Congress Sniffing Around Botched McKinsey Studies Depicted as Impairing Intelligence Agencies

Posted on by

After a series of scandals, yet more of McKinsey’s dirty laundry is getting aired. It’s bad enough that, to name a few of the rash of well-deserved critical stories, that the storied consulting firm is implicated in criminal fraud in South Africa, or that its work for the Saudi government resulted in the persecution of Twitter dissidents that McKinsey identified, or that a contract in Mongolia served as a vehicle for three officials to take illegal payments.

But with the US intelligence apparatus, McKinsey looks to have committed a cardinal sin: doing work that was so shoddy that not only is the client complaining about it, but it can actually show that the engagement did harm.

Mind you, it’s not as if poor quality consulting studies are unusual. Consulting often winds up being a lot like therapy, so the hired guns may not be providing the greatest advice, but the client executives come to rely on them anyhow, turing the advisors into enablers. As one fellow McKinsey consultant observed, “The problem with consulting is you are hired by the problem” and “The most profitable clients are the most diseased.”

So it is not at all good to see McKinsey take organizations that are pretty competent, namely the CIA, NSA, and other intelligence, and make them worse off. From Politico:

For the past four years, the powerhouse firm McKinsey and Co., has helped restructure the country’s spying bureaucracy, aiming to improve response time and smooth communication.

Instead, according to nearly a dozen current and former officials who either witnessed the restructuring firsthand or are familiar with the project, the multimillion dollar overhaul has left many within the country’s intelligence agencies demoralized and less effective.

These insiders said the efforts have hindered decision-making at key agencies — including the CIA, National Security Agency and the Office of the Director of National Intelligence.

They said McKinsey helped complicate a well-established linear chain of command, slowing down projects and turnaround time, and applied cookie-cutter solutions to agencies with unique cultures. In the process, numerous employees have become dismayed, saying the efforts have at best been a waste of money and, at worst, made their jobs more difficult. It’s unclear how much McKinsey was paid in that stretch, but according to news reports and people familiar with the effort, the total exceeded $10 million.

In each case, bureaucratic changes that slow response time or hamper intelligence collection capabilities could cause the loss of company secrets, private government data, the democratic process and even American lives. Already, some projects at the NSA have been cut or delayed as a result of disgruntled employees leaving the agency.

Let’s stop here. $10+ million, for a project that spanned four years? That’s couch lint. It’s been well over a decade, maybe even two decades, that McKinsey would not get out of bed for at least a million in fees. And that million would buy you a three to four month engagement.

In other words, if the firm was working regularly with the spy services over four years (as opposed to in fits and starts), the burn rate looks to be close to the bare minimum needed to hold McKinsey’s attention. Thus if you know the firm’s billing practices, it comes off as amusing that there are also complaints about the lack of competitive bidding. In fact, McKinsey may have cut the intelligence agencies a price break as a concession so as not to be subject to the indignity of a competitive process. But getting McKinsey at a bargain price is no bargain. The article describes how McKinsey went “seamlessly” from agency to agency, with no bidding each time, even when there wasn’t even a clear need for its services:

A lot of people at the agencies involved think McKinsey dialed in its work:

“At CIA, they shattered longstanding structural constructs that people had invested their whole careers in,” said Larry Pfeiffer, a 32-year intelligence veteran who now serves as the director of the Michael V. Hayden Center for Intelligence, Policy and International Security at George Mason University. It resulted in “a coordination nightmare” widely considered to be “very heavy-handed,” added Pfeiffer, who left government before the restructuring but remains in close contact with current officials.

Pfeiffer said he doesn’t know “a soul at CIA or NSA who would tell you that the reorganizations have made things better.”

“That’s exactly what happened,” a former CIA operations officer said…the former senior intelligence official who witnessed CIA’s reorganization said McKinsey “usually comes in with a goddamned formula.”

“They claim to customize, but they don’t,” the former official said. “They are extremely formulaic. You can tell that they’re following a script.”

Indeed, reading between the lines of the article, McKinsey appears to have installed “mission centers” at each agency. That does sound like McKinsey was force-fitting at least some of its recommendations.

One failed initiative, launched by the NSA in 2016, was to combine offensive and defensive cyberthreat teams. Politico reports that the project “muddled” focus and stalled other efforts to increase efficiency. The new NSA director is unwinding some of the McKinsey changes. Even though the CIA is apparently not happy with the McKinsey work, Gina Haspel isn’t about to reverse it any time soon so as not to give the organization whiplash. Similarly:

One person who witnessed the changes at ODNI said “there’s a lot of people inside these organizations asking, ‘Why did we need to hire a consulting firm to conduct a reorganization when there was no problem to solve?’”

Now admittedly the Politico piece also includes some sources claiming McKinsey didn’t do much, that officials at various agencies were leading these projects. But this is classic McKinsey. The firm only gives advice and does not do implementation. You wouldn’t expect McKinsey employees to be visible save to the top brass and to the “client team” of mid and lower level staffers tasked to work with the consultants.

Politico says the House Intelligence Committee is looking into complaints about the studies. Pass the popcorn.

Print Friendly, PDF & Email


  1. Mark

    This sounds like a win for everyone. At least some money was rerouted to civilians even if it is via McKinsey, criminal organisations like CIA or NSA produce less ‘output’, talented people return to a decent life instead of wasting away in secret agencies, and McKinsey’s reputation is damaged hopefully preventing some engagements with clients that are actually productive.
    What’s not to like?

    1. Sushi

      Side effects include consultants with security clearances (!?!) and the inevitable revolving door. You can see how that unfolds.

      Hey, Mac, instead of toiling away underappreciated at [redacted], why not put your experience to more lucrative use with us where you can learn to leverage and connect in ways that you weren’t allowed to Inside. Did I mention the travel and per diem limits get waived?

      But enough Bitching, Complaining and Griping about the Bain of their existence, LOL.

  2. PlutoniumKun

    Sounds very sloppy and odd from all angles. I can only assume McKinsey would do such a ‘cheap’ job as a loss leader to gain access to a very lucrative world. But if you are going to do that, at least do a good job so you get the follow on contracts. These hearings could well do far more reputational damage than is worth for a $10million job.

    And as for the agencies, anyone with even a modicum of experience of management consultants should know that if you ask them in for a quick overview and assessment, you don’t go implementing their recommendations unless its clearly part of a coherent package – anything else just causes disruption for the sake of disruption. No consultant in history has ever said ‘hey, its all working fine, don’t change anything’

    In my experience with public sector agencies (mostly through a family member who does a lot of consulting work with them, although I’ve had a few direct experiences myself), even those organisations that work well are often under pressure to be seen to enact ‘modern’ management structures, even when they know full well these are often inappropriate for many types of public service. The smarter public service managers go through the motion of getting in consultants and making superficial changes while not interfering too much with processes that already work well. The good consultants understand this. Unfortunately, many buy into the hype of ‘innovation’, ‘smart work’ and end up doing horrendous damage.

    As an aside, a few years ago I was chatting to a public service union representative and the conversation turned to IT upgrades and structural reorganisations. Someone asked her if the Unions oppose these. She just laughed and said the Union was all in favour of them – in their experience the end result was almost always even more staff and mid level managers were required in order to achieve the supposed ‘efficiencies’.

    1. Harrold

      I’m sure that $10 million was a made up public figure.

      The CIA/NSA never releases how it spends its money, but one can assume McKinsey tried to get as much as possible and $10 million does seem very low for a $10 billion a year company with 10,000 employees.

      My math says McKinsey would have only had 10 people on that engagement for that price.

    2. Math is Your Friend

      “at least do a good job so you get the follow on contracts”

      The problem here is knowing what the objectives of the people approving the contracts were.

      It wouldn’t be the first time an executive or manager had personal or ideological goals that did not align perfectly with the ostensible goals of the organization.

      One person’s bad job is another person’s resume enhancer. It’s all how you spin it, and how fast you shift the blame / leave the position.

  3. Conrad

    Since when did the CIA or the NSA merit the rating ‘pretty competent’? Aside from spending vast amounts of public funds and sowing havoc all over the place that is.

    1. JayKay

      I think in this case there is a difference between organizational competency and pursuing constructive policy objectives. In other words, they might do bad things, but they do them in a competent manner.

      1. lordkoos

        The CIA’s competency as far as long-term results is wretched – we’re still living with their screw-ups from decades ago.

    2. Carolinian

      Since when did the CIA or the NSA merit the rating ‘pretty competent’?

      Since never. If McKinsey has been hindering our rogue secret agencies then they may be doing God’s work. Still, it’s only a matter of time before Maddow blames it all on Putin.

  4. Rhondda

    It’s been my experience that a lot of consulting is cynically used and manipulated by leadership as a fig leaf to do something (stupid, nefarious, quasi-legal) they want to do anyway. Then, the outsourcing of blame.

    Not that McKinsey doesn’t deserve a public whuppin’…

    Also, CIA etc competent? Perhaps at the Team B Stove Piping Follies, Dirty Tricks and Smears. They do excel at that. But I’d say recent history demonstrates considerable incompetence with actual intelligence activities.

    1. Synoia

      I’m shocked, shocked that you are implying that consultants tell management what they want to hear. /s

    2. Yves Smith Post author

      WhenI worked at McKinsey, and I was there three plus years in its New York Office, I never ran across a single study like that. At least then, McKinsey prided itself on its vaunted independence. I even got us fired from a small study the firm took on as a favor for a big client where we made recommendations the manager didn’t like. The partner was amused rather than upset (it seemed to confirm his view this guy was a pain who shouldn’t have been indulged).

      1. Susan the other`

        I’ve heard a lot of stuff about McKinsey being just so much hot air over the last few years. And I believe some of it is certainly true. But this sounds peculiar. This almost sounds like McKinsey was being trained by the CIA and it was a good cover story to pretend like McK was advising them. So now I’m sitting here thinking, What could the intelligence service need McK for… international industrial spying, something to do with advanced weaponry and electronics; maybe even domestic spying… Just my paranoia talking here. And McK’s reputation for being pompous posers helps everyone to roll their eyes and say, Yeah, that’s McKinsey.

      2. Zamfir

        Perhaps it depends on the kind of report, but most people only encounter them for “McKinsey specials” where management want to fire people and needs a report to shift to blame. Perhaps those reports are made with genuine independence, but that is hard to tell from the outside.

        I have been(as yet) spared the humiliation, but I have seen the proces in neighbouring departments in multiple places. A bunch of kids in suits drop in and hold interviews with experienced workers on how their daily work process goes.

        The workers don’t know what to say. They don’t speak MBA, and the posh kid doesn’t have a clue about the work. But it is clear that wrong answers will kill someone’s job- yours or colleagues or everyone. The kids can’t hide their disdain. Everyone has to make time for the McKinsey people, because McKinsey is expensive. The kind of time and priority that the department never gets to implement their own improvement ideas.

        Then the report appears, its always a list of best practices how other places do it better, in abstract management speak. If only you did it better, you could do the same work with less people. So a bunch of people get fired, the work obviously doesn’t go better.

    3. Math is Your Friend

      “Also, CIA etc competent?”

      As usual, it’s a mixed bag.

      Both the CIA and NSA developed very sophisticated cyber-attack frameworks. At least one of them was sufficiently well hidden that the overall framework was only identified about 7 years after some of the tools were spotted in action.

      They recorded all the phone metadata for North American phone calls for the last 25 years, and currently record content of all phone messages in half a dozen countries, at least. They achieved good success in attacking infrastructure and air-gapped networks in a number of countries, and stole the encryption keys for at least a billion SIMs from a Belgium telephone company that supplies them world-wide.

      They have developed a wide variety of attack tools, many based on new ideas or exploits, and have successfully gained access to all data from a number of major web sites and services, and computer and operating systems vendors. They hacked the videoconferencing system at the EU mission to the UN (oops – oh look, the Chinese were here first). They monitored the phones of European leaders including Angela Merkel. They intercepted shipments of communications equipment (routers, switches, etc), compromised them, sealed them up and sent them on to unknowing customers.

      On the other hand, both of those attack frameworks leaked, and are now in use by criminals, and other countries.

      Sometimes I think some of the issues are illustrated by a couple of books about 20th century history…

      If curious, look at ‘The Code Breakers’ by David Kahn which looks at code breaking in the 20th century and glories in the triumphs of Allied and American cryptanalysts.

      Then look at ‘The Rising Sun’ by John Toland, a fascinating book – the first one based on interviews with the Japanese politicans and military officers during that period – on how events in Japan unfolded during the 20s and 30s…. which, among other things, shows how those code breaking triumphs drove Japan into World War 2.


      A favourite aphorism:

      “Forecasting is difficult, especially about the future”

      On the other

  5. TedHunter

    Interesting. The same problem in Germany. McKinsey contracts with the Bundeswehr. Contracts awarded with no competition, etc. The defence secretary, Ursula von der Leyen, was just nominated to head the EU Commission.

  6. Kwark

    In my experience working for the government these sorts of “efficiency” snipe hunts were an easy way for ineffective or incompetent managers to divert attention away from THEIR failures and to sufficiently muddy the waters that blame could be placed elsewhere, often on “Deadwood” underlings who, along with the public, were the victims. I find it simultaneously humorous and terrifying that our spy agencies could be so easily duped.

  7. fajensen

    Denmark pays about 4 Billion DKK in fees to McKinsey each and every financial year, so far with no positive outcomes as far as the general population are concerned, while plenty of IT-disasters and scandals are routinely delivered late and over budget, almost like they were running them on an assembly line.

    A.F.A.I.K, None of this “work” ever went out for EU procurement either …..

    Cory Doctorow has an interesting story Eastern Standard Tribe which is about a global company of very brilliant and very expensive consultants, who are secretly anti corporations and anarchists, so they give brilliant, best-in class, disruptive advice – that is deliberately designed to have some subtle side effects. That fatally blows up the paying client when they “exponentiate” up and all those 5’th order things in the models emerge.

    The novel is about many other things, but this part could be a jab at McKinsey.

Comments are closed.