Client Story

Establishing stakeholder trust by mitigating risk

KPMG helped a leading mortgage securitization organization create transparency and accountability by improving integrated risk management.

Lisa D. Rawls

Lisa D. Rawls

Americas GRC Technology Service Network Leader, KPMG US

+1 703-286-8591

A leading mortgage securitization organization
Financial services
Integrated risk and compliance ecosystem
  • Client challenge
  • Benefits to client
  • Approach
  • KPMG insights

Client challenge

As a result of inconsistent and decentralized implementation of technologies, this leading mortgage securitization organization found it difficult to demonstrate how it manages risk and compliance activities when reporting to executives and regulators. Second- and third-line functions operated in silos rather than using common datasets, methodologies, and technologies. A fragmented integrated risk management data model isolated data elements, hindered timely reporting, and prevented management from obtaining consistent or accurate insights. 

Recognizing that it needed to obtain a single view of risk across the enterprise, management invited KPMG to help develop and implement what would become an evolutionary data technology framework and solution.

Benefits to client

KPMG leveraged extensive experience in risk and compliance programs, technology enablement, and data architecture to help the client:

  • work from common datasets and technologies to arrive at one source of truth, resulting in accurate and consistent strategic insights
  • integrate technologies and data elements, driving more effective and efficient reporting capabilities
  • establish roles and responsibilities that would result in data consistently being created and maintained throughout the organization
  • continue to improve the new IRM framework and technology capabilities, supported by a multiyear implementation roadmap
  • create a more transparent and accountable approach to managing risk, in turn helping to establish stakeholder trust.


Working closely with the organization’s integrated risk management (IRM) technology team and risk and compliance professionals, the KPMG team developed a model to align data elements, remove silos, and enable accurate reporting for management and regulators. Once the stakeholders agreed to this target-state model, KPMG traced each data element back to its system of record, identified points of integration, and developed the architecture for an integrated risk and compliance ecosystem.

To better enable management reporting, the KPMG team took the concept of technology integration a step further, laying the foundation to integrate critical technologies to enable the three lines of defense. This approach aligns with what has become a leading practice in integrated risk management, where organizations connect and capitalize on existing technologies to create an ecosystem of business, risk and compliance, and internal audit functions that strengthen executive decision-making.

At the end of the engagement, the client had commenced its evolution from a decentralized IRM program and technology environment to an integrated ecosystem architecture. Through the establishment of a multiyear implementation roadmap, KPMG will continue working with the client to help turn its ecosystem architecture into a reality. This roadmap will help the organization improve the way it manages risk and solves business issues by establishing customer trust based on transparency and accountability.

KPMG insights

Deploy a team who knows what good looks like and how to get there

The KPMG Enterprise GRC Technology team who assisted the client with this project has delivered on these types of projects before and knows how to develop holistic, wide-ranging solutions that leverage leading industry practices and avoid pitfalls. Further, by leveraging a “fit for purpose” approach, the KPMG team was able to guide the client through the project and realize return on investment for stakeholders and executives.

While the idea of integrating technologies is not a new concept, KPMG took it a step further 

By laying the foundation to integrate critical and essential data and technologies for the second and third lines of defense, KPMG enabled accurate and consistent data reporting across the enterprise.

Successful transformation requires the right efforts, in the right order

KPMG is organized to help clients navigate every stage of turning theory into reality for maximum cumulative impact: from strategy through assessment, solution design, testing and deployment, adoption, and continued support.

Develop momentum and keep stakeholders engaged

The KPMG team identified quick wins that showed immediate returns on investment, which triggered momentum. KPMG kept stakeholders engaged through open-forum discussions and weekly touchpoints for long-term viability.

The integration of technologies and data elements drives one source of truth and more effective, efficient reporting capabilities for this client.