THE CHALLENGERAC Insurance Ltd (RACI) is a wholly-owned subsidiary of the Royal Automobile Club of Western Australia (RACWA), a leading Western Australian motoring, health, travel insurance and finance company serving around 800,000 members. As an Australian Prudential Regulation Authority (APRA) regulated entity, RACI is required to have a risk management framework that effectively manages all risks arising from its business.
Prior to using GuardianERM.net, RACI was using a number of manual processes to record, track and report on risk management and APRA compliance. Having multiple touch-points with little integration was cumbersome and inefficient, and the need for manual updating was resource-intensive and a particular hindrance to the development of RACI’s risk management processes and risk culture. There was little visibility of risks as only high level risks were reported and there was no way to adequately categorise risks.
In a growing company facing increasing competition and regulatory scrutiny, RACI’s risk management framework and processes were not adequate in managing the risks it faces to achieve business objectives, to benefit from potential opportunities, or in fostering an appropriate risk culture.
THE SOLUTIONOn the appointment of a new Manager Risk and Compliance in 2007, InConsult was engaged to conduct a Risk Management Health Check and provide risk management training to RACI’s leadership group. One outcome of the health check was to consider the implementation of a risk management database as a central depository of risks and to facilitate better reporting capabilities.
With InConsult’s guidance, RACI implemented an integrated system to automate and manage all risks across its business. GuardianERM.net enabled risks, their respective controls, incidents, action plans and individual responsibilities to be maintained centrally in an intuitive, easy to use format which produces a range of reports.
THE RESULTGuardianERM.net is the perfect tool for identifying, tracking and reporting risks, and has had a strong influence in improving the risk culture at RACI.
By moving to GuardianERM.net, and away from the resource-intensive processes to capture risks that required manual updating, lacked risk level visibility and had limited reporting capabilities, RACI now has an effective and efficient risk management framework supported by a strong risk culture. Manager Risk and Compliance, Gerard Ng said, “having a tool that is easy to use has really helped to move the conversation along and facilitated the strengthening of RACI’s risk management framework”. In particular, GuardianERM.net has provided a way to introduce, implement, enhance, test and monitor controls that mitigate risks.
For a large organisation like RACI that experiences staff turnover, having a system that staff can be easily trained to use in a matter of minutes is invaluable. “We have executives, and the CEO, managing and signing off on their own risks in GuardianERM.net. The Board knows about GuardianERM.net and we are looking at using tablets in meetings to further utilise the online reporting functions in GuardianERM.net.” Having the Board, Executives and staff engaged and involved in managing risks is key to RACI’s success and growth.
“Powered by InConsult”
GuardianERM.net is designed, developed and distributed by InConsult, a leader in risk management, business continuity, audit and assurance consulting and training services.