Enterprise Governance Risk and Compliance (GRC) Management Solution in India

Compliance Management à RSJ Lexsys
29 Aug 2017

Contenu connexe

Similaire à Enterprise Governance Risk and Compliance (GRC) Management Solution in India(20)


Enterprise Governance Risk and Compliance (GRC) Management Solution in India

  1. GRC Solutions to manage your business risks Business Critical Preventive Integrated Technology Driven Risk Comes from not knowing what you’re doing. ….Warren Bufett…
  2. Compliance - Changing Governance Landscape… © RSJ Lexsys Pvt Ltd. 2 All Rights Reserved Companies Act 2013 have brought in many changes in contrast with Companies Act 1956. The reporting and responsibility matrix have not only been clearly defined, the penal provisions have become more stringent. Sec 204, Companies Rules 2014 - Secretarial Audit Report mandatory for: - Every listed company and - Every public company having paid-up capital of INR 50 Crore or more; or - Every public company having a turnover of INR 250 Crore or more Clause 49 (II/D/3) - A Board is to periodically review the compliance reports of all laws applicable to a company, and prepared by it as well as the steps taken by it to rectify instances of noncompliance. Section 134 (5d) - Board of Directors to declare following in Directors’ Report: - Have devised proper systems to ensure compliance with provisions of all applicable laws - Have ensured such systems were adequate and operating effectively Section 205 (1) - The Company Secretary shall report to Board of Directors, status of compliances under all applicable laws.
  3. Compliance – Operational Challenges… © RSJ Lexsys Pvt Ltd. 3 All Rights Reserved INTERNAL CHALLENGES • Lack of ownership • Lack of awareness • Segmented initiatives • Process owner changes • Process changes LEGISLATIVE CHALLENGES • Large no. of legislations • Central & States • Multiple regulators • Multiple business locations • Industry Specific Guidelines SYSTEM CHALLENGES • Compliance System not standardized • Multiple Compliance vendors – Act Specific COMPLIANCE REPORTING • No Standardization & Consolidation of compliance reports. • Board needs reports in every AGM & meetings Why Compliance Management System? An average organization has to manage ~ 2,500+ Compliance per entity under ~90 Acts. It’s more than B2B sales leads handled in that year or no. of employees
  4. 4 Regulatory Risk Index 2016… Source: Verisk Maplecroft 81% of respondents agree that compliance will need to optimize operations in order to manage a more complex set of risks under tighter resourcing conditions. 2016 Compliance Risk Study 93% Practitioners expected personal liability of compliance professionals to increase in 2016. Respondents @ Thomas Reuters New York customer summit
  5. Compliance Management Solution The need and solution overview
  6. Solution Offerings.. © RSJ Lexsys Pvt Ltd. 6 All Rights Reserved Integrated Product line – cross leveraging platforms and contents Enterprise Solutions LexComply - Corp Internal Financial Control System Litigation Management System Professionals & Firms LexComply - Compact2013 Advisory Mycorporatedecisions. com Registrationsandappro LexComply - ECB LexComply - FDI LexComply - TRAI LexComply - FSSAI LexComply - FIRE LexComply - Pro GRC Solution Landscape Know and manage your business risks
  7. State & Central Acts 285+ Unique Compliance 12,750+ Corporate Events 1,000+ 1,500+ Acts Related Documents 4,600+ Legal Updates 3,000+ Corporate Clients 60+ Compliance Executed 14,000+ Compliance Filing Forms Legislative Coverage.. © RSJ Lexsys Pvt Ltd. 7 All Rights Reserved Type of Acts Covered States Covered Corporate Trade Laws Labour Regulatory SEBI Environment Information Tech Intellectual Property Taxation EXIM / FEMA Legal Metrology Health & Welfare Treasury Property FSSAI RBI FDI ..Many More Andhra Pradesh Chandigarh Delhi Haryana Karnataka Maharashtra Punjab Tamil Nadu Telangana Uttar Pradesh West Bengal More Coming..
  8. Low Mid High Display of Certificate Welfare Do’s & Dont’s VAT Monthly Returns Register of Directors Payment of service tax Disposal Of waste Registration/ Licensing Directors Appointment PF & ESI Contribution RBI Approvals Impact Likelihood Event Based Ongoing – 54% Payment of VAT Payment of Service Tax New Product / Services Change in KMP Business Set-Up Opening Of Offices Registers Deduction of TDS Fire and Safety Display of Certificates Likelihood 40% Date Based 7% %age of Compliances Business Criticality Types Impact of Non-compliance Monetary 96% Operational 18% Imprisonment 70% Managing the compliance complexities… Register s for Electronic Voting Provident Fund Submission © RSJ Lexsys Pvt Ltd. 8 All Rights Reserved Lights& Ventilation
  9. System Functionalities.. © RSJ Lexsys Pvt Ltd. 9 All Rights Reserved Product Features Content Manageme nt Legislative Updates & Monitoring Real time monitoring Accountability Audit Manageme nt Event Manageme nt - Act Language for all Compliance – Section / Sub Section, Applicability, Penal Provision, Key Definitions, Exemptions, Criticalities - Statutory agency’s details – Name, Website, Address for filing - Compliance Filing Forms - 200+ website surfed, multiple subscriptions taken to track legislative updates & changes: • Updation of Acts and Compliance in system • Updates available by dates and acts • Updates mailed regularly - Enables Pre & Post event compliance planning - Auto allocate relevant compliance across organization - Enables corporate event advisory – Advice board / management on compliance obligations from events - Create auditor’s role with read only access to relevant data. - Allocate auditor’s role by location and department. - “Archive” function - Check definition at the time of compliance reporting - Consolidated or task-wise compliance status - Reports / Dashboard. - Role Based Automated reports for various stakeholders. - Download data in CSV or Excel - Compliance matrix & hierarchy for execution of all compliance tasks. - Due diligence with system alerts, notification, and periodic reports.
  10. System Functionalities.. © RSJ Lexsys Pvt Ltd. 10 All Rights Reserved Document Management •Maintain repository of all registrations, approvals, licenses for unlimited period •Allows multi proofs uploads against each compliance •1 Click search of compliance proofs uploaded under acts / compliance •Allows uploading of past data & documents. Reports & Dashboards •Dashboards with drill down feature; exportable to PPT. •Scheduled reports in pre- defined formats mailed to relevant stakeholders. •Ad-hoc Reporting - Exportable to excel: Group / Company Wise, Location wise, Department Wise, Compliance Status wise, FPR / Approver / HOD wise, Defined Period, etc. Escalation & Reminders •Auto generated reminders & escalations on system, mails & SMS – 10, 7, 5, 3, 2,1,0 days from due date. •On addition of new compliance in an act. •Notifications to relevant stakeholders in case of date extension by authority Compliance Organogram •Configure unlimited companies. •FPR – Approver – HOD hierarchy and responsibility matrix for every compliance. •Maker-Checker process for compliance closure & event generation •Map compliance service provider & contractors for reporting; •Bifurcate compliance into further tasks •Create duplicate compliance in case of multiple locations or complex responsibility matrix Compliance Calendar •Compliance due dates highlighted on the compliance calendar – Current, Past & Future months. •Summary view on complete month •Drill down from calendar to check, and report dues compliance. •Compliance knowhow. •Event Check Cycle every fortnight •On-going Compliance reporting on last date of the month.
  11. Technical Differentiations.. © RSJ Lexsys Pvt Ltd. 11 All Rights Reserved Security Audits •Quarterly Audits for Application level Security Controls by AKS IT Services; areas covered: •SQL Injection •Session Management •Broken Authentication •Cross Site Scripting •Malicious File Uploading •Directory Browsing •Sensitive Data exposure. Other Key Functionalities •User Trainings •User, admin trainings provided during implementation and on request. •Training videos provided for all kind of users – FPR, Approver, HOD and Admin •Easy re-allocate compliance – During long leaves, role changes & attrition. •Assessment Services - Onsite visits / services for quality assessment of reported compliance Easy Implementation • Relevancy • Only relevant compliance to • Relevant stakeholders @ • Relevant time • Flexibility to chose act wise or enterprise implementation. • Easy ramp-up by acts, entity from admin panel. • Implementation cycle starts from 1 week. Roles Definitions • Super Admin – Defines group level hierarchy, define admin, Payments, etc. • Admin - Allocate acts, events & compliance, Management user • FPR – Initiates reporting • Approver – Approves compliance • HOD – Monitors FPR & Approver • Management – Read only access for reporting & auditing System Security • Supporting CIA Security Model – Confidentiality, Integrity and availability. • Daily, Weekly & Monthly backups are taken • Application Hosted on Tier IV Certified Data Centers with all required safety controls. • Mobile Enabled Technology • Technology – PHP & mySQL
  12. System Set-Up Process… © RSJ Lexsys Pvt Ltd. 12 All Rights Reserved
  13. Application Hosting Environments… © RSJ Lexsys Pvt Ltd. 13 All Rights Reserved • Tier IV Certified Data Center • Hosted in Los Angeles with required safety controls • Fully managed hardware • 99.999% uptime SLA – 4 hrs. • 20X faster load times with SSD • Partner with Corero to defend against DDos attacks. • Having 10Gbps switches to change the routing automatically if any bandwidth goes down. • 24x7 Security, Video Surveillance, Bio-metric Access & Uninterrupted Power supply • Dedicated Server Management team – 24x7x365. • Managed Hosting • Reboot less Upgrades Primary Site • Tier IV Certified Data Center • Fully managed hardware • 99.9% uptime SLA – 4 hrs. • Backing up content and data on server2 • SSL installed • Security Scan & Audit (SSA) • Intrusion Prevention • 24/7 Security, Video Surveillance, Bio-metric Access & Uninterrupted Power • Dedicated Server Management team available 24X7X365. • Managed Hosting • Reboot less Upgrades Disaster Recovery Site
  14. Corporate Overview & Clientele
  15. Corporate Brief.. © RSJ Lexsys Pvt Ltd. 15 All Rights Reserved Gaurav Jain (Founder) • Manages innovation, client services • 14+ years experience as Company Secretary • Serviced 500+ Corporates for Corporate Law Compliance, Due Diligence, FIPB, Venture Capital Fund, JV’s. The founding members… Thomas Abraham (Co-Founder) • Drives strategic initiatives • 30+ years of experience across FinTech, Publishing, Telecom & IT • Worked with global leadership teams as MD of Wolters Kluwer and Sage Jyant Kohli (Co-Founder) • Responsible for expansion & partnerships • 15+ Years experience across Education, IT, HR Technology & Compliance Service industries • An entrepreneur having worked with Indian & multinational organizations. Pooja Agarwal (Co-Founder) • Responsible for content creation & finance • ICSI, ICAI, IFRS Compliance Professional with 13+ Years of experience An offshoot of RSJ Professionals, a CS Firm since 2004 servicing 500+ Clients Incorporated in Feb, 2015 Head Quartered in Delhi Servicing client in North, West & South India In House team of 30+ Technical & Legal Experts Strong Partner ecosystem: 10+ partners 60 + corporates across industries changed the way they manage compliance
  16. Clients & Partners… © RSJ Lexsys Pvt Ltd. 16 All Rights Reserved PartnersClients