Our GRC Services

/in , , /by

Our roots go back to 1976, when we began providing consulting services to banks and credit unions. Since then, we have worked with more than 1,500 clients in all fifty states. Among banks and credit unions, we are best known for our compliant fee income improvement programs, including Overdraft Privilege, Rewards Checking and Value Checking. Because risk management and compliance have always been a big part of what we do, in recent years we have gradually expanded our focus to helping clients in all industries improve their risk management and compliance processes and productivity using our software.

We now offer six comprehensive, easy-to-use and affordable compliance management tools that are useful for clients in any industry:

Risk Assessor helps you prepare comprehensive risk assessments consistent with regulatory or other requirements, in days, not weeks.

Policy Manager organizes all your policies into a single database, mapped to the relevant standards and control procedures.

Controls Manager schedules tests of policy compliance and tracks test results.

Vendor Manager is a specialized tool for managing vendor risk that standardizes risk assessment methodology and organizes all vendor related documentation.

Issues Manager is a centralized database for tracking all compliance issues and incidents across your entire organization.

Skills Manager provides online testing and training to ensure employees are knowledgeable about your policies.

All our tools are securely and reliably hosted at Amazon AWS, from which they are available on a variety of devices from anywhere. We’ve gotten some great feedback from our clients. Here are a few comments:

Our policy and control structure is very complex having both a broker/dealer and an investment advisory firm. Policy Manager allows us to easily organize a large volume of policies and maintain our control testing documentation all in one convenient place—a significant improvement over our previous process! — Laura Hendricks: Woodlands Securities / Woodlands Asset Management

We currently use Strunk’s Policy Manager to update and track changes to our policies. We like the audit trail it leaves of changes and also the PDF Redline that indicates changes used for the Board to review and approve. Strunk Customer Support has been prompt and they always assist with any issues we might have. — Karen Lomax, Vice President and CFO Kinetic Credit Union

Strunk’s program brings efficiency to the process and allows us to focus on areas of high risk. Our team sees great value in the process and reporting generated by the Strunk program. It is an affordable way to manage regulatory required risk assessments. — Bob Sundquist, CFO/CRO, NebraskaLand National Bank

Our core customer base has always been smaller and medium-sized organizations and so, unlike most providers, we have tried to price Risk Manager at a level that is affordable by all. In order to encourage usage, we charge a flat annual fee based an organization size. That fee gets you unlimited access to the tools for an unlimited number of users, along with unlimited support from for our support team.

Strunk at WBA’s Education Summit & Regulatory Compliance Conference

/in , , , , , , /by

Strunk is excited to be exhibiting once again at the Western Bankers Association’s Education Summit & Regulatory Compliance Conference next week, August 25th-28th. This year hosted at the Hyatt Regency Huntington Beach, the event always proves to have many learning opportunities for bankers to gain insight into the most current information facing our industry.

In addition to visiting with many current clients, we look forward to showing attendees the latest features offered by our Governance, Risk Management and Compliance (GRC) software. The solution now includes six GRC tools – Risk Assessor, Policy Manager, Controls Manager, Skills Manager, Issues Manager and the all new Vendor Manager.

Vendor Manager provides an easy to follow standardized process to assess risk, gather due diligence materials, evaluate contracts and stores all vendor documentation in one convenient place. Vendor Manager keeps everything organized, is simple to use and of course follows the latest FFIEC guidelines.

Please stop by booth 28 to learn how to improve compliance, streamline responses, and enhance collaboration… all with less effort. All bankers will also have the opportunity to enter to win a $250 Amazon gift card from Strunk. We can’t wait to see you!

Report from AICPA Vegas

/in , /by

Recently I had the pleasure of attending the AICPA conference in Las Vegas Nevada, where I was able to connect with some of the most interesting companies in the accounting and auditing space. I was able to learn about products from companies like Peerview Data, which specializes in “turning client data into actionable insights” and GruntWorx, which organizes and pre-fills tax documents, as well as many others. The biggest lesson I learned from the conference was the need for data protection and SOC 2 framework compliance.

Many of the companies I talked with had either completed a SOC 2 audit, were in the middle of an audit or were acutely aware of the need for a SOC 2 exam because of the many third-party vendor assessments they constantly must complete for prospective clients. As we discussed their different software applications, and how they deal with customer data, I saw what we always see: spreadsheets and word documents rule the day, creating frustration and wasted time responding to vendor assessment requests. The more we dove into the topic the clearer it became that the Strunk Risk Manager system of policy management was not just a nice to have but was a need to have. I heard from a managing partner at a tax software company that she spends two to three hours answering vendor assessments for nearly all of her new clients, as she was the only person in the company who could pull together all of the required information. Strunk Risk Manager allows your organization to respond with far less effort, freeing up your executive team for more important tasks.

One company told me that it took around 20% of one of their senior consultant’s time working with their CPA firm to complete their first SOC 2 and were planning on utilizing 10-15% of his time for future exams. When we started to discuss how Strunk Risk Manager transforms your policy and control documentation process they were instantly interested in learning more.

At Strunk, we believe that your challenges with compliance are our opportunity to provide best practice solutions and streamlined responses to managing all your compliance processes.

Strunk at COCC Foxwoods

/in , , , /by

We were happy to see so many friends and clients at the COCC Annual Client Conference earlier this month. We were definitely on friendly ground, as we have now implemented our solutions for well over half the COCC base. This event set a new attendance record for COCC. Thank you to everyone who dropped in to see us and congrats to Maria Sgambati at Everett Co-operative Bank who was the winner of our $250 Amazon gift card.

At the conference we were able to show off some of the latest improvements in our Governance, Risk Management and Compliance (GRC) software. We have upgraded Risk Assessor to version 2. It now includes automated feeds of peer data from the FDIC, consolidated risk and trend scoring, and an inline scoring history so you can see at the indicator level your scores on prior assessments. Policy Manager now includes more fine-grained reader logging and alerts.

We also were able to demo our new Vendor Manager tool for managing vendor risk. Vendor Manager provides an easy to follow standardized process to assess risk, gather due diligence materials, evaluate contracts and store all vendor documentation in one convenient place. Vendor Manager keeps everything organized, is simple to use and of course follows the latest FFIEC guidelines.

An independent certified public accountant has examined Strunk’s operations and found them to be in compliance with the AICPA’s Trust Service Principles. It was determined that Strunk meets the Security, Availability, Processing Integrity, Confidentiality, and Privacy criteria for SOC 2 established by the AICPA.