The consulting industry has enjoyed decades of light regulation, which has sometimes meant a hands-off risk posture inside firms. But as Intapp’s Nigel Riley explores, that’s all changing — and fast.
In an unregulated industry without mandates to collect and manage client data, consulting firms have historically taken a different approach to risk management than their peers in regulated industries like financial services.
Instead of a firmwide approach to risk management, in which firm leaders develop, articulate and enforce a standard process for client and employee onboarding, consulting firms have typically taken a partner-led approach — with senior leaders managing the potential firm risks associated with new engagements and clients inside their particular areas of expertise.
But times are changing.
“It used to be that consulting could fly under the radar, but that is no longer the case,” one general counsel of a global management consulting firm recently told me.
The consulting industry is evolving, with firms getting larger and more complex — whether through organic growth or deliberate acquisition strategies. And the bigger and more diverse a firm gets, the more risk it has to manage within its organization.
Consulting firms’ international growth strategies have also become more complex due to rising geopolitical tensions and increased government sanctions around individuals, companies and countries. While reporting regulations for the consulting industry have not yet been enacted in all jurisdictions, the trend is clear.
Add to that economic volatility, and it’s easy to see why firm leaders are looking to increase the efficiency of their operational processes — including those associated with risk management. For these reasons, savvy consulting firm leaders are taking stock of their risk processes and procedures. And increasingly, they are moving away from their traditional partner-led approach to risk management and toward a firmwide approach.
In my role as general manager for risk & compliance at Intapp, I’ve had the opportunity to speak with hundreds of consulting firm leaders over the years. Over the past few months, our conversations have centered around these four themes:
Growth strategies depend on scalable risk practices
Firm leaders know that to grow, they need to be able to efficiently vet new engagements and clients in a timely fashion so they can ensure that they’re working on engagements that are aligned with the firm’s risk tolerance.
Intake processes that are not robust and that rely on manual processes and searching are time-consuming and error-prone, and they don’t scale well. This dramatically increases the risk of firms engaging in work that poses a risk to the firm as they grow.
Expanding firms will need to move beyond inefficient legacy practices like email-based approval workflows and spreadsheet-based tracking — and toward modern, scalable processes that include automated approvals and clarified roles, responsibilities and next steps.
New business requires new risk processes
As firms grow, risk increases exponentially, with new business lines and geographic expansion adding complexity to existing operating models.
Expanding firms will become increasingly subject to additional local regulations and sanctions requirements. They may also add business lines that present business conflicts or relationship issues with other business lines, requiring careful management. This means that for many firms, the risk processes that got them to their current size will need to be reviewed — and likely fundamentally overhauled — as they continue to expand.
Technical agility is a differentiator
You can only build effective risk processes with the right technology. Specifically, your growing consulting firm needs technology that supports effective client and engagement onboarding, as well as risk processes that underpin firm growth.
To optimize your firm’s technology investments, make sure you’re able to benefit from key product updates delivered in response to changing environments.
- Invest in tools that are flexible and configurable enough to keep delivering value — even as geopolitical, macroeconomic and firm environments evolve.
- Ensure that your software can be effectively updated without significant technical effort in response to acquisitions or changes in firm risk appetite.
- Always run the latest version of your technology.
Efficiency increases effectiveness
Risk processes need to be efficient to be effective. That’s because efficient processes allow firms to more effectively manage risk by getting the right information to the right people at the right time. Benefits include:
- Identifying unresolvable conflicts before significant work begins.
- Discovering minor problems for early intervention before they escalate.
- Setting boundaries of engagement with clients ahead of time, by involving senior leadership — including internal counsel — in early stages.
In today’s economic environment, firms need to do more with less — so enabling efficient risk processes saves firms precious time and money.
Risk management is fast becoming top of mind for forward-thinking consulting firm leaders. They recognize that the right technology, combined with updated risk processes, can help their firms reach their growth and profitability goals, no matter what macro-changes may bring.
This article was first published at InTapp.com. It is republished here with permission.
Nigel Riley is general manager of risk and compliance solutions at Intapp. He is responsible for setting strategy and driving growth for Intapp risk products that address the unique challenges facing financial and professional services firms. Prior to joining Intapp, Riley served as COO of JP Morgan Chase’s global conflicts function, where he led strategic and technology initiatives. 
