Financial Consulting Comes Full Circle—The intense Sarbanes-Oxley compliance efforts of the mid-2000s rekindled attention on the need for enterprise risk management (ERM) and related governance, risk management and compliance (GRC) efforts. Today, more and more companies are intent on addressing financial, operational, strategic and reputational risk.
A closer look at financial consulting suggests that practices focusing on corporate finance and accounting, tax, internal audit, compliance and risk functions have stumbled into a time warp.
Sarbanes-Oxley compliance work is surging with even more major regulatory changes looming. Demand for transaction advisory services, in the volatile-yet-possibly-improving-in-some-areas wake of a major economic downturn is growing. Transactional efficiency is a hot topic. Tax advice and ERP-related work remains strong. From this altitude, 2015 looks a heck of a lot like 2005.
Detailed scrutiny, however, shows that financial consulting and the companies that invest in it are in the throes of a sea change. Current ERP work, for example, involves social, mobile and cloud technology.
This transformation is knocking down organizational silos, rewriting traditional risk management playbooks, injecting data analytics into every corner of corporate finance and its related functions, weaving increasingly complex critical tax considerations into strategic decision-making, driving a powerful need for cyber-security and causing consultants rethink how they structure their offerings, organize their teams and develop their talent.
And clients now expect consultants to deliver “a marriage of flexibility, specialization and technology,” reports Dawnella Johnson, Partner, Risk Consulting Services, with Crowe Horwath LLP. “Clients expect us to have experience in whatever they are hiring us to do,” Johnson continues, “but they also expect us to be flexible and tailor the solution to them—you need to have solved the problem before, but you need to tailor it to me.”
In 2005, financial consulting typically involved discreet, well-defined engagements: Section 404 compliance, specific tax advice, ERP implementation, cost reduction, M&A due diligence, process-improvement engagements and outsourcing accounting processes. Today, CFOs, tax officers, risk officers, internal audit heads and compliance chiefs are requesting broader, deeper and more integrated services.
Cost reduction has been replaced by margin management and what North Highland Vice President Katie Downs, who leaders her firms CFO Services practice, describes as a comprehensive focus on profitability. While consulting firms still take on more tactical compliance work, “we would rather see a compliance engagement that cuts across multiple silos so that we can help a client greatly reduce the cost of compliance,” says Srikant Sastry, national managing principal of advisory services for Grant Thornton. “To do that, we really have to address underlying cultural issues.”
This is more intricate work—let’s face it, culture and people can be messy. This intricacy is evident in the language leaders use to describe the types of engagements clients want today.
Capgemini Senior Vice President and Global Head of Business Transformation Services Jean Christophe Ravaux favors more expansive descriptions over bullet points: supporting the CEO and enterprise strategy in a disruptive environment, assuring high performance and delivering strong business outcomes, and enabling business agility. “It is not enough to carry out designated tasks competently and diligently, nor is it enough to meet accepted business standards,” Ravaux notes. “What matters is the business outcome.”
Carl Carande, National Managing Partner for KPMG Advisory Services, also favors longer descriptions of client challenges and the increasingly integrated consulting services he and his team are assembling. “There is a lot going on,” he says. “And our expectation is that the magnitude of disruption from the regulatory side, the business-environment side, and the geopolitical side is going to continue. This is the norm that our CFOs, CCOs and CTOs are managing.”
Some of the most interesting changes in the realm of financial consulting are taking place behind the scenes. Clients are asking advisors for help eliminating organizational barriers (or “silos,” a term nearly all financial consultants pepper their conversations with today) and greatly improving and accelerating how key information (extracted from galaxies of data) is shared throughout the enterprise. The objective of this work is to enable greater organizational agility, which pivots on corporate finance and its related functions’ ability to maintain clear and current views of emerging threats and opportunities.
On the surface, more immediate needs, most notably cybersecurity, require attention. Hank Prybylski, a partner at Ernst & Young LLP who leads his firm’s Americas Financial Services Advisory and Global Financial Services Risk Management areas, describes cybersecurity as “the most prevalent risk” across all industries. “From a market perspective, demand for [cybersecurity-related] services has really exploded in the past 12 to 18 months,” he says. “This is a board-level, executive-level risk—it’s certainly moved beyond the domain of the chief information security officer.”
SOX, Risk and Culture
Amid all of the change in the financial-consulting realm, Sarbanes-Oxley work has been surprisingly steady. Since its passage in the summer of 2002, through its confusing and much-delayed implementation over the next several years, to the present (when publicly listed companies—and others are adapting to an updated COSO framework and the trickle-down impact of PCAOB inspections of auditing firms), the sweeping law has proven to be a sustainable source of income. The law and its hundreds of rules are simply too big for many companies to address without outside help.
As baffling as it must sound to those outside of the finance, accounting, risk management and compliance realm, SOX-related consulting represents a growing source of revenue in many firms in 2015. That’s the case at McGladrey, reports Gary Sturisky, who leads his firm’s consulting practice. He notes that many foreign companies not listed in the U.S. seek assistance to voluntarily comply with the law as a way to enhance their credibility with investors. Private companies on the verge of an initial public offering (IPO) also need consulting assistance to build SOX compliance functions from scratch.
The intense Sarbanes-Oxley compliance efforts of the mid-2000s rekindled attention on the need for enterprise risk management (ERM) and related governance, risk management and compliance (GRC) efforts. Today, more and more companies are intent on addressing financial, operational, strategic and reputational risk, Sturisky notes.
Protiviti Managing Director Cory Gunderson, who leads the firm’s Global Financial Services practice, notes that risk management “has finally taken hold as a regular and pervasive component of most organizations.” Prybylski agrees, pointing to the emergence of a new perspective on risk and compliance. He say companies previously viewed compliance risk management as a matter of implementing controls or risk management processes. “Today,” he says, “that approach has almost flipped to: How do I implement my business plan around these requirements?”
Boards are also focused on risk, Gunderson says, “not just from a check-the-box perspective” but from a strategic perspective. “Risk can be a competitive weapon—much like brakes on a car—in that good risk management allows an organization to be more confident—to go faster and be more nimble,” he adds. “Aligning risk with strategy has been crucial; work still needs to be done, but it’s moving in the right direction.”
That work is keeping consultants extremely busy. It is also evolving in new dimensions, notes John Verver, a former Deloitte principal who now serves as a strategic advisor to audit and risk management software company ACL. “One of the primary concerns in terms of risk is that ‘you don’t know what you don’t know,’” Verver explains. “The range of potential risks that all of these roles [CFO, CCO, CRO, etc.] face is becoming increasingly overwhelming. The challenge is to focus on the areas that are most likely to create major problems, as well as to be able to detect trends and emerging risks before they escalate and cause real damage.”
That’s why, Verver and many financial consulting leaders assert, an integrated approach to managing and assessing risks is so important. While each functional leader within a company typically focuses on a different set of risks related to their responsibilities, Verver says “what matters most is to be able to put a range of risks into the context of impact upon strategic corporate objectives—and to be able to come up with a very rapid response when needed.”
Establishing this context hinges on managing less tangible risk factors, such as organizational culture. “We’re seeing a lot of risk-management focus on culture,” says Prybylski. EY and other firms are trying to figure out ways to take a sprawling, amorphous entity and standardize how it is measured, monitored and managed. “I think you’ll see a lot of innovation in this area,” Prybylski says. “In running our own business, we’ve grown very comfortable looking at engagement scores. I think in short order we’ll begin to develop some important, standard measures that can indicate when there is exposure related to [organizational] culture.”
Transaction Advisory Services Get Bigger
In addition to a thirst for regulatory compliance, forensic and litigation support work, McGladrey clients are also seeking the firm’s transaction advisory services, Sturisky reports. Much of that demand comes from private equity groups.
KPMG is also enjoying a high demand for transaction advisory services. Carande, like Sturisky, points out that the nature of this work has grown significantly more complex and involved in recent years.
“It’s not only a matter of having the specialized [transaction advisory] expertise, you also have to bring together a fully integrated collection of specialized expertise to help the client,” says Carande. For example, he continues, “we will not go into many of these initial deal-advisory discussions without a tax specialist as we talk through all of the implications of certain types of spin-offs that the company [is considering].” KPMG’s transaction advisory teams also typically include experts in information infrastructure, back-office integration, compliance, strategy and more.
Sturisky notes that the desire for industry expertise has increased. “It is one thing to be an expert in transaction due diligence, but it is another thing to be an expert in transaction due diligence within the healthcare industry,” he says. “…We align our financial consulting practice fully with the client’s industry and we also bring in cross-functional expertise.”
Silo-Busting in Client Companies—and Consulting Firms
Sturisky also notes that the need for multiple types of expertise exists across most types of financial consulting work. “I think it is fair to say that financial consulting engagements are typically becoming more complex and larger,” he says. “They require cross-functional teams of subject matter experts in a variety of areas. We can have folks on the team who have nothing to do with financial consulting—security and privacy people who address facets of risk and controls, for example. We’re putting together a hybrid team of experts, and I think that’s a significant change.”
Prybylski agrees, echoing Sastry’s earlier point on the cross-functional nature of compliance engagements. “It’s not just about putting the control processes in and running reports,” Prybylski says. “It’s really working it into the entire business model, and that means we cannot approach projects with just a finance or risk consultant. We need to approach it with experts in finance and risk, data, people and organizational change, IT implementation, business strategy and more.”
That’s why nearly every financial consulting leader emphasizes the need for a multidisciplinary or “multi-capability” approach. Clients demand “much deeper specialist skills,” Carande says. At the same time, these specialists must expand their understanding of a wider range of interrelated issues. “Technical skills are still very important,” notes Crowe Horvath’s Johnson. “But consultants going into projects can’t just be technical specialists. They also need to have the ability to collaborate with the client and with various stakeholders. People and communication skills are an absolute necessity in consulting, as is the ability to collaborate and navigate among many different priorities.” Sastry emphasizes that financial consultants, regardless of their particular area of expertise, “need to be cognizant of change management and culture.”
Given the growing need for multi-faceted financial consultants, some firms are implementing talent management and leadership development plans designed to help rising consultants broaden and deepen their skills (see “The ABCs of Grooming Financial Consultants” on Page 12). “I think collaboration skills are key,” Gunderson notes. “A good financial consultant needs to be advisor, influencer and collaborator, all while maintaining a strong technical base.”
Crowe Horwath Director, Financial Advisory Services, Chris McClure agrees that technical expertise remains a must-have while noting that there is a growing need for financial consultants to place greater emphasis on networking and building business relationships. “While there may be many consultants who can technically perform the work,” McClure notes, “it is often those with key relationships and the ability to effectively communicate their value proposition that win the opportunities.”
Given their current growth trajectory, these financial-consulting opportunities could be even more abundant in 2020 than they are today. ■
Sidebar: The ABCs of Financial Consultants
Twenty-plus years ago, a seasoned Price Waterhouse consultant named Mo Treadway took a shine to his new hire Gary Sturisky and suggested that Sturisky immerse himself in a promising, relatively new methodology called activity based costing (ABC). “I later became the ABC guy in the utility industry,” Sturisky says. “I knew that stuff backwards.”
Today, Sturisky leads McGladrey’s consulting practice, a role in which he says that the stewardship of the firm—and of the careers of young consultants—is “near and dear to my heart.” He takes a page from his former mentor’s playbook in the approach he employs when shepherding rising talent through a mixture of functional, industry and technical experiences and assignments. Here’s how he and his team like to groom financial consultants:
Be a sponge: “For the first two years, your brain needs to be a sponge,” Sturisky says. “You need to come in with an open mind and truly want to experience as many different types of projects as you can.” That means operating as a generalist while taking on as many different types of projects—Sturisky mentions internal audit, business valuation and litigation support among other examples—in several different industries.
Specialize: After two years of varied assignments, it’s time to select a specialty. At this stage in his career, Sturisky became his firm’s ABC/ABM expert for utility clients. The process of becoming an expert requires learning, time, publishing and networking, Sturisky emphasizes. “You need to start doing white papers and other forms of thought leadership,” he says. “You need to attend conferences. You need to be viewed as both an academic and a practitioner in your area of technical expertise.”
Humanize: This experience and technical expertise only gets rising consultants so far, however. “You may have all of the right technical skills,” Sturisky adds, “but if you are not a team player, if you’ve got a bad attitude or you have other hang-ups, then you are not going to be successful. You need to balance the qualitative and technical aspects to succeed.”
Sidebar: Q&A: How is Financial Consulting Evolving?
“Financial consulting,” as defined by Kennedy Consulting Research & Advisory, contains numerous terms and activities, including financial risk and controls, transaction advisory services, reporting and accounting, risk management and regulatory compliance. Protiviti’s Cory Gunderson, who serves as one of his firm’s managing directors and global financial services practice leader, is focused on a related term, one that he and his colleagues coined: “agile compliance.” Gunderson paused from a happily busy schedule to define his term and to describe his firm’s activities within the financial-consulting domain.
Consulting: What are the top concerns of CFOs, chief compliance officers, chief tax officers and chief risk officers (across industries) today?
Gunderson: I believe that the concerns may vary by role a bit, but overall compliance is top of mind regardless of industry. Penalties for non-compliance, both reputation-wise and monetarily, are at all-time highs. As many have seen, the price of remediation is multiples of the price of prevention. Additionally, I believe most organizations are turning their attention to growth and customer acquisition. How do I differentiate my offerings to attract (and retain) customers in my industry? How can I engage in using and leverage different channels, including mobile and what I’d call the “digitization” of the world. Finally, cybersecurity is top of mind. Reports of high-profile hacker attacks are practically a daily occurrence. It’s a never-ending cat and mouse game between organizations and external threats. While prevention is important, speed to plug holes once identified is also critical to contain the impact of any successful penetration. Given ongoing digitization and expanding use of mobile, cybersecurity will be top of mind for the foreseeable future.
Consulting: What areas of financial consulting are in high demand today?
Gunderson: Regulatory compliance areas remain high growth. This is evolving from remediation engagements to reengineering capabilities within compliance. We call this “Agile Compliance” —the ability to be effective and efficient in managing compliance risk, but in a way that isn’t the never-ending piling on of resources (people, technology, etc.) that is putting pressure on earnings and capital at many organizations. Investigation engagements are also increasing, mainly due to enforcement activities.
Consulting: What are some noteworthy ways that changing/emerging technology is creating challenges and opportunities within client companies?
Gunderson: Changing/emerging technology is having a profound impact on organizations – both positively and negatively. Mobile technologies are opening the door to new products and services, but they are also exposing organizations to new security and other operational risks. Cloud technologies hold the promise of lowering costs and increasing agility, but they also create new security and service assurance risks. Cyber currencies, like Bitcoin, create opportunities for entirely new business models, but they open the door to questions about regulatory compliance. Big data and predictive analytics hold great promise for improving customer service and managing risk, but they also create privacy concerns.
Consulting: How have you recently evolved your practice, services, and/or firm in response to changing client needs?
Gunderson: First and foremost, we have built a national and global practice around risk and compliance matters. That means there is centralized support to ensure the very best people are assigned to each engagement, regardless of geography. We are also able to collaborate very effectively and efficiently across borders, which ensures a global perspective to challenges. Tactically, we have also created new practice offerings—when quantitative methods emerged several years ago, we created a model risk practice with PhD-level quants. As that area has evolved and data has become more prevalent in the marketplace, we combined several practice areas (business intelligence, model risk, data management) into our new Data Management and Advanced Analytics solution. To this team, we have added predictive analytics reflecting clients’ desire to do more than know what has happened but to be able to look ahead and predict behavior and events. We believe we are the first firm to combine such capabilities under one leader.
Finally, given the heavy bent on compliance related matters, it’s important, we believe, to have experts from multiple perspectives. We’ve built what we refer to as a “50/50” model of capabilities —if you take a snapshot of our practice, you will find about 50 percent of our people are home-grown traditional consultants, and the other 50 percent represent experienced hires from industry, including former regulators and professionals of other backgrounds. This allows us to bring solutions that are practical, implementable and achievable as our team has “been the client” while ensuring a professional consulting/advisory experience.
Consulting: How do you expect financial consulting to evolve over the next few years?
Gunderson: We expect more engagements like “agile compliance”—reengineering risk and compliance functions to be more effective while being more efficient. This is key to a sustainable business model for risk and compliance functions. We also expect “emerging risk” to be an ongoing area of interest -building capabilities to identify, monitor and assess emerging risks. Cybersecurity will continue to be hot, but will evolve as the world evolves on the digital front. Marrying technology with process and people capabilities is crucial to have a nimble response to emerging threats. Finally, we expect problems to be more global —not isolated to a branch or country, but needing consistent responses to issues that occur across an organization.
Sidebar: 5 Financial Services Clients Want
Capgemini Senior Vice President and Global Head of Business Transformation Services Jean Christophe Ravaux reports that the following five types of financial consulting engagements are in high demand among clients today; these include projects related to:
1. End-to-end finance transformation (e.g., combining digital transformation with new service delivery models and end-user experiences that frequently include social and mobile facets)
2. The creation of new finance operating models (involving global shared services centers as well as hybrid models)
3. Financial risks and control environment (including cyber-security)
4. Crisis and recovery
5. Tax efficiency
Already have an account? Sign In
Already have an account? Sign In
*May exclude premium content