outsourcing and financial institutions three hats: customer, provider, funder 7 july 2009

Outsourcing and Financial InstitutionsThree Hats: Customer, Provider, Funder7 July 2009

AgendaTuesday 7 July

14:00 - 14:15 Registration

14:15 - 14:30 Chairman's Introduction

Nigel Swycher, Head of Outsourcing, Olswang

14:30 - 15:00 Outsourcing – where next for financial institutions?

Phil Brooke, Senior Consultant, Financial Services Practice,

EquaTerra

15:00 - 15:30 Managing the outsourcing lifecycle – not the contract

Nigel Swycher, Olswang

Data Protection and Security

Marc Dautlich, Olswang

15:30 - 16:00 BREAK

16:00 - 16:30 Commercial relationships – Theory vs Practice

Clive Rees, IT Procurement Director, Lloyds Banking Group

16:30 - 17:00 Industry consolidation / regulatory considerations

Charles Kerrigan and Brian McDonnell, Olswang

17:00 - 17:30 Panel discussion

Moderated by Harry Taylor

17:30 Drinks will be served immediately after the event

Research » Strategy » Transformation » Governance

Outsourcing – Where next for FIs?Olswang, 3 Hats Seminar

7th July 2009

Phil BrookeFinancial Services Practice

Copyright © EquaTerra 2009. All rights are reserved.

Contents

This document is Copyright © EquaTerra 2009, and all rights are reserved. Permission is hereby granted to reproduce this document in whole or in part for non-commercial purposes, provided that EquaTerra is prominently cited as the originator and copyright holder and provided that information on how to contact EquaTerra is included. The prior written permission of EquaTerra is required to reproduce all or any part of this document, in any form whether physical or electronic, for any commercial purpose.


the world will never be the same again.....

5

Never has there been such turmoil and upheaval in the Global Financial Services market.

In addition the state(s) has provided loans and guarantees to most FI’s, and there has been significant non-state equity investment in Barclays, BOA, GoldmanSachs, Morgan Stanley, JP Morgan Chase, and Credit Suisse.

NationalisedNationalised


Taken OverTaken Over

CollapsedCollapsed



Pt. Nationalised

Pt. Nationalised

CollapsedCollapsed




RescuedRescued

RescuedRescued

Pt. Nationalised

Pt. Nationalised








Pt. Nationalised

Pt. Nationalised

Pt. Nationalised

Pt. Nationalised

Pt. Nationalised

Pt. Nationalised


As an FI you may have a few things on your mind...

» Boost the Share price

» Shore up the Balance Sheet

» Absorb hastily made mergers/acquisitions

» Sell off unnecessary share holdings

» Minimise exposure to the rise in bad debts

» Manage the decline in investment returns

» Re-align capacity to falling demand

....and for the those that benefited from state handouts there’s that small matter of repayment.......

6


N=857

For what reasons are you considering increasing your existing levels of outsourcing?

Outsourcing Drivers


Outsource Drivers are far more focused...

» Cost Savings

– Run costs

– Cost Avoidance / Cash conservation

– Asset value realisation

– Shorter ROI

– ‘nice to haves’ have taken a back seat eg. Service improvement

» Increased Flexibility

– Operationally

– Commercially

– Skills availability

» Transformation included only when pragmatism dictates

8


Knee jerk reactions giving way to pragmatism...

» Trend for pick up of Outsourcing & offshoring is in early days

» Everything is on the table – Even the Sacred Cows are being sacrificed

» Target Operating Models built around ‘Multi-sourcing’ strategy

» Service Integration will be key to multi-sourcing success

» Continued examination of pre-crunch contracts to ensure ‘Fit for Purpose’

» M&A activity has created unique opportunities

» More Customer Due Diligence on Supplier

» Buyer preference for ‘safe buying’

9


Some pre-Crunch trends will continue....

» India will remain the offshore destination of choice, despite– Mumbai bombings– Satyam Scandal

» Monetarising of offshore arrangements – Captive arrangements to outsource agreements eg. Citi– Build-Operate-Transfer (BOT) deals to outsource agreements eg. Aviva

» Even greater hurry to ‘speed to execution’

» Regulation, Security, and Risk won’t be Showstoppers

10

Copyright © EquaTerra 2009. All rights are reserved. 11

Application Management

End User Management

Infrastructure Management

N=97

Process outsourced

Plans to outsource

Not outsourced, no plans

Which of the following processes are currently outsourced by your organisation?

IT Outsourcing set to continue growing....


More IT Near and Offshoring....

12

Increase

Same

Decrease

Application Management

End User Management

Infrastructure Management

N=62

In the future, do you expect there to be changes to your near or offshore strategy?


» Tangible short term savings, with medium-long term potential

» Financial engineering – take benefits upfront, realise asset values

» Fixed to variable cost base

» KPIs driving the right commercial behaviour in the Service Provider

» Capacity / Demand mechanisms that flex like never before

» Enhancements to Step-in, Exit, Ownership, Separation, and Audit provisions

» Norm will be 5 year contract terms (less mega-deals and long terms deals)

» More focus on Knowledge Management and Knowledge transfer to/from

» Increase Customer Due Diligence on Supplier (Deal and Business)

» Increased focus on risk profile, use of Risk and Financial Health KPIs

» More emphasis on Data Security (part. where offshoring involved)

» Additional Data Security Breach Notification provisions

13

Cost Savings

Flexibility

Risk & Security

RegulatoryImpact

Commercial legacy of the crunch.......

?


Effective Governance will be critical to success

14

Weak

Average

Good

ExcellentN=102

How would you qualify the overall skills/competencies of your organisation to manage your existing outsource providers?


Impact on Outsourcing Vendors....

» Vendors have felt the pain;– Non-essential projects deferred– Reduction in discretionary spend– More commercially aggressive clients– Cost of servicing debt has increased

» Business focus is firmly on; – Filling existing capacity, less Strategic investment– Core service offerings (qualifying harder)– Providing more aggressive pricing– Re-negotiation of existing deals– Growth markets (part. those with sustainable revenues)

» Expect further consolidation and rationalisation

» Crunch has been a good test of client-vendor relationships

15


Conclusion

» More Outsourcing

» More Offshoring

» More Regulation & Scrutiny

» Unprecedented focus on Risk and Security

16

Copyright © EquaTerra 2009. All rights are reserved. 17

About EquaTerraEquaTerra sourcing advisors help clients achieve sustainable value in their IT and business processes. Our advisors average more than 20 years of industry experience and have supported over 2000 transformation and outsourcing projects across more than 60 countries.

Supporting clients throughout the Americas, Europe, and Asia Pacific, we have deep functional knowledge in Finance and Accounting, HR, IT, Procurement and other critical business processes. EquaTerra helps clients achieve significant cost savings and process improvement with internal transformation, shared services and outsourcing solutions.

Key Contact

Phil BrookeSenior Consultant, Financial Services Practice+44 (0) 7595 [email protected]

Contact us

BeLux: +32 (0)2 709 29 32 [email protected]

China: 86 (0)21 28909093 [email protected]

Finland (Baltics and Russia): +358(0) 925 108100 [email protected]

Germany: +49 (0)69 [email protected]

India: +91 80 4022 [email protected]

Netherlands: +31 (0)88 002 [email protected]

Sweden (Nordic HQ): +46 (0)8 662 30 67 [email protected]

UK: +44 (0) 845 838 [email protected]

US: +1 713 470 [email protected]

mailto:[email protected]










Managing the outsourcing lifecycle- not the contractNigel Swycher7 July 2009

The Outsourcing Lifecycle

“Nothing endures but change”

Heraclitus (c500BC)

BEFORE Preparation

DURING Selection and

negotiation

AFTERDelivery to exit

The Outsourcing Health Check

• An integrated legal and consultancy service which takes a holistic review of an outsourcing relationship: before, during and after.

• Symptoms and diagnosis

Case Study 1: Out of control

Case Study 2: Not my idea

Case Study 3: It’ll be alright on the night

Case Study 4: We know better

Lies, damn lies and…

…statistics

50% of outsourcing relationships end short of full term, BUT fate need not be determined by the flip of a coin.

Q&A

For more informationplease contact:

Nigel Swycher+44 (0)20 7067 [email protected]

3647634-1

Data Security

Marc Dautlich7 July 2009

Data Security in Outsourcing – True or False

• Impregnable information security is virtually impossible

True/False

• Many security incidents are avoidable

True/False

• Compliance risk can be outsourced

True/False

Data Security Outsourcing – “Before, During and After”

• Providing supplier with usable information about the pre-outsourcing security environment

• Identifying a supplier with adequate capabilities

• Creating and agreeing incentives for maintaining/improving security environment post-transition

• Monitoring supplier’s performance, adjusting incentives/enforcing remedies and managing exit

“Before”

“Before”

“During”

“After”

Legal Context – A Dual Regime?

FSA Regime

FSA Principles:

2 – “conduct business with due skill, care and diligence”

3 – “take reasonable care to organise and control affairs responsibly and effectively, with adequate risk management systems”

SYSC 6.1.1R “procedures sufficient to ensure compliance … with obligations under regulatory system and for countering risk that firm used to further financial crime”

Treating Customers Fairly initiative

Guidance e.g. “Data Security in Financial Services” April 2008

ICO Regime

DPA 1998 7th principle: “technical and organisational measures … to prevent unauthorised processing … and accidental loss”

Guidance e.g. security breach notification

FSA ICO

Formal investigation Request for assessment

Public Censure Information and enforcement notices

Financial penalties Financial penalties (2010?)

Vary an authorised person’s permission or cancel it

Data breach notification (voluntary)

Good practice assessment (voluntary)

Legal Context (continued) – FSA vs. ICO Powers: Comparison

Legal Context (continued) – Conclusion

• Left hand vs. right hand

• Co-operation protocol between FSA and ICO

• Mind the gap

• Regulatory guidance to bridge gap between principles–based regulation and practical security solutions

Outsourcing to Third Party Suppliers – FSA Data Security Guidance, April 2008

Before

• “Over-reliance on contract”

→ Pre-contract planning

• assessing supplier’s competence (“due diligence”)

• assessing economics of good information security (“business case”)

→ Setting appropriate remedies and liability regime

• “last man standing” is not the answer

Outsourcing to Third Party Suppliers –FSA Data Security Guidance (continued)

During

• “Insufficient attention to staff vetting”

→ Due diligence or negotiation needs to reveal answers to questions such as:

● how are third party staff vetted?

● when and who: access to customer data?

→ Exercising governance and audit rights in-flight during transition and delivery

● a question of execution and judgment

Data Security – Outsourcing Contract Provisions

During (continued)

• Core obligation provisions

• e.g. preservation of data integrity/prevention of data loss or corruption

• “Accountable individual” provisions

• Breach notification obligations

• Remedies:

• restoration of corrupted data

• an aside on “loss”

• indemnities

• unauthorised access to Supplier infrastructure or Customer service environment

• hacking

• fraud

Conclusion and Questions

• What happened to “After”?

• Datonomy: www.datonomy.blogspot.com

http://www.datonomy.blogspot.com/


Marc Dautlich+44 (0)20 7067 [email protected]

3648196

Data Security

Commercial Relationships

Theory versus practice

Clive Rees- IT Procurement DirectorLloyds Banking Group2009

37

Nelson Mandela

• As a young lawyer challenged the political system in his country

•Burned his “passbook” in 1950’s

•Sent to prison for 27 years

•Released after years of leading the African National Congress

•Became President of South Africa in 1994

•Dismantled apartheid and managed to create one nation

39

John F Kennedy

•Charismatic President of the United States 1961-1963

•“Ask not what your country can do for you but what you can do for your country”

•“Ich bin ein Berliner”

•Shot dead in 1963 in Dallas, Texas

•Remembered for being champion of Civil Rights and his management of the Cuban Missile Crisis

•Created a strong positive economy within the United States

41

Sir Alex Ferguson

•Manchester United football manager for past 20 plus years

•Fiery Scot who throws cups , saucers and hairdryers!

•Successful

•Gets the maximum out of the resources he has through effective relationship management

42

Common themes

•Influence

•Convince

•Communicate effectively

•Empathetic

•Listen

•Understand

•Develop trust

•Know how to manage relationships

43

Lloyds Banking Group Brands

30 million

Individual & Corporate Customers

Number 1

LBG Market Position in Insurance

Number 1

LBG Market Position in

Savings, Current Accounts and

Personal Loans

Number 1

LBG is the largest UK Retail Bank

£4.4 billionTotal LBG annual

external spend£4.4 billion

80%

LBG IT spend with 100 suppliers

50

People in the IT Procurement

Team

0

Goals my football team scores each

week

93

The bus I caught here

70%

LBG IT spend with 18

suppliers

55%

LBG IT Spend is with 6 suppliers

£1 billion

LBG IT Procurement

annual external spend

http://www.lloydsbankinggroup.com/home.asp

45

Relevance to Commercial Relationships?

• Know what it is you want from the other party before you go to market

Service improvement

Cost reduction

Transformation

Innovation

Be clear and create a definitive requirements document

• Know who has the capability in the market place to provide the service / products you want & understand what the deal would mean to them - invest in due diligence of potential partners

46

Manage the process well

• Create a definitive and clear tender document (don’t let the suppliers tell you what you need)

• Be sure to include the relevant terms under which you’ll contract with successful party and issue with tender (avoids arguments further down the track)

•State and stick to the timetables

•Know what governance process will exist through the negotiation and post contract signature

47

Selection

•Pick the partner who best satisfies your original requirements- obvious but not always the outcome

•Don’t be tempted by the lowest financial offer- pick a competitive and sustainable price from a partner you can trust or you’ll only regret it during the term of the contract

•Ensure the “A” team stays after the deal is done to service the account

•Ensure the contract is simple & easily understandable – remember someone will have to manage it (clear SLA’s, ongoing governance and escalation are a must have)

48

Three key Principles of our deals

•Competitive

•Sustainable

•Flexible

49

What happens in practice then? Two Case Studies

Case study 1

•Supplier X and a Bank – 5year £30m p.a contract for provision of complex IT services

•Supplier had been very keen to win the business and bid accordingly

•Supplier X won the business but 2 years into the contract realised “hurting” in margin return; started to cut corners and change control at every opportunity

•Bank had not been supplier managing

•Relationship deteriorated

50

Case Study 1

• New legal and procurement teams to solve the crisis that had resulted and re-structure the deal with lots of pain for both parties

So who was to blame ?

Supplier X or a Bank?

What could have been done differently?

What went wrong?

51

Case Study 2

•Supplier Y and a Bank contracted for 3 years for IT services £9m p.a

•Expectations of both parties were documented, discussed and agreed at the outset

•Both resourced up to make the relationship work in practice

•Appropriate and agreed reporting and governance were put in place

•Service delivery, SLA’s and “value adds” all materialised

•Why was this relationship successful?

52

Summary

•Theory and Practice are not always replicated

•Commercial Relationships are not easy to maintain but require constant attention

•Set clear expectations for both parties

•Work together so that the supplier gets healthy margin (sustains the relationship) and the recipient gets the service wants rather than service imposed upon it

•Confront issues, resolved them through the “right” governance forum

Industry consolidation / regulatory considerationsCharles Kerrigan and Brian McDonnell7 July 2009

outsourcing “things that are more fundamental to the value of a business” – Roland Berger

Gartner survey shows outsourcing in Europe is growing during economic downturn, June 2009

Retailers rethink outsourcing - Joanna Perry, April 2009

Credit Crunch changes economics of outsourcing - Siobhan Chapman, January 2009

Consolidation - Lessons from the Market

• Core business outsourcing – will institutions accept the exercise of business judgement by an outsourcer?

• Credit crisis – was effective outsourcing of risk management to third parties a contributory factor?

• JP Morgan Chase – integrated risk management as part of corporate strategy

• Financial institution mergers e.g. Lloyds – HBoS: integration issues

• RBS – brings back in house IT infrastructure and application development activities; retains ABN Amro’s Indian operations

• If there is pressure on rates will suppliers re-engineer the process to a lower standard?

• In-house offshore operations (“captives”) – Eran Eisenberg, senior legal counsel, Barclays

Lending to Outsourcing Businesses

• Testing predictability of revenue – cashflow lending, invoice discounting

• Assets available for security – evaluation of fixed or liquid assets

• Contracts with termination rights – position if all rights are exercised

• Defining material contracts – identification of core revenues and long-term business relationships

• Control over borrower and implications for fixed charge security – impact of consolidation

• Cross-border issues – local security and insolvency laws

Lending to Businesses with Outsourced Operations

• Use of LMA/ISDA forms of document – outsourcing core business function

• Loss or compromise of sensitive data – effectiveness of disaster recovery plans

• Due diligence on security risk mitigation – access to borrower audit information

• Service level performance discussions – lender rights to have input into relationship

• Payments to outsourcer – lender and outsourcer are competing creditors of the business and both critical to its continued success

• Insolvency of outsourcer – visibility of financial condition of outsourcer

Certainty vs Flexibility

Certainty

• Assists in enforcing legal rights

• Enables benchmarking of services

• Suits investors and regulators

• Provides specific remedies on default

Flexibility

• Suits changing market conditions

• Can deal with volatility (weakening sterling, changing funding costs)

• Potential for creative solutions to disputes

• Avoids “over-reliance” on contractual provisions

Certainty vs Flexibility

Flexibility

Certainty

CoreNon-core

[Captives]

DocumentManagement

Document termsLMA, ISDA

IntegrationIssues

PayrollIT

Outsourcing – regulatory considerations

• Material outsourcing

• outsourcing services of such importance that weakness, or failure, of the services would cast serious doubt upon the firm’s continuing satisfaction of the threshold conditions or compliance with the Principles

• general provisions

• Outsourcing of “critical or important” functions and investment services and activities

• an operational function is regarded as “critical or important” if a defect or failure in its performance would materially impair the continuing compliance of a common platform firm with the conditions and obligations of its authorisation or its other obligations under the regulatory system or its financial performance, or the soundness or the continuity of its relevant services and activities

• SYSC 8

Outsourcing – regulatory change

• FSA approach - “Light touch” to “Be afraid”

• More enforcement focus – in particular on senior management

• Regulatory capital and liquidity reforms

• EU competition concerns

• Proposed new EU regulation of hedge funds and private equity

• Corporate governance and remuneration

• Regulatory institutional change – role of BoE; and pan-European institutions

• Treating Customers Fairly / The Retail Distribution Review

• Implementation of the Payment Services Directive


Charles Kerrigan+44 (0)20 7067 [email protected]

Brian McDonnell+44 (0)20 7067 [email protected]

Industry consolidation / regulatory considerations

outsourcing and financial institutions three hats: customer, provider, funder 7 july 2009

Documents

nationalised slide

copyright equaterra

outsourcing drivers

head of outsourcing

outsourcing lifecycle

outsourcing vendors

event slide

copyright holder