Protiviti Managing Director Cory Gunderson, who leads the firm’s Global Financial
Services practice, notes that risk management
“has finally taken hold as a regular and pervasive component of most organizations.”
Prybylski agrees, pointing to the emergence of
a new perspective on risk and compliance. He
say companies previously viewed compliance
risk management as a matter of implementing controls or risk management processes.
“Today,” he says, “that approach has almost
flipped to: How do I implement my business
plan around these requirements?”
Boards are also focused on risk, Gunderson
says, “not just from a check-the-box perspec-
tive” but from a strategic perspective. “Risk
can be a competitive weapon—much like
brakes on a car—in that good risk management
allows an organization to be more confident—
to go faster and be more nimble,” he adds.
“Aligning risk with strategy has been crucial;
work still needs to be done, but it’s moving in
the right direction.”
That work is keeping consultants extremely
busy. It is also evolving in new dimensions,
notes John Verver, a former Deloitte principal
who now serves as a strategic advisor to audit
and risk management software company ACL.
“One of the primary concerns in terms of risk
is that ‘you don’t know what you don’t know,’”
Verver explains. “The range of potential risks
that all of these roles [CFO, CCO, CRO, etc.]
face is becoming increasingly overwhelming.
The challenge is to focus on the areas that are
most likely to create major problems, as well as
to be able to detect trends and emerging risks
before they escalate and cause real damage.”
That’s why, Verver and many financial con-
sulting leaders assert, an integrated approach to
managing and assessing risks is so important.
While each functional leader within a company
typically focuses on a different set of risks related to their responsibilities, Verver says “what
matters most is to be able to put a range of risks
into the context of impact upon strategic corpo-
Consulting® APRIL 2015 15
evolved and data has become more prevalent
in the marketplace, we combined several
practice areas (business intelligence, model
risk, data management) into our new Data
Management and Advanced Analytics solution.
To this team, we have added predictive
analytics reflecting clients’ desire to do more
than know what has happened but to be able
to look ahead and predict behavior and events.
We believe we are the first firm to combine
such capabilities under one leader.
Finally, given the heavy bent on compliance
related matters, it’s important, we believe,
to have experts from multiple perspectives.
We’ve built what we refer to as a “50/50”
model of capabilities —if you take a snapshot
of our practice, you will find about 50 percent
of our people are home-grown traditional
consultants, and the other 50 percent
represent experienced hires from industry,
including former regulators and professionals
of other backgrounds. This allows us to bring
solutions that are practical, implementable
and achievable as our team has “been
the client” while ensuring a professional
CONSULTING: How do you expect financial
consulting to evolve over the next few years?
Gunderson: We expect more engagements
like “agile compliance”—reengineering
risk and compliance functions to be more
effective while being more efficient. This
is key to a sustainable business model for
risk and compliance functions. We also
expect “emerging risk” to be an ongoing
area of interest -building capabilities to
identify, monitor and assess emerging risks.
Cybersecurity will continue to be hot, but will
evolve as the world evolves on the digital
front. Marrying technology with process
and people capabilities is crucial to have a
nimble response to emerging threats. Finally,
we expect problems to be more global —not
isolated to a branch or country, but needing
consistent responses to issues that
occur across an organization.