I was recently part of a large industry Risk and Compliance Summit in London, where I presented perspectives based on a recent study Celent executed around non-financial risk, governance and controls. As part of this, we undertook in-depth interviews with close to 30 Tier 1 financial institutions globally (from operational risk, compliance, audit and governance functions) to better understand the challenges facing risk and compliance executives, as well as the forward-looking views of technology improvements that are needed to overcome ongoing control issues and support an integrated governance, risk and compliance (GRC) paradigm.

Some of these issues are not dissimmilar to what we faced a decade ago. This leads me to reflect on how far the financial industry has come since the global financial crisis (GFC) a decade ago, but yet there still seems to be so much more to do. Why?