Contact Us

Case Study: Sasfin Bank Ltd.

How Sasfin Bank Ltd used IsoMetrix software to mitigate risk and maintain its competitive edge

Quick facts

Company name: Sasfin Bank Ltd (Sasfin)
Headquarters located: Sandton, Johannesburg, South Africa
Company listed: Johannesburg Stock Exchange (JSE)
Company size: 740 employees
IsoMetrix solution utilized: Enterprise Risk Management (ERM)

Founded in 1951 and listed on the Johannesburg Stock Exchange (JSE) in 1987, Sasfin Bank Ltd and its subsidiaries provide a comprehensive range of specialist financial products and services for Business and Wealth clients focusing on the needs of entrepreneurs, corporates, institutions, and high-net-worth individuals.

“Recently Sasfin very effectively started tracking unsuccessful fraud attempts upon the organization. IsoMetrix has helped with this, due to the comprehensiveness of our ground-level data collection and the ability for our employees to log these details on the system. Thanks to the availability of this information, we have better visibility into attempted fraud events which, combined with the strength of our internal controls, has paid off for us financially.”

Sasfin: Senior Manager, Governance and Reporting

Existing challenges and desired outcomes

Sasfin was on a journey to mature its organizational risk model and risk management processes within the company, with a view to maintain its competitive edge, protect its clients’ financial investments, sustain fewer losses, and increase its profitability.

Prior to implementing IsoMetrix software, Sasfin had a largely manual reporting process in place. As the company grew, it was finding it difficult to consolidate information and it did not have a reliable centralized location from which to conduct its crucial reporting function.

As one of South Africa’s most distinguished and renowned finance companies, Sasfin thus sought to implement a market-leading software system that would centralize its risk management information and processes, and save time on its risk-related reporting.

Challenges and solutions

Challenge no.1

With 10 key risk areas spread throughout the organization such as Operational risk, Business risk, Credit risk, Market & Investment risk, Capital Management risk, Funding & Liquidity risk, Reputational risk, and IT & Cyber risk, it was crucial for Sasfin gain a holistic view of its risks across the group. As the organization grew, trying to manage risks across all these areas with outdated manual methods such Excel spreadsheets was simply insufficient for what was required.


Sasfin implemented IsoMetrix software to create a central platform and administer an integrated approach to managing its risks in all these areas. IsoMetrix’s roles-based system access enabled Sasfin to increase its coverage and risk visibility, and improve the efficiency and effectiveness of its risk processes from the ground-level up.

“One of the most useful things about the IsoMetrix software is its flexibility. Whatever I want to look at, there’s data available and it’s all beneficial to me. I can chop and change, and slice and dice my info in any way I want, to best suit my needs and the needs of my stakeholders.”

Sasfin: Senior Manager, Governance and Reporting

Challenge no.2

Due to its largely manual reporting processes prior to installing IsoMetrix software, there were limitations regarding what information could be provided.


For the Senior Manager of Governance and Reporting in Sasfin’s Group Risk business unit, the range of IsoMetrix’s system dashboards have been an incredibly useful tool in improving risk visibility throughout the company. Sasfin now uses the IsoMetrix system to log all risk events/incidents across all risk types within the organization, as well as conducting risk assessments within the system.

As all data is centralized and available on-demand, the IsoMetrix dashboards provide real-time and on-demand visibility into the risk status of any of the Sasfin business units which the Governance and Reporting manager may wish to examine.

In addition, the dashboards offer a fantastic level of flexibility, and contain the ability to segment and view the data according to an almost endless amount of different categories and factors. This enables Sasfin to approach its data from a multitude of different angles in order to get the best available view of its risks from a 360-degree perspective.

Furthermore, the management team finds the dashboards to be intuitive and user-friendly, further cutting down on the time required to conduct their risk-related analysis tasks.

Some of the specific functionality used by Sasfin in terms of the IsoMetrix dashboards includes:

• Zoning into specific pillars or business units to discover where control failures have occurred in the past with regards to the reporting of risk events and/or risk assessments
• Highlighting where key risks currently exist
• Tracking trends on key risk indicators (KRIs)
• Providing a comprehensive overview of the business risks to stakeholders
• Tracking of action items which are due or overdue according to actions which have been created by Sasfin, and entered into and stored by the IsoMetrix system
• Identifying causal risk factors and highlighting which areas are being impacted. For example, are the risks people-related, process-related, system-related, or due to external factors?

Challenge no.3

Collating and compiling data from across the entire business group for reporting purposes when required was a real headache. Prior to installing IsoMetrix’s software, risk data was siloed and segmented throughout the company, making reporting on it a time-consuming manual process.


With all risk-related data now being stored in a central database and available at the click-of-a-button, reporting is now far quicker and easier for the manager and their colleagues at Sasfin. The on-demand availability of the data combined with automated reporting processes means that there is no lead time needed to compile reports when requests are received.

Furthermore, due to the ability to track data throughout the system, the manager can be far more confident about the accuracy, comprehensiveness, and reliability of all data used for reporting as well.


For a market-leading and trusted financial services company like Sasfin, managing risk effectively is absolutely critical. In order to modernize its risk management processes, the organization turned to IsoMetrix to install a software system that would enable more comprehensive collection of ground-level data via roles-based employee access.

In addition, intuitive dashboards have provided the Sasfin team with the information visibility they need, as well as the flexibility to interrogate the data in an almost endless variety of categories, trends, and analyses to best suit their risk assessment purposes.

Finally, reporting is far more accurate and efficient than ever before, saving the team time and effort with every request. Sasfin’s increased successful identification of attempted fraud attempts serves as just one example of the many benefits offered by utilizing IsoMetrix’s risk management software within a prestigious financial services organization.

Download Case Study