Author
Manage risk with confidence.
Book a call with one of our team to arrange a 30 minute demo.
Small to medium-sized enterprises (SMEs) are often stuck managing risk on spreadsheets. That was the case for Ashley Jones, Head of Risk and Compliance at Ocean Finance.
Although now working at the go-to card provider for credit building, he's also held positions at Argos Financial Services, Sainsbury’s Bank, UKG, Deloitte, and more; It's safe to say he knows a thing or two about governance, risk, and compliance.
We spoke to him about the challenges of using spreadsheets and how GRC software has transformed Ocean Finance’s risk management.
What was your biggest challenge with using spreadsheets for risk management?
Answer: I just don’t think spreadsheets are built for the complexities of modern risk management. They offer a basic structure but lack the integrated features, automation, and scalability that you can get with the right platform.
Before you know it, you have a risk management process based on compounding errors, manual updates, and a one-dimensional view of risk.
What made you realise it was time to move away from spreadsheets?
Answer: "There were a few things. Like I mentioned, we’d spend hours updating and maintaining our spreadsheets – and even then, they’d only take us so far.
We couldn’t integrate data from our other software, and we didn’t have a single, accessible view of our risk data. I knew we needed something intuitive and automated."
How did you envision a GRC (governance, risk, and compliance) platform helping Ocean Finance, and how has RiskSmart helped achieve that?
Answer: "We were tired of being at the back of the pack when it comes to GRC, and we knew a modern approach to risk management would help us catch up.
There are three key ways RiskSmart helps us. To begin with, we maintain consistency in our approach. Data inputs, automated workflows, real-time dashboards – there’s a single version of the truth.
Then there’s the fact that it’s designed with collaboration in mind. We can assign tasks, risk owners, and keep each other updated. That’s been a game-changer.
And the data security and backup features give us all peace of mind. The daily stresses associated with the job have just disappeared."
You mentioned collaboration – why is that so important for risk management?
Answer: "Risk is dynamic. The goalposts move every day. To make timely and accurate decisions, there needs to be - and I've already mentioned it - a single source of truth.
With risk management software, everyone has access to it. There’s a shared understanding that just can’t be achieved manually."
How do you see risk management evolving?
Answer: I see the shift from a reactive to a proactive approach really taking off. It won’t just be something that’s said, or only pioneered by those at the top of the game. And with the help of technologies like AI and big data, we’ll be better equipped than ever to predict and mitigate risks before they materialise.
But that’s not to say risk management will become redundant – it’s the opposite. The risks out there are getting smarter, so we need to as well. GRC platforms will play a huge part in that.
Any parting words of advice for those still using spreadsheets?
Answer: If you’re serious about risk management, it’s time to evolve. You probably know it in the back of your mind – you might even be rooting for it, but stakeholders hold you back.
A risk management platform isn’t a cost. It’s an investment in your business’s future and culture.
Key takeaways from our interview with Ocean Finance
In our chat with Ashley, we learned that Ocean Finance uses risk management software for three key things:
- Consistency. This includes consistent data, consistent vision, and consistent workflows.
- Collaboration. RiskSmart is built with collaboration in mind and can be used by the whole GRC team (with no user fees).
- Comfort. Ashley and the team at Ocean Finance know that their data is secure and that mistakes are a thing of the past.
Ocean Finance is just one of 1000s of businesses modernising and simplifying their risk management processes with GRC software like RiskSmart.
Thinking risk managers will always be stuck with spreadsheets? That’s a myth.
