The latest sector report published by Source Information Services (Source) finds that the global market for risk consulting rose by over $1 billion (9%) in 2014 to attain a value of just under $14 billion. Work across the financial services sector dominates the market, accounting for 35% (or $5 billion) of total revenues earned by consultant organisations.
The detailed Source report suggests that although regulation and compliance work has been the driver of most of the growth to date, cyber security is set to have a significant impact in the very near future.
Big Four firms carry out the majority of global risk consulting, accounting for 61%. However, Source warns that they may be set to miss out on the next stage of growth if they don’t react to the growing demand for cyber security expertise.
Source surveyed just over 2,600 senior users and buyers of consulting services in 14 major consulting markets across North America, Europe, the Middle East and Asia Pacific. 56% of respondents work in organisations with more than 1,000 employees (the percentage is higher in mature markets where large corporations are more numerous).
Respondents were distributed across operations, general management, sales and marketing, IT, finance and HR. They represent nine sectors: energy and resources, financial services, healthcare, manufacturing, pharma and biotech, the public sector, retail, the services sector (including transportation and construction) and technology, media and telecoms.
Dr Fiona Czerniawska, founder of Source and author of the new report, told Risk UK: “Big Four firms are not seen by clients to have the specialist expertise required to capitalise on this wave of increased investment in cyber security. These firms now have a limited window of opportunity to either recruit or acquire organisations with these skills. Despite recent growth, the global risk consulting market is at a crossroads. Our research shows that increasing polarisation between ‘low cost’ and ‘high value’ parts of the market will inevitably create new challenges for consulting firms across the board.”
Consulting work focused on regulatory issues
Regulatory-related risk consulting work falls into the low value part of the market. There will be exceptions – for instance a new regulation, focus or issue – but, by and large, this work is familiar to clients. As a result, those clients turn to consultants for cost-effective support when they cannot handle the workload themselves.
While Source’s research suggests that the management activity and investment is fairly evenly split between compliance and more strategic work, the clients questioned said that they were more likely to rely on consulting support for the latter.
By contrast, cyber risk falls into the high value end of the market. Source’s research explains that cyber is relatively new territory for most organisations, and success here is going to depend on consultant firms’ depth of expertise rather than the number of people they can deploy.
The consulting market for cyber risk is smaller than that for regulatory-related work, but Source’s evidence suggests that this is going to grow more quickly. Not necessarily because organisations are doing more, but rather because they’re more reliant on consultants to help them.
Risk-related initiatives on the rise
The proportion of organisations (most of which are very large and international) that say they either already have existing risk-related initiatives and/or are planning new ones has been rising steadily.
Two years ago, over two thirds (68%) of organisations said this was the case, the majority of which were in the financial services sector. The equivalent figure today is 85%, a proportion that Source states is now fairly consistent across all industries.
The increasing number of risk-related initiatives has led to a dramatic rise in the use of consultants. The Source report states that, in 2013, just 27% of organisations said that their investment in risk-related areas would drive up their use of consultants. Today, that figure has almost doubled to 50%.
This trend holds across most parts of the private sector. However, public sector managers are still very much focused on saving money and so are more likely to rely on their own, in-house resources to complete this type of work.
Dr Fiona Czerniawska added: “What all of these developments are pointing to is two distinct markets for risk consulting. There are plenty of firms at the moment that think that it’s possible to play in both, but we suspect they may have to choose.”
The increased scale and scope of this year’s survey creates potential problems in comparing this year’s data with those from 2014. Source’s experience is that there’s not a lot of variation in the way relatively large organisations use consultants, but there are some cases where the sample has had an impact and Source has duly highlighted them.
About Source Information Services
Source Information Services is a provider of information on the market for management consulting. Set up in 2007 and operating from offices in London and Dubai, Source serves both consulting firms and their clients with expert analysis, research and reporting.
Source draws not only on its extensive in-house experience, but also on the breadth of relationships forged with both suppliers and buyers. All of Source’s work is underpinned by the core values of intelligence, integrity, efficiency and transparency.
The business was founded by Fiona Czerniawska and Joy Burnford. Czerniawska is one of the world’s leading experts on the consulting industry having written numerous books on including: The Intelligent Client and The Economist books, Business Consulting: A Guide to How it Works and How to Make it Work and Buying Professional Services.
Joy Burnford was marketing and operations director at the UK Management Consultancies Association between 2003 and 2010. Prior to that, Burnford worked for the PA Consulting Group and has extensive experience of marketing consulting services.