A seasoned financial leader with more than 28 years of experience, John Leese brings a naturally analytical mind and big-picture focus to his role as Chief Financial Officer at CloudPay. His breadth of experience in all aspects of finance, as well as procurement, operations, legal, compliance, and HR shaped his approach to strategy and management—and prepared him well for the challenging world of global payroll. Here, he explains why wisdom is the key to unlocking the potential of payroll data, why embedding requirements within your business is the only way to achieve compliance, and much more.
David Barak: Let’s begin with a thorny question: should payroll report to HR or Finance?
John Leese: I think that actually depends upon the nature of the business you’re in—how data-driven that business is, how payroll data is used, and also how automated the payroll process is. If yours is a relatively data-driven business with automated payroll processes, it naturally sits within HR, because they’re not having to review tax rates or perhaps perform calculations, for example. It’s less finance-oriented.
If your payroll is in-house, if it is small and more manual, if there’s no HCM system, it makes sense for payroll to sit in Finance. It will require more financial knowledge and decision-making than would otherwise be the case. So it depends on the situation you’re in and the business you’re working in.
I think you’ll always have Finance review and approval of payroll, but that’s really just one aspect of it. HR also manages benefits and other key aspects of payroll, so it just sits naturally in HR unless it’s not automated and therefore really requires Finance to manage it.
DB: How data-driven have you seen payroll be, and how analytical does the finance function get around payroll data?
JL: There are multiple levels at which payroll data can be viewed. Firstly, I'm interested in pay per person, because that’s a key matrix when considering the profitability and scalability of a business. It is actually really important to know the in-depth detail of how much each person costs, what country they’re in, which cost center they’re in. That’s key to calculating such things as customer acquisition costs and the cost to serve.
When you look at it from an analytic perspective, payroll is a key source of data. For the majority of companies around the world, payroll represents a significant, if not the most significant, cost to the business, so Finance will always be massively interested and involved in it. I mean that more from a purchasing, forecasting, and strategic perspective as opposed to a day-to-day perspective, which belongs to HR.
When I’m approving payroll, I don’t just check the numbers. I actually look at the payroll and ask, “What’s the total value, what’s the ratio of basic pay, tax rates to benefits, and those kinds of things?” The payroll run itself is a very mechanical process, and I trust that process, so I actually look at it at a very high level as opposed to a micro level. The analysis of data at that level is very important.
DB: When you’re taking that high-level, macro view of payroll data, how do you decide which KPIs to look at?
JL: What I always try to figure out is how to apply wisdom to the data. There's no point in having data unless there's an ability to actually interpret it and use it appropriately and apply wisdom to it.
At the end of the day, if you have the micro data, the very detailed data like how much is paid per person, all you need to think about is which KPIs that information feeds into? For example, what I'm really interested in is the cost to serve. What's my individual customer profitability? What is the utilization of my teams? What is the cost of selling? Things like that.
The benefit lies in how I take the data and KPIs and apply it to other datasets so that I can understand the efficiency and effectiveness of the resources that I'm employing.
DB: From your conversations with CFOs of multinational organizations as well as from your own experience, what are the things that keep you up at night around payroll or data?
JL: My primary concern around employee payroll and data is whether my data is secure. I think of compliance aspects, IT security, data protection, and you’re always aware that there are lots of fines involved.
What’s also interesting from a payroll perspective is actually where my people are located. Looking ahead one year, two years, three years—which is Brexit—I wonder if I have people in the right places. Am I going to have visa issues? Am I actually no longer going to be able to have foreign workers based in the UK because I can’t get visas for them?
That can be quite interesting as you’re going forward, especially from an international business perspective because you rely on experts traveling around the world. Visas are a concern with current political changes and the uncertain landscape global businesses now find themselves in. Resource planning is very important, including the allocation of those resources. For example, am I making the best use of my dollars by using lower cost locations?
DB: You’ve named a number of things that would keep you up as a CFO. Focusing on the first concern around data security, how can a multinational CFO gain control over that worry?
JL: The way I have approached it is the same way I approach finance controls and policies, in that I don’t want to be a policeman. I have to embed compliance across the business, as opposed to having a compliance team doing all compliance for the business.
In other words, when we launch a new product, I want to make sure that the security is built into that product at the outset. I’ll have a head of security involved in designing that product and reviewing that product. I’ll have a data protection expert looking at what data goes into that particular product, how it’s used, and where protections are needed. By taking this approach, the product requirements are scoped right from the start to take into account compliance and security requirements.
I think that’s the way you can be comfortable that you’ve met the requirements and things are under control, because everybody is living and breathing it, and knows it’s a requirement. It’s just embedded, it’s there the whole time, as opposed to an internal auditor who comes along every 12 months and tells you how you’ve been doing something wrong for the last 12 months, which means you’ve been exposed for 12 months.
What I’ve also done here is try to build a management framework within our compliance team such that those people who have deep expertise in things like data protection, security, or financial regulations have direct access to the leadership team. A head of compliance sets more of the scope around compliance needs, and that control can sometimes insulates the business somewhat to the requirements for compliance. That leadership ends up doing the compliance, as opposed to the head of security or the head of service delivery or the head of finance.
You end up naturally delegating and expecting that head of compliance to manage the requirements. That’s how we’ve changed our approach at CloudPay: by ensuring compliance is built into the business, we’re set up to meet and manage those requirements.
DB: Would you recommend that approach for our customers and other multinational companies seeking greater control over their data security?
I think the embedding approach is key, particularly with international business because there’s no way you can police a business that size. You have to be secure in knowing that the policies, the procedures, and the technology are fit for purpose as opposed to policing them. The flip side to that is that you must have an ability to review and to report. Having a review process is key as well to make sure things are working correctly. For example, you must make sure you do penetration tests on your security and do all the right things around certifications. And you need to have proper monitoring and auditing. But absolutely the key is embedding it in the business.
DB: How would you say the role of a CFO has changed in recent years?
JL: Now there’s a much more visible distinction between what I would call a traditional finance director and a CFO. To my mind, a finance director is an individual who’s doing the bookkeeping, who’s doing the monthly accounts, the statutory reporting, and those kinds of things. Their responsibilities are probably restricted to finance.
I think the expectation today for a CFO is much broader. They are not just looking at finance: they’re looking at other aspects of the business and are expected to have a much more visible and commercial role. That includes things like bringing wisdom to data and using interpretation of the numbers to influence and drive strategy, as opposed to just providing a spreadsheet to the CEO.
There's a much higher-profile role for CFOs today. You want to reach a place of being the trusted advisor to the CEO. You want to be the right-hand man or woman. You can't do that unless you are secure in the numbers you're producing and you've got wider strategic influence across the business.
DB: Looking ahead to some more changes, GDPR is right around the corner. How do you foresee GDPR and regulatory changes across other regions impacting the financial operations of multinational organizations?
JL: An interesting thing about GDPR is that all the headlines are around the penalties you can have and the resulting fines. For a business in managed services, that translates into concern around what my responsibility is to my customers now. What’s my responsibility to my customers’ data as a data processor?
As far as preparedness is concerned, I think what it does is focus the mind around the need to have things like risk registers around data, to have a road map towards GDPR, and things like that. The language of GDPR actually requires the embedding of those policies and procedures within the business, as opposed to it just being a compliance team that polices GDPR. That’s a major task for many companies.
I think also businesses are waking up to international data flows, and specifically the requirements that GDPR places upon European businesses when transferring data around the world, be it with the US or other regions. Companies must become much more conscious of the data protection facilities, policies, and procedures of the places they're sending data too.
DB: What would you say to the assertion that compliance isn’t a pain, it’s the vehicle for innovation?
JL: I think that's a really interesting way of putting it because one of the great things it makes you think about is standardization and robustness of policies and procedures. It helps people realize that if they had better policies and procedures, if they had better automation, if they had more integrated systems, that they could better manage their risk around data protection and, secondly, make themselves more efficient and effective. They begin to see how they can remove mundane tasks from their resources and do more interesting things with their people.
It is a catalyst for people to be able to focus their minds on the introduction of technology and the introduction of better, more robust processes and procedures, if those things aren't already in place. For example, it’s a motivation for people to map out their quote to cash process or their service delivery process, and think about introducing more robust policies and procedures, so that they don't have to deal with audit issues every year—which in itself is more of a pain than actually putting right the process and procedures they have in place.
DB: Speaking of auditors, if you can think back to your auditing days, what would be an important feature or aspect for a global payroll solution to have today?
JL: The most important advantage for auditors would be a technology platform that automatically gives you a footprint of the activities that have happened within the payroll and allows you to demonstrate the approvals, the disapprovals, and the changes that have been made to payroll, do comparisons of this week versus last week, and all those kinds of things. It's the workflow that's important, and the footprints that get left throughout the workflow.
Secondly, when I used to audit, we examined payroll by doing analytical reviews as opposed to looking at the process. Using the analytics, I could do global tests or global reviews of payroll to make sure it made sense and look for patterns, as well as review the workflow and ensure whether the right approvals had been made or not.
DB: Why should or shouldn’t organizations outsource their global payroll?
JL: In all my experience, I’ve only ever had payroll in-house once. Generally it’s outsourced. Larger multinational organizations might still process payroll in-house within their own country, but certainly across other locations, it’s more likely than not that payroll will be outsourced.
A large reason for this is that processing payroll is complicated. It requires lots of filings and has lots of regulations associated with it. Regardless of the size of an organization, outsourcing global payroll allows resources to be used more efficiently and effectively. Particularly when you consider the differing requirements across countries, changing regulations, data protection concerns, and things like that, it’s more effective to use a resource dedicated to knowing and managing all those requirements—rather than expect an in-house professional to be on top of it. And because you're sharing the same resource as a number of other organizations, it becomes more cost-effective.
DB: Is there any technology coming to global payroll or finance that you are looking forward to as a Finance executive?
JL: What I’m really getting interested in is the digitization of analog processes—digital business modeling tools that allow you to link different databases. Rather than introducing an ERP system, for example, I can introduce a modeling tool that allows me to link together my payroll from provider A, my finance system which is B, and my CRM system which is C in a seamless way, and still maintain the best of breed databases or software or processes.
So rather than using manual processes between different sources of data or introducing another new system, these modeling tools tie the data together while digitizing the processes among them. I see it kind of like a single reporting tool across multiple databases, or a single processing tool across multiple databases, and that’s quite interesting to me.
DB: John, this has been an excellent conversation, thank you. I just have one final question: why do you love working in global payroll?
JL: The best thing about global payroll is that it is a really challenging environment, especially around international payroll. You have hundreds of countries around the world with different regulations you have to cope with. One country requires you to go to the tax office with a piece of paper, another country allows you to do online filing—coping with that myriad of different ways of doing things and providing one single solution for all of it is hugely challenging. It's just interesting to do those things. That's why the industry is fun.