As business and regulatory environments continue to evolve, organisations face emerging risks that challenge traditional strategies and assumptions. Business leaders are confronted with challenges, such as the rise of cyber security threats, volatile markets, the impact of pandemics, sustainability issues and an increasing body of regulation, to name but a few.

In this environment, resilience is the key to organisational survival, and companies need to achieve a balance of governance, risk-management, regulatory compliance, efficiency and performance.

How we can help

KPMG’s highly experienced and industry focused GRC professionals work with clients to drive value from its governance and risk structures to support the business in efforts to identify and manage threats and be agile to effectively address market change.

Our multidisciplinary GRC team are well versed in supporting Business Leaders in their efforts to address a range of complex matters, such as:

  • Developing and refining governance structures (and related MI) to support effective decision making.
  • Designing, assessing, and embedding Risk Management Frameworks across all risk lenses (strategic, operational, technology, compliance, credit, market, liquidity and funding).
  • Designing, implementing and optimising Regulatory Compliance Frameworks and functions.
  • Performing independent reviews of the 2nd Line of Defence (Risk Management and Compliance) and 3rd Line of Defence (Internal Audit).
  • Designing and implementing Internal Control Frameworks and functions.
  • Performing Process and Internal Control analysis and rationalisation/optimisation.
  • Internal audit strategic sourcing (right resources, right place, right time).
  • Deploying continuous auditing/monitoring techniques, including Data Analytics.
  • Designing and implementing Integrated assurance frameworks and operating models (across the three lines of defence).
  • Establishing and supporting programmes to drive regulatory compliance (including AML/CFT, PSD 2, CRD/Basel requirements, Solvency II and MiFID).
  • Establishing, refining and supporting internal capital and liquidity assessment programmes, and recovery and resolution planning.
  • E-GRC Systems - Supporting Risk, Compliance and Internal Audit functions determine business requirements for an eGRC system, supporting the procurement process, configuration of the selected eGRC system and advising throughout the implementation programmes.
  • Supporting the development of climate risk and sustainability solutions.

What's in it for you?

KPMG’s Remediation Centre of Excellence (“COE”) is an end-to-end data led managed service solution which deals with product related issues/errors that organisations are encountering. These are errors which have led to customer detriment as a result of the ever changing and heightened regulatory environment.

We have an abundance of remediation experience. This experience ranges from large scale and highly complex remediation programmes, whereby KPMG has managed the end to end process including:

  • Design, implementation and mobilisation of restitution programmes including governance and stakeholder management.
  • Customer journey assessment frameworks including conduct and compliance regulatory lens.
  • Implementation of advanced data solutions including machine learning and unstructured data extraction.
  • Development of advanced refund calculation models.
  • Design and development of ‘Stop the Harm’ and longer-term strategic rectification solutions.
  • Design and implementation of communication strategies and management of regulatory and senior executive stakeholder engagement.
  • Acting as an external independent party, performing assurance over all or some aspects of an organisation’s remediation project either board/senior manager or regulator initiated. 


The quality of our work reflects the technical capabilities and the commercial insights of our people, our cross-disciplinary approach to client engagements, our access to KPMG’s global resources and our extensive experience gained from advising clients across the financial services, corporate and state sectors.

Read more in Risk Consulting

Visit pages related to Governance, Risk & Compliance