Reimagining your approach to compliance and risk management

Aspida is helping businesses revolutionise the way they handle their compliance and risk management – combining innovative tech solutions with a trainee programme that is helping to deliver the experts of tomorrow

At Aspida, we take an integrated approach to risk management, using our evolutionary multi-jurisdictional platform, Resolver by Aspida, to manage compliance and regulatory risks, cyber, ESG, risk management, vendor risk and wider support for organisation-wide internal audit.

Our tech is great, but the value add comes from the dynamic partnerships between our people and tech.

We are proud to have a diverse team of seasoned professionals in cyber, compliance and risk, corporate governance, internal audit, environmental and social responsibility and technology development. 

With an eye on the future, we are proud, too, of our trainee development programme, now in its third year. This ensures our future consultants are pursuing their professional qualifications, along with practical experience and the development of cutting edge technology. Together, an unbeatable team!

In developing Resolver by Aspida, we have been keen to ensure that it sits in the centre of managing that wide range of risks that a business faces today – adding value to your business, not hindering its development.

Regtech, or the use of technology to improve regulatory governance, often misses a vital ingredient however – people.  

At Aspida, we know that our people, and the staff of our clients, are pivotal to what we do and are integral to our reputation, and so the focus of our digitisation has been on reducing mundane tasks, improving efficiency and effectiveness to allow more time for value-added contributions from our people.  

We started this journey three years ago, when we launched the first compliance trainee scheme, ensuring our risk professionals have the right mix of technical as well as professional skills.

Evolution of governance, risk and compliance

Compliance is necessary, so why make it complicated? Resolver by Aspida is cutting edge governance, risk and compliance (GRC) software that helps you to easily organise, manage and keep up with regulatory requirements for efficient and comprehensive compliance. 

It enables in-depth and ongoing testing with the peace of mind that it incorporates all of the latest in Guernsey regulations and industry best practice to provide assurance to the board on the design and operating effectiveness of its internal controls, policies and procedures.

With real-time testing, Resolver by Aspida provides more transparent information on the monitoring being undertaken on your behalf. It allows you to easily engage with the first line to ensure that they can conduct the necessary risk assessments, manage risks and remediate regulatory gaps.

Automate process, reduce risks, decrease compliance fatigue – Resolver by Aspida is both evolution and solution when it comes to the key GRC challenges businesses face.

Included within the platform is our incident management functionality, an end-to-end solution that helps you to manage the entire incident lifecycle by driving the insight you need to efficiently reduce incidents and the impacts they have on your organisation.

Furthermore, our risk management tool enables better remote risk management by improving engagement with the front line with a guided single-page risk assessment, a simple task list and easy reporting.

IT compliance and risk (cyber security), internal audit and internal controls management (for third line support), vendor risk management (for outsourcing risk) and integrated ESG solution modules are to follow. The key benefits include:

• Prioritising your highest risk regulations
• Gaining organisation-wide compliance oversight
• Reducing compliance fatigue on the business
• Proving compliance to regulators.

Cyber security and resiliency

The pandemic has accelerated businesses’ move to digital business models, often moving vast volumes of ‘big data’ to the cloud and embracing hybrid working models in order to operate more efficiently and competitively.

The speed of digital transformation has opened up many businesses to new cyber security risks due to the complexity of technology that has been implemented and a lack of knowledge and awareness, particularly where reliance is placed on cloud services providers (CSPs). 

As part of your business digital transformation, you will likely have moved to a cloud environment, adopting various cloud services – such as internet as a service (IaaS), platform as a services (PaaS), software as a service (SaaS) and desktop as a service (DaaS) – often through the use of a CSP, which may provide additional levels of IT managed services. 

Such appointments can assist greatly in improving business efficiency and reduce the expenditure required for s business’s own software and hardware resources.

Moving to a digital business model and embracing cloud technology can bring many benefits, but boards must ensure they understand the implications of digital technology, the risks of appointing CSPs and the reliance placed on them. 

The cyber security risks relating to cloud environments and the governance, and risk management required, will ensure that the business has a clear and effective cyber posture that identifies, understands, prioritises, communicates, trains and mitigates cyber security risks.

In developing your business digital strategy, you must carefully consider new and emerging threats and risks that are relevant to your business and its related technologies. 

Creating and developing a secure digital environment is not only about tactical and short-term technical solutions, but also about ensuring that your key risks are identified and sufficiently mitigated and that you can demonstrate your material assets are adequately protected.

We are able to assist your business in developing and implementing your cyber security programme in line with your strategic objectives and risk appetite. Through our software, we can efficiently map and report on compliance with the NIST cyber security framework and the Guernsey Financial Services Commission’s Cyber Security Rules and Guidance, 2021.

Our Head of Operations and Cyber Security, Sarah Sarre, is well known to our clients for helping them develop effective policies, procedures and controls to meet their regulatory obligations. 

Some might not be aware that Sarah is a qualified cyber security practitioner as well as a certified blockchain expert. Sarah and her team are therefore uniquely placed to help you navigate your existing regulatory challenges and embrace and embed the new.

Aspida Advisory Trainee Programme

At Aspida, we are especially proud of our commitment to the personal support and professional development of our staff.

Our Advisory Services Trainee Programme has been introduced to find our next generation of consultants and could lead to a career in compliance, cyber security, risk and assurance, governance, IT or ESG.

The talented, personable and enthusiastic individuals entering our programme are offered top-quality training, as well as access to some of the leading local professionals, providing a breadth of learning and development opportunities that are not typically available within the finance world.

As a leading provider of advisory services, we recognise the growing demand for quality professionals in a constantly developing and increasingly high-profile field. Our aim is to deliver a training programme that becomes renowned for the excellence of its ‘graduates’.

Meet the trainees: Blainé and Xan

Blainé and Xan are in their third and second years of the trainee programme respectively, and offer valuable insights into the changing landscape of technology in the workplace, as well as their involvement in the development of Resolver by Aspida.

Blainé McDaid, a Compliance Senior Associate in her third year on the programme, joined Aspida as a trainee in our first launch of the Aspida Advisory Trainee Programme. 

“I found this programme to be a wonderful opportunity for people to enter into the finance industry and gain experience, whether you have a background in finance or not. I’ve been able to gain a wealth of knowledge from my team, which I am now able to pass on to the new trainees as they enter the programme,” she says.

“For someone with a not very ‘tech savvy’ background, I have found that using different systems and forms of technology has been made very easy with the support of my team and with the on-the-job training provided to me.”

Our trainees have been an instrumental asset to us while developing Resolver by Aspida. They now have an in-depth knowledge of the system. 

“We have been lucky to have been involved with the Resolver Project for the first stages of testing, allowing us to explore the system and give feedback before Resolver was launched as a final product,” adds Blainé. “I believe this has also given us an advantageous insight of the system.”

Technology is a growing element of almost every business activity today, and we realise the need to remain up to date, with the latest methods and systems in place. 

For advisory services, digitalisation can improve how effectively we work and reduce the component of human error. However, it is important also that the aim is not to remove the human element but rather to find the right balance for processes.    
 
Blainé cites the many opportunities that have arisen in the past year. “What has been great is the expansion of the trainee programme, the launch of Resolver –which has changed how we look and preform CMP testing completely – and the opportunities open to the trainees.

"This has allowed us to choose our main area of experience based on what we enjoy and are interested in – be it cyber security, corporate governance, compliance and risk or any other areas.”

Xan Walker, a Compliance Associate in his second year of training, says: “As the world of regulation evolves around us, technology will have to keep up, and being at the forefront of those changes is an interesting position to be in. It makes daily life at Aspida very enjoyable.

“I have been involved in writing some of the design and operating tests, as well as publishing news items, regulatory updates and CMP testing. 

“During my time so far on the trainee programme, I have noticed how quickly technology has progressed and am excited to be part of a team that appears to be one of the more technologically innovative in Guernsey.”

Xan continues: “This has enabled the smaller, more monotonous tasks to be almost fully automated, which gives greater scope for more complex work and projects. That makes it an exciting time to be at Aspida Group.” 

Further information

As a business, your risks don’t exist in silos, so don’t manage them that way. At Aspida, we are proud to be able to offer our clients innovative and integrated solutions to managing all those risks, as a result of our long-term investment in technology and people – an unbeatable combination. 

We are looking for our next intake of trainees to start their career with us in September 2022. Find out more about what the programme offers by visiting our website: www.aspidagroup.com/advisory-trainee-programme

• This advertising feature was first published in the November 2021 - January 2022 Technology Edition of Businesslife magazine