Category Archives: Internal Audit

UnitedHealth CEO Sold $5.6 Million in Shares the Same Day as Ransomware Attack

Posted on by Posted in Backdated Documents, Board, Board Chairman, C-Suite, CEO, CFO, Corporate Negligence, Finance Committee, Financial Reporting, Financial Reporting Fraud, Financial Reporting Transparency, Financial Stewardship, Financial Transparency, Internal Audit, Internal Control, Investigation, Leadership Crisis, Leadership Culture, Leadership Ethics, Leadership Intent, Leadership Transparency, Leadership Values, Malfeasance, Negligence, Ransomware Attack, Securities and Exchange Commission (SEC), Untrustworthy Leave a comment
https://healthcareuncovered.substack.com/p/unitedhealth-ceo-sold-56-million?utm_source=post-email-title&publication_id=255152&post_id=145375065&utm_campaign=email-post-title&isFreemail=true&r=59t65&triedRedirect=true&utm_medium=email

Other senior executives also cashed out as the company faced a $1.6 billion threat that wreaked havoc throughout the health care system.

On February 21, the same day that a ransomware attack began to wreak havoc throughout UnitedHealth Group and the U.S. health care system, five of UnitedHealth’s C-suite executives, including CEO Andrew Witty and the company’s chief legal officer, sold $17.7 million worth of their stock in the company. Witty alone accounted for $5.6 million of those sales.

The company’s stock has not recovered since the ransomware attack and has underperformed the S&P 500 index of major stocks by 8% during that time. In the two weeks following the ransomware attack, the company’s stock slid by 10.4%, wiping out more than $46 billion in market cap and greatly reducing the value of shares held by non-insiders. The slide continued for several weeks. On the day Witty and the other executives sold their shares, the stock price closed at $521.97. By April 12, it had fallen to $439.20.

The ransomware attack is estimated to have cost the insurance giant as much as $1.6 billion in total. Witty would later confirm, during his appearance before the Senate Finance Committee on May 1, that the company paid $22 million in ransom to the hackers

“He (Witty) sold the shares on the same day that he learned of the ransomware attack,” said Richard Painter, a professor at the University of Minnesota School of Law who is also the vice chair of Citizens for Responsibility and Ethics in Washington. “That’s not good. For the SEC to prove a civil case of insider trading they just have to prove that it’s more probable than not that executives acted on inside information. CEOs have got to be a heck of a lot more careful.

You’re the CEO of a company, you should not be buying or selling the stock right in the middle of a material event like a ransomware attack. You’re asking for trouble. You’re going to end up with an SEC investigation. If that goes badly you could end up with a DOJ investigation.” 

How much UnitedHealth’s C-suite executives sold in company stock on February 21, 2024:

Brian Thompson, the CEO of UHG’s insurance arm, sold $1.5 million on the same day. John Rex, then the CFO and now the CFO and president, sold $4.4 million, as did Dirk McMahon, now the former president. Chief Legal Officer Rupert Bondy, who would likely have to have signed off on the sales, sold $750,000. 

HEALTH CARE un-covered is the first media outlet to report these disclosures. 

The ransomware attack was caused at least in part by negligence on UnitedHealth’s part, Witty admitted at the Finance Committee hearing. He acknowledged that the company had failed to use multi-factor authentication — requiring more than just a password to access information — to secure its data. The cyberattack exposed the personal health information of as much as a third of Americans’ health information. 

“This incident and the harm that it caused was, like so many other security breaches, completely preventable and the direct result of corporate negligence,”

Sen. Ron Wyden (D-Ore.) wrote to federal regulators on May 30. “UHG has publicly confirmed that the hackers gained their initial foothold by logging into a remote access server that was not protected with multi-factor authentication (MFA). MFA is an industry-standard cyber defense that protects against hackers who have guessed or stolen a valid username and password for a system.”

UnitedHealth exploited the crisis created by its own negligence to further entrench its position as the largest employer of doctors in the country, acquiring medical practices that were unable to pay their bills due at least in part to the chaos created by the ransomware attack. The American Medical Association is considering legal action against the company for the attack, with a proposal for its House of Delegates conference beginning June 8 stating that “Optum is the largest employer of physicians and has acquired practices when the ransomware disruption made those practices unable to survive without acquisition… Even the practices that survive will have ongoing damages including but not limited to denials related to giving therapy when it was impossible to obtain prior authorization, from using lines of credit and having to pay interest, from having billing departments and others work overtime to submit claims, to losing key employees from inability to make payroll.”

Other well-timed insider stock transactions

In April, Bloomberg reported that in the lead up to the disclosure of an FTC investigation into UnitedHealth’s monopolistic practices, other UnitedHealth insiders, including Chairman Stephen Hemsley, had sold $102 million worth of their shares.

News of that investigation and the stock sales led Sen. Elizabeth Warren (D-Mass.) and other lawmakers to call for an SEC investigation into the trading.

The disclosures revealed here, however, are potentially more incriminating: the executives sold the stock the same day the company became aware of the devastating ransomware attack. When Witty was supposed to be all hands on deck strategizing how to protect health care providers and millions of patients, he spent at least part of his day taking action to preserve his net worth.

EDITOR’S NOTE: 

This is not the first time UnitedHealth executives have engaged in questionable or illegal stock transactions. In 2007, former CEO William McGuire agreed to a record $468 million settlement with the SEC after it was learned that for more than a decade he had engaged in a scheme to inflate the value of his holdings in the company and, consequently, his net worth.

An SEC investigation that year found that over a 12-year period, “McGuire repeatedly caused the company to grant undisclosed, in-the-money stock options to himself and other UnitedHealth officers and employees without recording in the company’s books and disclosing to shareholders material amounts of compensation expenses as required by applicable accounting rules.” In other words, he was back-dating his stock options.

As the SEC explained: 

[F]rom at least 1994 through 2005, McGuire looked back over a window of time and picked grant dates for UnitedHealth options that coincided with dates of historically low quarterly closing prices for the company’s common stock, resulting in grants of in-the-money options.

According to the complaint, McGuire signed and approved backdated documents falsely indicating that the options had actually been granted on these earlier dates when UnitedHealth’s stock price was at or near these low points.

These inaccurate documents caused the company to understate compensation expenses for stock options, and were routinely provided to the company’s external auditors in connection with their audits and reviews of UnitedHealth’s financial statements.

MetroHealth fires CEO over more than $1.9M in unreported bonuses

Posted on by Posted in Board, Board Assessment, Board Chairman, CEO, CEO Retirement, Executive Bonus, Executive Compensation, Fraud and Abuse, Governance, Internal Audit, Internal Control, Investigation, Leadership Transition Leave a comment
https://www.beckershospitalreview.com/hospital-management-administration/metrohealth-fires-ceo-over-more-than-1-9m-in-unreported-bonuses.html?utm_medium=email&utm_content=newsletter

The board of trustees at Cleveland-based MetroHealth System has fired President and CEO Akram Boutros, MD.

Dr. Boutros was fired Nov. 21 after the board received findings of a probe into compensation issues involving more than $1.9 million in supplemental bonuses, Vanessa Whiting, chair of the board, said in a statement posted on the health system’s website. The probe found that between 2018 and 2022, Dr. Boutros authorized the compensation for himself, without disclosure to the board.

“We have taken these actions mindfully and deliberately but with sadness and disappointment,” Ms. Whiting said. “We all recognize the wonderful things Dr. Boutros has done for our hospital and for the community. However, we know of no organization permitting its CEO to self-evaluate and determine their entitlement to an additional bonus and at what amount, as Dr. Boutros has done.”

Dr. Boutros took the helm of MetroHealth in 2013. Last year, Dr. Boutros announced his plans to retire at the end of 2022. In September, MetroHealth named Airica Steed, EdD, RN, its next president and CEO. Dr. Steed, who is executive vice president and system COO of Sinai Chicago Health System, will take the helm of MetroHealth Dec. 5, according to Ms. Whiting’s statement. Meanwhile, Nabil Chehade, MD, executive vice president and chief clinical transformation officer at MetroHealth, will assume the CEO’s duties on an interim basis.

Ms. Whiting said MetroHealth discovered the compensation issues related to Dr. Boutros while preparing for the CEO transition, and an internal investigation took place, led by the Tucker Ellis law firm.

She said Dr. Boutros admitted to conducting self-assessments of his performance under specific metrics he established and authorizing payment to himself of more than $1.9 million in supplemental bonuses between 2018 and 2022.

According to Ms. Whiting, Dr. Boutros repaid more than $2.1 million in October, representing the supplemental bonus money paid without board approval for performance in calendar years 2017 through 2021, plus more than $124,000 in interest.

She said the board has also implemented immediate CEO spending and hiring limitations through Dec. 31, 2022, and Dr. Boutros has self-reported to the Ohio Ethics Commission.

MetroHealth’s internal investigation is ongoing.

Among Dr. Boutros’ accomplishments at MetroHealth were helping annual revenue increase from $785 million to more than $1.5 billion; growing the health system’s workforce from 6,200 to nearly 8,000 while seeing employee minimum wage increase to $15 per hour; and developing Ohio’s only Ebola treatment center.

Fired Mercyhealth exec sentenced for wire fraud, tax evasion

Posted on by Posted in Dept of Justice (DOJ), Fraud, Fraud and Abuse, Health System, Hospital, Hospital Industry, Internal Audit, Internal Control, Kickbacks, Prison, Prison Sentence, Supply Chain Leave a comment
https://www.beckershospitalreview.com/legal-regulatory-issues/fired-mercyhealth-exec-sentenced-for-wire-fraud-tax-evasion.html?utm_medium=email&utm_content=newsletter

A former vice president of Janesville, Wis.-based Mercyhealth was sentenced to 3 ½ years in prison May 4 for wire fraud and tax evasion in relation to a $3.1 million kickback scheme, according to the U.S Justice Department.

Barbara Bortner, 57, Mercyhealth’s former vice president of marketing and public relations, pleaded guilty to the scheme in October 2021. 

Ms. Bortner was charged in September 2021. She admitted getting kickbacks from Ryan Weckerly, owner of a marketing agency hired by the health system, from 2015 to 2020.

Prosecutors said Ms. Bortner and Mr. Weckerly created a scheme in which Mr. Weckerly’s marketing agency, Morningstar Media Group, inflated invoices sent to Ms. Bortner for marketing work he did for Mercyhealth. In exchange, Ms. Bortner receive kickbacks from the funds received.

Prosecutors also said Ms. Bortner agreed to maintain Morningstar Media as its primary marketing group in exchange for the kickbacks.

Mr. Weckerly pleaded guilty in November 2021 and will be sentenced May 17.

Mercyhealth fired Ms. Bortner in August 2021, weeks before the charges were filed against her. Mercyhealth said the fraud didn’t affect patient care.

Healthcare hacking on the rise

Posted on by Posted in Cybersecurity, Data Breaches, Data Privacy, Data Security, Health System, HIPAA, Hospital, Hospital Industry, Information Security, Information Technology, Internal Audit, Internal Control, Legacy Technology, Privacy, Rev Cycle Management, Revenue Cycle, Risk Management, Risk Mitigation Leave a comment

https://mailchi.mp/ef14a7cfd8ed/the-weekly-gist-august-6-2021?e=d1e747d2d8

From the largest global meat producer to a major gas pipeline company, cyberattacks have been on the rise everywhere—and with copious amounts of valuable patient data, healthcare organizations have become a prime target.

The graphic above outlines the recent wave of data attacks plaguing the sector. Healthcare data breaches reached an all-time high in 2020, and hacking is now the most common type of breach, tripling from 2018 to 2020. This year is already on pace to break last year’s record, with nearly a third more data breaches during the first half of the year, compared to the same period last year.

Recovering from ransomware attacks is expensive for any business, but healthcare organizations have the highest average recovery costs, driven by the “life and death” nature of healthcare data, and need to quickly restore patient records. A single healthcare record can command up to $250 on the black market, 50 times as much as a credit card, the next highest-value record. Healthcare organizations are also slower to identify and contain data breaches, further driving up recovery costs.

A new report from Fitch Ratings finds cyberattacks may soon threaten hospitals’ bottom lines, especially if they affect a hospital’s ability to bill patients when systems become locked or financial records are compromised. The rise in healthcare hacking is shining a light on many health systems’ lax cybersecurity systems, and use of outdated technology.

And as virtual delivery solutions expand, health systems must double down on performing continuous risk assessments to keep valuable data assets safe and avoid disruptions to care delivery.

As fraud rises, CFOs must approach numbers skeptically, report finds

Posted on by Posted in Asset Impairment, Audit Committee, Auditor External, Auditor Internal, CEO, CFO, Checks and Balances, Financial Reporting Fraud, Financial Reserve Manipulation, Financial Statement Fraud, Financial Stewardship, Financial Transparency, Financially Distressed, Fraud Deterrent and Detection, Fraud Triangle, Improper Revenue Recognition, Internal Audit, Internal Control, Inventory Manipulation, Manipulation of Debt Compliance Covenants, Opportunity, Over/Understating Accounting Estimates, Pandemic, Pressure, Professional Skepticism, Rationalization, Revenue Fabrication, Revenue Manipulation, Understate of Accounts Receivable Reserves, Unrecognized Inventory Impairments Leave a comment

https://www.cfodive.com/news/Center-Audit-Quality-financial-reporting-fraud/593123/

Executives might be committed to accuracy, but middle managers and others throughout the organization must be on board, too.

The pandemic is increasing financial reporting fraud, putting the onus on CFOs to create an organization-wide system that prevents wrongdoing, a coalition of auditing and other oversight groups said in a report released today.

Financial statement fraud in public companies is real and that risk has only increased during the Covid-19 pandemic,” said Julie Bell Lindsay, executive director of the Center for Audit Quality, one of four groups to release the report.

To help ensure the integrity of their company’s financial reporting, CFOs can’t rely on external auditors as their bulwark against fraud; they must weave protection into the fabric of the organization and exercise the same skepticism toward numbers auditors are trained to do.

“The strongest fraud deterrent and detection program requires extreme diligence from all participants in the financial reporting system,” Lindsay said. “Certainly, you have internal and external auditors, but you also have regulators, audit committees and, especially, public company management.”

Heightened stress

The report looks at SEC enforcement data from 2014 to 2019, a period of relative calm Linsday said can help set a baseline for assessing how much in pandemic-caused fraud regulators will find when they do their post-crisis analysis.

“The timing of this report is really a great way to … remind all the folks in the financial reporting ecosystem that … the pressures for fraud to happen are strong right now,” she said. 

Improper revenue recognition comprises about 40% of wrongdoing in financial reporting, more than any other type, a finding that tracks an SEC analysis released last August. 

Companies tend to manipulate revenue in four ways:

  1. The timing of recognition
  2. The value applied
  3. The source
  4. The percentage of contract completion claimed

The report singles out revenue-recognition manipulation by OCZ Technology Group, a solid-state drive manufacturer that went bankrupt in 2013, as a typical case.

The company had to restate its revenues by more than $100 million after it was caught mis-characterizing sales discounts as marketing expenses, shipping more goods to a large customer than it could be expected to sell, and withholding information on product returns.

The CEO was charged with fraud and the CFO with accounting, disclosure, and internal accounting controls failures.

The report lists three other common types of fraudmanipulation of financial reserves, manipulation of inventories, and improper calculation of impairment.

Reserve issues involve how, and when, balances are changed, and how expenses are classified; inventory issues involve the amounts that are listed and how much sales cost; and impairment issues involve the timing and accuracy of the calculation. 

Increase expected

More of these kinds of problems will likely be found to be happening because of the pandemic, the report said. 

“This is where all of this comes to a head,” Lindsay said. “You certainly can see pressure, because some companies are struggling right now and there can be pressure to meet numbers, analysts expectations.”

The pressure finance professionals face is part of what the report calls a “fraud triangle,” a convergence of three factors that can lead to fraud: pressure, opportunity and rationalization.

In the context of the pandemic, pressure comes as companies struggle with big drops in revenue; opportunity arises as employees work remotely; and the rationalization for fraud is reinforced by the unprecedented challenges people are facing. 

“It could be anything,” said Lindsay. “‘My wife just lost her job, so I need to make up for it.'”

The report lists fraud types that analysts expect are rising because of the pandemic:

  • Fabrication of revenue to offset losses.
  • Understatement of accounts receivable reserves as customers delay payments. 
  • Manipulation of compliance with debt covenants. 
  • Unrecognized inventory impairments.
  • Over- or understated accounting estimates to meet projection.

About a dozen types in all are listed. 

“Past crises have proven that at any time of large-scale disruption or stress on an economy or industry, companies should be prepared for the possibility of increased fraud.” the report said. 

Lindsay stressed three lessons she’d like to see CFOs take away from the report.

First, the potential for fraud in their companies shouldn’t be an afterthought. Second, protection against it is management’s responsibility but there’s also a role for company’s audit committee, its internal auditors and it’s external auditors. Third, CFOs and the finance executives they work with, including at the middle management level, must bring that same skepticism toward the numbers that auditors are trained to bring.

“Professional skepticism is a core competency of the external auditor and, quite frankly, the internal auditor,” she said. “Management and committee members are not necessarily trained on what it is, but it doesn’t mean you shouldn’t be exercising skepticism, [which is] asking questions about the numbers that are being reported. Is this exactly what happened? Do we have weaknesses? Do we have areas of positivity? It’s really about drilling down and having a dialogue and not just taking the numbers at face value.”

In addition to the Center for Audit Quality, Mitigating the Risks of Common Fraud Schemes: Insights From SEC Enforcement Actions was prepared by Financial Executives International, The Institute of Internal Auditors and the National Association of Corporate Directors.

Beaumont victimized by medical equipment thieves, feds say

Posted on by Posted in Conspiracy, Fraud, Fraud and Abuse, Health System, Hospital, Hospital Industry, Indictment, Internal Audit, Internal Control, Lawsuit, Supply Chain, Theft, Thief, Wire Fraud Leave a comment

https://www.detroitnews.com/story/news/local/michigan/2021/01/14/beaumont-victimized-medical-equipment-thieves-feds-say/6655265002/

The indictment describes an inside job involving Beaumont employees who sold stolen sponges, adhesives and instruments used to inspect eyes and ears. The equipment included cystoscopes, a thin tube with a camera that is inserted through the urethra and into the bladder.

“Some of the medical devices stolen and re-sold over the Internet were possibly contaminated devices that were previously used in various surgical and other medical procedures on patients,” according to the indictment.

The three individuals charged in the indictment are:

  • Paul Purdy, 49, of Bellbrook, Ohio
  • Valdet Seferovic, 32, of Auburn Hills
  • Zafar Khan, 40, of Fenton

Purdy and Seferovic not respond to messages seeking comment Thursday while Harold Gurewitz, a lawyer for Khan, declined comment. The three defendants are scheduled to make initial appearances Jan. 21 in federal court.

“These defendants used their employment status to circumvent the safety protocols established by Beaumont Hospital to profit from the theft of medical devices and put the health and safety of the general public at risk in doing so,” U.S. Attorney Matthew Schneider said in a statement.

The wire fraud and conspiracy charges listed in the 18-count indictment are punishable by up to 20 years in federal prison.

Beaumont officials have cooperated fully with the investigation, health system spokesman Mark Geary wrote in an email to The Detroit News.

This kind of theft does a disservice to more than just Beaumont — it does a disservice to the community,” Geary wrote. “We have confidence in the legal process and trust a just result will be achieved.”

Purdy and Seferovic were friends who worked at Beaumont and had access to storage areas inside one of the system’s hospitals, prosecutors alleged. The duo gained access to medical supplies and devices, according to the government, and devised a plan to steal the equipment and sell the items throughout the U.S.

Purdy, who worked for Beaumont until resigning in 2017, never told buyers the items were stolen, prosecutors said. After he quit, Purdy recruited Seferovic to continue stealing items from the medical supply, cleaning and disinfecting rooms, according to prosecutors.

“Medical devices that are removed from their rightful place in a hospital or other medical setting put patients’ health at risk by denying them access to needed diagnostic imaging and treatment,” Lynda Burdelik, special agent in charge of the U.S. Food and Drug Administration’s Criminal Investigations field office in Chicago, said in a statement.

Purdy paid Seferovic for stolen items via PayPal and resold the devices on eBay and Amazon, according to the government. On March 28, 2018, the indictment alleges Purdy received a $4,800 wire payment from the sale of two cystoscopes.

That same day, Seferovic received a $2,550 payment via PayPal, according to the government.

In fall 2017, Seferovic also agreed to steal and sell medical devices and supplies to Khan, who owns Wholesale Medical & Surgical Suppliers of America, LLC in Flint, according to the indictment.

Seferovic would transfer stolen supplies to Khan during meetings in metro Detroit, including at a Walmart parking lot, according to the indictment. Khan, in turn, would sell the supplies and devices online at below retail price.

Seferovic’s job duties and status was unclear Thursday.

The investigation and alleged crimes have prompted internal changes at Beaumont.

“…Beaumont has enhanced security protocols and implemented additional checks and balances across the organization to reduce the chances of something like this happening again,” Geary said.

Former Tennessee hospital manager charged with stealing nearly $800K in supplies

Posted on by Posted in Embezzlement, Employee Theft, Health System, Hospital, Hospital Industry, Internal Audit, Internal Control, Inventory, Inventory Control, Supply Chain Leave a comment

https://www.beckershospitalreview.com/supply-chain/former-tennessee-hospital-manager-charged-with-stealing-nearly-800k-in-supplies.html?utm_medium=email

Employee Theft Quotes. QuotesGram

A former worker at Maury Regional Medical Center in Columbia, Tenn., was charged with stealing nearly $800,000 worth of medical supplies from the hospital and selling them online for his personal benefit, Williamson Source reported. 

Former system coordinator Tommy John Riker allegedly stole $798,265 worth of supplies from the hospital between 2017 and 2019. He worked in the hospital’s supply chain department and was responsible for purchasing and managing items in the hospital’s inventory control system.

His job allowed him to steal items from the hospital’s inventory and manipulate the inventory to make it seem the supplies were given to staff, according to investigators from Tennessee’s Comptroller’s Office, the Williamson Source reported. 

The stolen supplies include needles, wound dressings and surgical dressings, according to the comptroller’s report. 

Mr. Riker was indicted on one count of theft over $250,000 and 54 counts of money-laundering.

Read the full article here

Ex-California hospital CFO pleads not guilty to felony charges

Posted on by Posted in Audit, Chief Financial Officer (CFO), Conflicts of Interest, Embezzlement, False Claims Act, Fraud, Fraud and Abuse, Internal Audit, Lawsuit, Personal Gain, Private Inurement Leave a comment

https://www.beckershospitalreview.com/legal-regulatory-issues/ex-california-hospital-cfo-pleads-not-guilty-to-felony-charges.html?utm_medium=email

Binghamton Embezzlement Lawyer | Embezzlement Charges in NY

The former CFO of Health Care Conglomerate Associates pleaded not guilty to charges of embezzlement, conflict of interest and using his official position for personal gain, according to The Sun-Gazette

Alan Germany formerly served as CFO of HCCA, which previously managed Tulare (Calif.) Regional Medical Center. He also served as the acting CFO of Tulare Regional and Inyo Hospital in Lone Pine, Calif. Mr. Germany was one of three HCCA executives indicted Aug. 11. 

Mr. Germany was charged with 11 counts of embezzlement, four counts of conflict of interest, and one count each of using his official position for personal gain and failing to file a statement of economic interest. On Aug. 19, he pleaded not guilty to the charges, according to the report. 

The charges against Mr. Germany include accusations of having hospital staff generate false billing invoices and working with HCCA’s former CEO Yorai “Benny” Benzeevi, MD, to embezzle U.S. Treasury funds meant for hospital districts, according to the report.

If convicted on all charges, Mr. Germany could face more than 10 years in prison, according to the Visalia Times Delta. His next hearing is set for Sept. 30. 

 

 

 

 

The new CFO mandate: Prioritize, transform, repeat

Posted on by Posted in Board Engagement, Capability Building, Cash-Flow Improvements, Change Agent, Changing Responsibilities, Chief Financial Officer (CFO), Corporate Strategy, Data Analytics, Data Integrity, Digitization, Internal Audit, Key Performance Indicators, Performance Baseline, Performance Management, Pricing, Risk Management, Talent Management, Transformation Strategy, Unchanged Persceptions Leave a comment

https://www.mckinsey.com/business-functions/strategy-and-corporate-finance/our-insights/the-new-cfo-mandate-prioritize-transform-repeat

Image result for CFO Expanding Role

Amid a raft of new duties for CFOs, our survey suggests that finance leaders are well positioned to lead the C-suite agenda by championing transformations, digitization, and capability building.
If you wanted to validate the old adage that the only constant in life is change, the results from our newest McKinsey Global Survey suggest you need not look any further than the CFO role.1 In the two years since our previous survey on the topic, CFOs say the number of functions reporting to them has risen from about four to more than six. What’s more, the share of CFOs saying they oversee their companies’ digital activities has doubled during that time. And many finance leaders say they are being asked to resolve issues in areas that are relatively new to them while continuing to mind traditional responsibilities, such as risk management, that remain business priorities.

Responses indicate that the opportunity for CFOs to establish the finance function as both a leading change agent and a source of competitive advantage has never been greater. Yet they also show a clear perception gap that must be bridged if CFOs are to break down silos and foster the collaboration necessary to succeed in a broader role. While CFOs believe they are beginning to create financial value through nontraditional tasks, they also say that a plurality of their time is still devoted to traditional tasks versus newer initiatives. Meanwhile, leaders outside the finance function believe their CFOs are still primarily focused on and create the most value through traditional finance tasks.

How can CFOs parlay their increasing responsibility and traditional finance expertise to resolve these differing points of view and lead substantive change for their companies? The survey results point to three ways that CFOs are uniquely positioned to do so: actively heading up transformations, leading the charge toward digitization, and building the talent and capabilities required to sustain complex transformations within and outside the finance function.

Changing responsibilities, unchanged perceptions

The latest survey results confirm that the CFO’s role is broader and more complex than it was even two years ago. The number of functional areas reporting to CFOs has increased from 4.5 in 2016 to an average of 6.2 today. The most notable increases since the previous survey are changes in the CFO’s responsibilities for board engagement and for digitization (that is, the enablement of business-process automation, cloud computing, data visualization, and advanced analytics). The share of CFOs saying they are responsible for board-engagement activities has increased from 24 percent in 2016 to 42 percent today; for digital activities, the share has doubled.

The most commonly cited activity that reports to the CFO this year is risk management, as it was in 2016. In addition, more than half of respondents say their companies’ CFOs oversee internal-audit processes and corporate strategy. Yet CFOs report that they have spent most of their time—about 60 percent of it, in the past year—on traditional and specialty finance roles, which was also true in the 2016 survey.

Also unchanged are the diverging views, between CFOs and their peers, about where finance leaders create the most value for their companies. Four in ten CFOs say that in the past year, they have created the most value through strategic leadership and performance management—for example, setting incentives linked to the company’s strategy. By contrast, all other respondents tend to believe their CFOs have created the most value by spending time on traditional finance activities (for example, accounting and controlling) and on cost and productivity management across the organization.

Finance leaders also disagree with nonfinance respondents about the CFO’s involvement in strategy decisions. CFOs are more likely than their peers to say they have been involved in a range of strategy-related activities—for instance, setting overall corporate strategy, pricing a company’s products and services, or collaborating with others to devise strategies for digitization, analytics, and talent-management initiatives.

Guiding and sustaining change

Our latest survey, along with previous McKinsey research,2 confirms that large-scale organizational change is ubiquitous: 91 percent of respondents say their organizations have undergone at least one transformation in the past three years.3 The results also suggest that CFOs are already playing an active role in transformations. The CFO is the second-most-common leader, after the CEO, identified as initiating a transformation. Furthermore, 44 percent of CFO respondents say that the leaders of a transformation, whether it takes place within finance or across the organization, report directly to them—and more than half of all respondents say the CFO has been actively involved in developing transformation strategy.

Respondents agree that, during transformations, the CFO’s most common responsibilities are measuring the performance of change initiatives, overseeing margin and cash-flow improvements, and establishing key performance indicators and a performance baseline before the transformation begins. These are the same three activities that respondents identify as being the most valuable actions that CFOs could take in future transformations.

Beyond these three activities, though, respondents are split on the finance chief’s most critical responsibilities in a change effort. CFOs are more likely than peers to say they play a strategic role in transformations: nearly half say they are responsible for setting high-level goals, while only one-third of non-CFOs say their CFOs were involved in objective setting. Additionally, finance leaders are nearly twice as likely as others are to say that CFOs helped design a transformation’s road map.

Other results confirm that finance chiefs have substantial room to grow as change leaders—not only within the finance function but also across their companies. For instance, the responses indicate that half of the transformations initiated by CFOs in recent years were within the finance function, while fewer than one-quarter of respondents say their companies’ CFOs kicked off enterprise-wide transformations.

Leading the charge toward digitization and automation

The results indicate that digitization and strategy making are increasingly important responsibilities for the CFO and that most finance chiefs are involved in informing and guiding the development of corporate strategy. All of this suggests that CFOs are well positioned to lead the way—within their finance functions and even at the organization level—toward greater digitization and automation of processes.

Currently, though, few finance organizations are taking advantage of digitization and automation. Two-thirds of finance respondents say 25 percent or less of their functions’ work has been digitized or automated in the past year, and the adoption of technology tools is low overall.

The survey asked about four digital technologies for the finance function: advanced analytics for finance operations,5 advanced analytics for overall business operations,6 data visualization (used, for instance, to generate user-friendly dynamic dashboards and graphics tailored to internal customer needs), and automation and robotics (for example, to enable planning and budgeting platforms in cloud-based solutions). Yet only one-third of finance respondents say they are using advanced analytics for finance tasks, and just 14 percent report the use of robotics and artificial-intelligence tools, such as robotic process automation (RPA).7 This may be because of what respondents describe as considerable challenges of implementing new technologies. When asked about the biggest obstacles to digitizing or automating finance work, finance respondents most often cite a lack of understanding about where the opportunities are, followed by a lack of financial resources to implement changes and a need for a clear vision for using new technologies; only 3 percent say they face no challenges.

At the finance organizations that have digitized more than one-quarter of their work, respondents report notable gains from the effort. Of these respondents, 70 percent say their organizations have realized modest or substantial returns on investment—much higher than the 38 percent of their peers whose finance functions have digitized less than one-quarter of the work.

Unlocking the power of talent

The survey results also suggest that CFOs have important roles to play in their companies’ talent strategy and capability building. Since the previous survey, the share of respondents saying CFOs spend most of their time on finance capabilities (that is, building the finance talent pipeline and developing financial literacy throughout the organization) has doubled. Respondents are also much more likely than in 2016 to cite capability building as one of the CFO’s most value-adding activities.

Still, relative to their other responsibilities, talent and capabilities don’t rank especially high—and there are opportunities for CFOs to do much more at the company level. Just 16 percent of all respondents (and only 22 percent of CFOs themselves) describe their finance leaders’ role as developing top talent across the company, as opposed to developing talent within business units or helping with talent-related decision making. And only one-quarter of respondents say CFOs have been responsible for capability building during a recent transformation.

But among the highest-performing finance functions, the CFO has a much greater impact. Respondents who rate their finance organization as somewhat or very effective are nearly twice as likely as all others to say their CFOs develop top talent organization-wide (20 percent, compared with 11 percent). Among those reporting a very effective finance function, 38 percent say so.

Looking ahead

It’s clear from the numbers that CFOs face increased workloads and expectations, but they also face increased opportunities. In our experience, a focus on several core principles can help CFOs take advantage of these opportunities and strike the right balance:

  • Make a fundamental shift in how to spend time. To be more effective in their new, ever-expanding roles, CFOs must carefully consider where to spend their time and energy. They should explore new technologies, methodologies, and management approaches that can help them decide how and where to make necessary trade-offs. It’s not enough for them to become only marginally more effective in traditional areas of finance; they must ensure that the finance organization is contributing more and more to the company’s most value-adding activities. It’s especially important, therefore, that CFOs are proactive in looking for ways to enhance processes and operations rather than waiting for turnaround situations or for their IT or marketing colleagues to take the lead.
  • Embrace digital technologies. The results indicate that the CFO’s responsibilities for digital are quickly increasing. We also know from experience that finance organizations are increasingly becoming critical owners of company data—sometimes referred to as the “single source of truth” for their organizations—and, therefore, important enablers of organizational transformations. Finance leaders thus need to take better advantage and ownership of digital technology and the benefits it can bring to their functions and their overall organizations. But they cannot do so in a vacuum. Making even incremental improvements in efficiency using digital technologies (business intelligence and data-visualization tools, among many others) requires organizational will, a significant investment of time and resources, and collaboration with fellow business leaders. So, to start, CFOs should prioritize quick wins while developing long-term plans for how digitization can transform their organizations. They may need to prioritize value-adding activities explicitly and delegate or automate other tasks. But they should always actively promote the successes of the finance organization, with help from senior leadership.
  • Put talent front and center. Since the previous survey, CFOs have already begun to expand their roles and increase their value through capability building and talent development. But the share of CFOs who spend meaningful, valuable time on building capabilities remains small, and the opportunity for further impact is significant. Finance leaders can do more, for instance, by coaching nonfinance managers on finance topics to help foster a culture of transparency, self-sufficiency, and value creation.