Governance, Risk and Compliance

Rethink risk and compliance to drive strategy, capabilities and performance

Today’s rapidly changing business and regulatory environment requires thinking about risk in new ways. Taking an innovative approach to managing and enhancing your governance, risk and compliance (GRC) activities can help you seize opportunities, stay a step ahead of uncertainty, and meet stakeholder expectations.
PwC’s GRC team support many of the worlds’ leading organisations to capitalise on opportunities, navigate risks and deliver lasting change through the creation of a risk resilient business culture.
We can transform how you perceive - and capitalise on - risk.

Explore further

By aligning your GRC activities to business performance drivers - with the right resources – you can transform your GRC program from a reactive, check-the-box exercise into a powerful tool able to anticipate and mitigate risks to drive business performance.


We work with our clients to assess, design and implement leading edge operating models for their Risk and Compliance functions. We have a clear framework that we can tailor and apply across all types of firm and function, designed to deliver a smooth and comprehensive transition to reflect your journey and requirements.

The outcomes are solutions tailored to your organisation and its needs, driving benefits including:

  • Clear accountability
  • Increased efficiency and cost control
  • Greater visibility
  • Increased agility through a sustainable model
  • More effective risk management

Enterprise Risk Management solutions

We work with our clients to evaluate, design and implement  operating models for effective Enterprise Risk Management solutions (ERM), leveraging a broad range of frameworks, tools and methodologies that we have developed and customise to clients’ specific needs and maturity. We also have deep expertise in areas such as risk appetite articulation, integrated compliance and risk models, and Key Risk Indicator (KRI) based predictive monitoring.

Our engagement drives a broad range of benefits including:

  • Informed risk decision making
  • Consistent and robust identification and mitigation of all key risks
  • Clarity in accountability and ownership
  • Improved view of key controls
  • Proactive, risk aware culture across the organisation
  • Assurance to the Board and Audit Committee

Controls assessment and optimisation

To have confidence in the control environment, management need visibility of the effectiveness of controls in mitigating risks across key risk categories.

The need for a foundation of efficient and robust business controls that is sustainable through business changes, compliance needs and cost pressures has forced firms to look at their front to back processes. We can help management achieve the following benefits:

  • Compliance with regulation
  • Controls are fit for purpose and work effectively in the future
  • Operational effectiveness testing in high risk areas and processes
  • Streamlining and simplification of processes and controls
  • Confirm the control is appropriately embedded
  • Support management with the interpretation and implementation of risk appetite decisions at a process level

Compliance solutions

Observing the scale and pace of change in the corporate regulatory and legislative landscape highlights the size of the challenge many organisations are presented with. As a result, regulated and other businesses are increasingly looking for external support in the identification of the ethical and regulatory risks they face, and in designing the compliance functions and programmes they require to mitigate them. Those companies with existing compliance mechanisms are also seeking health reviews alongside their programme implementation to give them comfort that their programmes will deliver compliance. This is how we can help:

  • Programme maturity assessment against good practice models and develop a roadmap for improvement
  • Recommendations and a roadmap for remediation
  • Development of suitable policy governance, learning and behavioural change, monitoring, assurance and reporting tools
  • Cultural assessment on employee behaviours to determine alignment on company values
  • Independent compliance monitoring and audit capabilities
  • Develop and implement policy governance framework
  • Regulatory health checks and deep dive reviews across specific aspects of implementation

Technology-enabled GRC solutions

Organisations face a rapidly evolving GRC landscape, with new technologies and a rapid pace of change meaning businesses need to be proactive when it comes to managing their exposure to emerging risks. Successful organisations make full use of the technologies at their disposal to enhance their overall GRC activities.

We help to assist clients in technology-enabled GRC strategy, vendor selection, technology implementation and transformational activities. Our services are supported by the latest innovations in technology to deliver evidence-based insight and recommendations for improvement.

Business continuity, crisis and operational resilience

Vulnerable organisation's don’t succeed; they fail when they are stressed. We help to assess and develop hardiness in 3 key ways:  

  • Business Continuity Management (BCM) is about making sure there are smart, flexible, efficient 'Plan B’s' in place to continue business critical activity when business-as-usual (BAU) is disrupted. Great BCM insight can also inform strategic decision-making during BAU.
  • Crisis Leadership (CL) is about delivering confident and robust responses to major incidents and crises that are often visible to key stakeholders and the general public. Great CL can create advantage despite disaster.
  • Operational Resilience is about the understanding and measures in place to prevent the failure/loss of activities and processes across critical processes.

Contact us

Gabriela Teixeira

Gabriela Teixeira

Partner, PwC Portugal

Tel: +351 213 599 314

Miguel Fernandes

Miguel Fernandes

Consulting Partner, PwC Portugal

Tel: +351 213 599 314

Follow us