Sep 2, 2021 | Blogs and whitepapers

The multi-regulation platform brings increased efficiency and transparency for both regulators as well as regulated companies


 With digitalization and compliance in mind and in support to the EU and worldwide directives, standards and regulations, WESTPOLE launches the Governance, Risk, Compliance Center, also known as GRCC™, born from the collaboration with:

  • the Luxembourg Institute of Science and Technology (LIST);
  • the “Institut Luxembourgeois de Régulation” (ILR);
  • The “Institut belge des services postaux et des télécommunications” (IBPT).

The latter two are in charge of supervising the telecommunications sector and the NIS sectors. The Luxembourg National Research Fund (FNR) offered financial support.

 WESTPOLE comes in to help all competent Authorities (CA) and companies struggling with error-prone Excel operations, data quality, solid audit-trails, and clear accountabilities. With the GRCC™, CA can confidently supervise regulatory cycles, risk management, incident notifications and data analytics. For companies risk management and reporting have never been easier.

Depending on their industry, sector and activities, businesses are required to comply with a certain set of obligations issued by national, European and international standard and regulatory bodies, to which they can voluntarily add other requirements. The most common are risk management practices and timely incident reporting. To prove compliance however, companies and organizations need to execute risk assessments on a yearly basis. This supervision eventually helps to better mitigate threats and risks such as fire hazards, terrorism threats, unemployment and cybersecurity attacks.

Power of digitalization
Up until now this was done in most cases by use of Excel sheets. This out-dated manner was time consuming, especially in heavily regulated sectors. The process was also prone to human errors and not at all standardized. Furthermore, for the regulators filtering trends and key take-aways from these extensive sheets has proven to be a challenging endeavour as well, a task often exacerbated by the sheer volume of regulated companies. This was the case for the ILR, which governs no less than 130 companies in Luxembourg subject to the telco regulations. Therefore ILR turned to LIST and WESTPOLE and the power of digitalization.

 With the GRCC WESTPOLE pushes innovation and digitalization for risk compliance for both regulated companies and regulators by reducing interactions in a single platform for swift decision making, insights and meaningful trends. What started off as an initiative for the Belgian and Luxembourg telecommunications sector first and the NIS directive (the European directive supervising all critical sectors in the EU member states such as the energy, transport, health and finance sector) second, is now gradually growing into a multi-regulation platform for a global market.

Major advantages

The GRCC is nothing short of a major breakthrough in the field of risk compliance and provides several major advantages for both regulated companies and regulators:

User-friendliness is keyThe GRCC platform, which is available online or via download, is very user-friendly and allows regulated companies to digitize and standardize their risk analysis and assessments and notify incidents through one multi-regulation platform.
AccountabilityIn the GRCC framework a log is automatically kept to keep track of the users and their actions, helping organizations to prove accountability on the one hand and providing the regulator at all times with up-to-date data and results on the other hand.
Libraries for a global marketOver time so-called libraries are added to the platform, which contain all the requirements for compliance with regulations and standards relevant to sectors and their regulated companies such as GDPR and ISO/IEC 27001, establishing the solution as a truly multi-regulation platform for risk compliance.
The changing role of the regulatorThrough the support of AI the platform frees the regulators of the time-consuming task of filtering through hundreds or thousands of risk assessments, enabling him to no longer merely reprimand but also help, advise and share valuable knowledge.