It is the fourth business day of the month. The portfolio CFO of a $40M ARR tech-enabled services company sends the board package, and the budget-vs-actuals summary lands on a single, reassuring line: total OPEX, 3.8% over plan. Nobody flags it. Three percent feels like rounding. Everyone moves on to the pipeline slide.
That single blended number is the most dangerous artifact in finance, and I have watched it conceal the same fire across three different sponsors. Decompose that 3.8% and the story is never "everything ran a little hot." It is engineering payroll 9% over because two backfills landed early, software spend 14% over from a renewal nobody modeled, and revenue quietly 1.5% under plan that the overages politely cancel out on the summary line. The blend is not a metric. It is camouflage.
Here is the part operators underweight: in a recurring-revenue, services-heavy business, cost lines do not reset at month-end. A team that lands 6% over on payroll in February has not "missed February." It has re-baselined March, April, and every month after, because nobody unwinds a hire or claws back a signed vendor contract. The overage becomes the new normal, and by the time it surfaces as a missed quarter it has already eaten real EBITDA.
This matters more in the current hold cycle than it did five years ago. Bain & Company's Global Private Equity Report is blunt that margin expansion, not multiple arbitrage, has to carry value creation now. You cannot expand a margin you cannot see, and a blended monthly variance number is engineered to keep you from seeing it. If you are discovering a 14% software overrun at the quarterly board meeting instead of on day four, you have already lost the quarter — and you have skipped past the board reporting metrics that actually matter.
Set the threshold by what the line item actually is
The fix is not "watch budget-vs-actuals more closely." It is to stop reporting one tolerance band for fundamentally different kinds of spend. A revenue miss and a payroll miss tell you opposite things about a business, so grading them against the same percentage is how problems hide. I hold portfolio companies to three separate tripwires, each tied to how controllable and how sticky the line actually is.
Top-line revenue and ARR: flag at -2%. Upside is always welcome; nobody calls a meeting because bookings ran hot. But a 2% downside miss in a recurring-revenue model is rarely random. It is the early read on either gross retention slipping or a sales pipeline that stalled a quarter ago and is only now showing up in recognized revenue. The number is small precisely because it is leading — by the time it is large, it is structural.
Headcount and payroll: flag at 1%. This band is tight on purpose. Headcount is the most knowable variable on the P&L — you control the offer letters and the start dates. A payroll miss above 1% is not a forecasting mystery; it means the company hired ahead of revenue, or it committed to a reduction and then flinched. Either way it is a decision someone made, not weather that happened to them.
Software and vendor OPEX: cap at 2.5%. Gartner's FP&A research puts top-quartile finance teams under roughly this aggregate monthly OPEX variance, which makes it a fair external bar rather than an arbitrary one. The reason this line breaks discipline first is SaaS sprawl and contractor creep — spend authorized inside departments that finance never sees until renewal. The enforcement test is simple: if finance cannot attribute the variance down to the specific vendor within 48 hours of close, you do not have a forecasting problem, you have a visibility problem. That is the gap a weekly flash report is built to close, well before anything reaches the monthly board package.
The thresholds are 10% of the work — enforcement is the rest
Setting the numbers is easy. The discipline lives in what happens when someone breaches one, and there are two rules I do not relax.
The word "timing" is banned from the variance explanation. "It's just timing — the expense hit in April instead of May" is the most common explanation a department head will offer, and it is a non-answer. If an expense moved a month, the forecast was wrong, the cash model was wrong, and the business was operating without instruments. So the explanation has to name a root cause: was the vendor contract misread? Did sales miss the tier they projected? Did a start date slip and never make it back to finance? Each of those is a fixable process gap. "Timing" is a request to stop looking.
Two consecutive breaches triggers a discretionary-spend freeze. If a department leader — CMO, VP Engineering, head of customer success, anyone — blows the 2.5% OPEX threshold two months running, their discretionary authority defaults to zero-based: every dollar gets CEO sign-off until they re-earn the latitude. This pushes accountability to the operator who actually made the spend instead of leaving the CFO to reconcile a mess they did not create. It also changes behavior fast, because the freeze is a consequence, not a memo. The Association for Financial Professionals has documented that pairing BvA triggers with rolling forecasts can lift forecast accuracy materially — the mechanism is psychological as much as procedural.
The exit case for all of this is straightforward. EBITDA is a lagging number; by the time it prints, the decisions that made it are months old. A management team that lands inside its category thresholds month after month is the team a diligence process trusts — which shows up as a cleaner quality-of-earnings report, fewer disclosure-schedule surprises, and a defensible number at the closing table. If you have ever wondered why your board doesn't trust your numbers, start Monday: split the blended variance line into revenue, payroll, and OPEX, set the three bands, and watch where the fire actually is.
