Governance within Finance & Accounting Outsourcing

This paper was developed to provide general background to assist clients in decisions related to outsourcing IT. Please note that this paper presents professional opinions intended to apply generally and that clients must take appropriate care to evaluate them in light of their specific needs. Technology & Business Integrators, Inc. makes no representations, warrantees or guarantees of any sort as to the applicability of the opinions presented in this paper.

Successes and Failures of Governance – Understanding the Reasons

The FAO Governance Fallout

TBI has studied business process outsourcing (BPO) governance models and their successes/failures in implementation, and discovered that governance in business process outsourcing (BPO) transactions is much less well defined than in information technology outsourcing (ITO) arrangements. There were many instances found in which processes are being used that are shortsighted. As a result, TBI created a model that can be used to talk clients through governance concepts early in the outsourcing investigation and then as it proceeds. The governance education model is used to define outsourcing risks and risk mitigation tactics throughout an outsourcing investigation and also to describe the need for client investment in structuring both new Governance Processes and new Governance Organizational Structures to assure effective deal management after contract signing.

Examples of Governance Processes are: performance reviews, problem management processes, escalation procedures and other operational management processes; also service request management processes, project workload prioritization processes and other demand management processes. Governance Organizational Structures include global and local outsourcing program offices, project management offices, contract management functions, joint executive and service delivery management (“governing”) committees, and the like. Governance organizations are needed to manage the contract and day-to-day service delivery and related operations. They also facilitate BPO provider/client Relationship Management, joint problem analysis and Risk Management, and collaborative, proactive management and strategic planning.

More than 50% of the outsourcing contracts that TBI has reviewed that are already in place have governance problems. One reason for this that has been seen by TBI is that no one in the organization is giving the outsourcing governance sufficient attention. Another cause seen by TBI has been that a specific governance plan was never established. More often, it is the latter – the contracts lack a foundation for governance, other than the basics of an escalation path, identification of committees that will meet and talk to each other regularly and the fundamentals of staffing a program office that will interface with the vendor business function. A minority of vendors will press for detail beyond this prior to the signing of the deal. Often the request for more planning of governance processes and structures comes from the client or the client’s outsourcing advisor, instead.

Risk Mitigation in FAO Contracts

The key difference in the FAO governance model versus that of ITO is primarily in the risk area. Regulatory requirements around BPO versus IT are what drive increased risk. Businesses are hesitant to outsource regulated activities. For example, one of the first things that prospects for FAO come up against is the need to continue assure Sarbanes Oxley compliance when accounting processes are no longer under the company’s direct control. Some in the industry predict that, in the long-run SOX will accelerate the outsourcing of finance and accounting processes because service providers will provide and leverage their expertise and efficiency in on-going compliance and change management to benefit clients, for whom these activities would otherwise be more costly if done internally. This may be true, but at the moment, there are many challenges to building this level of customer confidence in FAO provider capabilities. Dealing with Sarbanes-Oxley and HIPPA requirements, SEC filing requirements, SAS 70 audit requirements, etc. for outsourced services requires involvement of the service provider in risk mitigation activities, working as a true client partner.

FAO service providers must provide a very strong indication to their prospects/clients that they understand the risks being faced and are committed to working with the company to tackle and solve related issues. There are many cases in which corporate boards of directors have rejected any proposition for FAO outright for fear of losing control of their risks
(or their perceptions of controlling them). With FAO, there is a need to build activities that will support compliance with various regulations clearly into Statements of Work and contractual terms and conditions. The more proactive and specific an FAO service provider is in addressing the company’s perceived risks, the more likely they are to succeed in overcoming a potential client’s apprehensions.

FAO Supplier Responsibility for Risk Mitigation

Many FAO service providers just don’t understand that they need to be more proactive about supporting their clients in risk recognition/avoidance/mitigation activities. During discussions about SAS 70 compliance in a service provider facility at which a client’s work will be done, for example, the early response from the vendors has been “that’ll cost you” – they’ve been adding in costs in this manner to cover their risks, instead of building risk mitigation activities and costs into their solutions from the start. Fortunately, that is changing…there is more recognition now within the service provider community of the need to assume this responsibility as a routine part of outsourcing governance. Another area in which service providers are “missing the boat” is in accepting their share of risk of financial penalties for regulatory compliance failures. Again comparing ITO and FAO, within ITO contractual terms there rarely ever would be a vendor willing to assume responsibility for consequential damages that would include things like the company being fined as a result of something that the vendor did or didn’t do. Conversely, on the FAO side, that’s a minimum requirement – the assurance that the vendor will share their pain and that there will be a collaborative approach to dealing with the management of risk. Service providers with IT roots, in particular, are having a difficult time accepting this.

FAO service providers must pay attention to the fact that they have to help buyers build confidence that they understand the risks and processes that will ensure that they meet their commitments. It is important that they be able to speak to the types of controls that have been put into place on other accounts, to build creditability with clients in this area. Talking about checks and balances in accounting processes and how they’ll be established and how exceptions will be handled is necessary in order to help buyers visualize how outsourced processes will work and quality will be assured. TBI knows of one FAO supplier who is currently dealing with issues around outsourcing account reconciliation processes, where the client is comfortable with current, directly supervised operations but did not have a clear understanding of what they would need to do to assure quality after outsourcing this work and felt that risks were high. In this case, the supplier and the buyer, have worked together collaboratively to solve the problem and decided that, initially, the client should add a full audit of the reconciliation function to their normal audit procedures in order to mitigate risk. The client’s overall fears about the risks in this area were overcome in this case because: 1) the service provider’s team on the account was good at communicating the processes their employees would use to ensure that the outsourced work was done correctly; and 2) because they showed an understanding of the client’s concern and were ready to help create the solution.

FAO governance failures are often not expressed as governance failures (keeping in mind that everyone has different models of governance) but rather disguised in statements such as, “Our vendor is not responsive to our need to save money…they come to us with service requests or project plans that will cost us more instead of cost savings proposals.” Or, “our service provider is meeting the SLA, but our business users are unhappy with the service.” Or, “our outsourcing service provider is good at the day to day operational work, but has been disappointing in the area of innovation.” TBI has found that, all too often, the problem is that the two parties are just not talking…there is no effective channel for regular communication of changing business needs and how the service provider can help them accomplish that. The most successful outsourcing service provider-client relationships are those where the parties have found ways to grow relationships in ways that benefit them both. Regular steering committee meetings in which both parties participate are routine in most outsourcing relationships today, but these structures are often not effective in stimulating a collaborative strategic orientation…they too often evolve into routine “let’s look at the service level report and ignore the broader issues around the contract” types of discourse. For outsourcing governance to be fully effective, there needs to be regular strategic level discussion as well.

Focusing of the Softer Issues

Inexperienced outsourcing service buyers are less aware of the importance of some aspects of governance. Only buyers with prior outsourcing experience tend to focus on the “softer” contract issues, such as relationship management and risk management and strategic planning and the need for ongoing collaboration in these areas. Companies that are new to outsourcing often focus solely on ensuring that the proper controls are in place to assure that service is delivered according to stated requirements (i.e., their focus is only on the operational controls and demand management aspects of governance). TBI has seen many outsourcing governance failures…with companies not doing basic program management activities, not reviewing financials, not knowing what it was paying for and often overpaying because nobody is watching it…but those types of failures are less frequent than the kinds of failures that come out of never building a collaborative relationship for problem solving between the two parties.

FAO service providers often see important governance activities as “cost”…they’re always looking for contract arrangements that will enable them to build more business but are not looking to commit to service levels or penalties related to failures without adding on more cost. There are F&A service level requirements such as “100% of all external reports filed on time”…a 100% standard is unheard of in ITO and most of any other type of outsourcing…so again, too often, FAO suppliers tend to view such requirements as impossible burdens instead of understanding the need to deal with them from the very beginning. The real benefit for service providers in the implementation of a broader, more integrated outsourcing governance model, however, is the more effective establishment of the relationship, which can lead to a “trusted advisor” status that provides business growth opportunities. Surprisingly, though, many vendors do not come forth with a discussion of governance at all during outsourcing negotiations…buyers and advisors have to pull ideas about governance out of even many of the major FAO service providers’ account teams.

While many FAO service providers have no formal, standard models of governance, TBI has found that, for the most part, at least at a senior executive level, they all understand the imperative nature of achieving effective governance. However, this understanding doesn’t always flow down to all levels of their business. Many outsourcing service providers have leveraged their own internal shared services operations and lessons learned there by turning some of the managers of those groups into leads in their BPO governance practice. This approach to FAO business service start-up is great for assuring their account managers have in depth understanding of outsourced business processes and what is needed in consolidating F&A, making it more effective, etc., but is not necessarily a great approach in terms of assuring competence in crafting effective outsourcing governance structures and processes. An internal governance process is in some ways substantially different from an external governance model. While relationship management is important in both, in internal governance models, the customer is a captive audience and corporate policies and politics dictate how services will be deployed and used. Commercial account management provides a very different scenario, where both parties are bound by contractual terms, and governance is not built into the normal corporate structure. FAO service providers need to provide their account managers with training resources to strengthen their understanding of and capability to develop and implement effective governance structures and processes.

The Concept of External Governance Management

Some major sourcing consulting firms and benchmarking companies seek to become liaisons in the governance space – acting as the primary source of supplier-buyer communication to ensure outsourcing governance. These arrangements usually involve a recurring revenue component over three year’s time. TBI feels this is a flawed approach; a model that will ultimately be unsuccessful, since the client should “own” the governance process. It’s their risks and their relationships at stake, not those of a third party advisor. An external party can coach a buyer and/or supplier and help them structure a service level agreement, review and update measurements, audit the financials, and make sure governance processes are working …but they should not and cannot own the relationship or the governance structure and process. TBI believe that hiring a third-party to manage governance instead of staffing it from within is a fundamental expression of either distrust of the service provider or unwillingness to commit sufficient resources – and either bodes poorly for the establishment of an effective relationship between the parties. Ownership of management processes ideally rests where there is the best possibility of improving performance, not with a third party; and this is a particularly important consideration in the case of outsourcing governance.

Discussions around Governance

TBI believes that FAO governance should be discussed very early on in outsourcing investigations. Concurrent with reviewing goals for the outsourcing action, both clients and service providers should be reviewing and addressing risks. Collaboration in this goes a long way toward establishing the foundation for effective after-contract governance. FAO service providers and their clients can undertake the following types of activities to facilitate discussion of governance issues, and planning for implementation of an effective governance structure and processes:

  • The service provider should work with the client to accomplish an outsourcing risk analysis and to craft specific contract clauses, procedures, standards, service levels, etc. that can mitigate the potential risks identified.
  • Buyers can include a requirement in their request for proposal (RFP) asking vendors to address specific governance issues.
  • Buyers should identify program managers who will be part of the governance structure as early in the outsourcing investigation process as possible; in addition to briefing them on potential issues to address when implementing an effective governance structure, they will need to understand contractual clauses designed to mitigate risk.
  • Buyers should structure their governance organization specifically to meet their business needs instead of relying on vendor provided organizational charts or models provided from other sources. Every organization has different needs and different existing support structures and the governance solution must be customized with these in mind.
  • Buyers and service providers should work together to establish on-going maintenance plans to assure that contract exhibits including the SOW and SLA are regularly reviewed and updated to reflect business change.
  • Experienced companies such as TBI can be engaged by buyers to help them plan and implement effective outsourcing governance. The value of using an experienced coach to focus on governance during outsourcing service transition and start up of the ongoing outsourced service delivery can be particularly high. TBI clients have benefited, for example, from their assistance in structuring proactive governance structures and processes, getting things rolling so that the emphasis on governance is complete and becomes a routine part of the outsourcing management.
Share Button