By Pambos Pantziaros*

In addition to the human tragedy caused by the unprecedented coronavirus outbreak, its devastating impact on the global economy, makes stronger the case on the effectiveness of internal governance, risk and compliance (GRC) frameworks and systems to address even “black swan” events.

In a nutshell, corporate governance is the framework by which a company is directed and controlled and is primarily involved with the set of rules and practices that define how its main stakeholders interact with each other.

In addition to ensuring a healthy relationship and the delineation of the roles and responsibilities between the owners, the board of directors and senior management, corporate governance is involved with promoting efficiency, integrity, accountability, transparency, and prudent management at all levels. The scope of corporate governance has been recently expanded into how companies deal with bigger issues and how they support societies address social and environmental challenges.

While the majority of corporate governance codes apply to large organizations, their smaller counterparts (SMEs, micro and family owned enterprises), should not overlook the bottom line of corporate governance which is to create value and safeguard the interests of all stakeholders.

Establishing a framework that will allow a company define its vision and mission, set strategic goals, manage its resources effectively, assess risks and business opportunities, and establish appropriate checks and balances, are only some of the elements of corporate governance that are universally important to companies of all sizes.

Proper corporate governance will not only support companies enhance their operating and financial performance, it can (in challenging times) be the determining factor of sustainability and survival.

The current coronavirus crisis and those that preceded it, have additionally exemplified the significance of effectively assessing the company’s risks and ensuring that compliance with the legal and regulatory framework is continuous.

GRC Essentials, A unified approach

Although it is impossible to predict every situation, companies should be prepared to the extent possible. As Benjamin Franklin reminds us, “If you fail to plan, you are planning to fail!”.

A properly planned GRC framework is a step in the right direction as it can enable companies to effectively respond to crisis situations. Roles and responsibilities are properly defined, strategic goals are prioritized and aligned with the operating framework, activities are planned, relations with stakeholders are recognized, and there is oversight on issues related to risk and compliance.

Although the process can be daunting, especially for small companies where resources are limited, companies should assess their business environment and initiate a project that will allow them to converge the pillars of GRC and employ them to their benefit.

Depending on the maturity stage of each company, the planning could begin with the vision, the strategy, the operating framework, the risk management framework and for more mature companies the appointment of an advisory board or a board of directors.

Smaller companies can initiate their project by implementing some of the basic but important elements like defining their vision, mission and strategic goals and gradually develop their framework based on their needs.

The GRC Essentials project ( is an Erasmus + project, aspiring to support companies of all sizes implement the concepts of Governance, Risk management and Compliance (GRC) in their business and work environment. Pulling expertise from its 7 partners based in 5 different European countries, the GRC Essentials consortium will develop a curriculum, a learning platform, a certification and a methodology, adaptable to the needs of SMEs and micro-enterprises.

*Co-founder and director at LT Synergy, a company specialized in the areas of governance, risk and compliance.