Consolidated queue for all alerts
Categories of exceptions managed
Increase in staff in 2 years
"When we presented audit results to our client, they told us they loved our excitement about our new system. We’re very glad to be working with Provana!"
– Paige Tortorich, Director of Internal Audit, ERC
With the growth of ERC’s recovery business, the need to automate compliance monitoring became increasingly apparent. ERC has a sophisticated process of automatically identifying exceptions on their accounts, but the audit team started to see upwards of 100 exception reports per day, with each report containing dozens or scores of findings. Each report needs to be parsed out and sent to relevant stakeholders, then tracked until proper resolution.
This was all being done with spreadsheets and email, by auditors engaging over 25 stakeholders at any given time, with over 100 categories of exceptions being handled. The exception handling process was getting costly, messy, and difficult to manage. Client audits were cumbersome and time intensive, regulator reporting even more so, requiring many hours of effort. Attempts to perform root cause analysis to understand system process flaws were nearly impossible, because of the way data was batched together in spreadsheets, with no categorization or breakdown by type.
ERC evaluated several compliance management solutions and decided on Provana IPACS for its Audit & Compliance module. IPACS was integrated into ERC systems of record to pull data directly, rather than relying on spreadsheets to manage exceptions and then emails to track their resolution. Using IPACS, ERC established:
- Automated workflows for exception reports to be routed to relevant stakeholders
- End to end tracking of exceptions for resolutions and remediations
- Granular categorization of all exceptions and historical views of their path through the process
- Consolidated queue for all alerts in one place
- Deep view into the root causes and issues behind every finding in one system
- Customized reports to fit multiple internal presentation and workflow requirements
Working with Provana, ERC leveraged IPACS Audit & Compliance module to:
- Proactively identify broken controls in core operational systems
- Able to easily pull reports for complex client requirements, for specific issue types and date ranges
- Four out of ten recovery auditors already on IPACS, more will be moved
- Much more efficient workflow for audit, estimating to be approximately 25% more efficient
- Accountability of issues to ensure these are handled and remediated in a timely manner
The most important capability gained by having IPACS manage exception reporting and resolution is the granular data now available for analysis. With IPACS, ERC is able to slice data by multiple dimensions to see systemic issues, identify false positives, benchmark teams to each other, and perform root cause analysis on sources of exceptions to proactively fix issues before they arise.