A publicly traded bank holding company with $8 billion in assets operating three entities:  a regional bank, a national mortgage company and a local investments firm.



The holding company’s entities all operated independently.  Facing unique strategic plans and risk environments, each needed Enhanced Risk Management programs that could integrate and translate effectively to the enterprise.  Each had specific growth opportunities, timelines, and financial objective, regulatory oversight needs and business cultures.  In addition, because of significant regulatory constraints, they were unable to move forward with their plans for growth.  There was a clear need for an enterprise-wide visibility to risk, and alignment of risk appetite.



OnPoint developed a program enhancement plan providing a road map and guide for the implementation of Enterprise Risk Management across all entities aligned to the three lines of defense framework.  The engagement included the following:

  • Review and implementation of the eGRC System
  • Focused delivery of integrated Technology Governance and Risk Management
  • A comprehensive Credit Risk Management program with a Dual Credit Risk Rating program and a Credit Stress-testing program
  • Integration of Enterprise Compliance Risk Management including eGRC integration
  • Comprehensive internal audit program including eGRC integration


As a result of these Risk Management enhancements, the organization had received the necessary go-ahead from regulators to grow — both organically, and through acquisition – to $13 billion in assets while enhancing risk-adjusted returns within each entity.  They are now able to see, review and discuss risk profiles and return tradeoffs between business activities, entities and strategies.