How a Financial Services Provider Created a Powerful GRC Engine

^Problem

Disjointed tools jeopardized audit readiness and control

A Europe-based digital bank, Israel’s first cloud-native financial institution, faced the critical challenge of establishing strong compliance and audit frameworks in one of the most tightly regulated industries.

As a newly launched institution, the team needed to build its Governance, Risk, and Compliance (GRC) infrastructure from the ground up. But their efforts were hampered by disjointed tools like Excel and Airtable, which couldn’t support the complexity or accountability required in a financial environment. Excel created version control conflicts and lacked relational depth, while Airtable, though more modern, still fell short on key enterprise features.

“Excel has a lot of limitations. People fight about hiding columns and filtering, and you can’t do one-to-many relationships. Airtable was better, but lacked features I needed,” said the CISO.

Day-to-day operations were filled with friction—inefficient task management, limited visibility into recommendation tracking, and no reliable audit trails. As compliance demands mounted, the digital bank needed a centralized, structured system capable of linking findings, risks, procedures, and controls into one cohesive and secure environment.

Q1

‍

^Solution

SmartSuite anchors Esh Bank’s GRC Foundation

The financial services provider turned to SmartSuite to consolidate their compliance and audit frameworks. They built a robust ecosystem of over 100 linked tables covering systems, risks, findings, procedures, and more. With SmartSuite’s flexible architecture, they developed:

A CMDB-style system to map processes, data, and risk
Custom dashboards to monitor open recommendations and their severity by department
Automated lookup fields to cascade severity data from findings to recommendations
Workarounds like a history table to track field-level changes for audit logs

Even limitations — such as lack of RTL support or dynamic filters for certain widgets — were handled internally. The team created their own RTL browser add-on and developed backup automations and history tracking solutions within the platform itself.

“I built my own backup program, automations to capture historical field changes, and even RTL browser add-ons,” said the team lead.

Q2

‍

^Results

SmartSuite Powers Traceable, Regulator-Ready Compliance

SmartSuite became the central operating system for audit tracking, issue remediation, and GRC visibility at the financial services provider. The internal audit team created real-time dashboards showing status by department and audit, allowing management and regulators to get immediate answers.

With automations tracking field changes, even compliance with regulatory audits became more efficient. “We assign due dates, change replies, and have a linked history of what was changed and when — it's all traceable,” said the team lead.

Despite SmartSuite not offering certain native features like downloadable audit logs or visual drill-downs, the organization effectively built solutions to work around those gaps — from in-platform history tables to controlled external exports for regulators.

SmartSuite Live Office Hours M/W/F, 9:00 AM PT - Register Here

How a Financial Services Provider Created a Powerful GRC Engine

Disjointed tools jeopardized audit readiness and control

SmartSuite anchors Esh Bank’s GRC Foundation

SmartSuite Powers Traceable, Regulator-Ready Compliance

More Customer Stories

Progettiamo Autonomia

20+

Pediatric Pandemic Network

100+

BUCS Engineering

3

Analytic Vizion

90%

Apple Bank

5+

UCLA Student Affairs

3x

CryoFuture

1

Canterbury Consulting

25%

F AIR

20+

Food Truck League

700+

MediaLab 3D Solutions

$40,000+

Enablence Technologies

5 days

Waypoint Centre

4+

MGT (Layer3 Communications)

150+

Grupo AFAL

+$17,000

Andex Kitchens

1

Parsons Counseling

1,500+

Allforce

55%

Weev

75%

Unicontrol

Team scaled 4.6x

CornholeATL

60+

Cryogenic Industrial Solutions

10s

UCLA Anderson

250+

Georgetown University

4+

Acuity

100+

Gillette Children's

8

ITC Germany Prod

100+

Agape Christian Bar Prep

98%

Quality Counts

10+

Collectie Overijssel

50%

Ville de Pincourt

100s

SWAGBOX

3

Elegant Music Group

1,500+

Black Label Services

100+

Brightways

12+

CEI

100+

Office Express

100%