First Central Group (FCG) is a fast-growing retail motor insurance company with around 1.3 million customers in the UK through brands including 1st Central and Skyfire, with roughly 1,200 employees across four sites within the UK, Guernsey and Gibraltar. The company is committed to restoring and maintaining trust through technology and data to reduce risk, tackle fraud and deliver products for the future using its in-house capabilities, people and commitment to innovation. We explore how the organisation worked with Protecht to achieve its business goals.
Implementing a feature-rich GRC solution to safeguard growth
FCG has matured significantly as a company in terms of its culture and structure in recent years, in tandem with fourfold growth in the past six years. This growth required a more sophisticated risk management model. However, FCG’s existing Governance, Risk and Compliance (GRC) system was limited in scope and reporting capabilities, lacked vendor support and couldn’t be configured to meet the company’s specific needs. Moreover, FCG had to perform its risk analysis in multiple spreadsheets, involving considerable manual effort, which was time-consuming and prone to error.
FCG decided to go to market for a new solution that would support its growth at an affordable cost. Protecht’s ability to create live representations of the company’s existing data and registers made an immediate impression. Protecht also boasted a simple deployment process with clear steps, gates and success criteria. Alongside risk management, Protecht ERM’s compliance management features were also attractive.
“We wanted to look at how we could have improved governance around our corporate policies, how we could track actions off the back of compliance monitoring reviews and link those back through to the risk that was defined,” said Steph Collins, Head of Compliance, FCG.
Risk management integration
Protecht’s integrated approach enables FCG to mature its risk in a variety of ways. For example, if there is an incident and something goes wrong, the team can understand what control fail documents that and then also inform its risk reviews, providing a virtuous circle.
Protecht has also enabled FCG to transform its onerous manual processes into a more streamlined, automated and efficient approach. PDF reports can be generated automatically according to the schedule, allowing the team to spend more time on providing useful insights instead of manually crunching data. Moreover, not only is data now available quickly, there’s also a single source of truth, leaving no room for error.
“When we were using spreadsheets for a lot of our tracking previously, the likelihood of error was high,” added Ben Lowing, Risk & Compliance Director, FCG. “Now we know exactly what’s going on and it’s transparent for everyone.”
Moving from risk administration to risk advisory
Protecht’s dashboards and registers now feed directly into the slide decks for FCG’s monthly pillar governance meetings, enabling more varied and valuable conversations around risk culture. At the same time, Protecht’s attestation processes feed into FCG’s core governance framework, providing clarity on who is responsible for what. FCG’s second line risk team is also saving around five days per month on data entry by using Protecht’s automated reporting instead of manual spreadsheets.
“That’s what the business wants from us as a second line function: everything to just be clear and simple for them to understand so that we can concentrate on providing them with the advisory and support that they need,” said Collins.
Simplicity and engagement for the first line
Protecht enables greater collaboration between the first and second line support by providing a single repository and boosting the working relationship between multiple teams. It has simplified onboarding with online training videos that bring new hires up to speed quickly.
And, Protecht has transformed FCG’s engagement with risk: now employees across the entire business engage with risk, making full use of Protecht’s features, such as MyTask, which boosts response rates by automating the email process. First line users can see precisely what actions are required by simply logging into the Protecht dashboard.
Self-service analytics
Protecht’s analytics capabilities have transformed FCG’s board and audit committee reporting by automating the processes to show clear, detailed trends. This ability is built on the actions dashboard, which complements the actions register and contains all actions sorted by type and linked to specific risks. This information can then feed into reports for the board seamlessly.
Protecht analytics enables stakeholders to visualise what is happening within someone’s span of control over time, whether it is improving or getting worse, and why. This has made a significant impact on driving conversations with risk owners and understanding their environment.
“It’s a live system with live information that every user can access and update controls and risks, and it’s all there to see immediately,” said Dan Graham, Group Risk Officer, FCG.
Strategic partnership supports long-term vision
FCG’s partnership with Protecht has improved the company’s risk culture, enabling a cultural shift away from depending on the second line team to make decisions around risk, towards allowing first line managers to manage their own risks. The intuitive nature of the dashboards means that throughout the company, employees can access reporting, analytics and insight, helping them understand their individual responsibilities as well as providing a broader view of the department’s risk profile.