Posted
By

Getting to the right price. If not the primary objective, it’s certainly one of the more important goals of any customer who has ever outsourced a piece of their operation. While striving for the lowest price possible, in order for the transaction – and long term relationship – to be successful, it must be beneficial to both parties. If a customer negotiates a supplier below the point at which they can make money on the service, there will be problems with that relationship. It might take a little while for them to surface, but surface they will.

One of the longstanding precepts of pricing in the sourcing world is to maintain, as closely as possible, a linkage between the underlying cost of providing the service and the price being charged for that service. No customer should begrudge their supplier making a reasonable profit, for without a fair return on their work, it is unlikely the supplier will be there in the future to support the customer. Hence, if the costs of providing the service plus a fair margin are equal, in as many cases as possible, to the price being paid by the customer, then the chances for a long, happy and productive relationship between the customer and supplier are good.

This does not mean that one should strive for a “cost plus” arrangement. On the contrary, that pricing paradigm comes with its own set of challenges. What this does mean is the price should be closely linked to the underlying cost of providing the service. An O/S image support charge is directly attributable to the labor and maybe some productivity tools that are used in the delivery of that server’s support. Conversely, the charge for a gigabyte of data streamed to a tape has no linkage to the underlying cost of providing data backup services.

Continue reading

Posted
By

Change is hard. Big change is harder. And big change in big companies is extremely hard.

So it is not surprising that when it comes to large outsourcings, the amount of change can be a deal-killer. The friction costs of outsourcing can result in hurdles that are just too high to overcome – even for deals that ultimately produce significant savings and that clearly would be in the best interests of the company.

These friction costs of moving forward with an outsourcing transaction go well beyond the obvious “hard” costs of the service provider’s transition charges and cost of severance. The “harder” friction to overcome includes:

Continue reading

Posted
By

The U.S. Department of Defense, General Services Administration and the National Aeronautics and Space Administration (NASA) have issued a proposal to amend the Federal Acquisition Regulation (FAR) implementing Executive Order 13495 , which will require government contractors that take over service work from other companies to offer jobs to certain categories of the predecessor’s employees.

The presidential order is intended to aid procurement efficiency and mitigate transition risk by preserving the service continuity of the predecessor’s employees, if the contract is awarded for the same or similar work in the same location. There are many similarities with the long standing protections offered to citizens of the European Union, whose jobs are protected in certain circumstances by the Acquired Rights Directive (ARD). Under the ARD, an employee’s job is safeguarded by requiring a successor contractor to hire the employee from its predecessor on substantially the same terms and conditions (e.g., salary, benefits, years of services) as the employee enjoyed with its predecessor. Notably, the ARD applies to private sector outsourcing transactions, not just to government contracts as is the case under the proposed FAR regulations.

For any company that has sought to outsource its IT or BPO functions on a global basis, the implications of the ARD are impossible to ignore. It requires suppliers to conduct substantial due diligence on the customer’s HR policies and personnel before signing an outsourcing deal, and to make offers to its predecessor’s employees as opposed to using its own employees to perform the services. As a result, the supplier must factor the cost of hiring the new personnel into its solution, and in turn, pass that cost back as a charge to the customer. Although the consequences vary from country to country, ARD non-compliance violations can result in hefty fines for both customers and suppliers as well as potential criminal liability for certain breaches of consultation requirements in countries such as France.

Continue reading

Posted
By

A key finding in the Trustwave 2012 Global Security Report is that in 76% of data breach investigations a third party responsible for system support, development and/or maintenance of business environments introduced the security deficiencies. This should concern any company that outsources the processing, storage or transmission of personally identifiable information (PII) to suppliers of IT or business process outsourcing services.

With the average cost of a data breach in excess of $5 million and the associated reputational risk, outsourcing customers should review their contracts to ensure they contain appropriate commitments and accountability from the supplier with respect to data security. Below is a brief outline of some of the key provisions that should be part of an outsourcing agreement.

Supplier Commitments: Suppliers should commit to the following:

Continue reading

Posted
By

Starting on 26 May 2012 the UK Information Commissioner’s Office (“ICO”) will begin enforcing sweeping changes to the EU cookie law put in place 12 months ago. By way of reminder, following a change to the EU’s Privacy and Electronic Communications Directive (the “E-Privacy Directive”) back in 2011, the rules on using cookies to track/store information on users are about to change.

Unless an exception applies, the new requirement essentially prohibits the use of cookies absent the consent of the user (unless the cookie is “strictly necessary”). The new rules apply regardless of where the website is based, if European personal data is collected.

In other words, a website operator over which the ICO has jurisdiction, wherever the operator is based in the world, will be unable to argue it was still getting its house in order if the ICO comes knocking.

Continue reading

Posted
By

In previous blogs in September/October 2011 (Supplier Selection; Contract Negotiations; Relationship Management) I offered practical tips on how to manage and mitigate some of the risks that arise throughout the life cycle of a typical outsourcing. These risks may arise during the supplier selection process, in the course of contract negotiations or during the implementation and day to day operation of the outsourced services. In this final chapter on managing risks in outsourcing I will focus on exiting from an outsourcing contract.

The exit from an outsourcing deal gives rise to a variety of different risks for a customer, particularly an exit following termination due to the supplier’s default or termination for convenience by the customer.

Common risks which you may face as a customer upon exiting an outsourcing contract include:

Continue reading

Posted
By

An effective pricing model is a foundational component for long-term success in an outsourcing relationship. Success or failure in a relationship can often be traced in part to the wisdom, or lack thereof, of the pricing model. A good pricing model will create predictability while serving to align interests, allocate risk, and manage expectations on both sides. A misguided one can foster mutual mistrust and lead to mismatched incentives, inefficiency, and unpredictable expenditures.

Given their importance to a successful outsourcing arrangement, it’s no surprise that industry pricing models continue to evolve. Stephanie Overby recently wrote on CIO.com about 4 new IT outsourcing pricing models; these include gain-sharing, incentive-based, consumption-based, and shared risk-reward pricing. While the nomenclature for pricing models may have taken a while to catch up, these “new models” have been in practice in some form for a number of years and may be more aptly construed as evolutions of existing models.

Here’s a quick run-through of a few of the traditional pricing models:

Continue reading

Posted
By

Back in 1999 Kevin Ashton, the British technology pioneer and cofounder of Auto-ID Center at MIT (creators of the global standard system for radio-frequency identification (RFID)), coined the term, the Internet of Things, to describe “uniquely identifiable objects (things) and their virtual representations in an internet-like structure.” Put simply, the Internet of Things refers to networks of everyday objects such as phones, car and household appliances which are wirelessly connected to the internet through smart chips, and can collect and share data.

Now, well over a decade later, the European Commission has issued an online questionnaire which seeks views on the future regulation of the Internet of Things. The Commission sees both opportunity and threat from the exponential growth of interconnected networks, with 50 billion wirelessly connected devices predicted by 2020: “The Internet of Things holds the promise of significant progress in addressing global and societal challenges and to improve daily life. It is also a highly promising economic sector for sustainability, growth, innovation and employment. But it is likely to have a profound impact on society, in areas like privacy, security, ethics, and liability.”

Predicting a future where everyday objects are linked, the Commission has started to gather views on how best to design and shape a regulatory framework which operates in an open manner, enabling a level playing field, whilst ensuring an adequate level of control over the connected devices gathering, processing and storing information. Views on privacy, safety and security, security of infrastructure, ethics, interoperability, governance and standards are sought. Responses to the questionnaire are requested by 12 July 2012. The Commission’s recommendation on the Internet of Things is expected to be published by summer 2013.

Posted
By

India’s recent demand for European Union designation as a data secure country (see our blog) has brought the issue into the spotlight. Here we take a closer look at those nations which have achieved EU recognition and the benefits of doing so.

Article 25.1 of the Data Protection Directive (in the UK enacted through the eighth principle of the Data Protection Act, 1998) prohibits the transfer of personal data to a third county (i.e. a country or territory outside the EEA) unless that third country provides an adequate level of protection for the rights and freedoms of data subjects in relation to the processing of personal data. Several exceptions to this rule are available including, in particular, the use of the approved EC model clauses.

Data transfers to third countries can take place in many circumstances, such as where an EU- based business relocates functions to subsidiaries outside the EEA, establishes an offshore shared service centre which processes, for example, HR or payroll data, where data is transferred for offshore processing as part of an outsourcing agreement with a third party supplier or as part of a hosting or cloud computing deal. The onus is on the data controller to ensure that he complies with the eighth data protection principle in relation to any cross-border data transfer of personal data.

Continue reading

Posted
By

ZDNet blogger, Michael Krigsman, reported recently that nearly 70% of IT projects fail in some important way: An eye-popping number!

There can be endless debate on the actual failure rate of IT projects – the answer most likely depends on the criteria used to define “failure” – but a couple points are clear:

  • An unacceptably large percentage of IT projects are not delivered on time or on budget or fail to produce the desired outcomes.
Continue reading