The Problem

Financial firms are struggling to effectively govern due to problems aggregating and presenting risk and compliance data.

  1. Senior Management in financial institutions are overwhelmed with multiple metrics and assessments covering different risks, performance targets and compliance requirements.

  2. Internal Governance processes are often ineffective and inefficient due to the ad hoc use of spreadsheets and email.


Background Research


We at Governor decided to understand how we could attempt to solve the governance problems currently facing senior executives and board members at financial institutions.

We started with the basic premise that:


Nobody can be expected to look at all of the data all of the time.


Based upon a lot of research on technologies, methodologies and current best practice, we have defined an approach we call Risk Based Governance.


The first part of this approach is to define your appetite for information up front, (normally, this appetite will be the same as your firm’s risk appetite) and thereafter only have information above your tolerances presented to you. You will of course be able to drill down to understand causality and to generally wander around the data even if it is inside your appetite.

In order to be complete the definition of appetite needs to include two important items:
Materiality – Based upon your corporate strategy and objectives, what is the materiality scale that you use to compare risks (to include items like reputational risk and regulatory risk)
Aggregation – How do you aggregate risks of potentially very different types
Our approach incorporates methodologies for both of the above challenges

The second part is to define the linkages between the strategy and the risks


Put simply, you define your risk appetite across the various dimensions of your business (e.g. products, regions, risk types, etc.), have the relevant data input to the system and the system will then give you line of sight into the areas that are outside your risk appetite. The system will present you with a map of the risks to your business and enable you to quickly understand the causes of these risks and see comments and documentary evidence provided by your executives.

The Governor software and methodologies are based upon best practices and research from various fields and sectors.


Here is a list of relevant papers and articles that help to shape our thinking about Risk based Governance.


If you have something to say or more information on these topics please send us comments and/or more relevant articles for addition to this list


  • Networked Risk Management: by Rieks Joosten & Andre Smulders, TNO 2015
  • Predictive Analytics The Hurwitz Victory Index Report: Fern Hapler, Hurwitz & Assoc. 2015
  • Corporate Governance Principles for Banks: BCBS, 2015
  • Ecology For Bankers: Robert M. May, Simon A. Levin and George Sugihara, Nature, 2008
  • Operational Risk Quantification – A Risk Flow Approach: Gandolf R. Finke & Mahender Singh & Svetlozar T. Rachev, 2015
  • Understanding & Communicating Risk Appetite: Rittenberg & Martens, COSO, 2012