June 4, 2025
Welcome to another edition of what Do Consultants Do?
Today we’re going to talk about the exciting topic of regulatory compliance.
The Three-Step Process
First, we start with the three-step process:
- Step 1: Company makes a mistake
- Step 2: Regulatory body says going forward please do XYZ
- Step 3: Consultants are brought in to help enable XYZ and/or verify that it happened
Regulatory programs are less resistant to economic headwinds and discretionary spending, so they end up being a pretty stable corner of consulting revenue for many firms.
Understanding Consent Decrees
Let’s pretend you are a large tech company that did a poor job of handling user data.
After many years and many lawsuits, you reach a settlement with regulators, often known as a consent decree.
A consent decree is essentially an agreement to uphold certain standards or change practices.
But because you did a poor job of handling this data in the past, you need a third party to come in to make sure you are meeting those standards.
That’s where consultants come in.
The Consultant’s Role
Consultants come in to make sure the new consent decree is followed, meaning you’re hitting a certain standard, or you’re upholding certain thresholds.
And confirming that these standards have been met is a primary job of consultants on this engagement.
So you make a mistake as a company, and you bring in a consultant to make sure you’re meeting the new standards that you are required to uphold based on the consent decree.
Conclusion
The regulatory compliance model shows how companies’ past mistakes create ongoing consulting opportunities through mandated oversight requirements.