Satyam Crisis Puts Indian IT Industry--And Customers--On Edge
Customers sweat their contingency plans, while rival providers hope it won’t taint them
Former Satyam chairman B. Ramalinga Raju, explaining the more than $1 billion in phony revenue and profits he reported for years, compared the ongoing fraud to "riding a tiger, not knowing how to get off without being eaten." For customers of Satyam--and any other IT outsourcer--the looming question is: Could they get bitten, too?
Now is when best practices in outsourcing--risk management, multisourcing, project documentation, contingency planning--come under renewed scrutiny, and might get put to the ultimate test. Worst case is that Satyam collapses because it runs out of cash; the $1.03 billion it reported having was really just $65 million. More likely, Satyam loses big customers and critical employees, weakening it and possibly making it a takeover target.
Sixty-eight percent of business technology pros who've worked with Indian outsourcers say they wouldn't work with Satyam based on what they know of the financial scandal, an InformationWeek survey last week of 221 pros finds. It's up to interim CEO Ram Mynampati and Satyam's new board--Raju resigned and all board members were replaced by the Indian government--to turn that impression around. Meantime, the rest of the Indian IT industry is scrambling to protect its hard-earned reputation. Half of the IT pros we surveyed say they have new concerns about Indian IT providers, though only 12% say they wouldn't work with one.
"We were surprised like everyone else," says a CIO of one Fortune 50 energy company, who's sticking with Satyam for now. "Every company needs to worry about their major suppliers failing." His company has a multimillion-dollar annual contract with Satyam to provide a range of development, support, upgrade, and maintenance services for procurement and ERP systems. For now, the CIO hasn't had to pull the trigger on contingency plans in the event of vendor bankruptcy and service disruptions caused by staff departures.
Satyam counts 185 of the Fortune 500 as its customers. Wal-Mart has Satyam doing work for it that's "limited in scope and nearly completed," says a spokesman. Wal-Mart, which just a few years ago shunned outsourcing, now works with multiple global providers and expects to do even more.
An IT executive at a Fortune 50 financial services company says his organization uses Indian outsourcers, including Satyam and Tata Consultancy Services, mainly for extra IT capacity. He considers the company's risk minimal but thinks others will be caught off-guard. "Everybody's kicking themselves now," he says. "A lot of people are going to get caught short because they didn't think about contingencies."
Executives at HCL, India's fifth-largest IT services company, immediately saw that the scandal "could have an impact on the view of Indian companies in general," says Shami Khorana, president of HCL Americas. The company quickly sent a letter assuring customers that its management and governance are sound, and HCL CEO Vineet Nayar began blogging about "trust through transparency."
Pradeep Kar, founder and chairman of Microland, a privately held India-based IT infrastructure services provider, calls the Satyam fiasco "exceptions of devious minds." It's not a corporate governance issue, he says, but "the case of a crook."
Smart buyers of IT services will place renewed scrutiny on their vendors. But here's the reality: Most steps to mitigate risks eat into the cost savings from offshore outsourcing, cited as a major benefit by 72% of the pros we surveyed.
Documentation's one critical--and pricey--piece of risk mitigation, says Ben Trowbridge, CEO of outsourcing consultancy Alsbridge. Today, the common practice is for an outsourcer to document processes once and do no more, even as it builds tacit knowledge over the life of a contract. Trowbridge estimates that thorough documentation could shave 20% off outsourcing savings, but it's needed to make switching providers less painful.
A transportation company and Satyam customer came to Alsbridge for help last week and laid out a contingency plan to split Satyam work among three other existing vendors. It wasn't much help, Trowbridge says, because of scant documentation and because each vendor had unique knowledge of the part of the business it served. Even with good documentation, changing providers is expensive and time consuming, taking up to six months for complex projects, he says.
Multisourcing from the start is still a company's best bet to mitigate outsourcing risk, says Eugene Kublanov, CEO of outsourcing consultancy NeoIT. That doesn't mean replicating IT organizations with different Indian companies, but instead focusing on "smartly allocating work," Kublanov says. So highly complex and undocumented processes that require face-to-face interactions still are poor choices to outsource. Those processes with moderate complexity and low documentation, including iterative development work, might be best done in-house, or outsourced near-shore, to a country like Mexico, or the company might just need to get better at documenting work while going global. Highly documented, low-complexity maintenance work is the easiest to outsource offshore.
Legally, companies that didn't explicitly make fraud contingencies part of their contracts may find it hard to back out of a relationship with Satyam, says Hunton & Williams attorney Randall Parks. Termination would likely bring penalty fees. Clauses that trigger contract review based on material changes such as credit-worthiness aren't standard and have to be negotiated. Fraud risk is the reason lawyers often push for "expansive" audit rights from outsourcing vendors, says Shaalu Mehra, an attorney with Perkins Coie. But it's been difficult to get vendors to agree to these clauses, because they can reveal cost structures.