Podcast | Transform: Assessing CFO and finance leader perspectives and priorities for the coming year – with Chris Wright and Nick Puetz

Kevin Donahue: A look at the top priorities for CFOs and finance leaders in the coming year, among them security and privacy of data, financial and strategic planning and analysis, leadership, and enhanced data analytics, reveals a tale of transformation for CFOs whose responsibilities continue to widen.

This is Kevin Donahue, a senior director with Protiviti, welcoming you to a new edition of Powerful Insights. Protiviti just conducted its latest Global Finance Trends Survey and is covering the results in our new report, Transform: Assessing CFO and Finance Leader Perspectives and Priorities for the Coming Year. I recently spoke with Protiviti Managing Directors Chris Wright and Nick Puetz about some of the key findings and trends revealed in our results. Chris is the global leader of Protiviti’s Business Performance Improvement solution, and Nick leads Protiviti’s Cyber Strategy and Transformation practice. Nick, thanks for joining us today.

Nick Puetz: Thanks for having me.

Kevin Donahue: And Chris, great to speak with you as well, as always.

Chris Wright: It’s good to be back with you, Kevin.

Kevin Donahue: Chris, let me ask you our first question. I want to talk about AI. It remains one of today’s hottest business topics. Relative to other finance areas. AI, including generative AI, does not sit high on the list of our priorities identified in our survey, but we found that one in three finance organisations currently employs generative AI. How are CFOs and finance leaders using AI today, and how do they envision its use evolving in the coming years?

Chris Wright: It’s interesting with regard to AI. While it was not at the top of the priorities for finance executives, it was on the list, and at one-third adoption. That’s a pretty good representation of the state of affairs regarding AI as it relates to adoption versus interest.

What we find when we present on this topic to CFOs is that while about a third of them, even with a show of hands in a smaller group, will say they’ve started using it, everyone’s interested in it. Everyone’s talking about it. They’re all curious. Some are concerned about it. Depending on their level in the organisation, will it affect their job positively or negatively, or will their job cease to exist because AI takes their place?

But the leaders in the organisations are generally looking to generative AI for FP&A, and budgeting and forecasting and predictive capabilities and the ability to gather data and information for compliance, for filling in forms, something as simple and mundane as that. They’re using diagnostic AI to look at expense reduction. And even within their own organisation and within our survey, organisational issues did rank high as well. AI as a work effort, as something for the newer generations of the workforce to do to make them feel as much like data scientists as accountants and keep them in the finance organisation to maintain the interest of their employees and keep the job and the function up-to-date and more interesting to the newer generations that are entering the workforce now.

Kevin Donahue: Thanks, Chris. I have a feeling we’re going to circle back to a few more things around AI as we talk today. Nick, I wanted to talk to you about our top priority identified in our survey: the security and privacy of data overall. CFOs and finance leaders specifically called out that area, and they did not call out one of the core areas of finance and accounting as the top priority, which is interesting. What do you see as some of the factors contributing to this high priority ranking?

Nick Puetz: It surprised me as well. I would have expected something else to be toward the top of the list. But a couple of things are pushing this up in the minds of our financial leadership out there. Regulation — capital-R regulation — continues to be a big one. Regulation is nothing new. But we are seeing new versions of regulation coming out that have more specific cyber-oriented requirements built into them.

Take, for example, that NYDFS released a new version here recently. There’s a high degree of precision within that in terms of the requirements organisations need to have in place. With that, you are getting the attention of senior leadership because it’s regulatory-oriented, and if you can’t meet those regulations, it’s going to have an adverse impact on your ability to do business in those markets or across certain types of industries.

But there’s also a financial impact in terms of the investment that needs to be made just to continue to enhance the cybersecurity programme itself. The most top-of-mind regulation, mostly because it went across all industries, was the new amendments that came out via the SEC late last year. While there’s not the degree of precision or the volume of requirements that came with it, it got everyone’s attention. Now, we’re having all these discussions about, what does materiality mean in the eyes of the business?

Certainly, the first place people start looking with regard to materiality is, if something bad happens, what’s the financial impact? The CFO is going to automatically get pulled into those discussions. For any publicly traded company or any company that’s regulated by the SEC, there are now new responsibilities for financial services companies and organisations like that — probably not anything that’s different from what they’ve already been doing for a number of decades now, but for companies that haven’t traditionally invested as much in cybersecurity, this is now pushing them in some new directions, and that gets them out of their comfort zone.

The last thing — and this is, again, a nod to the materiality side of things — is the concept of resilience and that concept being born out of all things ransomware. Ransomware is the big, scary bogeyman around the corner in cybersecurity right now. It’s a highly effective method of not only crippling a business but also quickly generating some cash flow for the bad guys in the interim. That is obviously going to involve your financial leaders like the CFO and others if and when that were to hit your organisation. When you start to put all those things into the same pot, I understand why it’s got the attention of CFOs and other financial leaders at organisations.

Kevin Donahue: What are some of the ways in which CFOs and their teams can partner with CISOs and other IT and security leaders to ensure that the organisation’s data is safe from cyber threats?

Nick Puetz: It’s not always what I would call a natural alignment, at least traditionally speaking. In some instances, it’s even adversarial in nature. That’s changing, and it’s time for it to change. Two big opportunities that come top of mind are on what I call the coaching front and the business-alignment front.
On the coaching side of things, when a CISO leans in or comes to ask for support or perspective, the CFO can go even further and be proactive in reaching out to them. The CFO has an understanding of the business of what shareholders and the board are expecting. They’re going to bring a perspective to the table that is valuable to some of the decisions the CISO is trying to make and how they’re trying to support the business. Ask questions, offer support, be a coach to them, and that will help create that ability for one executive to be a successful shepherd for another executive, especially rising executives in the organisation, especially in front of senior leadership and the board.

It’s an important time because when you look at business as a whole, the digitisation of business and revenue streams is at an all-time high. As we continue to see expansion there, there’s going to be a need to wrap cybersecurity around those from a resiliency perspective, which I mentioned before, and again, we talked about some of the material aspects the regulators are pushing on. There’s a more natural partnership to be had, certainly from a CFO perspective. They’re the master of all budgets in an organisation.

On the budget front, we want CFOs to hold CISOs accountable in a manner that CISOs need to show and demonstrate that the value of the investment they’re making is there and that it’s in alignment with where the organisation is going. But the CFO can also be a supporting mechanism to help shepherd them through budgeting processes or how to be successful in asking for additional funds and things like that. Those are all opportunities for an enhanced partnership when you look at the CISO and the CFO.

CFOs have a good understanding of risk. And when we talk about cybersecurity programmes, that North Star is what we call a business-aligned cybersecurity programme. What does it mean to be business-aligned? There are a lot of different opinions on that, but I always point to making sure we’ve got alignment on risk across the organisation, because a cyber programme is there to make sure we’re able to hit our regulatory requirements to help manage and reduce risk across the organisation and illuminate it on some fronts and, in those rare instances, be a business enabler in some ways as revenue streams are being digitised and things like that.

Being able to have a healthy relationship with the CFO is going to put us in a position to better understand risk across the business and how we’re merging those traditional revenue streams with new revenue streams and what that does to our overall risk profile and making sure we’ve got alignment with regard to risk appetite, risk tolerance, things like that. That is one of the key areas where we see big disconnects and gaps between what the CISO thinks and what the senior leadership team and the CFO typically think — some ideas on how those groups can come together and be champions of and partners with each other.

Kevin Donahue: Thanks, Nick. Chris, let’s pivot and talk about financial planning and analysis, or FP&A. Financial-planning, profitability-analysis reporting, ranks as the second-highest finance priority in our study, just below security and privacy of data — barely below that. Why is this the case? I expect it has something to do with FP&A responsibilities spreading throughout the enterprise so they’re not just a finance issue, but also something all business owners have to take on.

Chris Wright: It’s an issue of high rank this year. It was last year. When you take together a number of questions we asked in the area in our prior-year survey, our respondents represented a global audience, about half public, half private. There’s no reason, from any of the demographics, why it would be as high as it is, other than the fact that FP&A is a ubiquitous activity for the finance function. It’s forecasting. It’s analysis. It’s helping the business use data to come up with the kind of information that allows the finance leaders and other leaders to manage the business.

And as you suggested, FP&A is increasingly involving more users. There are more people requesting the information, and more participants. It’s not just the finance function coming up with all the numbers: They’re working with logistics, they’re working with sales, they’re working with HR, they’re working with technology — both the technology a company might sell if it’s in the business, and with IT, which processes the company’s own technology and information. More users, more participants and a greater frequency of the need for analysis.

We saw that during the pandemic as companies had to reforecast regularly for bad news, or for news that might have been bad or for the impact of events that were beyond their control in the earlier part of this decade. Fast-forward to the last year or so — inflation, and it goes up, it goes down, interest rates up and down. Any of those factors that have changed have required regular reforecast. The increased frequency of FP&A, and then, of course, all the technology, all the tools, AI being an entrant into one of the data points that can be used in FP&A, all point toward more activity.

This is one area where there is a direct hit. FP&A is the finance function’s job, but they are coordinating a greater audience, both from a user perspective and from a participant and data-source perspective, in addition to some of the nonfinancial planning and analysis, because the finance function is increasingly viewed as the stewards of the data, particularly in a public company, where there are two people signing a filing — a chief executive officer and a chief financial officer. It’s pretty clear who will be responsible for the data. They are increasingly responsible for non-GAAP FP&A, for nonfinancial FP&A — the P&A that’s not financial.

And they’re being asked to up their game. As they optimise their capabilities in FP&A, they’ve achieved the status of being BP&A — business planning and analysis — and focusing on higher-level activities that allow them to be analysts of data as opposed to the creators of data. All of that, taken together, makes that answer not surprising.

And I echo what Nick had to say about cyber between the regulations for public companies, and the companies that do business with public companies, because everybody’s part of that food chain of information — the use of materiality, where the finance function is quite comfortable, and often the people who crunch the numbers on what is material or can help guide people to what should be considered material. Then, also, regarding the more mundane aspects of ransomware, the finance function has to come up with the money to pay it in a situation where there has been a problem.

All that is supportive of, in the FP&A area and in the tech area, the finance function being a part of more discussions — by the way, without taking anything else off their plate, so everything’s on, and there’s nothing that comes off. It’s incremental effort, and that requires them to use different tools and technologies because they don’t have infinite budgets, so they’re expected to do more with the same — not necessarily more with less, but more with the same — so they’re looking to FP&A in other areas, and using AI in FP&A as a means to lighten the load and increase their ability to analyse data, rather than spend their time gathering it and collecting it and then curating it.

Kevin Donahue: Chris, my next question is around technology enablement. This is another area that permeates the top finance priorities identified in our study, from process improvements and enhanced data analytics to use of cloud-based applications. Can you speak about the relationship between tech enablement and modernisation and cost optimisation?

Chris Wright: There are some direct relationships between the two. We also found that our survey respondents — those that had used AI, for example — indicated they had saved either money or time in doing so, and time being money, in all cases, they’d save some money. Break it down for a finance and accounting operation: How does it help their own team? New or upgraded ERPs and related supporting systems that are fit for purpose are going to make their lives easier. The ability to analyse data as they are expected to produce GAAP (financial) and non-GAAP (nonfinancial) data allows them to spend their time more analytically and less in the gathering and preparation of data as they do more with the same. Again, not necessarily more with less — maybe more with a little more, but more likely, doing more with the same.

For their own team, it’s a way to do the work and achieve the goals they have to have more interesting jobs and to provide better data on a more timely basis to their internal customers. For the organisation, it is just a major source of spend. To the extent you can modernise, upgrade, make more rational your technology usage, you’re making better use of your technology spend and you’re either saving money or redeploying it to the type of technology, similar to what Nick talked about, that allows you to get into better markets, into more products and services, and focus on revenue generation as much as saving on spend so you can not only save money by using fewer systems or using them more efficiently but also by creating earnings by redirecting that funding to marketing or to enabling things that generate revenue.

It can be looked at in both senses, but it’s fairly obvious that if you’re able to automate a process, you can either save the money you were spending on the manual process or redirect it to other, more valuable efforts. You can use that as the baseline assumption and take it from there. IT rationalisation, IT modernisation, automation, better analytics — all that not only supports the finance organisation but allows them to monitor and manage to spend elsewhere in the organisation as they not only produce the data but also try to influence the outcome.

Kevin Donahue: Thanks, Chris. I will cite that one statistic about AI here: We learned that 21% of organisations say they have achieved valuable cost and efficiency benefits and improved their finance projects through the use of AI and machine learning, so this is already making a big difference.

I’ll remind our listeners that our full report on the results of our latest Global Finance Trends Survey, Transform: Assessing CFO and Finance Leader Perspectives and Priorities for the Coming Year, is available on the Protiviti website.

Chris and Nick, thanks. This has been a great conversation. I have one final question I’ll ask both of you. From data governance and management to technology enablement and the use of AI, how do you see the finance organisation evolving over the next five years?

Nick Puetz: I liked a lot of Chris’s perspectives. AI is everywhere right now. It interested me to hear that a third was the number. I guess the number is way higher than that, and they don’t even realise that it’s AI they’re dealing with, or some earlier version of generative AI. It’s a lot more prevalent in enterprises than people realise. We’re going to continue to see a push on this front because all the tier-one partners for these organisations are diving headfirst into this as a solution on multiple fronts.

Look at the investment: There’s been nearly a trillion dollars in AI infrastructure built out in a very short amount of time. That infrastructure needs to start making money in some way, so you’re going to see a continued push on the AI front.

We talked earlier about the regulatory landscape. That is not going anywhere. It’s going to continue to be a lot more challenging because you’re taking regulations that in some instances were written well before some of the new technologies were launched are now being wrapped around those technologies, and it’s very square peg, round hole. You get some interesting interpretations what these regulations mean across some of these newly digitised environments and these new technology environments. That’s something that’s going to be top of mind for financial leaders.

But most importantly is, with any type of tech-driven disruption or technology-driven opportunity, it’s all going to come back to, how is this impacting our revenues, our margins, our shareholder value, and how are we able to seize some of these new tools and capabilities to continue moving those goals in the right direction while trying to maintain acceptable cost-containment measures and everything that comes with that? We’re still trying to generate revenue in a profitable way and, for publicly traded companies, keep our shareholders happy. It’s new tools and tricks and things we’re using to bring that to life these days. I wouldn’t say there’s a lot that’s changing at the most macro levels — it’s how we’re getting there that is going to require a lot of focus and some creative thought.

Chris Wright: A lot of what we see as emerging now in five years will be business as usual. In fact, it’s quite possible that what’s new now will be business as usual to the extent that it may not even be on the list of concerns or priorities, because it’s just part of what everybody does every day. If you think about the number of people who will answer the question about whether they’re using AI — to Nick’s point, that they know of — that’s probably going to be 100%. When people realise you can save, as the 21% of our respondents who said they had saved money using things like that, everyone else is going to want in on that.

The finance organisations will have to react to that. They’ll be upskilling. We see a lot of interests there — and let’s use AI as an example: The more senior members of the workforce now who may not know a lot about AI will be employing new entrants into the workforce who do, who will not know necessarily because they don’t have the experience, what they’re supposed to do with data like that. There’ll be a partnership among the workforce generations around who’s setting the context but also around who’s able to process the information using the new technology.

What you’ll see is finance organisations that are as focused as ever, if not more so, on how to deal with knowledge transfer and knowledge sharing and upskilling across the finance organisation on matters such as that that are emerging. You’ll have people who are not only accountants but also those who view themselves as data scientists, or both.

Kevin Donahue: I want to thank Chris and Nick for joining me today for this informative discussion on the views of CFOs and finance leaders around the world. A number of things really stood out to me. Number one, the use of AI is on the rise — not surprising, but it’s definitely making its mark on finance organisations and will continue to do so in the months and years to come. Cybersecurity considerations remain huge, both from protecting data and the new reporting requirements that have emerged over the last year or two. As Chris noted, we have this “and” dynamic: CFOs and finance leaders don’t have other things coming off their plate. New responsibilities, new projects keep coming to them, requiring stronger management expertise and bringing in the right skills and resources to support their finance organisation and the entire business.

Again, our report, Transform: Assessing CFO and Finance Leader Perspectives and Priorities for the Coming Year, can be found on our Protiviti website, and you can do a deep dive into the global results of this informative study. Lastly, I encourage you to please subscribe to our Powerful Insights podcast series and to review us wherever you get your podcast content.