outsourcing and financial institutions three hats: customer, provider, funder 7 july 2009
TRANSCRIPT
Outsourcing and Financial InstitutionsThree Hats: Customer, Provider, Funder7 July 2009
AgendaTuesday 7 July
14:00 - 14:15 Registration
14:15 - 14:30 Chairman's Introduction
Nigel Swycher, Head of Outsourcing, Olswang
14:30 - 15:00 Outsourcing – where next for financial institutions?
Phil Brooke, Senior Consultant, Financial Services Practice,
EquaTerra
15:00 - 15:30 Managing the outsourcing lifecycle – not the contract
Nigel Swycher, Olswang
Data Protection and Security
Marc Dautlich, Olswang
15:30 - 16:00 BREAK
16:00 - 16:30 Commercial relationships – Theory vs Practice
Clive Rees, IT Procurement Director, Lloyds Banking Group
16:30 - 17:00 Industry consolidation / regulatory considerations
Charles Kerrigan and Brian McDonnell, Olswang
17:00 - 17:30 Panel discussion
Moderated by Harry Taylor
17:30 Drinks will be served immediately after the event
Research » Strategy » Transformation » Governance
Outsourcing – Where next for FIs?Olswang, 3 Hats Seminar
7th July 2009
Phil BrookeFinancial Services Practice
Copyright © EquaTerra 2009. All rights are reserved.
Contents
This document is Copyright © EquaTerra 2009, and all rights are reserved. Permission is hereby granted to reproduce this document in whole or in part for non-commercial purposes, provided that EquaTerra is prominently cited as the originator and copyright holder and provided that information on how to contact EquaTerra is included. The prior written permission of EquaTerra is required to reproduce all or any part of this document, in any form whether physical or electronic, for any commercial purpose.
Copyright © EquaTerra 2009. All rights are reserved.
the world will never be the same again.....
5
Never has there been such turmoil and upheaval in the Global Financial Services market.
In addition the state(s) has provided loans and guarantees to most FI’s, and there has been significant non-state equity investment in Barclays, BOA, GoldmanSachs, Morgan Stanley, JP Morgan Chase, and Credit Suisse.
NationalisedNationalised
NationalisedNationalised
Taken OverTaken Over
CollapsedCollapsed
Taken OverTaken Over
NationalisedNationalised
Pt. Nationalised
Pt. Nationalised
CollapsedCollapsed
Taken OverTaken Over
Taken OverTaken Over
NationalisedNationalised
RescuedRescued
RescuedRescued
Pt. Nationalised
Pt. Nationalised
NationalisedNationalised
NationalisedNationalised
Taken OverTaken Over
Taken OverTaken Over
Taken OverTaken Over
Taken OverTaken Over
NationalisedNationalised
Pt. Nationalised
Pt. Nationalised
Pt. Nationalised
Pt. Nationalised
Pt. Nationalised
Pt. Nationalised
Copyright © EquaTerra 2009. All rights are reserved.
As an FI you may have a few things on your mind...
» Boost the Share price
» Shore up the Balance Sheet
» Absorb hastily made mergers/acquisitions
» Sell off unnecessary share holdings
» Minimise exposure to the rise in bad debts
» Manage the decline in investment returns
» Re-align capacity to falling demand
....and for the those that benefited from state handouts there’s that small matter of repayment.......
6
Copyright © EquaTerra 2009. All rights are reserved.
N=857
For what reasons are you considering increasing your existing levels of outsourcing?
Outsourcing Drivers
Copyright © EquaTerra 2009. All rights are reserved.
Outsource Drivers are far more focused...
» Cost Savings
– Run costs
– Cost Avoidance / Cash conservation
– Asset value realisation
– Shorter ROI
– ‘nice to haves’ have taken a back seat eg. Service improvement
» Increased Flexibility
– Operationally
– Commercially
– Skills availability
» Transformation included only when pragmatism dictates
8
Copyright © EquaTerra 2009. All rights are reserved.
Knee jerk reactions giving way to pragmatism...
» Trend for pick up of Outsourcing & offshoring is in early days
» Everything is on the table – Even the Sacred Cows are being sacrificed
» Target Operating Models built around ‘Multi-sourcing’ strategy
» Service Integration will be key to multi-sourcing success
» Continued examination of pre-crunch contracts to ensure ‘Fit for Purpose’
» M&A activity has created unique opportunities
» More Customer Due Diligence on Supplier
» Buyer preference for ‘safe buying’
9
Copyright © EquaTerra 2009. All rights are reserved.
Some pre-Crunch trends will continue....
» India will remain the offshore destination of choice, despite– Mumbai bombings– Satyam Scandal
» Monetarising of offshore arrangements – Captive arrangements to outsource agreements eg. Citi– Build-Operate-Transfer (BOT) deals to outsource agreements eg. Aviva
» Even greater hurry to ‘speed to execution’
» Regulation, Security, and Risk won’t be Showstoppers
10
Copyright © EquaTerra 2009. All rights are reserved. 11
Application Management
End User Management
Infrastructure Management
N=97
Process outsourced
Plans to outsource
Not outsourced, no plans
Which of the following processes are currently outsourced by your organisation?
IT Outsourcing set to continue growing....
Copyright © EquaTerra 2009. All rights are reserved.
More IT Near and Offshoring....
12
Increase
Same
Decrease
Application Management
End User Management
Infrastructure Management
N=62
In the future, do you expect there to be changes to your near or offshore strategy?
Copyright © EquaTerra 2009. All rights are reserved.
» Tangible short term savings, with medium-long term potential
» Financial engineering – take benefits upfront, realise asset values
» Fixed to variable cost base
» KPIs driving the right commercial behaviour in the Service Provider
» Capacity / Demand mechanisms that flex like never before
» Enhancements to Step-in, Exit, Ownership, Separation, and Audit provisions
» Norm will be 5 year contract terms (less mega-deals and long terms deals)
» More focus on Knowledge Management and Knowledge transfer to/from
» Increase Customer Due Diligence on Supplier (Deal and Business)
» Increased focus on risk profile, use of Risk and Financial Health KPIs
» More emphasis on Data Security (part. where offshoring involved)
» Additional Data Security Breach Notification provisions
13
Cost Savings
Flexibility
Risk & Security
RegulatoryImpact
Commercial legacy of the crunch.......
?
Copyright © EquaTerra 2009. All rights are reserved.
Effective Governance will be critical to success
14
Weak
Average
Good
ExcellentN=102
How would you qualify the overall skills/competencies of your organisation to manage your existing outsource providers?
Copyright © EquaTerra 2009. All rights are reserved.
Impact on Outsourcing Vendors....
» Vendors have felt the pain;– Non-essential projects deferred– Reduction in discretionary spend– More commercially aggressive clients– Cost of servicing debt has increased
» Business focus is firmly on; – Filling existing capacity, less Strategic investment– Core service offerings (qualifying harder)– Providing more aggressive pricing– Re-negotiation of existing deals– Growth markets (part. those with sustainable revenues)
» Expect further consolidation and rationalisation
» Crunch has been a good test of client-vendor relationships
15
Copyright © EquaTerra 2009. All rights are reserved.
Conclusion
» More Outsourcing
» More Offshoring
» More Regulation & Scrutiny
» Unprecedented focus on Risk and Security
16
Copyright © EquaTerra 2009. All rights are reserved. 17
About EquaTerraEquaTerra sourcing advisors help clients achieve sustainable value in their IT and business processes. Our advisors average more than 20 years of industry experience and have supported over 2000 transformation and outsourcing projects across more than 60 countries.
Supporting clients throughout the Americas, Europe, and Asia Pacific, we have deep functional knowledge in Finance and Accounting, HR, IT, Procurement and other critical business processes. EquaTerra helps clients achieve significant cost savings and process improvement with internal transformation, shared services and outsourcing solutions.
Key Contact
Phil BrookeSenior Consultant, Financial Services Practice+44 (0) 7595 [email protected]
Contact us
BeLux: +32 (0)2 709 29 32 [email protected]
China: 86 (0)21 28909093 [email protected]
Finland (Baltics and Russia): +358(0) 925 108100 [email protected]
Germany: +49 (0)69 [email protected]
India: +91 80 4022 [email protected]
Netherlands: +31 (0)88 002 [email protected]
Sweden (Nordic HQ): +46 (0)8 662 30 67 [email protected]
UK: +44 (0) 845 838 [email protected]
US: +1 713 470 [email protected]
Managing the outsourcing lifecycle- not the contractNigel Swycher7 July 2009
The Outsourcing Lifecycle
“Nothing endures but change”
Heraclitus (c500BC)
BEFORE Preparation
DURING Selection and
negotiation
AFTERDelivery to exit
The Outsourcing Health Check
• An integrated legal and consultancy service which takes a holistic review of an outsourcing relationship: before, during and after.
• Symptoms and diagnosis
Case Study 1: Out of control
Case Study 2: Not my idea
Case Study 3: It’ll be alright on the night
Case Study 4: We know better
Lies, damn lies and…
…statistics
50% of outsourcing relationships end short of full term, BUT fate need not be determined by the flip of a coin.
Data Security
Marc Dautlich7 July 2009
Data Security in Outsourcing – True or False
• Impregnable information security is virtually impossible
True/False
• Many security incidents are avoidable
True/False
• Compliance risk can be outsourced
True/False
Data Security Outsourcing – “Before, During and After”
• Providing supplier with usable information about the pre-outsourcing security environment
• Identifying a supplier with adequate capabilities
• Creating and agreeing incentives for maintaining/improving security environment post-transition
• Monitoring supplier’s performance, adjusting incentives/enforcing remedies and managing exit
“Before”
“Before”
“During”
“After”
Legal Context – A Dual Regime?
FSA Regime
FSA Principles:
2 – “conduct business with due skill, care and diligence”
3 – “take reasonable care to organise and control affairs responsibly and effectively, with adequate risk management systems”
SYSC 6.1.1R “procedures sufficient to ensure compliance … with obligations under regulatory system and for countering risk that firm used to further financial crime”
Treating Customers Fairly initiative
Guidance e.g. “Data Security in Financial Services” April 2008
ICO Regime
DPA 1998 7th principle: “technical and organisational measures … to prevent unauthorised processing … and accidental loss”
Guidance e.g. security breach notification
FSA ICO
Formal investigation Request for assessment
Public Censure Information and enforcement notices
Financial penalties Financial penalties (2010?)
Vary an authorised person’s permission or cancel it
Data breach notification (voluntary)
Good practice assessment (voluntary)
Legal Context (continued) – FSA vs. ICO Powers: Comparison
Legal Context (continued) – Conclusion
• Left hand vs. right hand
• Co-operation protocol between FSA and ICO
• Mind the gap
• Regulatory guidance to bridge gap between principles–based regulation and practical security solutions
Outsourcing to Third Party Suppliers – FSA Data Security Guidance, April 2008
Before
• “Over-reliance on contract”
→ Pre-contract planning
• assessing supplier’s competence (“due diligence”)
• assessing economics of good information security (“business case”)
→ Setting appropriate remedies and liability regime
• “last man standing” is not the answer
Outsourcing to Third Party Suppliers –FSA Data Security Guidance (continued)
During
• “Insufficient attention to staff vetting”
→ Due diligence or negotiation needs to reveal answers to questions such as:
● how are third party staff vetted?
● when and who: access to customer data?
→ Exercising governance and audit rights in-flight during transition and delivery
● a question of execution and judgment
Data Security – Outsourcing Contract Provisions
During (continued)
• Core obligation provisions
• e.g. preservation of data integrity/prevention of data loss or corruption
• “Accountable individual” provisions
• Breach notification obligations
• Remedies:
• restoration of corrupted data
• an aside on “loss”
• indemnities
• unauthorised access to Supplier infrastructure or Customer service environment
• hacking
• fraud
Conclusion and Questions
• What happened to “After”?
• Datonomy: www.datonomy.blogspot.com
For more informationplease contact:
Marc Dautlich+44 (0)20 7067 [email protected]
3648196
Data Security
Outsourcing and Financial InstitutionsThree Hats: Customer, Provider, Funder7 July 2009
Commercial Relationships
Theory versus practice
Clive Rees- IT Procurement DirectorLloyds Banking Group2009
36
37
Nelson Mandela
• As a young lawyer challenged the political system in his country
•Burned his “passbook” in 1950’s
•Sent to prison for 27 years
•Released after years of leading the African National Congress
•Became President of South Africa in 1994
•Dismantled apartheid and managed to create one nation
38
39
John F Kennedy
•Charismatic President of the United States 1961-1963
•“Ask not what your country can do for you but what you can do for your country”
•“Ich bin ein Berliner”
•Shot dead in 1963 in Dallas, Texas
•Remembered for being champion of Civil Rights and his management of the Cuban Missile Crisis
•Created a strong positive economy within the United States
40
41
Sir Alex Ferguson
•Manchester United football manager for past 20 plus years
•Fiery Scot who throws cups , saucers and hairdryers!
•Successful
•Gets the maximum out of the resources he has through effective relationship management
42
Common themes
•Influence
•Convince
•Communicate effectively
•Empathetic
•Listen
•Understand
•Develop trust
•Know how to manage relationships
43
Lloyds Banking Group Brands
30 million
Individual & Corporate Customers
Number 1
LBG Market Position in Insurance
Number 1
LBG Market Position in
Savings, Current Accounts and
Personal Loans
Number 1
LBG is the largest UK Retail Bank
£4.4 billionTotal LBG annual
external spend£4.4 billion
80%
LBG IT spend with 100 suppliers
50
People in the IT Procurement
Team
0
Goals my football team scores each
week
93
The bus I caught here
70%
LBG IT spend with 18
suppliers
55%
LBG IT Spend is with 6 suppliers
£1 billion
LBG IT Procurement
annual external spend
45
Relevance to Commercial Relationships?
• Know what it is you want from the other party before you go to market
Service improvement
Cost reduction
Transformation
Innovation
Be clear and create a definitive requirements document
• Know who has the capability in the market place to provide the service / products you want & understand what the deal would mean to them - invest in due diligence of potential partners
46
Manage the process well
• Create a definitive and clear tender document (don’t let the suppliers tell you what you need)
• Be sure to include the relevant terms under which you’ll contract with successful party and issue with tender (avoids arguments further down the track)
•State and stick to the timetables
•Know what governance process will exist through the negotiation and post contract signature
47
Selection
•Pick the partner who best satisfies your original requirements- obvious but not always the outcome
•Don’t be tempted by the lowest financial offer- pick a competitive and sustainable price from a partner you can trust or you’ll only regret it during the term of the contract
•Ensure the “A” team stays after the deal is done to service the account
•Ensure the contract is simple & easily understandable – remember someone will have to manage it (clear SLA’s, ongoing governance and escalation are a must have)
48
Three key Principles of our deals
•Competitive
•Sustainable
•Flexible
49
What happens in practice then? Two Case Studies
Case study 1
•Supplier X and a Bank – 5year £30m p.a contract for provision of complex IT services
•Supplier had been very keen to win the business and bid accordingly
•Supplier X won the business but 2 years into the contract realised “hurting” in margin return; started to cut corners and change control at every opportunity
•Bank had not been supplier managing
•Relationship deteriorated
50
Case Study 1
• New legal and procurement teams to solve the crisis that had resulted and re-structure the deal with lots of pain for both parties
So who was to blame ?
Supplier X or a Bank?
What could have been done differently?
What went wrong?
51
Case Study 2
•Supplier Y and a Bank contracted for 3 years for IT services £9m p.a
•Expectations of both parties were documented, discussed and agreed at the outset
•Both resourced up to make the relationship work in practice
•Appropriate and agreed reporting and governance were put in place
•Service delivery, SLA’s and “value adds” all materialised
•Why was this relationship successful?
52
Summary
•Theory and Practice are not always replicated
•Commercial Relationships are not easy to maintain but require constant attention
•Set clear expectations for both parties
•Work together so that the supplier gets healthy margin (sustains the relationship) and the recipient gets the service wants rather than service imposed upon it
•Confront issues, resolved them through the “right” governance forum
Industry consolidation / regulatory considerationsCharles Kerrigan and Brian McDonnell7 July 2009
outsourcing “things that are more fundamental to the value of a business” – Roland Berger
Gartner survey shows outsourcing in Europe is growing during economic downturn, June 2009
Retailers rethink outsourcing - Joanna Perry, April 2009
Credit Crunch changes economics of outsourcing - Siobhan Chapman, January 2009
Consolidation - Lessons from the Market
• Core business outsourcing – will institutions accept the exercise of business judgement by an outsourcer?
• Credit crisis – was effective outsourcing of risk management to third parties a contributory factor?
• JP Morgan Chase – integrated risk management as part of corporate strategy
• Financial institution mergers e.g. Lloyds – HBoS: integration issues
• RBS – brings back in house IT infrastructure and application development activities; retains ABN Amro’s Indian operations
• If there is pressure on rates will suppliers re-engineer the process to a lower standard?
• In-house offshore operations (“captives”) – Eran Eisenberg, senior legal counsel, Barclays
Lending to Outsourcing Businesses
• Testing predictability of revenue – cashflow lending, invoice discounting
• Assets available for security – evaluation of fixed or liquid assets
• Contracts with termination rights – position if all rights are exercised
• Defining material contracts – identification of core revenues and long-term business relationships
• Control over borrower and implications for fixed charge security – impact of consolidation
• Cross-border issues – local security and insolvency laws
Lending to Businesses with Outsourced Operations
• Use of LMA/ISDA forms of document – outsourcing core business function
• Loss or compromise of sensitive data – effectiveness of disaster recovery plans
• Due diligence on security risk mitigation – access to borrower audit information
• Service level performance discussions – lender rights to have input into relationship
• Payments to outsourcer – lender and outsourcer are competing creditors of the business and both critical to its continued success
• Insolvency of outsourcer – visibility of financial condition of outsourcer
Certainty vs Flexibility
Certainty
• Assists in enforcing legal rights
• Enables benchmarking of services
• Suits investors and regulators
• Provides specific remedies on default
Flexibility
• Suits changing market conditions
• Can deal with volatility (weakening sterling, changing funding costs)
• Potential for creative solutions to disputes
• Avoids “over-reliance” on contractual provisions
Certainty vs Flexibility
Flexibility
Certainty
CoreNon-core
[Captives]
DocumentManagement
Document termsLMA, ISDA
IntegrationIssues
PayrollIT
Outsourcing – regulatory considerations
• Material outsourcing
• outsourcing services of such importance that weakness, or failure, of the services would cast serious doubt upon the firm’s continuing satisfaction of the threshold conditions or compliance with the Principles
• general provisions
• Outsourcing of “critical or important” functions and investment services and activities
• an operational function is regarded as “critical or important” if a defect or failure in its performance would materially impair the continuing compliance of a common platform firm with the conditions and obligations of its authorisation or its other obligations under the regulatory system or its financial performance, or the soundness or the continuity of its relevant services and activities
• SYSC 8
Outsourcing – regulatory change
• FSA approach - “Light touch” to “Be afraid”
• More enforcement focus – in particular on senior management
• Regulatory capital and liquidity reforms
• EU competition concerns
• Proposed new EU regulation of hedge funds and private equity
• Corporate governance and remuneration
• Regulatory institutional change – role of BoE; and pan-European institutions
• Treating Customers Fairly / The Retail Distribution Review
• Implementation of the Payment Services Directive
For more informationplease contact:
Charles Kerrigan+44 (0)20 7067 [email protected]
Brian McDonnell+44 (0)20 7067 [email protected]
Industry consolidation / regulatory considerations
Outsourcing and Financial InstitutionsThree Hats: Customer, Provider, Funder7 July 2009