Jeff Robinson, a partner at governance, risk management and compliance (GRC) software provider Decision Focus, and the company's head of pre-sales Charley Griffith, explain how the vendor can support insurance clients in a changing risk landscape
How does Decision Focus feel about being a treble winner in InsuranceERM's UK & Europe awards 2025?
Jeff Robinson: We were delighted to win three categories in the awards: operational risk, ERM end-to-end solution, and third-party risk management (TPRM).
This highlights the calibre of the team at Decision Focus and the fantastic work undertaken with our clients.
What are the biggest GRC challenges facing insurers today?
Jeff Robinson: Clients are facing a plethora of regulatory changes such as the Digital Operational Resilience Act (DORA); the UK Corporate Governance Code, provision 29, which deals with the effectiveness of internal controls; in addition to managing business as usual activities.
Ensuring and maintaining compliance, in the face of this change, in a cost-effective manner is challenging. A further challenge is pulling all of the GRC information together to ensure proper oversight, collaboration across assurance teams and while avoiding duplication of effort.
Charley Griffith: It is powerful to see how fast and effective the deployment of the Decision Focus platform is. We benefit from so many in the company, who are ex-senior assurance professionals from the insurance market. Coupled with our no-code solution, this allows us to respond and establish market-leading solutions swiftly for our clients.
How has Decision Focus addressed challenges for your insurance clients over the past year?
Jeff Robinson: We have established a number of solutions to cater for the various additional regulations. In the case of DORA, we augmented our enterprise risk management tools. Meanwhile, for TPRM, we are enabling clients to report the Register of Information automatically from Decision Focus, which is a game-changer for compliance teams across Europe.
In relation to the UK Corporate Governance Code, Decision Focus's ERM module allows risk teams to demonstrate the effectiveness of material controls. ESG remains an area of interest to our clients and Decision Focus has been working to ensure this is integrated where possible into the wider GRC landscape.
Can you talk through key features of Decision Focus's platform and how these benefit insurers?
Charley Griffith: Our focus is on end-user adoption – without this, a client's risk and compliance frameworks cannot be successfully embedded within the business. Easy and intuitive use of the system and not complicating the framework being established are vital. Furthermore, our no-code platform allows us to swiftly adapt the standard module, if required. Our modules continue to evolve in order to remain relevant for clients in areas such as ESG, data privacy, and artificial intelligence (AI) governance.
We have over 20 out-of-the-box modules, covering a wide area of GRC, giving clients what they require to meet the needs of the regulatory landscape. The no-code aspects remain an incredibly powerful capability to ensure the platform flexes around our clients' frameworks.
What AI capabilities has Decision Focus introduced that help insurers to manage operational risk?
Jeff Robinson: The product team has enhanced the Decision Focus platform to be able to utilise AI within the software. Many use-cases are available, such as the identification of potential emerging risks and gaps in registers, including risk registers and control registers. This is an area of rapid development and priority for us, which will help risk management, compliance and audit teams.
Can you explain how Decision Focus helps insurers to manage third-party/vendor risk?
Charley Griffith: Our TPRM module helps to consolidate supplier inventory all in one place. Risk assessments can be undertaken with all relevant information centrally managed. Supplier due diligence is undertaken directly within the Decision Focus platform. Our open API pulls in a variety of information which helps supplier management teams to have all the information they need in one place. Furthermore, automatic reporting to regulators, for example, for DORA, is available at the click of a button.
