Posts in

COVID Essentials

What is Operational Resilience?
Jan 7, 2021

Etymologically, the word resilience has roots in the Latin term resiliere, which means ‘to rebound’. In similar vein, operational resilience describes an organization’ stability to cope with change or misfortune. The ongoing global pandemic, COVID 19 is an extreme form of misfortune, but its impact has been so universal that it has laid bare each organization’s level of operational resilience and sparked renewed interest in the topic.  

Stress, threats, potential failures, disruptions, uncertainty, and change are part of the life of an organization, but one that is operationally resilient has the wherewithal to maneuver through it all. From climate change, power grid black outs, and cyber-attacks to a tainted image on social media and demand-supply disruptions, there are numerous factors that can cause an organization to buckle and crack. A resilient organization has the frameworks and mechanisms to bounce back when dealt the unexpected.

Operational resilience, however, goes further than an organization simply maintaining business continuity or managing risk.

What is operational resilience?

Here are two helpful definitions:

Gartner: Operational resilience is a set of techniques that allow people, processes, and informational systems to adapt to changing patterns. It is the ability to alter operations in the face of changing business conditions. Operationally resilient enterprises have the organizational competencies to ramp up or slow down operations in a way that provides a competitive edge and enables quick and local process modification.

PwC: We define operational resilience as “an organization’s ability to protect and sustain the core business services that are key for its clients, both during business as usual and when experiencing operational stress or disruption.”

The operational resilience definition offered by Gartner places a lot of emphasis on ‘techniques’, ‘abilities’, and ‘competencies’. PwC too focusses on ‘ability’ but brings the end goal in picture, that is, service of the ‘client’.

This article will elaborate more on these themes, while also providing some operational resilience examples.

Interconnected and futuristic

To work within a sound operational resilience framework means to consider risks in a holistic manner. It involves moving away from a vertical and siloed approach to a horizontal and organization-wide approach. This way you aren’t left facing collapsing dominos when one segment of your operations stalls. Similarly, key to the word resilience is the aspect of bouncing back and if your operational resilience strategy focuses on avoiding disruptions only, it is inadequate. Operational resilience is a trait by which your organization can get back to everyday business once a disruption occurs too!

Digital, data and cyber

Today, amid the pandemic, digital adoption is what has kept many businesses running and building a layer of digital resilience can help you put your best foot forward. With more and more touchpoints in the customer journey being digitized, it becomes important to live up to the customer expectation of having always-on services. Issues like server outages can dampen customer confidence.

Digital processes run on data as a fuel and your operations will be only as good as the quality of data you possess. Data resiliency includes aspects like restoring compromised data, preventing data loss, and establishing a sync point in case of a snag.

Alongside digitalization and increased data comes the need for cyber operational resilience. For instance, on 5 March 2020 the US Power Utilities were the subject of a cyberattack that used firewall vulnerabilities to cause ‘blindspots’. The system was resilient enough that actual flow of electricity was not affected. However, this incident shines light on present-day practices that hamper organizational resilience. These include using sensitive apps over home Wi-Fi, storing passwords on home devices, and limited awareness about data privacy.

Client is king

When an organization is in its nascent stages, everything revolves around satisfying the client. At such times, it is quite clear what the firm’s key business processes are, which add direct value to the client. However, as an organization scales, processes become more abstract and even at the C-level, one is not dealing with the client’s needs and aspirations directly, but with other contingencies. While it is required that, for instance, the CIO, COO, and CEO take up different responsibilities, resilience is built when these are ordered to the client’s needs.

This approach makes it easier to identify key products and services, meaning that business continuity planning becomes more strategic and secure when the client is at the center. The goal of a client-centric operational resilience strategy must be to uninterruptedly deliver critical operations, even amidst disruptions.

Human resource

At a certain level, your organization is only as good as your employees. Business staff man several key processes, without which products and services would never reach the client. Factors like employee attrition and wages are perennial issues that threaten business continuity, and hence operational resilience. But in the wake of the pandemic, newer issues such as employee wellness have surfaced. In an increasingly remote-first work environment, HR teams have the tricky task of accepting work from home’s olive branch of business continuity, while knowing that prolonged isolation is a deadly threat to creativity, collaboration, and long-term goals.

Third-party dependency

Whether you have an operational resilience manager or not, possessing a framework for managing third-party relationships that are interwoven with critical operations is a must. This is another way of saying that the client shouldn’t be at the receiving end of issues related to sourcing and other external dependencies. Achieving this includes performing due diligence and risk assessment according to your standards for operational resilience before entering into an agreement.

Governance, risk, and compliance

GRC is integral to operational resilience – and not just because organizations are increasingly coming under the scrutiny of regulatory authorities! A good operational resilience framework includes having a governance structure that can respond to disruptions. Ongoing risk assessment too is crucial to weeding out vulnerabilities and avoiding threats. As mentioned earlier, being resilient means moving away from silos and being more holistic and here, GRC software serves aptly as operational resilience technology.

Solutions like VComply ensure you have a better way to run your business. VComply is a comprehensive platform you can use to govern risks, stay compliant, and implement an operational resilience strategy in a way that you cannot with spreadsheets and binders. With automated reports, integrated workflows, data centralization and more, you can more reliably work towards making your business‘ disruption-proof’.

With a better understanding of what operational resilience is, proceed to define what it means in the context of your organization and grow your business strategically!

VComply Editorial Team
Read More
COVID Risk Management for Credit Unions
Oct 5, 2020

Impact of Covid-19

Covid 19 has upended normal life as we know it. Apart from a gigantic impact on the economy as a whole, the pandemic has also put the future of credit unions at risk. In this article, we'll be examining the impact of Covid 19 on credit unions, steps to manage the impact, and a quick checklist for credit unions to manage risk in uncertain times. 

Stay at home orders have resulted in a disruption of local and international economies. Loss of assets, income, and unemployment in turn prevent people from being able to pay their loans. Decreased liquidity, increasing provision costs, and a decrease in loan portfolio income are just some of the negative impacts of the health crisis on credit unions. The resulting institutional stress has led to reduced capital reserves of credit unions. 

Credit unions around the world are now talking about cash flow management, liquidity management, and spending considerable time restructuring loan implementation. Some other measures credit unions are taking include managing and analyzing non performing loans, dealing with regulatory constraints, and gradually moving towards collections at some point in the future.  The best course of action for credit unions is to focus on asset recovery, building their reserves, and mitigating risks as far as possible. 

Risk Considerations for Credit Unions During Covid-19 

Here are 7 common types of risks credit unions should consider managing during Covid-19

Legal risk 

Credit unions may face potential legal consequences if employees working from home are not compliant with any of their policies, or they end up carrying non-compliant activities. 

Credit risk 

Owing to reduced income and increasing layoff during the pandemic, this is one of the major risks credit unions face. 

Liquidity risk

An increasing demand in loans causes a shortage of funds and liquidity for credit unions. 

Interest rates

Low interest rates put a pressure on interest rate margins, and consequently reduce earnings for credit unions. 

Reputation risk

An inability to communicate properly with employees and members result in negative comments on social media, leading to a damaged reputation. 

Strategic risk

A huge economic impact on industries such as travel and tourism, increasing healthcare expenses, and spikes in loans all lead to failure to meet strategic targets and plans. 

Organizational risk 

Work from home orders and closure of schools leads to a decline in the workforce. It may also lead to frauds, decreased productivity, and an inability of vendors to provide services. All of this disrupts the functioning of a credit union. 

Mitigating the Impact of Covid 19 on Credit Unions 

Each credit union's strategy to manage risks will differ as per the restrictions laid down by their government and their state. 

Managing the health crisis

If a state allows workplaces to be open, then credit unions must take all measures to keep their members safe. This includes keeping their reading areas of their lobbies free of crowds, and implementing social distancing measures in earnest. They must also digitize any processes that do not require in-person meetings. 

Ensuring security of members 

The next priority of credit unions should be protecting the interests of their members. 

To provide monetary assistance to members, they should help members with restructuring loans, providing loans at low interest rates, helping  members with deferred payments, and providing loan extensions. They must also communicate with their governmental institutions and get recognized as an essential service provider. They should also offer financial counseling to their members to help them get through this challenging phase. 

Cash flow management 

It's imperative for credit unions to manage their liquidity during this period. Even though they must expect slow growth during the pandemic, they should use cash flow management tools to proactively make projections for the future and manage the flow of cash. 

As credit unions make concessions and become more flexible in their loan services for members, they also have to identify its impact on portfolio performance and proactively plan their loan recovery strategy. 

Education and support

Governments across the globe are taking aggressive fiscal stimulus measures to reduce the impact of the recession. Credit unions must serve as educational institutions, helping their members and the public at large take advantage of these measures. They should also help members rebuild their savings. As the public starts to see a credit union as an ardent supporter of its members and their welfare, they will be more confident to bring their savings to credit unions. They will also likely be more loyal to credit unions. 

Risk Management Checklist for Credit Unions During Coronavirus 

It is quintessential for credit unions to keep a constant tab on the developments taking place in their state, with regards to Covid 19. This includes keeping an eye on stay at home orders, new regulations to control the spread of the virus, and expected developments in various industries. This is a critical component of risk management for credit unions. 

Risk assessment helps credit unions identify and assess threats during Covid 19. 

Here's a quick checklist to help credit unions identify and mitigate risk during the pandemic: 

  1. Function according to the policies implemented by the government and ensure safety of its members. 
  2. Offer low interest loans to people and implement flexible loan recovery strategies as well to handle credit risk.
  3. Limit their exposure to long-term investments and loans, and balance the duration of all assets. This will help them to control interest rate risk. 
  4. Promote communication with their members and ensure the availability of help to members when needed. This will help them handle reputation risk. 
  5. Conduct regular meetings with teams and maintain ongoing communication. Analyze and evaluate policies and plans, to balance strategic risk. 
  6. Help their workforce adjust in a work-from-home environment.  Have necessary backup plans and policies in place to avoid transaction failure.


While Covid 19 has presented never-seen-before challenges for credit unions, by carefully assessing and considering all possible risks, it is possible for credit unions to sail through this difficult time with minimal damages. The first priority of credit unions should always be to safeguard their members’ interest. Without member support, credit unions cannot thrive. 

If you’re a credit union looking to manage risk and governance in a hassle-free way, check out GRC software by VComply

VComply Editorial Team
Read More
Digitizing GRC and managing compliance remotely in a COVID world
Oct 6, 2020

Compliance takes work. Surprise audits, producing relevant documentation, coordinating compliance needs across your organization, assigning responsibilities--the list is endless. 

If you've been using spreadsheets, or worse, physical records to manage compliance, you know it's nothing less than a nightmare.  Now imagine doing all of this virtually, without any of your key stakeholders in the same room. A few scenarios come to mind: chaos, miscommunication, and finally, penalties for noncompliance. 

Covid 19 has forced all of our essential work to shift to the virtual world, and this includes compliance. Regulatory agencies are now conducting virtual audits, and nonprofits need to be prepared in case their facilities come under review.  There is reprieve for nonprofits though: VComply offers simple, quick, and hassle-free compliance and regulation software, so nonprofits can manage their compliance needs smoothly. 

In this post, we'll discuss key features that enable seamless compliance management and the transformation nonprofits can undergo when they adopt VComply's compliance solutions. 

VComply Helps Nonprofits Manage Compliance During Covid 19 In a Stress-free Way 

VComply is a cloud-based governance, regulation, and compliance software built especially for nonprofits and organizations such as credit unions. It allows companies to manage compliance virtually, making it ideal for remote teams. 

Let's drill deeper into features that power VComply's compliance solution and make them unique: 

  1. Centralized documentation: The larger an organization grows, the more complex and diverse its compliance needs become. It's fine to work with spreadsheets in the beginning, but soon you need a central repository to manage all of your regulatory needs. VComply offers a centralized system to manage compliance, that helps you simplify compliance structures across your organisation, build accountability, escalate issues, and nurture a culture of proactive compliance. 
  1. Cloud-based: In a world where  work from home is the norm (at least for a while) and in-person gatherings are restricted, VComply's cloud-based solutions are a boon for nonprofits. No matter where your employees are  based, they can access their compliance information at the click of button and produce it when required for review. 
  1. Secure: Data security is a major concern for nonprofits, as breaches become common. Data theft can cost a nonprofit millions in penalties due to violation of laws such as HIPAA. Luckily, all data stored in VComply is compliant with local storage laws and 100% secure. 
  1. Evidence collection: VComply allows you to upload images or take pictures within the app, and store them as evidence. And it's available in an easily searchable format, so you don't have to scramble for important data again. 
  1. Powerful reporting: Unless you love rummaging around in spreadsheets to find compliance details and reports, you'll find VComply's robust reporting tools to be a boon. You can search for compliance reports by person, location, department, and organization.
  1. Compliance dashboard: See at a glance what every department in your organisation is up to. Escalate issues that matter, and focus on areas where you're lagging behind. Say good-bye to endless follow ups and say hi to a smarter way of working. 
  1. Notifications: Automated notifications help you track your compliance timelines with ease. The more processes you automate, the more time and resources you can save, and redirect towards your core mission. 
  1. Diligence score: This is an effective metric that helps you gauge the performance of each team member, and how well they complete their compliance responsibilities. By tackling compliance bottlenecks at an individual level, you can eliminate compliance issues and penalty risks once and for all. 


Benefits of Using VComply for Non Profit Compliance 

Now we've gone over the key features that make VComply an indispensable tool for nonprofits, especially in a stressful time such as Covid 19. 

Let's take a look at how exactly VComply can help you make compliance less of a headache, and more of a piece of cake. 


Improved processes 

Electronic or manual filing systems are not just difficult to scale, but also an administrative burden. 


A lack of streamlined processes for managing compliance can quickly get overwhelming. For example, quality and compliance specialist at Center for Human Development, Dan Sadowski, told us about how they managed compliance before adopting VComply: 


"Programs were managing their compliance requirements in a variety of ways. Often a series of emails were required just to confirm a simple obligation. The abundance of documents for policies and procedures can get overwhelming at times,”


On the other hand, a tool such as VComply provides you with an enterprise-level view of compliance activities and gaps, in real time. Track your progress, deadlines, and updates with a few clicks. 


Proactive compliance 

If your nonprofit is fairly old, you're aware of the dynamic nature of regulations and laws. Take a look at this: One of VComply's clients has over 8 different regulatory bodies, including eight that don't speak the same language. Combined, these bodies account for 1,000 regulations and over 400 standards to keep track of. Without a better system, managing compliance with such a high level complexity can often feel like a knee jerk, panicked reaction. 


VComply allows nonprofits to build a strong culture of compliance in their organization. This involves tracking and monitoring areas for improvement, staying vigilant at all times, and benchmarking compliance performance against previous years. Our clients have reported higher levels of accountability and compliance success. 


Time savings 

We'll let Michelle Cove, director of compliance at Center of Health Development explain, 

"Confirming with programs that they all have inspections to complete took at least 4 hours. Now we can see all that on our dashboard and produce a report in seconds.” Naturally, all of these time savings result in reduced areas levels across an organization, better performance, and an increase in quality of work and life. 


Always prepared, no matter what 

Surprise audra can often be a source of anxiety for nonprofits. When each department has a different location for storing documents and a different naming convention too, procuring all requested reports in one place can be cumbersome. 


With VComply, nonprofits can instantly generate reports based on responsibility, person, facility location, and/or state or federal regulation (ex: HIPAA requirements). 


During the pandemic, this can be especially helpful, as you're able to virtually access all information in one single place. 

Focus on people's welfare

While compliance is an unavoidable part of running a nonprofit, it's only a means to an end, and not the reason why you exist. As a nonprofit, you likely have a long term goal in mind to serve your community and beneficiaries

Adopting a robust system of compliance such as VComply helps you save time, resources, and manpower, and focus solely on your mission and purpose. 

Putting It All Together 

Covid 19 has accelerated the adoption of cloud-based applications and software, and the effects can only be described as revolutionary. 


Nonprofit companies looking to better manage their compliance needs and build a culture of accountability, should definitely seize the opportunity of virtual audits to give VComply a try! 

VComply Editorial Team
Read More