The failures of many grant management systems around the world can be attributed to the limitations of non-adaptive automation; that is, processes working independently of each other that fail to adapt to something going wrong somewhere along the line.
It is better, therefore, to seek to deploy adaptive automation wherever possible, where the steps in the process workflow are flexible and possess the ability to change depending on circumstances arising. In the grant management space, it is becoming increasingly clear that adaptive automation could be essential for transforming the way risk control operates by helping to deliver dynamic risk identification and assurance for grants.
Risk management systems, but not as we know them
Previous investigations into grant management have proven that becoming modern, trusted and agile are the keys to helping governments unlock better outcomes from their investment in grant programs. KPMG has explored how customer centricity can usher in change at all levels of government (and the ecosystem it depends on),making them more effective.
Technology, combined with risk-based process innovation, can transform the existing processes around grant and contribution administration and can help the entire grant program to be much more agile to risk and results, and significantly more trusted.
The exciting work KPMG firms are doing with grant programs globally is helping them to evaluate in a different way. It is helping them move from a reactive model of financial stewardship towards a proactive model of outcome stewardship. This works to help shift grant programs from a model of risk management through layers of manual intervention to a model that has dynamic risk management framework built into the end-to-end process itself.
If the cornerstone of trust around grants is assurance, then the cornerstone of assurance is utilising efficient and effective risk monitoring for grants combined with the ability to measure results accurately. This becomes increasingly important as governments put pressure on departments to show tangible evidence that taxpayers’ money is delivering results.
The value of a dynamic risk management process
Earlier research into the topic has demonstrated a frequent disconnect between ambition and capability in grant management. The same research also highlighted that an inappropriate amount of effort is spent on managing the application process (both by public servants and by third party providers who could be spending their time on higher value tasks). KPMG professionals put forward the case for both transformation and automation.
Managing grants can be a complex business, hence the layers upon layers of process and manual intervention in many grant programs. To transform the risk management process, the process must begin with a dynamic risk framework.
A dynamic risk framework sets out to solve two major issues:
- To provide a process that can adapt based on risk and
- To provide a risk monitoring process that tracks and measures both outcome stewardship (i.e., results) and financial stewardship.
Being dynamic means that the framework gains an understanding of the level of financial and outcome stewardship risk at a program, project and recipient level, based on key, client-defined risk attributes. These risk attributes may include: materiality, complexity, sensitivity, alignment, program delivery, results measurement.
Having a dynamic risk framework as well as a risk management technology solution to manage said framework can better ensure that risk is already integrated into the process and would dynamically change the process through the three lines of defence.
Automating risk management across three lines of defence
When implementing an adaptive risk management solution, the different risk attributes must be considered to assess what needs adapting and at what specific stage or line of defence, depending on the risk profile.
There are three lines of dynamic defence that can help ensure financial and results stewardship:
1st – Operational: the amount of due diligence to perform on a recipient to initiate and monitor funding and results.
2nd – Internal monitoring: the extent of management monitoring that needs to occur at a program (multiple projects and grants) and/or project (grant levels).
3rd – Independent monitoring and governance: the extent or scope of independent oversight, audit and evaluation that is required.
If a program or project is regarded as low risk at levels 1 and/or 2, then there is likely little need for intensive, independent monitoring at level 3.
This approach helps reduce unnecessary processes, such as post-payment verification on all payments, including lower risk or lower value transactions. Reduced verification through sampling would be a more cost-effective approach as it would eliminate moot verification costs.
However, complex grants (that is, varied type, geography, innovation, amount, etc.) may need to engage every line of defence in order to deliver quality results. Handing out large or multiple grants to firms to tackle their carbon footprint may result in thousands of varied recipients, all investing in quite different solutions, who need to be vetted from result delivery and financial perspectives.
Risk management programs easing the user burden
Of the six example risk attributes outlined earlier, a program of grants such as this at the very least makes delivery carry a higher risk – being able to measure results or monitor proper use of funds carries even more risk still. Therefore, the workflows and case management activities in the grant platform can dynamically modify and likely reflect how the program is performing overall and where risks are currently being identified. With this level of risk monitoring being required, the only scalable, practical solution is through automating risk management; simply blindly increasing people power is not sustainable nor affordable.
The end user does not need to make these complex decisions on their own. Adaptive risk management systems have the ability to present options (where applicable) based on the risk levels identified and the contract in place.
An example of this is within the funding arrangements, where the automated workflow only offers up funding options commensurate with the level of currently-identified risk for that project, across the six risk attributes. By taking away end user biases, the risk management process can achieve a much higher level of consistency in the application of risk principles to the resulting grant processes.
Need help to become more data focused?
KPMG’ Risk Management Framework is modular, it has the ability to work alongside legacy grant management platforms, which builds agility and elevates trust in existing grant management operations. In the quest for governments to become modern, trusted and agile, deploying adaptive automation for any risk management platform in grants has a large part to play.
Having access to trusted data is key. Modern risk management programs generate insights that support the measurement of results, allow for automating risk management and make financial reporting much more straightforward. They also create more opportunities for streamlining stakeholder management by working to eliminate the duplication of both effort and reporting.
This blog article was authored by Brian Bost, KPMG in Canada, and originally appeared on the KPMG International website.
Grant management article series
In this short series of grant management blogs, senior leaders from KPMG firms' global Government Advisory team provide insights into how governments can drive change, get more from their investment in grants, and deliver better outcomes for citizens.
Throughout this series, ‘grants’ refer to the various mechanisms that transfer funds from governments to third parties for the delivery of public support, relief, or services either as a one off or ongoing.
What next?
To learn more about how governments can achieve better outcomes from their investments in grant management programs, explore the related articles below.