Does GRC AC 10.0 require it's own systems and architecture?

Absolutely. The architectural shift back to ABAP for the Access Controls system allows the GRC products to co-exist in the same system. You can activate the Access Controls, Process Controls and Risk Management modules in the same system and share common master data elements between them to produce a much more tightly integrated solution.

The user interface is the same as well since the Netweaver Business Client (NWBC) is dynamic basd upon your authorisations. Simply adding the authorisations for the required modules from all of the systems, allows you to access both Process Controls and Access Controls from the same screens.