In order to transform its business and ensure compliance, solutions to provide an overview of how the organisation functions and interconnects were needed.
How a central repository helps mitigate risks
Business architecture is a part of enterprise architecture to help describe business capabilities and connect the company’s objectives. The decision was made by Spar Nord to start a journey to centrally document the business architecture in MEGA HOPEX as common enterprise architecture repository.
This would create a standardised approach for documenting processes across the entire business. Processes from more teams and departments were added over time until every division of the bank had mapped its processes into a common language. This was used for governance risk management and compliance initiatives.
With all the bank’s business processes mapped into the centralised repository, it was possible to begin managing risk and regulatory compliance with the EA function.
Spar Nord was able to use the holistic picture from HOPEX to apply controls and see what any process changes would mean to the compliance risk map. To do this, the bowtie method has been adopted to analyse vulnerabilities and key risk factors.
This approach shows how vulnerabilities affect risk and assess the likelihood of it occurring. With this knowledge, effective controls can be put in place to mitigate risk appropriately because they have been established in HOPEX.
Building best-in-class processes to stay ahead of competition
Deploying HOPEX has also enabled Spar Nord’s senior management team to view key business factors such as turnover and investments and create benchmarks against other banks.
Instituting process excellence has helped the bank stay ahead of competition while deepening its knowledge of its customers. Soliciting and reviewing customer feedback has helped to gather valuable data on price points, demands and expectations to create and modify products accordingly.
In the digital age, best-in-class processes are needed in order to survive and stay ahead of competition. By keeping its processes standardised and consistent across its internal functions, Spar Nord has also been able to uphold its commitment to customer process excellence.
Another key area that Enterprise Architecture has added value to Spar Nord is resource planning for process stakeholders.
Getting visual insight into business processes to help in decision making
By seeing its organisation from an elevated level, it is possible to plan staff training, competence, and capabilities to ensure the appropriate knowledge transfer is carried out. This avoids process bottlenecks that would otherwise occur as a result of staff absences or vacations.
Spar Nord has used HOPEX solutions to represent its business processes in a visual way that is easily recognisable to different stakeholders. This has made it easier to understand every process and identify any compliance blockage points in a visually engaging way.
With this knowledge, the consequences of any changes can be anticipated, and informed risk management decisions can be made accordingly.
This representation of processes also makes it easier to get people and departments to buy into change. Establishing “Responsible, Accountable, Consulted, and Informed” (RACI) responsibilities ensures clear ownership and accountability for each process. From director level to partner managers and process practitioners, each of the bank’s different stakeholders is now also able to see what they need to.
Types of compliance: How to manage compliance risk?
With increasing levels of governance risk and compliance requirements for organizations, a clear approach for understanding how to develop the requirements and infrastructure to comply has become more important for banks.
To combat this, Spar Nord uses compliance risk assessments and audits to align what it says it will do with the reality of what it actually does. Where there is a delta between these things, documentation can be adjusted to produce the right outputs, while remaining compliant with regulatory requirements. This has saved on the time and effort needed to use other risk and compliance tools.
This ensures the people involved in the compliance risk processes can refer to accurate and readily available documentation to carry out processes correctly. The same solutions have been adopted to ensure compliance with data privacy regulations and the ethical handling of customer data.
About Spar Nord
Spar Nord has roots dating back to 1824 and is today Denmark's 5th largest bank. It is a Danish retail bank with 50 branches nationwide, 390,000 customers, and 1,500 employees.
Listen to Claus Nielsen, Process Governance Manager at Spar Nord present the bank's GRC approach at an Enterprise Architecture for Financial Institutions conference in May 2021.
