London Metal Exchange

  • World center for trading industrial metals
  • Founded 1877
  • 500+ global networks
  • 3.5 billion tons traded annually


London Metal Exchange was looking to strengthen the connection between risk and compliance – and that meant rethinking the way the two departments functioned.

The nearly century-and-a-half-old organization is the world center for industrial metals trading, operating in more than 500 global networks. At the time, LME was managing risk and compliance via a patchwork of spreadsheets, Word documents, slides, and email. There was no uniformity in how risk was defined or how data was captured. As a result, it was difficult to get an accurate picture of its risks – or collaborate on solutions.

“With the help of Riskonnect, we migrated from spreadsheets to a fully functional GRC system during lockdown. The system has brought internal clarity and efficiency, as well as the ability to meet the requirements of regulators.”

Keith Bason
Head of ERM and Operational Risk
London Metal Exchange


LME selected Riskonnect’s GRC suite – including Enterprise Risk Management, Compliance, Internal Audit, and Metrics – to bring consistency, clarity, and insight into its risk and compliance functions.

The first order of business was to cleanse the data before importing it into the Riskonnect platform. The timing happened to coincide with the start of the global pandemic, just as everyone moved to remote work. While this certainly added an unexpected wrinkle, it didn’t slow down the project at all. The risk and compliance teams still closely collaborated throughout the entire project to ensure the system satisfied everyone’s requirements. And the system was fully functional in just 10 months.

With Riskonnect, stakeholders at all levels and functions now have a single source of truth that’s easily accessible to both teams. Data is consistently captured, and everyone uses the same taxonomy.

Powerful analytics visually connect risk and compliance information, which helps the team analyze trends. Risk categories are built into the system’s operational risk framework for added consistency and visibility. The system also accommodates multiple user profiles with different sets of access requirements.


LME quickly realized the benefits of having a single collaborative system for all risk and compliance data. With Riskonnect, the organization now has the tools to effectively manage regulatory expectations and rapidly respond to fraud and other critical risks.

Streamlining processes and adding automation has saved the organization significant time – especially when preparing reports such as Risk and Control Self Assessments (RSCAs) required by regulators. The easy-to-use system also allows first-line stakeholders to input KPI data directly into the system, which has improved overall quality and consistency.

As a result, LME can respond faster and more efficiently under any conditions. And Riskonnect’s built-in flexibility gives the organization the option to easily expand the system if needed to accommodate future regulatory change and business growth.

According to LME’s Keith Bason, head of ERM and operational risk, Riskonnect also has helped elevate the profile of risk management. “There has been greater engagement from stakeholders involved in risk and compliance, all the way up to the executive level,” he says. “This means that the Risk Committee is working with clear and consistent data to make informed decisions on how to drive the business forward safely.”

Interested in learning more about GRC? Check out GRC (Governance, Risk, and Compliance): The Definitive Guide or schedule your Riskonnect demo.