"Governance, risk management and compliance"

Dr. Daniel L. Bühr, partner at the law firm Lalive, stated as a central thesis that long-term corporate success is no longer achievable today without systematic GRC management. In the age of global digital networking of business, journalism and justice, the world has become more transparent: Legal violations can not only cost a company a lot of money and reputation, they are also uncovered much faster today.

According to Jonas Vetter, lawyer at the Federal Finance Administration (FFA), the strategic goals are the central instrument of the Confederation in the dynamic management of a company - e.g. SBB or Swiss Post. With these, the Federal Council sets guidelines for the companies for four years at a time, primarily in the areas of finance or basic services, but - increasingly important - also for risk management, for example. The Swiss Federal Audit Office (SFAO) also examines how well the GRC systems function at the federal companies. "Is it allowed to do that?" asked Deputy Director Brigitte Christ, only to add: "It's not allowed to do that.

"Feel-good risk management is over."

must!" Because that is what the Financial Control Act says. The SFAO not only audits formal elements, but also seeks to gain a picture of the effectiveness of the RM through "rubber boot audits" - on-site audits in direct conversation with the cadres.

International risk expert Prof. Bruno Brühwiler believes that the days of "feel-good risk management" are coming to an end. He was significantly involved in the development of the new, certifiable and thus auditable RM standard ÖNORM 4901. His remarks and the reference to the forthcoming publication are promising. GRC experts and the members of Netzwerk Risikomanagement are already looking forward to it.