Nasdaq BWise: Navigating the GRC Journey

Adena Friedman, President & CEO of Nasdaq The only constant in regulatory compliance is change. With the changing dynamics of stringent regulations, cybersecurity threats, disruptive technologies, and rising customer expectations, the soaring complexity of compliance is no longer a temporary challenge. “Many organizations are facing unexpected risks due to changing regulatory and competitive environments that take their focus away from growth, innovation and customer experience,” says Jonathan Deeks, Head of Nasdaq BWise. Companies that lag behind the innovation curve may quickly fall prey to innovation’s evil twin–disruption. The explosion in new regulation and risk requirements at all levels of the industry demonstrates that effective GRC platforms now need to be accessible to a much larger pool of users across business functions. In the thick of this, Nasdaq BWise, a provider of governance, risk and compliance (GRC) software solutions, assists organizations to focus on tracking, measuring and managing key organizational risks, alongside bringing the risk of non-compliance.

With a proven BWise Enterprise Governance, Risk and Compliance (eGRC) platform to mitigate and thwart enterprise risk, while enabling transparent and consistent risk management and compliance, Nasdaq BWise has demonstrated extraordinary leadership in taking its business to new heights, while ensuring high social commitment in the realm of GRC market. “BWise is the cornerstone of our GRC portfolio, a large portion of that recognition is a result of the rapid success that customers have seen after their implementation of BWise,” says Adena Friedman, President and CEO of Nasdaq. The BWise eGRC platform is specifically designed to assist organizations in managing and ensuring compliance on a holistic level, and empower stakeholders with more relevant insights into their operations.

360-Degree View of Business Risks

The firm’s eGRC platform offers role-based solutions for organizations to perform internal audit, risk management, compliance and policy management, internal control, information security and sustainability performance management. The solution portfolio brings in greater transparency for organizations, enabling them to have seamless control over financial and reputational risks, as well as giving them oversight of company-wide risk mitigation and compliance action plans in one integrated system. With a single repository for companies to efficiently manage critical corporate policies, clients can achieve corporate accountability, improved financial, strategic and operational efficiencies, lower risk profiles and incident costs, and better overall performance. It also assists clients to work from one common risk taxonomy and focus on business outcomes with a common language for internal audit, risk, and compliance.

BWise is the cornerstone of our GRC portfolio

BWise eGRC platform also includes some exclusive features such as sending real-time alerts, automatically attaching emails, and RESTful API enhancement enabling integration of the BWise GRC platform with any third party application for audit planning, incident management or trade surveillance, and more. The company keeps track of changing regulations from various sources including StateScape, ERC Portal, FINRA, and UCF and gives real-time regulatory alerts to assist the compliance team in identifying how changing regulations impact their strategies, processes, and policies. Using BWise, organizations can also review their anti-corruption policies and procedures to comply with all relevant statutes like FCPA and the UK Bribery Act, the Sarbanes-Oxley Act, European Corporate Governance Codes, ISAE3402/SAS-70, PCI-DSS, Solvency II, Basel II and III, Dodd-Frank, ISO-standards, and many more.

Unique Risk-based Approach

Additionally, information security remains at the forefront of organizational concerns since external forces, such as cyber and third-party relationships are exacerbating the likelihood and impact of unwanted risk events. The consequences of these events can be significant and are challenging risk management programs to stay up to date and codify the range of organizational threats. For example, data breaches at organizations such as Target and Sony, can erode loss of customer and stakeholder trust, pose monetary penalties for businesses that fail to comply with data protection legislation and lead to drastic financial losses and depreciation of shareholder value in the hundreds of millions of dollars.

To help companies meet all relevant information security regulations, industry standards, and contractual obligations, BWise has integrated an information security solution—BWise Information Security (InfoSec) within the BWise GRC Platform. “By integrating information security within the BWise GRC Platform, we can take a risk-based approach to providing Chief Information Security Officers with a holistic view of IT risks, including cyber risk,” says Adena. BWise InfoSec also helps users execute treatment plans for remediation and ensures appropriate follow up of non-conformities. Its robust reporting capabilities allow users to generate a Statement of Applicability, as defined by ISO 27001, and a security assessment report–directly from the application with a single click.

The information security solution also integrates with vulnerability scanners, security incident and event monitoring tools, baseline analyzers, and IT incident ticketing tools to help organizations protect privacy and provide confidentiality, integrity, and availability of critical information assets. It offers real-time insights into the threats and vulnerabilities that may affect an organization’s information security management system and enables users to respond immediately in case of any security breaches.
Needless to say, the firm stands a mile ahead of the competition for its unique IT security services that aim to improve the agility, flexibility, and cost-effectiveness of the next generation needs of information security and compliance programs worldwide.

"We can take a risk-based approach to providing Chief Information Security Officers with a holistic view of IT risks, including cyber risk"

A Promise Delivered

In one instance, the largest Islamic bank in the United Arab Emirates—Dubai Islamic Bank, deployed BWise eGRC platform to enhance and strengthen its risk management practices throughout the organization. “We selected Nasdaq BWise because of its user-friendliness in one integrated GRC platform. In this way the compliance, risk and internal control departments can have access to the right information from one single source,” says Mohamed Abdulla Al Nahdi, Deputy CEO at Dubai Islamic Bank. BWise’s global expertise in the financial services industry provides Dubai Islamic Bank with the best-in-class GRC solution, supported by the Arabic language capabilities in BWise. With the company’s GRC platform, the bank can now seamlessly monitor and manage risks, compile and report to the higher regulatory authorities for further enhancing their risk management, compliance, and internal control processes. The BWise platform also strengthens Dubai Islamic Bank’s efforts for meeting future compliance requirements, while significantly streamlining their risk and audit processes.

The latest version of the GRC software platform is built upon proven technology with a new user interface designed to support GRC professionals in their critical mission better than ever before. The firm works to embrace new technologies and address essential requisites of industry in the coming years. Nasdaq BWise is also planning to bring in more acquisitions and continue to execute on its vision of becoming the GRC global market leader for the customers, employees, and stakeholders.

With renowned names like Electrolux, Portucel Soporcel Group and much more in its client roster, Nasdaq BWise reflects the achievements and commitment of the entire team and is bullish on strengthening its position in the industry. The team intends to unveil innovative products that will set additional benchmarks of excellence in helping companies to achieve their business goals, build trust and be transparent, whether it’s driven by GRC, board and leadership communications or trade risk management and surveillance efforts. Forging ahead, the firm continues to take its holistic risk-driven approach for enabling organizations to identify the potential pitfalls in areas of data protection, risk and compliance, threat management, and cybersecurity monitoring, significantly providing a framework to manage them effectively.

Nasdaq BWise

Rosmalen, NB

Adena Friedman, President & CEO of Nasdaq and Jonathan Deeks, Head of Nasdaq BWise

Provides an enterprise-grade Governance, Risk and Compliance management solution to administer all aspects of the compliance on a holistic level