Virtual Labor Will Fuel Digital Initiatives

It’s now a strategic imperative that business leaders conceptualize how business and IT services can be bundled with “smart” technologies, like cognitive computing or machine learning, to create innovative service models and intellectual property (IP) for new revenue streams.

Speaking ahead of the Gartner Sourcing & Strategic Vendor Relationships Summit 2016 in London, Frances Karamouzis, vice president and distinguished analyst at Gartner, said, “Smart machines are not future fantasy. They are commercially available — it has been estimated that more than $10 billion of smart machine technologies have already been purchased through more than 2,500 companies. Services related to smart machines may be five to 10 times the size of the aggregate technology market.

The New Normal

The new normal is that “recruited” smart algorithms, smart machines, robots and cognitive bots (with artificial intelligence) will occupy the domains of expertise historically fulfilled by people. Smart machines and algorithmic business models will challenge the idea that “talent” and human beings are synonymous.

By 2018, 40 percent of outsourced services will take advantage of smart machine technologies, rendering the offshore model obsolete in terms of competitive advantage.

“The concept of hyperautomation arbitrage will be used to describe the displacement of human labor by smart-machine-enabled services and algorithmic business models,” she added. “This will lead to the obsolescence of the offshore business model for competitive advantage as, historically, it was used to recalibrate the cost of labor and provide scale.”

Gartner predicts that, by 2018, 40 percent of outsourced services will take advantage of smart machine technologies, rendering the offshore model obsolete in terms of competitive advantage.

Offshore Services Are Here to Stay

Does that mean the disappearance of offshore services and long-standing contracts? The answer is no. “It means that it is not going to be the primary means of cost optimization or speed to competitive advantage,” said Ms. Karamouzis.

Smart machines are not always complete replacements for subject-matter experts or other labor. There could still be a role for offshore centers, albeit changed and refocused. Human labor is still part of the mix, and cheaper human labor will always appeal to business leaders.

IP and Smart Machine Revenue Opportunities

Nevertheless, smart machines and the services they enable are a reality. Hundreds of organizations are adopting smart-machine-enabled services to achieve short- to midterm savings, new revenue sources or profitability structures. Few, however, have fully understood the depth and magnitude of the potential value of the intellectual property (IP) being created.

The IP developed alongside smart-machine-enabled services has the potential to add significant revenue, as it may be patentable. Due to the need for speed, business leaders tend to partner with providers to engage them in proofs of concept without involving sourcing executives or their teams, which exposes the organization to long-standing sourcing risks (including selection of the wrong partners, negotiation mistakes and vendor management issues).

There is, however, a much larger and more dangerous risk unique to smart-machine-enabled services. This risk is the loss of potential future revenue from patentable IP — including business processes, process ontologies, algorithms and knowledge capital — that is not properly protected.

Sourcing leaders should investigate new options for virtual labor, or fall behind the competition.

As a result, sourcing decisions for smart-machine-enabled services will be the most strategic decisions that any organization will make in the next 10 years.

With 2,500 organizations in the “machine intelligence” segment, and more than 35 major service providers investing in the development of “virtual labor,” sourcing leaders should investigate new options for virtual labor, or fall behind the competition.

Sourcing managers should also take the lead in enabling their organizations to seize the opportunities offered by smart-machine-enabled services. These services raise the prospect not just of immediate savings, efficiency and competitive advantage. They also enable potential future revenue from patentable IP.

Gartner Sourcing & Strategic Vendor Relationships Summits

Gartner analysts will provide additional analysis and information on sourcing trends at the Gartner Sourcing & Strategic Vendor Relationships Summits 2016 taking place in London, Tokyo and Grapevine, Texas. You can follow news and updates from the events on Twitter using #GartnerSSVR.

Gartner clients can read more in the report, “Predicts 2016: The Rise of the Machine Leads to Obsolescence of Offshoring for Competitive Advantage”.

Source: Gartner-Virtual Labor Will Fuel Digital Initiatives

How robotics is changing the face of Business Process Outsourcing

In my world (I am an outsourcing advisor) the robots I deal with do not have arms and legs, or wheels, but are set to have just a big an impact on my industry as any of the physical robots have had on, say, the manufacturing sector. The trouble is, most of the big outsourcing organisations that are set to be impacted the most from this have very little idea what is going to hit them.

Robotic Process Automation (RPA) works best when the processes are repetitive, rules-based and frequent i.e. those tasks that are normally great candidates for outsourcing.

The ‘robotic software agents’ are a relatively new technology that is commonly termed Robotic Process Automation (RPA). Their objective is very straightforward – to carry out the business processes that would normally be done by human beings. This works best when the processes are repetitive, rules-based and frequent i.e. those tasks that are normally great candidates for outsourcing.

It doesn’t take a great leap of logic to then conclude that RPA is a potential competitor to any outsourcing deal that involves business processes (Business Process Outsourcing, or BPO). Particularly when one considers that a software robot would cost around one ninth of a Full Time Equivalent (FTE) person working in, say, the UK or US, or a third of the cost of an FTE working offshore (say India). What RPA does is completely skew the business case dynamics of outsourcing: large, global organisations, such as Infosys, Wipro, TCS, Capgemini, Capita, etc, who have built their business model around employing more and more people, will now have to completely change their whole mindset to cope with the opportunities and threats that RPA brings.

To put some scale on the potential impact the BPO sector globally is currently worth over $300bn. In India alone, more than 3 million people are employed doing BPO work; in the Philippines there are another million. Across Europe and the US millions more workers earn their living through BPO. RPA will have the potential to impact every single one of those jobs.

The technology that exists today is still relatively immature; it can replicate the basic transactional tasks, probably impacting around 20%-40% of processes. But as the technology develops at an accelerating rate, this percentage will most certainly increase.

Here are some examples where RPA has already had a significant impact on businesses:

Crucially, in that last example, the incumbent outsourcing provider, one of India’s big three firms, was kicked out because they were no longer needed.

With this level of impact on the way that organisations do business, there are three ways that the BPO industry could react.

The existing BPO service providers could change their business model, adopt RPA as a core capability and continue to dominate the sector, albeit with a rather painful transition period. The problem here is that, to date, there is very little evidence that this is going to happen. Many of them are simply too vested in the current ‘FTE’ model and see RPA only in terms of it cannibalising their existing revenue streams. It should be clear by now that this is a very short-sighted perspective – not only because there will be a great deal to be gained from first-mover advantage amongst these firms, but also because of the other two changes that are already happening in the market.

We are already seeing a new breed of service provider / systems integrator emerging – these are focussed first-and-foremost on RPA. They will take any set of business processes, whether they have been outsourced or not, and automate them. The remaining tasks that are currently too complex to automate are left for the BPO providers to pick up. It won’t be long before these new providers can also provide the FTE capability as well – their pitch to clients will be ‘automate first’ and, if we can’t automate it right now, we’ll put some people in. In other words, they’ll be taking all of the work that the traditional BPO providers would have had.

As the software gets cleverer and cleverer, and more and more processes can be automated, the economies of scale that give BPO providers their price edge will be quickly eroded.

The third way that the BPO sector will change is perhaps the most interesting. Because the technology is relatively straight-forward to implement (it doesn’t actually require much input from IT), many client organisations will take a DIY approach to managing and automating their own processes – it will be more like BYOR (Bring Your Own Robot) than BPO. We have already seen a number of large companies take this DIY approach, using third parties in only a consultative capacity. As the software gets cleverer and cleverer, and more and more processes can be automated, the economies of scale that give BPO providers their price edge (reducing the cost of an FTE by over 20% in large delivery centres) will be quickly eroded. This could easily spell the end of the large BPO service providers.

When that tipping point will happen is difficult to predict, but it can only be a matter of years away. Right now, though, the robots are making their (virtual) presence felt: my clients are already including ‘RPA capability’ as a selection criteria when outsourcing; they are looking at an ‘onshore + automation’ solution as an alternative to a pure ‘offshore’ one (and one that is economically favourable); and they are looking much more closely at the compliance, efficiency and auditability benefits of using robots over humans. These are certainly early days in the RPA journey, but it is a journey that is set to impact millions of jobs across the world, and where the whole BPO industry will be turned upside down through the simple adoption of BYOR.

Source: Robohub-How robotics is changing the face of Business Process Outsourcing

When’s the right time to outsource elements of the customer experience?

Having worked in customer experience for many years now, I have no doubt that at times outsourcing certain elements of a business can be a real shot in the arm. It can make things run more efficiently and effectively; it can free up resources; it can save the organisation money; it can help engage staff, and it can effect a change in overall direction.

But what is equally true is that outsourcing is not a magic bullet. If an area of the business is failing, then outsourcing is not suddenly going to turn things around. I chant the mantra, ‘Fix it, simplify it, and then outsource it’ to my clients on a regular basis. This push to outsource is particularly relevant in areas such as the contact centre. So when is the right time to do it, and what should a brand look for in its outsourcing partner?

Take a 360 perspective

Contact centres remain an important part of the modern customer experience, but they must constantly evolve and refine how they operate to keep delivering a superior customer experience. There have been advances such as Visual IVR and other solutions that make the concept of the Single Digital Channel (SDC) a reality and are breathing new life into the contact centre.

Keeping customer contact in-house is tempting. It allows a brand to retain control, is straight forward and initially cheaper, and there are fewer opportunities for the brand to suffer through association with an outsourced contact centre.

But are the people that run and manage operations in a contact centre necessarily the best-placed to understand how to improve it and make it fit for purpose? To decide whether or not a contact centre needs outsourcing, a 360 degree perspective is essential, and self-interest must be put to one side. This review can be done internally, but achieves more using external expertise. Even if you ultimately decide to keep your contact centre in-house, external guidance can help get you the best result.

Transparency and sector experience

If a brand decides that outsourcing its contact centre is the best way forward then transparency should be at the top of the list when evaluating a partner. A brand should expect and demand assurances as to the quality of interactions with their customers. So a provider should be clear and transparent about call volumes, the number of contacts answered; how many contacts are missed each day, and provide KPI scores each day to ensure things are as they should be. They should also provide actionable customer feedback to support and improve brand reputation.

Experience in your sector is also important. While best practice in an outsourced contact centre remains the same whatever the industry, there are nuanced differences between say an energy supplier and a travel firm. So what kind of customer base does your proposed provider have? Have they worked with other firms in your industry previously? If you can see firm evidence of success with these, then that is a good sign they could be the right fit for your business.

The latest technologies

Of course, perhaps the most significant factor for a provider is having the right technology. Anyone providing outsourced contact centre services needs to be able to demonstrate they can make use of advances like Visual IVR and the Single Digital Channel.

SDC gives a customer service agent access to all media types from their desktop, with all contact interaction taken by customers – voice, email, chat, social media – waiting in one queue to be addressed by the right agent. The ‘right’ agent can mean the next available agent, one with a particular skill-set or area of expertise, or even one with a prior history with that customer.

It allows agents to deliver a much more efficient service and is a real asset to any firm wanting to deliver true next-generation customer experience. But such advances would not be so easily available should a brand choose not to outsource its contact centre. Providers bring technical expertise to the table, and can react to the latest technology trends far more effectively than in-house teams.

That’s why outsourcing can be such a strong option for contact centres, delivering the most powerful technologies and helping to maintain the overall customer experience. The best option is an outcome-based commercial model, with a hybrid of fixed work-based payment and performance or NPS-based bonus elements, much more likely to deliver a win for both the brand and the provider.

Source:’s the right time to outsource elements of the customer experience?

Outsourcing the fast speed of two-speed IT

Many companies have embarked on a digital transformation of their business in an effort to increase sales and support customers through online systems, apps and social media.

Many companies have embarked on a digital transformation of their business in an effort to increase sales and support customers through online systems, apps and social media. IT organizations are encouraged to develop a “fast” or “second gear” mindset capable of operating at internet speed and being focused on a digital transformation. Carrying out this shift while simultaneously supporting legacy systems that cannot be changed as rapidly is a tall order for many IT organizations. In-house IT departments must either learn to reinvent themselves so they can adapt to the fast-paced evolution of technology or outsource these efforts to quickly gain the expertise needed. IT outsourcing, or more specifically, outsourcing the creation of innovative and dynamic software apps and systems, is a reliable way for companies to ramp up a development team for the required fast gear.

My previous article focused on outsourcing the slow speed of two-speed IT. The two-speed IT strategy is popular because it helps companies understand the difference between the traditional “slow” focus of IT, centered around maintaining internal business-critical systems, compared to the “fast” UX design and DevOps focus needed to create dynamic online and mobile, customer-facing apps.

The rapid growth in new technologies such as the Internet of Things (IoT), mobile apps, big data analytics, and seemingly unlimited cloud storage and compute power has profoundly changed every industry. Companies like Amazon, Facebook and Google have aligned their technology and IT systems with their business goals. They limit the size of their software engineering teams to support efficient agile and Kanban methods of development. Product managers think about entire user experiences instead of single features. Leading internet companies rely on frequent testing, experiments with the user interface and collecting data about consumer behavior in their products to learn what works and what doesn’t, even at the risk of failure.

The building blocks of digital enterprise architecture

According to McKinsey & Company, a digital enterprise architecture needs to include several elements to facilitate digital transformation:

  • Two-speed IT architecture – as described here
  • Instant cross-channel deployment of functionality – using microservices for small features or functionality that are deployed in minutes or hours
  • Zero downtime – using test-driven development (TDD), continuous integration and deployment (CI/CD) that enable the update of individual pieces of functionality without disrupting the entire system
  • Real-time data analytics – analytics that become an integral part of the app and not just a stand-alone process
  • Easy process configuration – business users are able to change features without custom coding
  • Automated scaling of IT platforms – scalability across redundant private and public-cloud environments to eliminate potential slowdowns and downtime
  • Secure architecture – cybersecurity as an integral part of the overall application

Outsourcing provides these elements and accelerates the transition to a two-speed model. The agile culture required to think of software as a product, created in a factory-like manner with continuous improvement is achieved much more easily in an outsourced software development shop that is an expert at product development, rather than building a “fast” IT team and culture in a historically “slow” IT organization.

What are the risks in outsourcing the faster portion of IT?

For most technology executives, the question is not whether to outsource but what to outsource. There are two popular models of software outsourcing for fast IT:

  • Team extension – your developers work together with the outsourced developers
  • Autonomous team – the outsourced team(s) do all the development and you provide a product owner(s)

In both cases, the outsourced team has a significant responsibility to perform and there is a risk they won’t rise to the occasion.

To start, there is a risk you will select the wrong IT outsourcing firm. For example, the company you hired for slow IT maintenance of your legacy systems is probably the wrong choice for fast IT. You also face internal risks, as well. You will need one or more knowledgeable product owners who will be in frequent contact with your outsourced teams, and you may have to watch for declining employee morale. Underperformance and passive/aggressive behavior are common with employees who think their jobs are at risk.

Fast IT outsourcing benefits

There are also many rewards you should expect to see when outsourcing:

  • Access to the latest technology – good software outsourcing companies keep up with the latest trends
  • Cost savings – IT outsourcing to some locations has a lower cost structure, even when factoring in travel
  • Expert developers – it’s difficult to hire great developers, but IT outsourcing firms are constantly recruiting in under fished markets for the specific qualifications and certifications needed by their clients. Good software outsourcing companies have a pipeline of qualified candidates available to them
  • Flexibility – even if you can hire developers, you have limited ability to ramp up and ramp down teams as your needs change


The two-speed IT architecture is a good model for enabling the digital transformation of your company’s business in an agile and dynamic manner, while also delivering the positive user experience expected by customers. Fast or slow, there is a role for IT outsourcing in any company that is serious about digital transformation. There are many great software outsourcing companies to choose from in several convenient global locations. It is important to select a partner for your fast-mode outsourcing that is an expert in the technologies, methodologies and best practices of UX design and DevOps that you need.

Source: CIO-Outsourcing the fast speed of two-speed IT

Deciding between active and passive management of outsourcing services

Understand which model works best for managing outsourcing services in a consumption-based pricing model.

Credit: iStock

There are effectively two models for managing outsourcing relationships, whether it’s for IT and infrastructure services or for BPO. The services industry has been pushing a managed services environment as the best practice. But in reality, this is not the best practice for all types of outsourcing.

Passive management implies that you are managing to service levels. It’s very consistent with the book I wrote in 2000, Turning Lead Into Gold: The Demystification of Outsourcing, in which I advised buyers to let their service providers — the experts — do their job. Get out of their hair, hold them to the outcomes and don’t micro-manage them. That’s the philosophy, and it comes through in the managed services space, whether it’s applications, infrastructure or BPO.

But as I recently blogged in service-level agreements are dead, the challenge with this model is that the providers just meet the service levels stipulated in the contract and don’t meet your organization’s changing needs.

The alternative is actively managing outsourcing. In this model, you don’t hand over the responsibility to the provider. You much more intensively, actively manage the relationship. In fact, you’re the day-to-day manager of the services. Services managed in this model look like staff augmentation or pay-per-use services.

Service providers understandably prefer the passive management. But certainly a significant portion of the industry is actively managed.

Here’s my advice on why should you choose one model over the other.

Pros and cons of passive management

The advantages of passive management are that you leverage the provider’s expertise and scale and you can hold the provider accountable for the services it provides. The disadvantage is those services don’t change even if your needs change.

In the passive management model, you rely on the contract to align your interests and the provider’s interests. You never have perfect knowledge when you construct a contract, so it’s imperfect in its conception. Furthermore, contracts become more imperfect over time. Even the best constructed contract will, over time, get out of alignment with your interests because your interests will change.

In addition, passive management of an outsourcing relationship puts your organization at risk for having “outsourcing bloat,” meaning you’ll pay too much for the outsourced resources.

Pros and cons of active management

In the actively managed model of outsourcing, it’s harder to capture the benefit from the expertise of the service provider. You potentially dissipate the provider’s economies of scale. You also have more investment in time in your own governance because you have to have feet on the street.

In this model, you leverage a different kind of expertise: skilled people rather than organizational knowledge. There is some question as to how much organizational knowledge can actually be applied anyway. To avoid dissipating the economies of scale, you need to be more thoughtful in terms of how you use the provider. But you can constantly align the provider against your changing needs and, over time, capture the productivity benefits that you get from that, rather than having them accrue or sharing them with the service provider.

Moreover, service providers are more responsive when governed in this model. They deal well with the nature of imperfect knowledge because you have the power to iterate in real time.

Which model is best in a consumption-based world?

These are two very different models for managing outsourced services. Both are valid. But I believe, as we move to a consumption-based world, that the actively managed governance vehicles will start to have increasing prominence. In a fast-changing world where technology is closely aligned with business needs drives towards an actively managed vehicle over a managed services / passively managed vehicle.

I think this has very significant implications for designing the relationship with a third-party outsourcing provider. Keep in mind as you design such a relationship that it acts counter to where the service provider would like to take relationship governance.


Source: CIO-Deciding between active and passive management of outsourcing services

Contact Center Outsourcing (CCO) – Service Provider Landscape with PEAK Matrix™ Assessment 2016

Contact Center Outsourcing (CCO) – Service Provider Landscape with PEAK Matrix™ Assessment 2016


The world of contact center outsourcing (CCO) continues to be a hotbed of activity as service providers respond to the pressures of a changing value proposition. Most of the investments made by CCO service providers in past 24 months and planned for next 12 months are focused on offering more digital services to buyers, and shifting focus from the traditional contact center outsourcing value proposition of cost containment to providing unparalleled customer experience. The CCO market has reached an overall size of US$75-78 billion globally, having posted a moderate growth of 4% in 2015. Contact centers are evolving at a rapid pace primarily due to technological innovations as well as changing customer needs. From a solution perspective, CCO market is observing a shift towards digital enablement leading to higher leverage of analytics, RPA, and multi-channel solutions.

This study assesses the contact center outsourcing capabilities of different service providers (CCO specialists, BPO pure-plays, and IT+BPO players) and evaluates their positioning on the Everest Group PEAK Matrix.

In this research, we focus on different aspects of the CCO market:

  • Relative positioning of 34 service providers on the Everest Group PEAK Matrix for CCO
  • Analysis of service providers’ market shares
  • Key strengths and development areas for service providers

Scope of analysis

  • Contact center outsourcing offered by CCO-focused specialists, BPO pure-plays, or IT+BPO service providers
  • Coverage across all major industries and functional areas
  • Coverage across 34 CCO service providers, including Aegis, Alorica, Atento, Capita, CGI, Concentrix, Conduit Global, Convergys, Contax, Dell, EGS, EXL, Firstsource, Genpact, HCL, Hexaware, HGS, HPE, Infosys, Intelenet, Knoah Solutions, Minacs, Sitel, Sutherland Global Services, Sykes, TCS, Tech Mahindra, Teleperformance, TeleTech, Transcom, Webhelp, Wipro, WNS, and Xerox


This report examines the service provider landscape for contact center outsourcing and provides insights into the global contact center outsourcing market. It focuses on service provider position & growth in the market and assessment of service provider delivery capabilities.

Some of the findings in the report are:

  • Everest Group classifies 34 CCO service providers on Everest Group’s proprietary PEAK Matrix framework into:
    • Leaders: Alorica, Concentrix, Convergys, Sitel, Sutherland Global Services, Teleperformance, TeleTech, and Xerox
    • Major Contenders: Aegis, Atento, Capita, Contax, Dell, EGS, EXL, Firstsource, Genpact, HCL, HGS, HPE, Intelenet, Minacs, Sykes, TCS, Tech Mahindra, Transcom, Webhelp, Wipro, and WNS
    • Emerging Players: CGI, Conduit Global, Hexaware, Infosys, and Knoah Solutions
  • Alorica, EXL, Sutherland Global Services, Wipro, and WNS have been identified as Star Performers on the CCO PEAK Matrix
  • Teleperformance and Convergys are the two largest CCO service providers by revenue
  • CCO specialists dominate the market, with nine specialists declaring revenue in excess of US$1 billion
  • Teleperformance is the only player to hold major presence across all geographies and also across major industries

Everest Group has a complimentary four-page PEAK Matrix preview document for this service provider landscape report.

Related Products

Identifying the Differentiators of High Growth CCO Providers Contact Center Outsourcing (CCO) has been growing at 5-6% annually over the past few years. However, a few players in the market have managed to beat that growth rate and have expanded at a much more rapid pace. This viewpoint looks into the growth strategies adopted by them that have allowed them to expand at such pace. It looks at how these new areas of focus being pursued by these service providers are shaping up in the contact center space and are driving growth in the industry. |More
Contact Center Outsourcing (CCO) – Service Provider Profile Compendium 2015This report provides comprehensive and fact-based snapshot of 20+ major CCO service providers. Each profile highlights service provider’s delivery capability, market strategy, key organizational developments, delivery footprint, and client portfolio along various dimensions such as geography and industry. In addition to this, each profile provides the positioning of the service provider on the Everest Group PEAK Matrix with an insightful analysis of its capabilities. | More
Contact Center Outsourcing Annual Report 2015: Incumbents Beware – There’s No Place for Complacency The CCO market grew at ~5% in 2013 to reach US$70-75 billion. Last 12-24 months have seen a high number of terminations, much higher than the extensions that make the market even more competitive. This report provides an overview of the CCO market, including market size & adoption trends, key solution characteristics, service provider landscape, and areas of service provider investment

Artificial Intelligence Threatens 3,000 Software Engineering Jobs at Wipro

Indian IT outsourcing firm Wipro is deploying its artificial intelligence platform Holmes to perform tasks currently handled by 3,000 of its software engineers.

The Bangalore-based outsourcing company will automate some of its services related to so-called ‘fixed-price projects’, freeing up engineers and saving up to US$46.5 million, Indian business daily Mint reports.

It is not clear whether these freed engineers will be dismissed or re-trained to perform different tasks within the organization.

Approximately 30,000 of Wipro’s delivery workforce are engaged in fixed-price projects. The company has over 150,000 employees, including 110,000 in delivery.

Wipro is also hoping to generate US$60-$70 million in revenue by selling some artificial intelligence applications to new and existing clients this year.

With their margins in traditional outsourcing businesses rapidly eroding, India’s IT services firms are increasingly turning to emerging technologies. They appear to have realized that they ought to move up the value chain and can no longer rely on labor arbitrage, one of the reasons for their success in the global technology market.

In the past year, the country’s top IT firms including TCS and Infosys have launched their own automation platforms. Wipro’s automation platform is called Holmes, while TCS and Infosys’ platforms are known as Ignio and Mana respectively.

There are little or no report as to how many Indian software engineers have lost their jobs to automation in the past one-year or so. According to a report from Mumbai-based brokerage firm Centrum Broking, India’s top five IT firms reported 24% fewer employees in 2015. That means artificial intelligence has already begun to take its toll on India’s massive technology workforce.

Even Cognizant Technologies and HCL Technologies are using automation tools to save money and increase productivity. But Infosys seems to be an exception. Some sources say Infosys is hiring more executives to bolster its automation portfolio.

US financial services firms have long been the important clients for Indian outsourcing firms. A recent report on The Wall Street Journal says American banks are now deploying artificial intelligence technologies to handle regulatory compliance.

Source: Intelligence Threatens 3,000 Software Engineering Jobs at Wipro 

Public sector embraces bigger, longer outsourcing deals

Public sector outsourcing deals are growing as the U.S. government seeks shared services efficiencies.

Over the past five years, as outsourcing in the commercial sector has grown steadily but modestly, the annual contract value of outsourcing deals in the public sector has more than doubled, according to analysis by outsourcing consultancy ISG. Today, public sector outsourcing deals account for two-thirds of the annual contract value in the market overall.

Much of the activity is happening in the U.S., which consists almost entirely of information technology work and driven in large part by Department of Defense spending, according to ISG. The Department of Homeland Security and the Department of Health and Human Services, contending with the changes mandated by the Affordable Care Act, are also significant users of third-party IT services.

These federal agencies are also poised to add on more business process services in the future as well “as technology improves and the workforce ages,” says John Keppel, president EMEA and Asia with ISG. Public sector agencies in the U.K. and Australia have already adopted business process outsourcing on a much wider basis, according to ISG. Both countries have increased their BPO activity over the past year in areas such as taxation, pensions, asset registration, e-governance and benefits administration.

In recent years, public sector outsourcing contracts have gotten longer in duration as well at a time when private sector deals have gotten shorter. Both have converged to average of about 3.2 years. “The federal government is pursuing outsourcing in a number of areas where agencies had traditionally created in-house technology functions in the past,” says Keppel. “Private sector terms have been growing shorter, driven by specialization and the flexibility that those deals provide to clients.”

Shared services environments drive longer outsourcing deals

A new push from the U.S. government for shared services environments (particularly in back-office functions like IT, accounting and finance) is another contributing factor to the longer deals. “Shared services offers the possibility of substantial budget savings. This dynamic drew private sector companies toward outsourcing and government managers, faced with growing pressure to increase efficiency, are being encouraged — even forced — to look at shared services as a smart way to approach this,” Keppel says.

But the shared services mandate has ruffled feathers and introduced significant technological challenges. “The move to shared services hasn’t been easy, as it runs counter to a long history of each agency establishing its own IT functions,” says Keppel. “Implementing shared services requires significant system integration and data migrations. In addition, many agencies have had to maintain legacy systems they thought they would be able to retire. Agencies have been successful in identifying the lowest hanging fruit, such as consolidating systems within their own agency.”

At the same time, federal CIOs are working aggressively to adopt cloud applications, roll out mobile technologies and support big data projects, for which they’ll need the experience, efficiency, and capabilities of private sector providers. “Many agencies’ budgets remain flat, they are understaffed, and face a skills gap to pursue cloud, mobile and big data technologies,” says Keppel. “Outsourcing providers possess the expertise, unique skill sets, and service delivery capabilities to help agencies launch these projects quickly and cost effectively.”

Source: CIO-Public sector embraces bigger, longer outsourcing deals

How to build cybersecurity into outsourcing contracts

IT outsourcing customers must take greater care in building cyber-risk protection into their IT services and cloud computing deals.

Any time a company shares data or provides access to third-parties, it increases its vulnerability to unauthorized access or breach. So in today’s IT environment in which enterprises partner with multiple IT service providers, who in turn may have multiple subcontracters, cyber risks increase exponentially.

“Customer data and systems are only as secure as the weakest link in the vendor ecosystem,” says Paul Roy, a partner in the business and technology sourcing practice of Mayer Brown. “The risks for customers are twofold: not only does the customer increase its risk of a data breach, it also increases the risk that it will be in breach of its regulatory or contractual obligations if its vendors fail to comply with such obligations.”

PUBLICIDAD talked to Roy and Lei Shen, senior associate in the cybersecurity and data privacy practice at Mayer Brown about the potential impact of security incidents arising from IT outsourcing or cloud computing engagements, the shortcoming of cloud computing contracts with regards to customer cyber risk protection, the key contractual provisions for mitigating these risks in an evolving regulatory landscape, and the importance of ongoing review in this rapidly changing area. What are the potential consequences of cyber security failures with third parties, like IT service providers and cloud computing vendors?

Paul Roy, partner, Mayer Brown: The consequences of a cybersecurity failure can be substantial. They include the expense of remediation and notification, damage to the brand, loss of sales, management disruption, regulatory sanctions, shareholder derivative suits and other lawsuits, and other collateral damages. The customer remains ultimately responsible for these risks, even if its vendor was the source of the security failure. Is cyber risk adequately covered in standard outsourcing or cloud contracts?

Lei Shen, senior associate, Mayer Brown: To adequately cover cybersecurity risks, the standard outsourcing contract has to include clear technical and legal compliance requirements and the right for the customer to monitor and otherwise verify the vendor’s compliance with such requirements.

To align incentives, the contract should make the vendor liable for the costs of breaches that it or its subcontractors cause, including the costs of notification, remediation, fines and similar costs. Well-crafted standard outsourcing agreements should contain these types of protections. However, the contractual protections are only adequate when combined with effective oversight and enforcement by the customer.

The adequacy of cloud contracts to protect against cyber risk is more complicated. On the one hand, a cloud service can inspire customer confidence in a cloud vendor’s well-established and hardened security. On the other hand, cloud contracts often fall short of a customer’s compliance requirements for sensitive data, particularly if the customer is in a regulated industry.

Customers must perform a gap analysis between the vendor’s offering and the customer’s requirements to identify gaps and determine whether they can be covered by either party. In addition, narrow limitations of liability—frequent in cloud contracts—can warp the incentives for protection against cyber risk. While there has been a significant growth among sophisticated cloud vendors who are able to address their customers’ data protection and compliance requirements, there is still substantial variation among cloud vendors’ ability to adequately address such requirements. What are the key contractual provisions for mitigating these risks?

Roy: The key contractual provisions to mitigate cyber risk are: (1) the security standards required of the vendor; (2) restrictions on subcontracting; (3) employee related protections, such as background checks and training; (4) security testing; (5) security audits; (6) security incident reporting and investigation; (7) data retention and use restrictions; (8) customer data access rights; and (9) vendor liability for cyber incidents.

Many of these contractual protections come with limitations. Since vendors must maintain consistent internal security standards, especially in a cloud setting, they may have limited ability to customize such standards to meet a customer’s unique requirements. However, the key for customers should be the adequacy of the protection, not the specific means for achieving that protection.

Cloud contracts typically include additional limitations on these types of provisions. For example, in a standard outsourcing agreement, the customer typically has the right to approve subcontractors, whereas cloud vendors have pre-existing subcontractors that are subject to change without customer approval. The key protections for customers in that circumstance are the assurances that security provisions are flowed down to subcontractors and that the customer has the right to periodically obtain a list of those subcontractors, especially if such a list is required by applicable privacy laws. Similarly, a standard outsourcing agreement often contains the right for the customer to conduct security audits, but cloud vendors typically do not permit physical audits of their facilities. The absence of this right can typically be satisfied by third party compliance audit and certifications.

One aspect of cloud contracts that is sometimes overlooked is the restriction on secondary uses of the data by the vendor, including aggregated or anonymized data. From a purely commercial standpoint, this secondary use right can mean substantial value to the vendor and corresponding loss of value to the customer. From a cybersecurity standpoint, any retention of data by the vendor risks re-identification of the data, thereby increasing the risk of security failures. In addition, a vendor’s retention of inadequately de-identified data may also run the risk of violating certain privacy laws. What existing regulations around third-party cybersecurity risk should IT outsourcing customers understand?

Shen: There is a patchwork of regulations in the U.S. across industries and states. At the federal level, they include Gramm-Leach Bliley, HIPAA, SEC requirements for public companies, and FTC requirements. In addition, some states, such as Massachusetts, have their own data protection requirements. The common thread of all of these laws is the requirement that companies take “reasonable and appropriate measures” to protect their data, including care in the selection and oversight of third party vendors.

The European Union has more consolidated and stricter privacy legislation that generally imposes higher standards of data protection than in the U.S. In addition, the new EU privacy regulations that were recently introduced impose additional limitations and much higher penalties for companies that fail to comply. Companies would be well advised to become informed of the upcoming changes in the EU data protection regulations. Many other countries outside of the EU, such as South Korea, also have strict requirements for data protections. How can customers build flexibility into their contracts so that they remain protected in an evolving regulatory and cyber risk landscape?

Shen: The regulatory landscape has evolved and will continue to evolve for the foreseeable future. Outsourcing agreements should include a requirement that the vendor implement changes as needed to adapt to regulatory changes. Where these regulatory changes are specific to the customer, it is reasonable for the customer to be responsible for the incremental costs incurred by the vendor to adapt to those changes. If a cloud vendor refuses to commit to adapt to changes in a customer’s regulations, the customer should at least retain the option of exiting the arrangement.

Source: CIO-How to build cybersecurity into outsourcing contracts

5 Ways to Evaluate Your IT Outsourcing Maturity

Answering these questions will help you determine your IT organization’s outsourcing maturity in order to improve your IT service provider outcomes.

IT outsourcing has become increasingly integral to building and operating the enterprise IT environment, but many IT services customers remain frustrated with their results.

Part of the problem may be a lack of understanding by the outsourcing customer about their actual level of maturity in IT outsourcing, says Wolfgang Benkel, principal analyst in Forrester’s IT sourcing and vendor management practice.

“Many clients don’t know how mature they are. They have only a feeling about what is good and what is bad,” says Benkel. If anything, clients are likely to overestimate their own IT outsourcing maturity.

Meanwhile, their more mature outsourcing providers can do little to help them overcome their internal challenges, whether related to relationships, processes, contracts, or services.

IT services clients must make a dispassionate assessment of their own IT outsourcing maturity if they want to improve their outsourcing outcomes, Says Benkel. “A maturity assessment shows what is possible to achieve and what are the activities to achieve this,” he says.

“The gaps are identified to show the

necessary activities to improve the outsourcing maturity.” Only once IT organizations understand their own capabilities can they align themselves with the right types of providers and improve their own internal outsourcing processes.

Benkel offers five levels of possible IT outsourcing maturity from one-the level at which a customer has a handle on the basics of outsourcing-to five-the level at which outsourcing can provide sustained value to the enterprise.

Most IT services buyers are at level 2, says Benkel; they have defined the important elements of outsourcing and they measure the most of the key relationship, contract, service and process elements. Those companies that have been outsourcing for the longest time tend to be at level three and on their way to level 4.

So how mature is your IT organization when it comes to outsourcing? asked Benkel for some key questions to help determine your outsourcing maturity.

Level 1: Fundamentals

  • Are your services clearly described, in terms of both scope and service levels?
  • Are terms and conditions and pricing clearly defined?
  • Do you have formal processes for change management, incident management, configuration and problem management in place?
  • Do you recognize the need for service credits and continuous improvement within outsourcing but have not addressed them in the contract?

Level 2: Definitions

  • Is your provider governance model defined (e.g. meeting structure, communication at different levels, escalation processes for issues like service level violations and so on.)?
  • Are process and service responsibilities between client and provider clearly separated and defined?
  • Are service levels defined and reported per service (e.g. traffic light report)?
  • Is the outsourcing contract based on your contract framework (rather than the providers) including innovation and continuous improvement?

Level 3: Measurements

  • Do you measure and report the relationship and service management processes?
  • Do your service levels cover provider performance?
  • Does your service level management show the level of service level fulfillment?
  • Do you measure and report continuous improvement, innovation initiatives and customer satisfaction?

Level 4: Trust

  • Are providers’ responsibilities sufficiently defined so that providers can determine improvements and optimizationof in-scope service delivery without client interaction?
  • Do your service levels cover your business needs?
  • Do you employ alternative pricing models such as outcome-based pricing or gain-sharing models in your outsourcing relationships?

Level 5: Sustained Value

  • Are your service levels defined in business terms?
  • Do you discuss new ideas, innovative initiatives and opportunities with your vendors on a regular basis?
  • Does your outsourcing relationships increase efficiency, quality, and time-to-market?

SOurce: CIO-5 Ways to Evaluate Your IT Outsourcing Maturity