Sara Benwell: What are the key risks to consider when depending on providers to deliver crucial business activities and how do you manage these risks?

Wajid Khan: I would put them into two main categories; outsourcing processes that are business orientated and knowledge-based processes.

We view IT Cloud- based services, accountancy, payroll, etc., as being more business-process orientated, which means that we require these services, but they are not necessarily at the core of what we do.

As such, we are quite comfortable in outsourcing these functions.

We also look at certain factors and risks such as the loss of intellectual property and security around our data.

“When you meet with any company, they will give you their sales pitch… but the reality can be quite different”

For instance, an IT service provider will have access to all our data, so we need to make sure that they have sufficient security processes in place such as end-to-end encryption, dual factor authentication, etc., as it is critically important that our data does not get into the wrong hands.

We also consider that whilst they may be specialists in their field of expertise, they may not be familiar with a Financial Conduct Authority (FCA)-regulated company.

So, we need to understand whether they have other clients who fall under the FCA banner, if they have supported regulatory companies in the past, and how they will deliver going forward.

Of course, when you meet with any company, they will give you their sales pitch and say that they can offer a range of features, but the reality can be quite different.

“Compliance is an area that we outsource that is key to our business”

So, we consider things carefully and look at case studies and companies that have already worked with them to make sure that they can deliver on what they promise.

Compliance is an area that we outsource that is key to our business. The compliance company is responsible for keeping us up to date on all the regulatory requirements and they also need to outline the steps to show us how they will do this.

We need to consider factors, such as whether the compliance consultant who is assigned to us has suitable knowledge; whether they are Key-Person Dependency; what happens if they aren’t around; and whether there is someone else with an appropriate level of knowledge and expertise who would be able to support us in case of an absence.

It is more challenging to find an appropriate outsourcing provider in this area.

Sara: How are you overseeing your outsourced functions and third-party compliance? To what extent do you have contingency plans in place in the event a vendor fails?

Wajid: In terms of additional regulatory responsibility, we review our service providers at the due diligence stage to ensure that our businesses are well aligned, that they can adapt with our ever-changing regulatory responsibilities, and can have a good relationship and strong communication with us.

Backup providers can be helpful. For instance, when we are working with Bloomberg or many users, we have a fixed line coming into the building rather than relying upon the internet.

“Backup providers can be helpful.”

We use two broadband providers with lines entering from different routes into the building, so that if someone were digging up on the south side of the building and the internet failed, there would be a secondary backup line coming in from the north side that would allow us third-party backup lines.

We also have a backup NAV provider and are using third-party backup providers more and more often.

Sara: How does fee compression affect your organisation and your selection of outsource providers?

Wajid: Fees obviously impact us throughout our business. We tend to go for a combination of fixed and variable.

If we do sign a fixed-term contract then we are looking for a significant discount, especially if it is over a long period of time.

We find ourselves more agile and are continually reviewing our service providers more regularly than we have in the past.

“We switch vendors slightly more often than in previous years in order to save on costs”

There are vendors who can always do things for less but having the balance of service and quality versus cost is important.

We switch vendors slightly more often than in previous years in order to save on costs, which is a pattern within business.

We are using some smaller start-ups created by some of the very senior managers or providers we know who have left bigger organisations that we can have successful partnerships with.

Sara: Is there is a practical conflict to outsourcing something and duplicating costs by keep a backup process in-house?

Wajid: I wouldn’t necessarily say that we keep backup in-house. If we take IT as an example, we have an arrangement with our outsource provider that they will replicate the data in two different data centres at a slightly increased cost.

If the primary data centre fails, at the flick of a switch it can move to the secondary data centre and the data will have been replicated.

 

Please Sign In or Register to leave a Comment.