Migrating to Risk Cloud for the Growing Organization
As your business grows, so do your GRC requirements, but as your requirements evolve, your products should too. A holistic GRC platform grows with your business—unlike the limited scope of point solutions—allowing you to tackle new challenges, remain proactive, and not get bogged down by administrative tasks.
The BankProv Story
Founded in Massachusetts in 1828, BankProv, rebranded from The Provident Bank in 2020, is the 10th oldest bank in the United States. As a commercial bank with a focus on financial technology and innovation, BankProv offers adaptive and technology-first banking solutions to niche markets, such as cryptocurrency, renewable energy, fin-tech, and search fund lending.
Angelina Milano, Vice President of Compliance and CRA Officer, was part of a lean GRC team at BankProv. To carry out their risk management and oversight requirements, she and her colleagues invested considerable time in consolidating data from different sources, including separate compliance and vendor management systems in addition to manual tools. Hours were spent following up with multiple departments on outstanding compliance issues for her monthly audits. Though this process was time-consuming, it was effective, but as the bank grew in asset size, customer base, and employees, Angelina was finding the reporting requirements to be more stringent, requiring additional time and resources.
So when BankProv’s contract with its legacy provider was nearing expiration, she wanted to explore alternative compliance platforms. Though their legacy provider met their compliance and audit tracking requirements, it lacked flexibility. Important processes such as compliance audits, user access management, incident reporting, and vendor management still required manual inputs. Additionally, BankProv was growing quickly and was rapidly approaching $1B in assets, triggering additional reporting requirements. Angelina understood that the bank’s continued growth would require a robust system that could adapt to the bank’s changing requirements.
“LogicGate just seemed to be the most user-friendly, even on the internal side. You can have people who own processes and have everything set up, but then, when you need something from someone else outside of [compliance], it’s easy for them to jump in.” — Amy Hoffmann, Director Of Strategy And Analytics
Seeking A Flexible Solution
Working with a lean team, Angelina wanted a proactive compliance management solution with more flexibility, active monitoring, and greater automation―a platform that would also grow with the bank’s reporting requirements. The compliance team worked closely with internal stakeholders, collaborating with the Information Security Officer and Head of Customer Experience, among others, and sought their inputs on potential solutions.
Angelina demoed several GRC solutions, ultimately finding LogicGate’s Risk Cloud platform to have the flexibility, expandability, and ease of use they were seeking. The automated reporting capabilities and workflows would allow the compliance team to focus on more value-added work and the platform supported cross-divisional engagement without a steep learning curve—a benefit previously unavailable with their siloed legacy platform.
Angelina shared, “LogicGate just seemed to be the most user-friendly, even on the internal side. You can have people who own processes and have everything set up, but then, when you need something from someone else outside of [compliance], it’s easy for them to jump in.”
Partnering With LogicGate
Many of the processes at BankProv required manual inputs and coordination between multiple data sources creating inconsistencies with the bank’s adoption of lean and agile techniques and focus on process efficiency. As BankProv partnered with LogicGate, previously manual functions were strategically migrated to build greater efficiency and improved oversight.
With the support of the LogicGate team, BankProv recreated the processes from their legacy platform while adding automated functions for recurring tasks in Risk Cloud. Previously, compliance monitoring was owned by multiple departments and took hours of Angelina’s time as she manually tracked findings from audits and exams, reviewed management responses to the findings, and aggregated proof of corrective action by phone and email. After migrating to Risk Cloud, standardized workflows now automatically generate status reports and trigger follow-up emails. Peer branch audit, which had previously been done manually, was the first use case to become fully automated, simplifying BankProv’s self-audit trail and record retention. As a result, the compliance team regained both time and resources previously spent on manual completion of audit summaries.
BankProv’s asset base grew, so did their regulatory reporting requirements. Manual tasks such as incident management, user access controls, and vendor management became integrated into Risk Cloud, streamlining operations and improving efficiency.
Before the Incident Management Application was implemented in Risk Cloud, internal employees would submit reports for various concerns, including customer complaints and customer account fraud. This would be completed by sending an email with a PDF of the customer complaint attached, which would then need to be parsed out manually by the compliance team. Now through Risk Cloud, an incident report automatically triggers a workflow to review the content, ascertain the relevant risk owner, assign the incident to the appropriate person, and maintain follow-up until resolution. Since the implementation of automated processing, resolution time of the average customer complaint has been reduced by 60%.
User Access Controls
Previously, access to relevant systems was approved or removed via email or the bank’s help desk ticketing system. As employees transitioned in and out of BankProv, maintaining accurate records of permissions was a challenge as the employee base grew. Now, as new hires join, automatically generated notifications confirm access requirements and permissioning. Through Risk Cloud, BankProv maintains instant access to critical data that is considered a key FDICIA control for all financial institutions with assets greater than $1B.
In line with their vision to be a lean and agile institution, BankProv migrated their vendor management system to Risk Cloud. What was previously done manually through Smartsheets and legacy systems is now automated to efficiently contact third parties, gather relevant financial 4and legal documentation, and maintain appropriate records all within the Risk Cloud platform. BankProv can now ensure its third-party relationships remain in compliance without requesting updates manually via email.
The compliance team built new capabilities and strengthened oversight by designing purpose-built reports for a variety of uses, including escalation, compliance committee meetings, audits summaries, or leadership presentations. Today, Angelina can aggregate the relevant data, review the content and formatting, and download a finished report in a fraction of the time that it took to do it manually.
Working with a lean team, Angelina was able to accomplish a lot with the help of Risk Cloud by leveraging its automation capabilities to reduce manual processes. As BankProv continues to grow, the team is looking for ways to integrate additional processes, including business continuity planning and enterprise risk management. Angelina stated, “I have definitely benefited a lot from the collaboration. In banking, there is often a way of thinking ‘That’s the way we’ve always done it.’ It’s nice to have people from the outside look at your process and the way you’ve done things and ask ‘If you did it differently, how would it impact things?’” Risk Cloud is an intuitive platform that supports BankProv’s continued growth. By pairing BankProv’s processes and workflows with Risk Cloud’s prebuilt templates and automated tasks, the compliance team has streamlined operations, regaining time and resources that they can now spend on more proactive risk management.