Consulting is an industry where the biggest firms tend to steal the headlines, but this year’s leader in operational risk management is not part of the so-called ‘Big Four’. Parker Fitzgerald, a mid-sized British consulting firm, saw off competition from larger rivals after judges praised its expertise and industry influence.
“Our firm is led by senior practitioners with real depth of experience in banking, capital markets and other financial institutions,” says chief operating officer Dan Torjussen-Proctor. “That means we are able to partner with our clients and really get under the skin of the issues. It also means we know how to get stuff done in complex organisations. That’s our story in a nutshell.”
The story convinced this year’s judges. “For a boutique consultancy, they have achieved considerable expertise in their chosen field and have done well against the bigger consultants,” one judge said after considering the entries. Another thought Parker Fitzgerald combined a strong offering with reasonable pricing: “Focused risk expertise with a flatter structure gave the impression of quality delivery at more competitive price points.”
A third judge attributed Parker Fitzgerald’s progress to its wide network and an ability to strike strong partnerships. “They have been able to establish such a clear presence in a market dominated by the Big Four firms.” The firm’s smaller size compared to bigger industry names was also mentioned in favourable terms. “By operating a scalable model, they are quickly able to enter new areas and provide real value.”
Parker Fitzgerald’s work in operational risk management is typically divided into two parts: regulatory implementation and compliance; and targeted interventions designed to make existing systems more resilient and reduce their cost.
The case studies submitted in support of its entry gave a flavour of how its approach to operational risk worked in practice. “We have pioneered the use of data-driven predictive analytics to proactively manage technology risk and improve operational resilience,” the firm said.
It has used software created by Splunk, a San Francisco-based tech firm, to build correlation models designed to help clients manage technology change and operational risks. This process has helped clients identify potential systems outages before they occur.
Parker Fitzgerald’s second example relates to its work helping clients with BCBS 239, a Basel Committee regulation on data aggregation and risk reporting. Most firms depend on shadow IT – for instance, desktop spreadsheet tools – but Parker Fitzgerald believes this heightens uncertainty around the identification and control of ‘hidden’ technology risks. To cut this risk, the firm has built a system that can identify and classify end-user applications and assess whether they should be retained as manual applications or be automated.
Torjussen-Proctor believes Parker Fitzgerald has a real advantage when it comes to operational risk, even though the firm lacks the vast teams deployed by bigger consulting firms.
“With credit risk and market risk there are very well-established methodologies for measuring, mitigating, reporting etc,” he says. “They require standardised approaches and that is where more traditional consulting firms can do well. Operational risk is different. Our view is that you can use the established methodologies in op risk, but it actually has some very different dynamics.”
He continues: “You need new and much more forward-looking methodologies to truly understand and then report operational risk. That is where we have an advantage.”
Torjussen-Proctor says operational risk is “absolutely a growing priority” for all the chief risk officers his firm works with. But advances in technology – and the associated cyber threats – are an increasingly important factor. Not by chance was cyber risk a key theme in Parker Fitzgerald’s submission for the award.
“There is a growing case for technology risk to be considered as a risk in and of itself and we think cyber will soon follow,” he says. “In a sense there is a risk that tech risk and cyber risk under the operational risk umbrella do not get the attention they deserve. We think that tech and cyber risk carry systemic risk to financial stability.”
The firm has been working with banks to protect them from cyber threats. “Banks, we believe, are particularly vulnerable due to their interconnectivity and the value of their data and assets,” says Torjussen-Proctor. “Cross-industry collaboration is important, collaboration and information sharing between banks even more so. We see a need for industry utilities in this space working in collaboration with the regulator.”
Parker Fitzgerald is a strategic partner to regulatory bodies including the Bank of England and its industry engagement was praised by judges, one of whom highlighted a “strong affiliation with industry groups and risk organisations”. The firm has a “strong thought leadership at a senior level,” another said.
Developing a strong and clear industry voice has been a deliberate strategy, says Torjussen-Proctor. “For a mid-sized consulting firm we disproportionately invest in thought leadership, in relationships with regulators and central banks and with key industry bodies.”