CONNECT SIMPLIFY PERFORM

Transcription

1 REUTERS/Gene Blevins CONNECT SIMPLIFY PERFORM DELIVERING A UNIFIED PLATFORM APPROACH TO GOVERNANCE, RISK AND COMPLIANCE Statement of intent This paper provides insight into our GRC strategy and our future vision for a single GRC platform.

2 RISK AND OPPORTUNITY: TWO SIDES OF THE SAME COIN Risk is an integral part of any commercial activity. Understanding the direct and indirect risks facing an organisation and planning accordingly are both essential if one is to maximise return. Risks from increasing regulation and enforcement combine with less tangible risks from the wider commercial and physical environment to present a complex landscape. The risk posed by a continually shifting regulatory and legislative landscape has organisations dealing with an increasingly complex set of rules, regulations and reporting requirements. Firms need to actively monitor changing regulations and understand the implications for their businesses. The pressure is enormous. Regulatory volume and complexity continue to grow and a diverse set of business risks continue to emerge and abound. In an environment where regulatory transgressions can cost millions - and headlines even more - and where executives and board members are individually accountable, the scrutiny can seem relentless. Regulators, shareholders and the wider, unforgiving media lens are all asking for better oversight and calling on organisations to govern themselves more effectively and transparently. Beyond the complexity of regulatory compliance are wider operational risks from commercial, economic and environmental factors. Understanding these risks and their potential impact on the organisation poses different challenges, including modelling, quantification, ranking and planning responses and ongoing monitoring. And while strategy at the top may be considered and sound, less than 10% of strategies that are effectively formulated are effectively executed (Fortune Magazine). Risk comes from not knowing what you re doing. In a market that demands principled performance, organisations can be blinded by complexity and lack of connectivity, leading to: disjointed operating strategies and confused execution organisational silos with no shared view of risk duplicated practices and wasted resources and information the opportunity cost of indecision Today, proactive firms are recognising that a connected approach to governance, risk and compliance is not just critical to regulatory compliance, it s also good business practise. Having no coherent view of what is happening in the organisation is increasing enterprise risk and affecting the ability of senior management to execute strategy effectively. Today, proactive firms are recognising that a connected approach to governance, risk and compliance is not just critical to regulatory compliance, it s also good business practise. These organisations are looking to unified technology and information solutions that streamline their processes and workflow, while connecting disparate silos to form a connected governance, risk and compliance strategy. 2 CONNECT SIMPLIFY PERFORM JUNE 2013

3 Figure 1 TRACKED REGULATORY ACTIVITY UK Bribery Act Passed Basel III Publication UK Bribery Act Live FATCA Intergovermental Agreement EU Regulation on OTC Derivatives (EMIR) Entered into Force UK Financial Services Bill Passed 2500 Dodd-Frank Act Passed Dodd-Frank Final Entity Definitions Rules Finalized by CFTC and SEC Short selling regulation Entered into force Australasia 1000 Asia 500 Middle East North America 0 Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec UK/Europe TOTAL ALERTS YEAR-ON-YEAR AVERAGE DAILY ALERTS ,075 8,704 12,179 (+ 16%) 14,215 (+ 21%) (+ 17%) 17,763 (+ 25%) 75 Figure 2 COSTS OF NON-COMPLIANCE 3 CONNECT SIMPLIFY PERFORM JUNE 2013

4 Three principles drive knowledge across the enterprise, reduce risk and empower performance: CONNECT SIMPLIFY PERFORM Connect: to the external regulatory drivers Connect: to operational risk factors Connect: governance, risk and compliance workflow Connect: oversight with operations Being connected is key. What happens in the external environment is intricately tied to an organisation s own operations, and as such, needs to be connected to them. If you are blind to a regulatory change; if it s not understood; if you haven t identified the operational risk factors that impact your organisation or if the correct monitoring, controls and responses are not in place across your operations, that s when you re most at risk. That external connection is the bedrock, but to be effective it needs to be supported by internal connectivity, both horizontally and vertically across the organisation. Connecting shared data, knowledge and processes across functional roles and departments, with visibility at board level, is essential. Knowledge shared outside silos equals knowing what you re doing across the organisation. The unified platform approach for GRC delivers this connectivity. Governance, risk and compliance activities are, by nature, interconnected and rely on common sets of information, taxonomy, methodology, processes and technology. By establishing a common, connected discipline around regulations, policies, risks, controls and issues, leading organisations have demonstrated that they can better leverage information, gain operating efficiencies and provide greater transparency into legal, regulatory, operational and overall business risks. Connectivity cuts through expensive, duplicated activity and reduces the potential for important risks to fall through the cracks. Creating an enterprise portfolio view of risk means that the business can connect risk-based planning scenarios for informed decision making and executable strategies. It also provides effective oversight for management and the board. Connectivity leads to simplification. There s less duplication of human and IT effort and resources. As elements of workflow are automated, complex, often repetitive, error prone manual processes are eliminated and costs are reduced. 4 CONNECT SIMPLIFY PERFORM JUNE 2013

5 Simplify: with a single view and vocabulary for risk across the enterprise Simplify: complex data with a shared taxonomy and flexible data models Simplify: governance, risk and compliance workflow processes Simplify: implementation and adoption The increasing volume of regulation, complex products, cross-border activity, multiple supervisors and the emergence of big data, together with disconnected systems and processes to manage enterprise risk, all lead to a level of complexity and duplication that can be overwhelming. Organisations are inundated with the amount of regulatory change they face. For financial services firms alone, our regulatory intelligence team tracked 18,000 regulatory changes in New laws, changing regulations, court decisions, sanctions updates and geopolitical events need to be tracked and assessed for how they will impact strategy, performance, controls and integrity within an organisation. Organisations need trusted regulatory content and data (we call this regulatory and risk intelligence), that can be combined with their own internal data. Simplification comes when this content is connected by an industry standard taxonomy used to describe all of this content in an easily accessible classification scheme and vocabulary that is available for workflow automation. Governance, risk and compliance workflow processes are standardised and linked directly to regulatory and risk intelligence. The right information is delivered to the right human eyes for informed decision making, with the right reporting and audit trails for management and regulators. Simplicity is also an important consideration in how you choose to deploy. This will depend on size, budget and the maturity of your GRC operations. The unified platform provides a choice of deployment options including onsite install, hosted application and secure SaaS. 5 CONNECT SIMPLIFY PERFORM JUNE 2013

6 Perform: turn risk into opportunity, Perform: make better informed decisions faster Perform: mitigate enforcement and reputational damage Perform: optimise resource and personnel The ability of your organisation to move fast and drive principled business performance is essential to competitive advantage and profitability. Governance, risk management and compliance should be about enabling the organisation to accelerate and grow. Incomplete risk information and complex, frequently changing regulatory mandates can slow down or even impede innovation and render your business vulnerable to excessive risk. Investment in and maturing of compliance, audit and risk management practices provides the opportunity for your business to offer new products, expand operations, and accelerate performance. CONNECT, SIMPLIFY AND PERFORM: THE UNIFIED PLATFORM APPROACH Thomson Reuters Accelus delivers a unified platform approach for governance, risk management and compliance. At the heart of this integrated approach is the ability to drive communication, collaboration and data across the enterprise, breaking down silos and driving a single GRC culture across the organisation. By adopting a common platform with shared content, benchmark taxonomies and workflows, professionals can gain insight from shared GRC initiatives - but through lenses specific to their unique requirements. By facilitating connectivity between the various assurance functions, the front office and the board, Accelus informs and simplifies GRC complexity, supporting analysis and decision-making, translating risk into opportunity and enabling organisations to run their businesses in a more principled, effective and productive fashion. No other provider can offer the vision and ability to execute that Thomson Reuters offers. Accelus provides proven, best-of-class information, technology and services with the common goal of managing business risk and driving business value. Continued investment in the unified platform approach for GRC, coupled with ongoing integration of new capabilities, tools and sophisticated delivery, such as gamification, underpin ongoing strategy and execution. Our partnership approach and commitment to service mean the undertaking to connect, simplify and perform is a shared mission - one we take together with our customers. 6 CONNECT SIMPLIFY PERFORM JUNE 2013

7 THE UNIFIED PLATFORM APPROACH FOR GRC Thomson Reuters Accelus is a combination of proven, best-of-class information, software and services with the common goal of managing business risk and driving business value. It offers comprehensive solutions built to address the GRC challenges of legal, compliance, audit and risk management professionals. Figure 3 UNIFIED PLATFORM COMMUNITIES CUSTOMER TO THE DEVICE TO THE DESK MANAGED SERVICE ENTERPRISE DEPLOYED TAXONOMY NEWS CONTENT ANALYTICS RISK INTELLIGENCE REGULATORY INSIGHT SaaS TO THE PORTAL The Foundation: The foundation of the unified platform approach for GRC are common organisation-wide workflow and policies informed by a structured understanding of operational risk, deep insight into the impact of regulations and proactive management of assurance operations. Content and Risk Intelligence: This includes rulebooks from 400 regulators, over 18,000 regulatory updates per year, World-Check (the comprehensive financial crime watch list database), impact analysis from subject matter experts, benchmark data and risk intelligence. It also includes your own internal data and third party data to provide a full picture of risk. The Connective Taxonomy: This is the connective tissue between external regulatory change and internal operations and processes. It means that the rich and dynamic vein of content is delivered in an easily accessible classification scheme that is available for workflow and system automation across the enterprise. It also ensures that the right intelligence reaches the right people across the organisation for better- informed, faster decision-making. The Enterprise Layer: The enterprise layer houses the technology, workflow and common data model GRC capabilities to enable all assurance groups to leverage a common, integrated solution. Workflows are configured and purposebuilt functionality is provided to address each step in the end-to-end governance, risk and compliance process. This shared framework for describing and assessing risks provides the flexibility for groups within the organisation to meet their own risk management requirements, but also act as a unified force to identify and address risk across the organisation. 7 CONNECT SIMPLIFY PERFORM JUNE 2013

8 The Customer Layer: The customer layer provides a common user interface across Accelus, which is also shared with the Thomson Reuters Eikon buyside and sellside platform. Audit, risk, and compliance professionals can access information, perform complex tasks and review analytics while moving seamlessly between web portal, desktop and mobile device. Common data, shared dashboards and heat-maps provide a single enterprise-wide view of risk, rather than multiple silo views. The organisation is connected with a common language of risk, control and compliance. GRC programs extend horizontally and vertically, supported by monitoring and e-learning, with the board serviced by risk-views back into the organisation. Communities: No organisation or individual is an island. No matter your industry, we recognise how important it is for you to talk to your peers, share views on trends and make the most of opportunities around you. Through our unified platform approach, Accelus offers a connected set of information and solutions that provides specialised capabilities to the board, as well as to compliance, risk management, internal audit and operational professionals, such as MLROs. Accelus connects these communities through a common language of risk, control and compliance. We connect you to the wider community by building communication tools into our platforms to engage clients and bring them together in one place. From discussion forums, live messenger services and online chat rooms, to community events that deliver the latest market intelligence, we provide channels for our customers to connect, discover and share ideas. KNOW MORE: THE CONTENT LAYER Connect: Content that connects you to regulation and insight from the experts to break risk down Simplify: Content that identifies and monitors risk in your organisation Perform: Content that enables you to make well informed business decisions The foundations of Accelus are information, news and analysis, both for regulation and for risk. For compliance professionals, Accelus Regulatory Intelligence serves as the single source for regulatory news, analysis, rules and developments. The diverse content sets that compose Regulatory Intelligence provide up-to-date information to enable you to make informed decisions and put the necessary controls in place. Thomson Reuters World-Check Risk Intelligence is a comprehensive and widely adopted source of structured intelligence on Politically Exposed Persons (PEPs) and heightened risk individuals and entities. In conjunction with specialist risk screening, transaction monitoring software and IntegraScreen enhanced due diligence, it serves the Know Your Customer (KYC) requirement of highly regulated industries and acts as an early warning sign for hidden risk. It includes KYC, Anti-Money Laundering (AML), organised crime, sanctions, Countering the Financing of Terrorism (CFT), and PEPs intelligence. By connecting regulatory developments with meaningful expert interpretation, you spend less time searching for and stitching together disparate information and more 8 CONNECT SIMPLIFY PERFORM JUNE 2013

9 time managing risk and adding value to your business. Accelus Regulatory Intelligence solutions set the standard for coverage, with the tracking and reporting of over 18,000 regulatory changes annually. Accelus Regulatory Intelligence content includes information from more than 400 global regulators and exchanges, tracking thousands of individual regulatory events such as policy statements, speeches, rule filings and consultation papers. Accelus Financial Crime Prevention solutions provide the most comprehensive range of capabilities in areas such as due diligence, risk intelligence and transaction monitoring. Risk intelligence research is conducted at 11 research centres located across five continents and covering 240+ countries. A team of more than 200 research analysts conducts research in 60+ local languages, enabling a high level of accuracy in on-the-ground and local media research. Relied on by organisations in 150+ countries, Thomson Reuters World-Check solutions are used daily across all markets and industries, for any size and type of organisation, including over 60 of the world s top 100 corporations, 49 of the world s top 50 banks and over 300 enforcement and regulatory agencies. UNDERSTAND MORE: THE TAXONOMY LAYER Connect: Connects the right information with the right people and processes Simplify: Easily accessible classification scheme provides a common vocabulary Perform: Removes duplication of effort, and delivers actionable information apple 18,000+ regulatory updates tracked per year apple 400+ regulatory agencies covered apple 400+ sanctions lists monitored apple More than 240 countries covered apple In depth impact analysis from industry experts Regulatory experts from both within Thomson Reuters and across key industry players have contributed to a connected and extensive benchmark taxonomy that is being delivered as a connective layer for content in the platform. DO MORE: THE ENTERPRISE WORK FLOW LAYER Connect: Connects regulatory information to internal governance, risk and compliance business process workflow Simplify: Creates stable, transparent and repeatable processes across the business Perform: Removes duplication of effort, generates consistent reporting, and delivers information to the right people The enterprise layer contains feature-rich software and information to support the complex processes of risk management, policy management, internal audit, regulatory event management, e-learning, risk assessment, SEC reporting and disclosures, transaction monitoring, due diligence, risk screening, regulatory and risk intelligence as well as monitoring, testing and assessments. Utilising a modular approach, organisations can leverage the entire platform or select 9 CONNECT SIMPLIFY PERFORM JUNE 2013

10 specific capabilities to solve targeted business problems. While the word enterprise often carries connotations of large scale organisations, the scalability of modules and flexible delivery options mean that the platform scales to organisations of any size large or small, with varying degrees of governance, risk and compliance program maturity. Accelus is designed in partnership with our customers and utilises the extensive domain experience of Thomson Reuters to connect regulatory information to internal governance, risk and compliance business processes. Through the sharing of common definitions and terms, organisational reporting structures, taxonomies and frameworks, assurance professionals are able to realise improved data accuracy, consistent collaboration and a streamlined approach to GRC. Figure 4 & 5 GRC WORKFLOW REVIEW, REALIGN AND REPORT TRACK REGULATORY DEVELOPMENT TEST AUDIT AND TAXONOMY Regulatory Intelligence CONTENT CONTROL MONITOR AND Firm Specific Third Party IDENTIFY AND MAP RISK TRAIN AND EDUCATE CREATE/UPDATE POLICIES COMMUNITY B Board COO Chief Operating Officer MLRO Money Laundering Reporting Officer CEO Chief Executive Officer CFO Chief Financial Officer FBT Frontline Business Teams CRO Chief Risk Officer HRM Head of Risk Management GC General Counsel CCO Chief Compliance Officer HOR Head of Operational Risk HR Human Resources CAO Chief Audit Officer HERM Head of Enterprise Risk Management EC External Consultants 10 CONNECT SIMPLIFY PERFORM JUNE 2013

11 TRACK REGULATORY DEVELOPMENT IDENTIFY AND MAP RISK CCO CRO MLRO EC GC CRO COO HRM HERM HOR GC Understand changing regulation and the potential risks and business impacts Understand market shifts through expert news and analysis Intelligence from more than 400 regulators in over 180 countries Automate tracking of regulatory developments Link policies to hosted regulatory rulebooks Make informed decisions based on expert guidance and practice notes TRAIN AND EDUCATE Drive risk appetite framework into the organisation and deliver risk-based decision-making Identify, manage, and track risk Quantify costs and business impacts Streamline and automate documentation Optimise enterprise and operational risk CREATE/UPDATE POLICIES CCO CRO MLRO CAO HR FBT EC CCO CRO CAO MLRO FBT EC Educate employees on compliance-related issues, policy and procedure, identify areas of risk, and demonstrate completion Engaging, interactive, training courses Latest gamification techniques enhance adoption and recall Real-world examples and case studies Customisable based on policy requirements Test user knowledge and comprehension Actionable data to enhance your ability to manage and mitigate risk Audit functionality and on-demand reporting capabilities Delivered in 19 different languages MONITOR AND CONTROL Link regulation to policy, implement appropriate controls, reduce lag time between rule changes and compliant behaviour Dynamically link policies to the underlying rulebooks Easily manage version and hierarchy control Enable easy sharing through intuitive workflow and update distribution Evidence policy adoption AUDIT AND TEST CCO CRO MLRO FBT EC GC CAO CCO CRO EC Assess and understand risks and business impacts Track and manage loss events Develop common risk and control libraries; test and assess control functions Verify the identity of vendors, suppliers, clients, partners and employees Protect against unlawful relationships based on sanction and enforcement activity Understand business risks associated with Politically Exposed Persons Monitor transactions for suspicious activity and behaviour Standardise, automate and manage key aspects of your audit process Understand business risk across your organisation and mitigate impact Automate audit processes through scheduling and planning tools Prepare and share workpapers Document, test and assess internal controls Identify, assess, and analyse risks Track and map regulation and policies and communicate to the broader organisation Plan, manage, and report on audit processes REVIEW, REALIGN AND REPORT B CEO CFO COO Provide essential regulatory reporting, board insight, and satisfy disclosure requirements Quickly and easily share and distribute board documents and materials Provide a board s eye view into GRC programs Highly secure system with multiple redundancies and high-level encryption; SAS 70 Satisfy your disclosure requirements through a full range of conversion and filing solutions in all SEC formats Control the disclosure process in-house or outsource to our filing service or use a combination of the two TRACK REGULATORY DEVELOPMENT 11 CONNECT SIMPLIFY PERFORM JUNE 2013

12 CONSOLIDATE MORE: THE CUSTOMER LAYER Connect: Connects assurance groups, executive and front line business operations Simplify: Specialised capabilities offered on a common foundation of content and workflow. Perform: Optimises data across the organisation, removes duplication, generates consistent reporting, and delivers actionable information to the right people The customer layer of Accelus provides a common user experience that simplifies access to the information and capabilities of the enterprise layer. The customer layer is role-based using the shared capabilities of the platform, but designed for the specific use cases of GRC roles such as board, reporting, compliance, risk management, internal audit, regulatory intelligence, screening and disclosures. Accelus for the Board: Corporate boards and management are demanding greater visibility into the risks that could negatively impact their business. They need to be confident that they are making risk-based decisions using trusted information that has been validated by multiple sources across their organisations. This top down, coherent view of enterprise risk, together with clear communications across the board is integral to better governance and performance. Accelus provides a dedicated board governance solution, BoardLink, that delivers a web-based secure portal for company boards and management to handle reporting and board papers. It also provides mobile access through a secure ipad application. As part of the unified platform, BoardLink will increasingly become management s view into a consolidated risk dashboard of the enterprise, enabling greater transparency and rapid response, whilst better connecting strategy to execution. Accelus for Compliance: Accelus for Compliance enables users to simplify ever-changing regulatory information and connect it to their internal compliance business process workflow. As a comprehensive solution, the system serves as a regulatory intelligence portal, providing the ability to track and assign regulatory events to the correct owners in the organisation; document, communicate and manage associated policies, procedures and controls and provide purposebuilt compliance workflows that enhance the efficiency and effectiveness of the organisation s compliance processes. In addition, Accelus provides leading capabilities such as World-Check and IntegraScreen for AML and Anti-Corruption screening, enhanced due diligence and transaction monitoring, compliance e-learning and training and specific functionality for use cases such as suspicious activity monitoring, regulator event impact assessments, regulatory reporting and regulatory event management. Accelus for Risk Management: Accelus for Risk Management automates the identification, capture, tracking and assessment of risks, the documentation and maintenance of risk inventories and the linkage to associated processes and controls. The solution provides a proven, structured, flexible risk framework and configurable risk assessment forms These support the capture of qualitative and quantitative information and multiple risk 12 CONNECT SIMPLIFY PERFORM JUNE 2013

13 capture methods, ranging from surveys to workshops. The solution also tracks actual loss events, root causes and recovery efforts, supplying quantitative data about the true costs of risks. The risk management process links risk assessment, top-down scenario analysis and risk quantification in a connected and integrated process. Risk calculations use direct inputs from assessments, loss events and key risk indications. Accelus for Internal Audit: Accelus for Internal Audit helps to standardise, automate and manage key aspects of the audit process including the sharing of audit findings, key risk areas and recommendations across compliance, IT, internal controls and risk management processes. Designed by auditors for auditors, our comprehensive audit management solutions help with risk assessment, audit planning, scheduling, workpaper preparation, time and expense entry, audit report generation and global issue tracking. The solution of choice for the world s most complex internal audit departments, Accelus Internal Audit capabilities provide a Trusted by 15,000 clients, including: apple 60+ of the global Fortune 100 companies apple 49 of the top 50 banks apple 8 of the world s largest manufacturing firms apple 300+ regulatory and enforcement agencies apple 17 of the leading energy companies around the world apple 5 of the top 10 pharmaceutical companies proven, comprehensive audit solution that addresses the entire audit life-cycle, enabling organisations to focus on improving both audit quality and the use of resources. Accelus for Finance, SOX and Internal Controls: Accelus for Finance, SOX and Internal Controls provides a comprehensive system for collecting, documenting and maintaining internal control data, establishing clearly defined ownership and automating workflow, as well as creating repeatable compliance business processes. Accelus Disclosure Solutions simplify the challenges associated with SEC filings and disclosure requirements, with market leading consulting, filing and software solutions. Accelus for the Enterprise: Those employees that sit at the front line of the business operations serve as the first line of defence against risks to the enterprise. Accelus supports the investment community by delivering compliance capabilities directly to the buyside and sellside desktop with Eikon for Compliance Management. In addition, the broader employee community is connected, informed and trained through our comprehensive range of e-learning courses. Accelus elearning currently provides courses in 19 languages to more than 600,000 users globally, with the option of delivery on mobile devices and advanced gamification-enabled courses. Data analytics in the elearning platform feed into risk assessments and board reporting tools and offer a full audit trail for regulatory compliance and reporting. 13 CONNECT SIMPLIFY PERFORM JUNE 2013

14 EXPAND MORE The unified platform approach for GRC leverages the wider Thomson Reuters content and technology. As Accelus delivers compliance capabilities directly to the buyside and sellside desktop or mobile device with Eikon for Compliance Management made possible because Accelus and Eikon both adopt the principles of a unified platform - it provides the user with compliance-related news, expert analysis, upcoming regulatory development alerts and a comprehensive library of rulebooks spanning regulatory agencies, SROs and exchanges. This means that you effectively ensure compliance by making it a natural part of the trader s daily workflow. Updates to policies and procedures can be pushed directly to front-office staff, all the while tracking acceptance and adoption by compliance teams with the ability to create on-the-fly reports and maintain a complete audit trail for the regulator. By leveraging the power of the buyside and sellside desktop, this information could be tagged and searchable, so the user can quickly find the insight that is important and relevant. We continue to work with our clients to integrate new content sets across multiple industries. Thomson Reuters has the richest information assets in the industry, spanning financial, tax and accounting, IP and science, legal and news. As our clients information requirements evolve, we are equipped to meet them. Gartner, the information technology research company, has predicted that 40% of Global 1000 organisations will use gamification as the primary mechanism to transform business operations by EXPECT MORE Thomson Reuters continues to invest in and grow Accelus. Our future roadmap and strategy are defined by our customers and industry best practice. For instance, we have introduced gamification to our e-learning offerings. Gamification successfully engages employees while generating actionable data. Gartner, the information technology research company, has predicted that 40% of Global 1000 organisations will use gamification as the primary mechanism to transform business operations by Gartner expects enterprise gamification to surpass consumer gamification in As we invest and execute, we continue to receive market accolades. Thomson Reuters Accelus has been named as category leader in the ChartisRiskTech Quadrant For Operational Risk Management Systems; a category leader in the ChartisRiskTech Quadrant for Enterprise Governance, Risk and Compliance Systems; and has been positioned by Gartner, Inc. in its Leaders Quadrant of the Enterprise Governance, Risk and Compliance Platforms Magic Quadrant. Thomson Reuters was positioned as Best of Breed in the ChartisRiskTech Quadrant for AML solutions. Thomson Reuters was also named as Operational Risk Software Provider of the Year Award in the Operational Risk and Regulation Awards There s a lot more you can expect from Accelus. We have a number of exciting releases planned for the next 6 to 12 months. Expect game-changing enhancements to our regulatory intelligence portal and our screening technology that further realise the unified platform approach. Single sign on, benchmark taxonomies, customer-led user experiences and an enhanced tool set will mean that we continue to deliver on our shared mission to connect, simplify and perform. 14 CONNECT SIMPLIFY PERFORM JUNE 2013

15 We will also continue to leverage the vast content and technology capabilities that Thomson Reuters provides. We will continue to work with our customers to identify ways of harnessing additional data sets and integrating connective technology to enhance business performance for organisations. For example, you can expect to see a great deal more connectivity and collaboration delivered by the sophisticated open messaging technology we currently provide to over 190,000 finance professionals on the trading floors. Historically, governance, risk and compliance have relied on teams working in silos and using separate point solutions to address each assurance group s requirements. GRC activities are, by nature, interconnected and rely on common information, methodology and processes. By establishing a common, connected discipline around regulations, policies, risks, operations, controls, and issues, leading organisations have demonstrated that they can make better decisions, manage risk, gain operating efficiencies and provide greater transparency into legal, regulatory, operational and overall business risks. The unified platform approach of Thomson Reuters Accelus delivers this connectivity to mature your GRC processes and culture. apple Category leader in the ChartisRiskTech Quadrant For Operational Risk Management Systems apple Category leader in the ChartisRiskTech Quadrant for Enterprise Governance, Risk and Compliance Systems apple Positioned by Gartner, Inc. in its Leaders Quadrant of the Enterprise Governance, Risk and Compliance Platforms Magic Quadrant apple Best of Breed in the ChartisRiskTech Quadrant for AML solutions apple Named as Operational Risk Software Provider of the Year in the Operational Risk and Regulation Awards CONNECT SIMPLIFY PERFORM JUNE 2013

16 JOIN THE COMMUNITY. CONTINUE THE CONVERSATION Connect to the global financial community via our powerful messaging and collaboration service. Access an extensive directory of financial professionals to start communicating right away regardless of whether you are using a Thomson Reuters desktop. Already a user? Refer your friends to join your community. Visit About Thomson Reuters Thomson Reuters is the world s leading source of intelligent information for businesses and professionals. We combine industry expertise with innovative technology to deliver critical information to leading decision makers in the financial and risk, legal, tax and accounting, intellectual property and science and media markets. With headquarters in New York and major operations in London and Eagan, Minnesota, Thomson Reuters employs approximately 60,000 people and operates in over 100 countries. Thomson Reuters s shares are listed on the Toronto and New York Stock Exchanges. For more information, go to Thomson Reuters GRC00387/6-13