- Market services
-
Compliance audits & reviews
Our audit team undertakes the complete range of audits required of Australian accounting laws to help you to help you meet obligations or fulfil best practice procedures.
-
Audit quality
We are fiercely dedicated to quality, use proven and globally tested audit methodologies, and invest in technology and innovation.
-
Financial reporting advisory
Our financial reporting advisory team helps you understand changes in accounting standards, develop strategies and communicate with your stakeholders.
-
Audit advisory
Grant Thornton’s audit advisory team works alongside our clients, providing a full range of reviews and audits required of your business.
-
Corporate tax & advisory
We provide comprehensive corporate tax and advisory service across the full spectrum of the corporate tax process.
-
Private business tax & advisory
We work with private businesses and their leaders on all their business tax and advisory needs.
-
Tax compliance
We work alongside clients to manage all tax compliance needs and identify potential compliance or tax risk issues.
-
Employment tax
We help clients understand and address their employment tax obligations to ensure compliance and optimal tax positioning for their business and employees.
-
International tax
We understand what it means to manage tax issues across multiple jurisdictions, and create effective strategies to address complex challenges.
-
GST, stamp duty & indirect tax
Our deep technical knowledge and practical experience means we can help you manage and minimise the impact of GST and indirect tax, like stamp duty.
-
Tax law
Our team – which includes tax lawyers – helps you understand and implement regulatory requirements for your business.
-
Innovation Incentives
Our national team has extensive experience navigating all aspects of the government grants and research and development tax incentives.
-
Transfer pricing
Transfer pricing is one of the most challenging tax issues. We help clients with all their transfer pricing requirements.
-
Tax digital consulting
We analyse high-volume and unstructured data from multiple sources from our clients to give them actionable insights for complex business problems.
-
Corporate simplification
We provide corporate simplification and managed wind-down advice to help streamline and further improve your business.
-
Superannuation and SMSF
Increasingly, Australians are seeing the benefits, advantages and flexibility of taking control of their own superannuation and retirement planning.
-
Payroll consulting & Award compliance
Many organisations are grappling with a myriad of employee agreements and obligations, resulting in a wide variety of payments to their people.
-
Cyber resilience
The spectrum of cyber risks and threats is now so significant that simply addressing cybersecurity on its own isn’t enough.
-
Internal audit
We provide independent oversight and review of your organisation's control environments to manage key risks, inform good decision-making and improve performance.
-
Financial crime
Our team helps clients navigate and meet their obligations to mitigate crime as well as develop and implement their risk management strategies.
-
Consumer Data Right
Consumer Data Right (CDR) aims to provide Australians with more control over how their data is used and disclosed.
-
Risk management
We enable our clients to achieve their strategic objectives, fulfil their purpose and live their values supported by effective and appropriate risk management.
-
Controls assurance
In Australia, as with other developed economies, regulatory and market expectations regarding corporate transparency continue to increase.
-
Governance
Through fit for purpose governance we enable our clients to make the appropriate decisions on a timely basis.
-
Regulatory compliance
We enable our clients to navigate and meet their regulatory and compliance obligations.
-
Forensic accounting and dispute advisory
Our team advises at all stages of a litigation dispute, taking an independent view while gathering and reviewing evidence and contributing to expert reports.
-
Investigations
Our licensed forensic investigators with domestic and international experience deliver high quality results in the jurisdictions in which you operate.
-
Asset tracing investigations
Our team of specialist forensic accountants and investigators have extensive experience in tracing assets and the flow of funds.
-
Mergers and acquisitions
Our mergers and acquisitions specialists guide you through the whole process to get the deal done and lay the groundwork for long-term success.
-
Acquisition search & strategy
We help clients identify, finance, perform due diligence and execute acquisitions to maximise the growth opportunities of your business.
-
Selling a business
Our M&A team works with clients to achieve a full or partial sale of their business, to ensure achievement of strategic ambitions and optimal outcomes for stakeholders.
-
Operational deal services
Our operational deal services team helps to ensure the greatest possible outcome and value is gained through post merger integration or post acquisition integration.
-
Transaction advisory
Our transaction advisory services support our clients to make informed investment decisions through robust financial due diligence.
-
ESG Due Diligence
As environmental, social, and governance (ESG) considerations become increasingly pivotal for dealmakers in Australia, it is important for investors to feel confident in assessing transactions through an ESG lens.
-
Business valuations
We use our expertise and unique and in-depth methodology to undertake business valuations to help clients meet strategic goals.
-
Tax in mergers & acquisition
We provide expert advice for all M&A taxation aspects to ensure you meet all obligations and are optimally positioned.
-
Corporate finance
We provide effective and strategic corporate finance services across all stages of investments and transactions so clients can better manage costs and maximise returns.
-
Debt advisory
We work closely with clients and lenders to provide holistic debt advisory services so you can raise or manage existing debt to meet your strategic goals.
-
Working capital optimisation
Our proven methodology identifies opportunities to improve your processes and optimise working capital, and we work with to implement changes and monitor their effectiveness.
-
Capital markets
Our team has significant experience in capital markets and helps across every phase of the IPO process.
-
Debt and project finance raising
Backed by our experience accessing full range of available funding types, we work with clients to develop and implement capital raising strategies.
-
Private equity
We provide advice in accessing private equity capital.
-
Financial modelling
Our financial modelling advisory team provides strategic, economic, financial and valuation advice for project types and sizes.
-
Payments advisory
We provide merchants-focused payments advice on all aspects of payment processes and technologies.
-
Voluntary administration & DOCA
We help businesses considering or in voluntary administration to achieve best possible outcomes.
-
Corporate insolvency & liquidation
We help clients facing corporate insolvency to undertake the liquidation process to achieve a fair and orderly company wind up.
-
Complex and international insolvency
As corporate finance specialists, Grant Thornton can help you with raising equity, listings, corporate structuring and compliance.
-
Safe Harbour advisory
Our Safe Harbour Advisory helps directors address requirements for Safe Harbour protection and business turnaround.
-
Bankruptcy and personal insolvency
We help clients make informed choices around bankruptcy and personal insolvency to ensure the best personal and stakeholder outcome.
-
Creditor advisory services
Our credit advisory services team works provides clients with credit management assistance and credit advice to recapture otherwise lost value.
-
Small business restructuring process
We provide expert advice and guidance for businesses that may need to enter or are currently in small business restructuring process.
-
Asset tracing investigations
Our team of specialist forensic accountants and investigators have extensive experience in tracing assets and the flow of funds.
-
Independent business reviews
Does your company need a health check? Grant Thornton’s expert team can help you get to the heart of your issues to drive sustainable growth.
-
Commercial performance
We help clients improve commercial performance, profitability and address challenges after internal or external triggers require a major business model shift.
-
Safe Harbour advisory
Our Safe Harbour advisory helps directors address requirements for Safe Harbour protection and business turnaround.
-
Corporate simplification
We provide corporate simplification and managed wind-down advice to help streamline and further improve your business.
-
Director advisory services
We provide strategic director advisory services in times of business distress to help directors navigate issues and protect their company and themselves from liability.
-
Debt advisory
We work closely with clients and lenders to provide holistic debt advisory services so you can raise or manage existing debt to meet your strategic goals.
-
Business planning & strategy
Our clients can access business planning and strategy advice through our value add business strategy sessions.
-
Private business company secretarial services
We provide company secretarial services and expert advice for private businesses on all company secretarial matters.
-
Outsourced accounting services
We act as a third-party partner to international businesses looking to invest in Australia on your day-to-day finance and accounting needs.
-
Superannuation and SMSF
We provide SMSF advisory services across all aspects of superannuation and associated tax laws to help you protect and grow your wealth.
-
Management reporting
We help you build comprehensive management reporting so that you have key insights as your business grows and changes.
-
Financial reporting
We help with all financial reporting needs, including set up, scaling up, spotting issues and improving efficiency.
-
Forecasting & budgeting
We help you build and maintain a business forecasting and budgeting model for ongoing insights about your business.
-
ATO audit support
Our team of experts provide ATO audit support across the whole process to ensure ATO requirements are met.
-
Family business consulting
Our family business consulting team works with family businesses on running their businesses for continued future success.
-
Private business taxation and structuring
We help private business leaders efficiently structure their organisation for optimal operation and tax compliance.
-
Outsourced CFO services
Our outsourced CFO services provide a full suite of CFO, tax and finance services and advice to help clients manage risk, optimise operations and grow.
-
ESG & sustainability reporting
There is a growing demand for organisations to provide transparency on their commitment to sustainability and disclosure of the nonfinancial impacts of their business activities. Commonly, the responsibility for sustainability and ESG reporting is landing with CFOs and finance teams, requiring a reassessment of a range of reporting processes and controls.
-
ESG & sustainability advisory
With the ESG and sustainability landscape continuing to evolve, we are focussed on helping your business to understand what ESG and sustainability represents and the opportunities and challenges it can provide.
-
ESG, sustainability and climate reporting assurance
As the demand for organisations to prepare information in relation to ESG & sustainability continues to increase, through changes in regulatory requirements or stakeholder expectations, there is a growing need for assurance over the information prepared.
-
ESG Due Diligence
As environmental, social, and governance (ESG) considerations become increasingly pivotal for dealmakers in Australia, it is important for investors to feel confident in assessing transactions through an ESG lens.
-
Management consulting
Our management consulting services team helps you to plan and implement the right strategy to deliver sustainable growth.
-
Financial consulting
We provide financial consulting services to keep your business running so you focus on your clients and reaching strategic goals.
-
China practice
The investment opportunities between Australia and China are well established yet, in recent years, have also diversified.
-
Japan practice
The trading partnership between Japan and Australia is long-standing and increasingly important to both countries’ economies.
-
India practice
It’s an exciting time for Indian and Australian businesses looking to each jurisdiction as part of their growth ambitions.
-
Singapore practice
Our Singapore Practice works alongside Singaporean companies to achieve growth through investment and market expansion into Australia.
-
Vietnam practice
Investment and business opportunities in Vietnam are expanding rapidly, driven by new markets, diverse industries, and Vietnam's growing role in export manufacturing, foreign investment, and strong domestic demand.
-
Client Alert Government Grants in FY25As we embark on a new financial year, it’s crucial to take a strategic approach to understanding the government grants landscape.
-
Client Alert Consultation on foreign resident CGT rules commencesTreasury is taking steps to ensure fairer tax treatment for foreign resident investors by tightening Australia's foreign resident Capital Gains Tax (CGT) regime. Proposed changes aim to broaden the CGT base and enhance integrity, impacting infrastructure, energy, agriculture, and more.
-
Insight Australian wine export strategies post-China tariff removalFollowing the recent removal of tariffs on Australian wine by China, the industry is keen to rebuild relations and explore the right export markets. This presents Australian wine producers with a chance to reassess their position in the global market.
-
Insight Cultivating innovation: A guide to claiming the R&D Tax Incentive in the Agribusiness sectorTo facilitate continued innovation in the Agribusiness sector, the Federal Government’s Research and Development Tax Incentive supports companies to undertake research and development activities that meet the eligibility criteria.
-
Renewable Energy
Transformation through energy transition
-
Flexibility & benefits
The compelling client experience we’re passionate about creating at Grant Thornton can only be achieved through our people. We’ll encourage you to influence how, when and where you work, and take control of your time.
-
Your career development
At Grant Thornton, we strive to create a culture of continuous learning and growth. Throughout every stage of your career, you’ll to be encouraged and supported to seize opportunities and reach your full potential.
-
Diversity & inclusion
To be able to reach your remarkable, we understand that you need to feel connected and respected as your authentic self – so we listen and strive for deeper understanding of what belonging means.
-
In the community
We’re passionate about making a difference in our communities. Through our sustainability and community engagement initiatives, we aim to contribute to society by creating lasting benefits that empower others to thrive.
-
Graduate opportunities
As a new graduate, we aim to provide you more than just your ‘traditional’ graduate program; instead we kick start your career as an Associate and support you to turn theory into practice.
-
Vacation program
Our vacation experience program will give you the opportunity to begin your career well before you finish your degree.
-
The application process
Applying is simple! Find out more about each stage of the recruitment process here.
-
FAQs
Got questions about applying? Explore frequently asked questions about our early careers programs.
-
Our services lines
Learn about our services at Grant Thornton
-
Current opportunities
Current opportunities
-
Remarkable people
Our team members share their remarkable career journeys and experiences of working at Grant Thornton.
-
Working at Grant Thornton
Explore our culture, benefits and ways we support you in your career.
-
Current opportunities
Positions available.
-
Contact us
Get in touch
Welcome to the second in our series of CPS 230 technical guides. In the discussion paper that accompanied the issue of the draft CPS 230, APRA set out its three key objectives – the first of which is to “strengthen operational risk management”.
In this guide we provide an overview of some elements necessary to achieve strong operational risk management and why it is the foundation of operational resilience.
“Managing operational risk can be complex because its decentralised”.
What is operational risk and why is managing it important?
APRA defines operational risk as “risks that may result from inadequate or failed processes or systems, the actions or inactions of people or external drivers and events”.
One of the most common ways of managing operational risk is through a system of effective internal controls. Control failures however can lead to events as varied as mis-selling, data breaches and underpayments – hence, APRA’s focus on strengthening operational risk management.
It is not possible for an entity to maximise its operational resilience without effectively managing its operational risk.
What makes effective operational risk management so difficult and who owns it?
Financial risks such as credit, insurance or market risks are generally managed on a centralised basis within defined strategies and limits. APRA notes that “operational risk is inherent in all products, activities, processes and systems” and therefore, it is not possible to adopt the same centralised model of risk management.
CPS 230 states that:
- Senior management within the business are responsible for the ownership and management of operational risk across an entity’s end to end processes
- The board is ultimately accountable for the oversight of operational risk management and is expected to ensure that senior management effectively implements and maintains the framework
This approach aligns with the three lines model of risk management that form the basis for the approach to risk management as set out in CPS 220.
To be the most effective, operational risk should be managed where it occurs and therefore is largely the responsibility of business lines or Line 1. As such, management of operational risk is “de-centralised”, making activities such as controls assurance, Line 2 oversight and dashboard-style reporting critically important to drive consistency and effectiveness across the organisation and to enable the Board to have oversight of any processes, systems or parts of the organisation that may not be operationally resilient.
What are APRA’s expectations regarding internal controls?
APRA expects that entities “should maintain internal controls to detect and manage operational risks within appetite”. This includes the following components:
- Process maps: A clear understanding of the end-to-end processes underpinning critical operations
- Risk profile: An entity can identify its obligations, risks, required controls and necessary monitoring mechanisms - supported by:
- Risk and controls register
- Obligations register
- Controls assurance framework
- Breach and incident process: Shortcomings and weaknesses identified in relation to internal controls need to be rectified in a timely manner
It’s important these components operate as a framework and not in isolation – the framework should guide the required considerations and be kept up to date.
Effective operational risk management is dependent upon linkages being made based upon the information derived from the different components of the framework so that the appropriate decisions can be made.
What are the elements for effective operational risk management?
Based upon our experience in supporting our clients to implement and refresh their enterprise risk management and operational risk management frameworks or responding to APRA requirements and recommendations regarding these, following are some of the elements that we consider to be fundamental to the effective management of operational risk. These should also assist in overcoming some of the complexity arising from the decentralised nature of operational risk.
Investing in an appropriate Management Information Systems (MIS)
To support managing operational risk where it occurs – in the business – Line 1 needs the capacity to maintain their own operational risk profile. This includes recording and managing incidents and maintaining an internal controls assurance program. Once an entity is of sufficient size, investing in an MIS may not only streamline risk management but improve its consistency. Line 2 maintaining risk registers and profiles in spreadsheets will no longer be sustainable.
An MIS enables linkages to be made that support a more accurate assessment of residual risk and the level of operational risk carried by the entity. Risk dashboards can also be automatically generated that enables more insightful analysis to be provided to the Board.
Adopting a concise risk taxonomy
We often come across entities that have too many risks in their profile relative to the size, complexity, and nature of their business. Without a clear risk taxonomy, the number of risks may become unmanageable making it difficult to undertake meaningful analysis and impair the understanding of key risks.
Identifying operational risks and understanding and treating operational vulnerabilities is a critical ingredient for operational resilience.
A risk taxonomy should generally consist of two levels:
- Level 1: Material risk categories – refer paragraph 26 of CPS 220 – Operational risk is a material risk category
- Level 2: Risk events – it may not be necessary to further break down all material risk categories into risk event sub-categories however it is necessary for operational risk because it is so broad. Commonly used operational risk event categories include:
- Internal fraud
- External fraud
- Employment practices and workplace safety
- Clients, products, and business practice
- Damage to physical assets
- Business disruption and system failures
- Execution, delivery, and process management
- Utilising operational risk event categories streamlines the identification of operational risks, enables the root cause of incidents to be identified and analysed and allows more meaningful analysis of operational risks.
Controls assurance is a lead indicator of operational risk
Our clients will often ask us for suggestions of lead indicators for operational risk. The best lead indicator of operational risk are controls assurance results because they not only provide evidence of the adequacy of controls over material risks but also information about control weaknesses to enable improvements to be made.
When instances of control ineffectiveness are identified, they not only need to be rectified but consideration given to whether the level of residual risk has increased. This situation may only be temporary until such time that remediation actions are completed.
The value of root cause analysis
Root cause analysis may assist entities to understand why something went wrong and prevent its reoccurrence. It can also assist entities to better understand what is working well and how this can be extrapolated across other processes or functions.
Better practice is to require root cause analysis as part of an entities’ situation (formerly breach and incident) process. Without understanding the root cause, remediation may be incomplete or address only the symptoms rather than the root cause.
At its simplest, root cause analysis may just involve solving “the 5 whys”. Root cause analysis is also a useful tool when analysing disputes and complaints to determine whether there are systemic issues that may give rise to customer detriment.
Many entities leverage third party and related service providers as part of their operating model. Whilst outsourcing can increase the level of operational risk, it may also mitigate it. Replacing CPS 231: Outsourcing with CPS 230 is acknowledgement that using service providers is an established and integral part of service delivery.
Our next technical guide will provide an overview of third-party service provider management.