Risk management: PwC’s newest Next platform

In mid-February, TBR met with senior leaders from PwC’s U.S. Cybersecurity, Risk & Regulatory practice, including Vikas Agarwal, the firm’s Financial Crimes Unit leader, and Arlene Laungayan, a director in the firm’s Cyber Risk & Regulatory practice. The PwC team brought TBR up to speed on developments across the firm’s range of offerings, focusing on the Risk Management Portfolio. PwC’s risk management strategy is driven by the firm’s Cyber, Risk & Regulatory leader Sean Joyce and his managing partner John Sabatini under consulting and firm leadership. The following reflects both the mid-February briefing and TBR’s ongoing analysis of PwC within the larger management consulting space.

Risk evolves along with The New Equation

After setting the stage with an update on organizational changes and a description of some recent client engagements, including timely advice provided to clients on the secondary and tertiary effects of economic sanctions imposed against Russia over the invasion of Ukraine, Agarwal commented that while PwC has collaborated closely with the largest technology vendors, the professional services firm does not aim to “be a tech company.” PwC instead aspires to be “the best knowledge company, well equipped to merge knowledge with technology.”

In the context of risk and regulations, PwC is capable of helping clients understand key issues and challenges, develop meaningful content, and deliver services through a solution. Not surprisingly, Agarwal led the discussion with PwC’s The New Equation, and his description of PwC’s value and how it is delivered dovetailed well with both The New Equation and TBR’s evolving view of PwC as a firm. Risk and compliance may be one of the oldest service lines offered by PwC and its Big Four peers, so successfully pulling technology through to the heart of risk offerings requires balancing speed, efficiency and evolving client expectations for the tried-and-true characteristics of risk and compliance (consider that one of The New Equation’s founding principles, according to PwC, is that “when our better selves and the greatest aspects of technology are brought together, there is no opportunity too great for us to achieve.”).

While internal change continues to drive PwC’s evolution, Agarwal and his colleagues did note the importance of changing client demands, particularly as the total number of chief compliance officers has increased in recent years, particularly within the Fortune 500. CEOs and CFOs, in Agarwal’s telling, have become “sick of chasing the issues” and have looked to chief compliance offices to “solve risks in silos, but [to] tell the story at the top [and to] understand and communicate” to the full enterprise the criticality of risk and compliance to the overall business.

Dealing with multiple people within an organization around risk issues could be a winning strategy in two ways. First, the more people and personas PwC interacts with, the more the firm’s value becomes clear to its clients. Conversely, consulting on risk only with a chief compliance officer and a limited risk team potentially places restrictions on PwC’s overall relationship with the client. Second, maturity, with respect to risk, will vary across an organization, providing an opening for PwC to serve clients with appropriate solutions for their needs. Of course, being able to serve multiple stakeholders within a client and at various maturity levels requires a robust set of risk and compliance offerings.

Be bold and get moving: PwC on risk, digital transformation and embracing data

TBR perspective

With risk permeating every business conversation and PwC accelerating investments in digital-related offerings, including PwC Connected Solutions, which sits within its Risk and Regulatory Platform business, the firm has prepared for the next wave of opportunities. Trading on trust remains at the core, especially as the politics of data continue to disrupt PwC and its clients. Becoming customer zero keeps PwC consistent with peers, while pulling in risk differentiates, particularly against non-Big Four competitors. But the firm creates a good use case for embracing digital when it comes to managing risk. PwC’s broad spectrum of capabilities, including digital risk solutions, internal audit support, cyber and privacy advisory, due diligence, and third-party certification, add necessary dimension to its risk practice. They also help PwC protect its spot in the market as the shift to digital operations elevates the strategic importance of risk and compliance functions.

“By rethinking risk, you create confidence at scale”

Across client panels, which featured risk and IT professionals from various industries and countries, similar themes emerged, including the evolution of understanding the value of smart risk-taking (Being a smarter risk taker through digital transformation, a recent PwC paper). Additionally, panelists, attendees, and PwC risk and consulting specialists spoke of the profound shift from managing and containing risk to leveraging risk processes and profiles to build transparency and confidence in an organization and enhancing trust with customers and partners. The similarities among the professionals’ comments created layers of emphasis, particularly around trust and scale.

One client noted, “Companies that know and manage risk smartly, build trust with their customers [and] move faster themselves.” The client explained that risk management enables his company to build trust with customers faster and react to security issues more quickly than competitors. When a futurist spoke about emerging technologies and their impact on future organizations, he peppered his remarks with comments around the ethics of powerful technologies. The underlying questions: “Is the system trustworthy?” and “Can we trust the people [working those systems?]”

Scale risk management across an organization through developing talent

The PwC client who reintroduced PwC’s tagline, “by rethinking risk, you create confidence at scale” succinctly pulled together two recurring thoughts across this year’s Risk Summit: talent and digital transformation. Multiple clients and PwC professionals spoke of the importance of talent. One client stated, “The first priority is to develop talent,” even as they recognized that decreasing budgets for risk management and increasing competition for skilled IT talent resulted in pressure to expand an appreciation for risk more widely across an organization — or essentially to scale risk management practices through education and analytics-based decision making. Not surprisingly, all of these issues and opportunities fall well within the scope of PwC’s expertise.

For the second year in a row, TBR attended PwC’s annual Risk Summit, a client-centric event geared toward sharing lessons learned among client risk professionals and presenting PwC’s thinking on risk and successes to date to the analyst community. This year the summit featured multiple client panels and created a clear picture of issues most prominent in the Risk space.