Central Bank of The Bahamas launches RFP for turnkey governance risk and compliance and audit management solution

The Central Bank of The Bahamas has issued a request for proposals seeking technical and commercial bids to supply, install, integrate and commission a turnkey Governance, Risk and Compliance (GRC) and Audit Management Solution. The platform is intended to support Internal Audit, Information Security, Corporate Strategy, Risk and Governance, and Onsite Examination teams, replacing several manual risk and compliance processes while supporting end-to-end audit workflows and remediation tracking. The scope covers software (and hardware if applicable), implementation and integration services, documentation and training, and post-implementation support, with phased delivery targeted for completion within 16 to 20 weeks from the firm order date. The Bank expects up to 40 core users and up to 80 stakeholder users, prefers an on-premises deployment but will consider cloud hosting in jurisdictions with data sovereignty and privacy laws similar to The Bahamas, and sets baseline non-functional requirements including at least 50 concurrent users and 99.5% annual uptime. The RFP also specifies security and access control expectations, including encryption and support for multifactor authentication and single sign-on, and requires that the proposed solution is already in production and supplied by an authorised prime bidder with at least three years’ relevant GRC delivery experience; proposals are evaluated using a 70% technical, 25% financial and 5% presentation weighting. Questions were due by February 14, 2025 and responses were scheduled for February 21, 2025, with proposals due by March 7, 2025. Shortlisted bidder presentations are scheduled for March 24 to 28, 2025, and a notice of intent to award is expected on or about April 11, 2025.