How to Manage and Mitigate Offshore Risks | Article

A Discussion with Ravi Aron, Assistant Professor, Johns Hopkins University, A Wipro Council for Industry Research Initiative

Ravi Aron, Member of Wipro's Academic CouncilWhat are the real risks in offshoring both ITO and BPO work? Ravi Aron, assistant professor, Carey Business School, Johns Hopkins University and a research partner with the Wipro Council for Industry Research, says understanding those risks helps buyers set up procedures to mitigate them, making their offshore engagements more successful.

Aron, who is also a Senior Fellow at the Phyllis Mack Center for Technology and Innovation at the Wharton School of Business, The University of Pennsylvania, says there are three types of risks buyers must worry about:

  • Operational risk: The propensity of a process to break down and result in less than acceptable quality of work
  • Strategic risk: Losses that result when the offshore supplier behaves opportunistically
  • Composite risk: Risk that arises over time from a combination of factors like erosion of competence and loss of flexibility.
  • Operational risk

    Aron says operational risk is simply “getting output you don’t like. The quality is not there.” The output has too many errors, mistakes, and defects.

    For example, in ITO, the application does not have all the functionalities that the buyer asked for. Or the code has bugs. Or there could be cost overruns or delays in delivering the system.

    Turning to BPO, there could be mistakes in underwriting in insurance work. In call center outsourcing, the offshore provider of services does not achieve first-call resolution metrics; the buyer wants 80 percent but the supplier can manage only 60 percent. In supply chain outsourcing, the accounts receivable/accounts payment closures have too many errors.

    “In all cases, the supplier’s quality is less than what’s mandated in the service level agreements (SLAs),” explains Aron.

    The causes of operational risk

    Evaluating Operational risk
    Source: Ravi Aron

    Aron says the principal reason this risk exists is “because of the complexity of work. It takes a while for the offshore organization to understand what the buyer wants.”

    Another reason operational risk occurs is because of business unfamiliarity. “I think the risk of cultural context unfamiliarity is overstated and the risk of business context unfamiliarity is understated,” says Aron. The professor says you can teach Indians why Americans love Halloween. “But few buyers estimate the real hazards of trying to transfer the business context.”

    He gives an example. The offshore company manages the back-office corporate treasury function for a bank. The bank instructs the provider of services to reconcile the various invoices and then make payments to a corporate customer (a large retailer). The amount in question is about US$60 million of business receipts for the retailer. The bank has a reputation for speedy and accurate reconciliation, which helps in improving the float for its customers. This is a part of the bank’s value proposition: to help its customers get better working-capital management through improved management of its float.

    However, the offshore supplier doesn’t understand the concept of float or why it’s important to these customers. So it transfers the $60 million a couple of days later than usual, causing the customers to lose the float on that amount. The bank’s customers are angry. The supplier just didn’t understand why a two-day delay was so much of a problem. “Business unfamiliarity can be a serious issue,” says Aron.

    Managing operational risk

    How do you manage operational risk? Aron says there are four ways to do this:

    1. Knowledge transfer and management. The professor says North Americans and Europeans typically “under invest in knowledge transfer.” The Japanese, on the other hand, take this matter seriously. “When a Japanese company outsources its back office to a Chinese supplier, say in Dalian, China, its knowledge transfer investment greatly diminishes the problem of business continuity and transfer of business context,” says Aron.He says buyers shouldn’t assume “the supplier will understand.” And he insists “there is no such thing as too much training.” He also suggests creating joint knowledge repositories and deploying collaboration mechanisms such as wikis, blogs, and RSS feeds via corporate intranets.
    2. Metrics. Aron says metrics “have a huge impact on operational risk.” He says buyers must make suppliers understand their definition of quality.According to the professor, “through well-defined metrics the supplier can easily understand and greatly reduce operational risk.” He suggests SLAs should identify key factors of process quality. Then, buyers should measure continuously and in great detail. He points out VelociQ, a mechanism Wipro designed to track an elaborate system of metrics for BPO and ITO projects, “is very granular. It allows a company in Manhattan to see what’s going on in Mumbai in real time,” he explains. Chennai, India-based OfficeTiger (acquired by RR Donnelley in 2006) has a similar mechanism.
    3. Transition management. “Buyers sign a contract, fly to India, take photos in front of the Taj Mahal, give everyone T-shirts and coffee mugs, then go home,” he says. That’s not how he suggests handling transition management.The professor says the first couple of months typically go well, because the problems revolve around clarification. Difficulties generally don’t crop up until later. “That’s when real problems of output or quality appear. That’s when the rubber meets the road,” says Aron.

      The message here is “don’t overlook transition management because it can reduce operational errors by up to 15 percent,” he reports.

    4. Monitoring versus control. “Don’t over control and under monitor,” says Aron. Controlling is telling them how to do their work. With monitoring, buyers establish objectives (what to do) but leave the “how” to the provider’s managers. Buyers can safely delegate if they verify. However, they need a granular system of metrics and a mechanism to track SLAs (like Wipro’s VelociQ) so they can verify from the earliest moment.Unfortunately, companies either do not monitor enough or “the metrics can be too skimpy or not well understood,” he says. He quotes Ronald Reagan who said “Trust but verify.”

    Structural risk

    Structural risk is the result of opportunistic behavior, according to Aron. The supplier cuts corners or puts in less than the expected effort. Or the supplier insists the buyer pay for supplier mistakes.

    Here are three ways suppliers do this:

    1. Deliberate underperformance or shirking
    2. Poaching or the deliberate misappropriation of information
    3. Opportunistic renegotiation of the contract or other opportunistic behavior

    Here are some real life examples. In claims underwriting, a property and casualty insurance company requires its supplier to check for 25 compliance factors. The supplier, however, cuts corners and only looks at 18-20 factors.

    In ITO, a buyer signs a contract that promises that the provider’s veteran programmers and systems analysts will work on the project. But when work commences, the supplier replaces some of the experienced team members and sends rookies who cost a lot less.

    These are examples of deliberate underperformance.

    Here’s an example of opportunistic misuse of information. The supplier’s sales staff gets a bonus if its call center staff signs up a certain number of new credit card holders. To boost sales, the supplier’s staff offers the customers a lower APR than the buyer wants. Now the buyer has a lower yield on its card portfolio.

    An example of opportunistic behavior typically happens after 18 months into a contract when the power shifts from the buyer to the supplier. The supplier suddenly demands a higher price for the contracted services or insists on lowering SLA levels, knowing it now has more bargaining power. “This clearly violates the spirit of the contract,” says the professor.

    Evaluating Structural risk
    Source: Ravi Aron

    Managing structural risk

    Aron says there are four ways to manage structural risk:

    1. Build transition service clauses into the contract. Aron suggests adding sunset clauses to any new contract, which gives the buyer an additional year of service at the same rate. “Twelve months buys a company enough time to find another supplier and transition the process completely,” he observes.
    2. Use multiple suppliers. Switching suppliers is expensive. The best way to avoid switching is to not be completely reliant on any one provider. This guards against lock-in and switching costs. “The best case examples in supply chain management are where no manufacturer has just one supplier,” he points out. ITO buyers “are just waking up to this realization,” he adds. In BPO, he suggests splitting the work by volume and process type.
    3. Retain residual capacity. The goal of outsourcing is to reduce costly in-house capacity. “But don’t lose it entirely,” cautions the professor. “If you have the capacity in house, it will keep your offshore supplier from playing games with you,” he continues. Retaining strategic residual capacity also gives buyers the comfort they can immediately take important tasks back in house if the supplier starts misbehaving.Aron says the economics of labor arbitrage make it difficult for a company in these hard times to keep expensive labor on its domestic payrolls. But the professor says it’s necessary insurance. He says residual capacity of 6-12 percent is sufficient in most BPO contracts.
    4. Monitor and control. The professor says continuously monitoring what’s happening “will go a long way in stopping the provider from taking liberties, shirking, or deliberately underperforming. It’s a great deterrent.”Aron says turning a supplier into a business partner also mitigates this risk. He suggests buyers add one element to an SLA that is an intangible composite of many desirable aspects of the relationship: customer satisfaction. “This makes the supplier aware it has a mandate beyond the routine delivery of work. Now it has to step into the business context of the buyer,” he explains. He says the most successful outsourcing relationships he has observed have both granular metrics and customer satisfaction criteria.

    The use of customer satisfaction criteria in addition to SLA-based metrics of output quality can drive significantly higher quality outcomes. The buyer tells the provider the buyer’s in-house managers are its customers; periodically the buyer will survey them, providing customer satisfaction scores (CSS). The CSS ratings determine a portion of the payment the buyer receives.

    CSS scores cause the provider to “sense and respond” to the business context of the buyer. The provider understands that there are aspects of the relationship that the buyer can’t easily specify via a system of metrics but are nevertheless important. It invests in understanding the business context of the buyer and offers true relationship management.

    The contractual governance of the relationship changes to a “sense and respond” mode of governance. For business transformation this is necessary; the provider must go beyond the routine delivery of services. In many BPO and ITO contracts that Professor Aron has studied over the past seven years in several countries, the contracts that incorporated CSS scores outperformed those that did not both in terms of the quality of work from the offshore provider and the buyers’ managers’ satisfaction with the offshore service center.

    Composite risk

    This risk is characterized by a deliberate erosion of competency in the buyer’s organization since it sent those skills abroad.

    The extended organizational form

    Aron says the extended organizational form (EOF) “contains in great measure all three risks.” The EOF “bridges the strengths of both organizations” by letting the provider’s employees report to the buyer’s management. “The buyer’s manager treats them as if they were its own employees,” explains Aron. While there is no direct employee relationship between the buyer and the provider’s employees, this allows the buyer to divest financial control while retaining operational control.

    The buyer’s managers then monitor operations, inspect the quality after execution, and exert direct managerial control. “Surprisingly, it also provides operational benefits to the supplier,” says Aron. Over a period of time the provider’s costs fall without compromising the quality of work.

    There is another reason to consider this form of offshoring. In the current environment there is some possibility of legislation that will discourage companies from offshoring work. That legislation may take the form of not allowing U.S.-based firms to take tax deductions for the operations of their captive centers offshore. The expense becomes fully tax deductible if the buyer outsources these operations.

    Some firms may fear the loss of control that may result from outsourcing operations to a third-party company. This is where the EOF plays a role. It allows firms to exert operational and strategic control over their offshore operations without having to carry these expenses on their balance sheets. The EOF thus brings together the best features of both forms of governance: Outsourcing brings the discipline of the market to the cost of operations while captive centers give the client firm higher levels of strategic control. The EOF is subject to the discipline of the market even while it allows the client to exert strategic and operational control over the offshore service center.

    In these difficult economic times, it provides a compelling rationale for offshore services. Combining the EOF with careful use of CSS criteria in contracts allows buyers to move towards transforming their offshore service providers into strategic partners.

    Companies such as Wipro are taking up initiatives to address buyers whose objectives not only include cost savings but also making a strategic business impact. Wipro’s PACE initiative seeks to combine multiple business objectives including:

    • Reduce cost
    • Transform the cost structure from fixed to variable cost
    • Earn better yield on infrastructure and asset utilization
    • Create a strategic partnership between the two players

    Lessons from the Outsourcing Journal:

    • Knowledge transfer and management, metrics, transition management, and monitoring help mitigate operational risks in offshoring.
    • Building transition clauses into the original contract, using multiple suppliers, monitoring, and retaining residual capacity reduce structural risk.
    • The extended organization form, where the provider’s employees report to the buyer’s manager, is a great way to mitigate operational, structural, and composite risks.

    Wipro set up the Council for Industry Research, comprised of domain and technology experts from the organization, to address the needs of customers. It specifically looks at innovative strategies that will help them gain competitive advantage in the market. The Council in collaboration with leading academic institutions and industry bodies studies market trends to equip organizations with insights that facilitate their IT and business strategies. For more information on the Research Council visit www.wipro.com/industryresearch or email [email protected].

    2 Comments on "How to Manage and Mitigate Offshore Risks | Article"

    Trackback | Comments RSS Feed

    1. joyce yen says:

      can you share any insight on splitting operations between 2 vendors?
      What risks are, what to avoid.
      Should metrics be same for both vendors or can they be different?

    2. David Aidoo-Gensenmueller says:

      Great article. The EOF approach sounds good and seems to be an effective mitigation tool for most of the risks of Off-shoring.

      Could you elaborate more on the Extended Organization Form (EOF)and perhaps site examples in the real world?

      Thanks,
      David.

    Post a Comment

    Your email address will not be published.

    ( required )

    You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>