Our Services
Model Risk Management
Risk assessments, model validations, model governance, transaction validations, rule calibrations, lookback reviews, and services to strengthen BSA/AML and OFAC/Sanctions compliance programs.
Information Technology & Cybersecurity
Risk assessments, outsourced CISO services, remediation project management, vendor management, banking system contract negotiations and other technology consulting projects.
Strategic Consulting & SOX/FDICIA Services
Strategic planning, SOX and FDICIA services, ERM, due diligence, management consulting, and other advisory services to help financial institutions mitigate risk and enhance performance.
The GRC Difference
GRC Solutions is comprised of highly experienced strategic consultants and BSA/AML & OFAC/Sanctions, IT/Cybersecurity and Compliance professionals with extensive banking, risk management, technology and technical expertise. Our dedicated teams of qualified subject matter experts (e.g., CAMS, CISSP/CISM, etc.) service each engagement and provide practical advice based on our years of experience and in-depth knowledge of complex transaction monitoring and filtering technologies, information security best practices, and constantly evolving threats and regulatory requirements.


Customized Solutions
We listen. We take the time to fully understand the issues your institution is facing, and we develop customized, risk-based solutions to meet your unique needs. GRC Solutions is known for delivering valuable insights and recommendations supported by comprehensive data analytics and detailed reports that have earned us an excellent reputation with clients and regulators, which include the states, the FDIC, OCC, FRB, NCUA, DFS, etc. Our proprietary methodologies, processes and innovative technological tools are integral to what makes us the right partner, along with our proven experience in providing technology risk management and strategic consulting services.
We are Ready
to Meet Your Needs
We understand our clients’ needs and expectations – and the expectations of regulators
Risk-based, holistic approach
Proprietary methodologies, technologies, processes and analytic tools
GRC Online secure portal and workflow system
High-quality deliverables that meet or exceed regulatory requirements