliability, and ethical business practices.” Yet, too often, organizations wait for problems before responding.
Jen-Larie emphasizes the need for a proactive approach that anticipates risks and integrates with the broader business strategy.
“Proactive GRC is making sure we’re aligned as a firm from the top down internally, but also externally,” she explains. “It means having one universal system that can be utilized firm-wide, helping not only to reduce and minimize risk but also to improve the overall customer experience.”
Listening to the voice of the customer
This means listening first. Jen-Larie emphasizes that the voice of the customer must be core to any GRC program. This starts with understanding the current state of your firm and establishing a baseline.
Importantly, she says, “customers” include internal stakeholders such as legal, HR, technology and operations teams. Designing systems that meet their needs create intuitive processes that boost adoption, reduce friction and improve collaboration. That translates into better experiences for external customers.
“Ultimately, whether it’s customer facing or not, it’s going to impact the customer in some way if we don’t design it smartly from the beginning,” Jen-Larie explains.
Gaining a seat at the table
Understanding customer needs and aligning governance processes is the beginning.
To turn these insights into real business impact, GRC professionals must take an active role in decision-making. Jen-Larie urges professionals to be vocal about problems and solutions. Using data and presenting it in a way that “could influence and spark interest” is crucial.
“Everyone with a GRC influence should be at the table to make decisions or discuss where we are, what needs to be remediated and how we’re going to resolve those problems,” she says.
Building for long-term success
By demonstrating the tangible impact of the GRC function on customer experience and ROI, leaders can move beyond a purely defensive role and become a trusted advisor at the highest levels.
“Keeping the regulators happy and making sure we’re customer-focused, internally and externally, is really important,” she says.
