The client stories behind Michael Rasmussen’s Conflict of Interest Management solution perspective for CoreStream GRC 

Introduction

Michael Rasmussen, globally recognized GRC thought leader and former Forrester analyst who originally defined the Governance, Risk, and Compliance market, recently drafted his perspective on CoreStream GRC’s conflict of interest solution. 

For this analysis, Michael engaged with 3 organizations actively using the CoreStream GRC platform to manage conflicts of interest. While operating in different industries, each organization has configured the solution to address its unique regulatory pressures, operational realities, and business priorities. This preview distils the most important takeaways from those discussions, illustrating how CoreStream GRC’s adaptable approach to conflict of interest management is delivering measurable value across diverse sectors.

Here is a preview of the report:

CoreStream GRC COI Management Client Experiences  

Organizations across industries are using CoreStream GRC to strengthen conflict of interest management and related ethics and compliance processes, achieving improvements in visibility, workflow discipline, reporting, and operational consistency.  

GRC 20/20 has found a consistent pattern: organizations are moving away from email driven, spreadsheet-based, or highly customized legacy approaches toward a more structured, auditable, and business-integrated model.  

In this evaluation, GRC 20/20 conducted three specific client reference discussions that found: 

CLIENT: A UK-based reinsurance organization (~50 employees)

implemented CoreStream GRC for conflicts of interest and gifts and hospitality as an extension of its existing risk and compliance environment. They stated,

“Great to have everything in one system, we’ve rebranded it the risk and compliance system.”

Prior to CoreStream GRC, these processes were manual, fragmented, and largely driven by emails and informal approvals, with limited reporting, no centralized log, and little auditability. With CoreStream GRC, the organization established enterprise-wide conflict declarations, quarterly attestation cycles, compliance review and approval workflows, and a centralized repository for active and historical conflicts. Gifts and hospitality were brought into the same governance model, creating a familiar and consistent user experience across risk and compliance. Results include moving from 40% response rates with the old tool to a 95% response rate. 

CLIENT: A large global private foundation (~5,000 employees) 

selected CoreStream GRC for conflicts of interest and a related disqualified persons process tied to self-dealing prevention. The legacy environment had become expensive to maintain, difficult to evolve, and increasingly misaligned with modern user expectations. CoreStream GRC stood out because it could meet complex requirements without heavy customization and because it demonstrated specific working capabilities rather than generic promises. At the time of the reference discussion, the program was still in implementation and not yet live, but the client had already identified compelling value in fewer false positives, reduced dependence on a single individual for sensitive processes, and a better fit for nuanced foundation workflows. The team were particularly impressed by CoreStream GRC coming to their offices for design workshops, stating 

“They are great partners, flexible, smart, people who know their stuff. I would recommend.” 

CLIENT: A large U.S. healthcare organization (~50,000 team members) 

selected CoreStream GRC as a dedicated conflicts of interest solution after outgrowing a makeshift process that had moved from a learning management system to a repurposed policy management environment. A decisive factor in selecting CoreStream GRC was its ability to integrate Open Payments data:

“a key USP of CoreStream”. 

The client used CoreStream GRC to design a more structured workflow that includes threshold-based flagging, supervisor review, escalation to the next level of leadership, mitigation planning, compliance review, and employee acknowledgment. While the organization had not yet completed a full enterprise-wide campaign, early experience was strongly positive around configurability, workflow automation, and implementation quality. 

Across these client experiences, a clear pattern emerges. CoreStream GRC is proving particularly effective where organizations need to move beyond static disclosure collection and establish a living conflict of interest management process. In smaller regulated environments, this means replacing informal approvals and fragmented tracking with a centralized, auditable system of record. In large, complex environments, it means supporting nuanced workflows, reducing manual review effort, and fitting into mission-critical or healthcare-specific contexts without forcing excessive customization. 

Overall, CoreStream GRC is demonstrating that conflict of interest management can be handled as a practical, business-integrated governance capability rather than a once a-year administrative exercise. The platform supports transparency, decision-making discipline, and defensible oversight while remaining usable enough for broad adoption.  

Want the full 18 page report? 

Or head to the preview section of the report: Short snippet of GRC 2020’s Conflict of Interest solution perspective.

About Michael Rasmussen

Michael Rasmussen is an internationally recognized thought leader and pioneer in governance, risk management, and compliance (GRC). With over 30 years of experience, he has extensive expertise in enterprise GRC strategy and processes supported by robust information and technology architectures. Known as the ‘Father of GRC’, Michael was the first to define and model the GRC market in February 2002 while at Forrester, setting the foundation for the modern understanding of GRC.

Frequently asked questions