The expression ‘buyer beware’ has never been more relevant, as the shock waves from the Satyam meltdown continue to reverberate.
 
by Peggy Cope
 
The word “Truth” took on new meaning and importance in the outsourcing industry recently. Most of you have probably noticed the delicious irony in the fact that “truth” in Sanskrit happens to be “Satyam,” a name that is frequently uttered in the same sentences as “Enron” and “WorldCom” these days. In addition, the name of Satyam founder and former CEO Ramalinga Raju has become the global equivalent of New York’s own Bernard Madoff, the investor and former chairman of the New York Stock Exchange who infamously “made off” with billions of dollars of investors’ money in a sensational Ponzi scheme.

As investors the world over scrambled to file class-action lawsuits that could prove pointless, and made other efforts to recoup their lost millions, buyers of outsourced services began asking themselves what all this means to them. Was India’s governance system asleep when this scandal was building, was it not set up to detect such a fraud, or was it merely irrelevant? And should buyers be concerned about the services they have contracted to receive from Indian service providers—particularly if they were partnering with Satyam?

Finally, and most importantly, what do buyers need to know in these times of heightened economic fear and financial fraud, about their provider partners, and how can they ensure their services will not be interrupted in the event of another similar event? Questions concerning governance, due diligence, and auditors’ roles are popping up like early crocuses and narcissus.  

“Clearly there is no doubt that Satyam is India’s WorldCom or Enron,” said Phaneesh Murthy, CEO of Fremont, CA-based iGate. “It’s actually more similar to WorldCom in terms of false revenues and profits. I believe it’s a fraud of a magnitude unprecedented in India. This company, where there were supposed to be $1.25 billion in account, does not exist. More importantly, people are finding that the liability may exceed $1.4 or $1.5 billion. This is stuff that’s just starting to come out.”

But while the comparison can be made (and makes great headlines), most experts in the industry acknowledged that the scandal is (a) a one-off and (b) irrelevant when it comes to the provision of outsourced services.

According to David Rutchik, a partner with Pace Harmon, a law firm with a large outsourcing practice, “The big difference is that Satyam was and is a credible provider of services—it’s not like the Enron situation where you had terminals with blinking lights with nothing happening. It’s not a question of service being provided improperly, lapses in security, or business claims not followed through. It’s about cooking the books. Satyam is and was a solid service provider.”

Michel Janssen, chief research officer at The Hackett Group, also noted, “It’s easy to over-hype the Satyam situation from an operational standpoint. This was a fraud committed against shareholders, not customers. The most likely scenario is this company will have a new logo on the door in a few months. Customers should stay put where they are right now. Unless something is broken, unless your operations are not working, stay put.”
Certainly, most of Satyam’s customers appear to be doing just that, with the notable exception of State Farm Insurance and a few queries about terminating contracts from Visa Inc. and other companies. Indeed, Satyam’s government-appointed board of directors and new CEO A S Murty recently announced that the company signed 15 new contracts for IT services in the month of January. Payroll so far has been met since the scandal broke, and funding is being secured to meet the company’s liabilities. At presstime, the company appeared financially stable, and suitor firms were pressing hard toward a potential sale.

Quiet queries
But no sooner had word of the scandal gotten out than Satyam customers began making quiet phone calls to the company’s top competitors, scoping out new safe havens in case they needed to jump ship. And despite protests that they would never dream of acting like sharks that smelled blood, some of those same competitors began sniffing around Satyam, hoping to pick up some new clients for themselves.

The media frenzy of the ensuing weeks frequently called into question the governance practices of Indian corporations, regulatory requirements of offshore locations, and viability of the outsourced model overall, whether in IT, HR, or F&A. According to AMR Research’s director of research, Phil Fersht, the impact on the market will be short-term unless another scandal surfaces. “We believe the negative publicity is largely media hype, amidst a political backlash against offshoring of U.S. jobs in the current economic slump, and international corporations will continue to make the right decisions for their business models to remain competitive,” he confirmed.

Many providers were proactively reaching out to newly skittish clients in an informal public relations push to provide reassurance. Transparency is the mantra of the month.
“When our customers reached out to us to understand the fraud and how it could have happened, we walked them through compliance and the controls we have in place, taking transparency to a whole new level,” said Amitabh Chaudhry, CEO of Infosys BPO. “We announced in our results that we hold deposits with this bank, and gave them a list, so that the public is aware of our deposits. We are looking to do things that are not required from a compliance perspective, being more transparent than usual.”

Infosys went a step farther with its statement of business ethics, Chaudhry said: “We have also made a strong statement that we will not go after Satyam clients on a proactive basis. We are not trying to steal business, because the company’s employees and customers have done no wrong. There’s blood in the water, but we aren’t going to act like sharks. If clients want us to help, we will help, but we will not go after them.”

Anil Nayar, senior vice president and head of investor relations at Genpact, said, “Clients are speaking to us about this now, asking why what happened at Satyam couldn’t happen at Genpact.” While the company can tell customers about its governance framework, how they operate is more important.  At Genpact, no one person has the kind of control to make all decisions. Monthly financial operating reviews bring everyone into the same room for two hours to go through the P&L of each function. “We came from a GE heritage, where integrity was built in from day one. ‘Thou shalt not dip thy hand in the cookie jar, or thou shalt be fired,’” Nayar noted.

“If people have integrity issues, even at the associate level, if they do stupid things, we take it very seriously. We reprimand them, and we make it clearly known to our teams that things like this are not acceptable,” he said. Board meetings are rotated, in different locations, so executives spend time with the entire team. Like parent company GE, Genpact interacts with its local management. “We spend time asking whether we are all operating in the same manner. We can’t convince clients this cannot happen again, but we have a good segregation of duties. We did a SAS 70 on data security, and we will be SOX-compliant this year—we have great auditors,” he said.

Seturaman Mahalingam, CFO of Indian behemoth Tata Consultancy Services, has been having plenty of conversations with TCS clients. “The way we have done it is we tried to figure out if any customers had an issue, and the account managers have been reaching out to customers. The big customers have gotten in touch from day one to talk to us. But we are not running it as a big PR exercise issuing statements and so on. It seems that people understand this was a one-off.”

Despite providers’ efforts to calm clients’ concerns, the larger question arises of how a buyer can ensure the partnership they are contemplating will be a healthy and profitable one for them.

“If you were to dissect Satyam a month ago, what would you look at? You would look at their governance structure—not concerning the contract, but the degree of independence of the board, the financial acumen of the audit committee—to find out whether there is any checkered past,” said Clarence Schmitz, chairman and CEO of Outsource Partners International. “The customers of Satyam might not be mindful of it, but they placed reliance on that board of directors, on the audit committee, the outside auditor, and all that goes with it. That reliance turned out to be ill-founded.”

In the case of Satyam, Schmitz argued, no single member of the audit committee would have qualified to serve in a similar role at a U.S. company, because they lacked the financial qualifications that were built into the Sarbanes-Oxley legislation that now governs the operations of U.S.-based provider companies. “The people on Satyam’s audit committee tended to be political types, members of NASSCOM, or affiliated with the industry, but did not have the necessary financial acumen,” he added.

Let the Buyer Beware
As providers work the phones to answer questions preemptively, buyers need to step up their due diligence.

“Some of the buyers will want to see governance and auditing practices beforehand, talk to the auditing committee and chairperson of that committee to ensure the tone at the top,” suggested Rohit Kapoor, president and CEO of ExlService Holdings, Inc. “They must ensure that corporate governance practices are not policies that are merely distributed but not practiced. They must pick up the company’s governance policy and test its applicability, see if it is used as a day-to-day feature. Buyers need to become far more stringent in their review of this particular feature.”

How exactly does one test that? “Let’s say we have a code of ethics policy for annual certification. The buyer should come to India and ask for it to be shown to them so they can see it’s being done by every employee, every year. Now they can check certain types of records for information security, but smart buyers will insist on it for governance, as well,” he said.

Another company, U.S.-based Alliance Global Services, issued a “Bill of Rights” for customers of Indian IT providers, in what some industry experts described as an episode of “ambulance chasing.” However, the components of the petition bear examination, as they are elements of governance and contract-building that every buyer should consider or insist on. They include:

1. Transparency throughout every step of an engagement—from sales to contracting to delivery and termination.
2. An understanding of the nature and character of an outsourcing partner and the service that it provides to them.
3. An understanding of the financial viability of an outsourcing partner.
4. The right to be made aware of any pending legal charges against an outsourcing partner, should they arise, as soon as they occur.
5. A mutually agreed upon definition of the term "trusted partner."
6. A clear contract that defines fees and expenses up front before any agreement is signed.
7. A contract clause that allows them to terminate a relationship with no financial penalty in the event of any admitted fraudulent activity.
8. A truly independent board of advisers.
9. An independent financial auditor accompanied by a set of checks and balances.
10. Accountability for any actions taken within the scope of an outsourcing project or as part of a firm's broader business practices.

Advisory firm NelsonHall’s head of research Rachael Stormonth released a white paper following the news of the Satyam fraud that addressed many buyers’ primary concerns.
“Generally, the Satyam scandal poses a short-term challenge to Indian-headquartered providers who are having to provide more details in this quarter’s earnings calls at the same time as having to answer queries about the recessionary environment,” the report read. “However, without doubt the drive to offshore IT and business process services will continue and even accelerate as cost reduction remains the most pressing concern for organizations in the current recessionary climate.”

The report also remarked that, “The scandal may encourage India to tighten its financial reporting regulations, but factors such as the greater propensity of the market to offshore and the proven capabilities of firms such as Infosys and TCS in delivering large, complex outsourcing engagements mean that such vendors will continue to thrive. The offshore firms who are likely to be impacted by both this scandal and the slowdown are the smaller and the family-run firms.”

Most importantly, according to NelsonHall, buyer companies need to have a strategy in place to ensure continuity of service in the event they decide to move away from a particular supplier, for whatever reason; e.g., quality of service, or the supplier getting very close to their nearest competitor, as well as impropriety.

Eric Simonson, managing principal of Everest Research Institute, said, “From the perspective of ongoing work—assuming there’s no massive fraud—you do a financial analysis of cash flow, balance sheets, and understand the ratings. For privately held investors, it will increase the pressure to reveal more than they would have done, and they will have to do some of that.”

Although transparency is the sine qua non for now, it is extremely difficult to protect against fraud, particularly from outside a company. Simonson said, “You should look at the board of directors. Learn the nature of their experience, see how diverse is it, and how much turnover they have (some turnover is good). In terms of transparency, those are the only things an external party can observe and make some judgment on.”

Questions about the board members that must be answered include:

• Who is the board of directors?
• What is their background?
• Is there diversity of perspectives?
• What other boards are they on?

“When you get into someone pulling the wool over someone’s eyes, it’s generally very sophisticated, so it’s hard to uncover it.” Simonson warned. “It’s complicated work to find somebody who has been getting away with a smart way of cooking the books for awhile. At some point it’s about business practices, integrity, and reputation. This applied to Satyam. If you look at the board, it did not have powerful business leaders on it. They came from Satyam management; they were quasi-academics. It wasn’t a highly diverse board in terms of background and culture, country representation, etc. Is that enough not to select them? Maybe, in some cases, but in most cases it might have slowed someone up.”

Other thing to look at include how much the company is investing in and where, and what are the results of those investments? Satyam’s aggressive geographic diversification was such that it should have set off warning bells, according to Simonson. “If they want to serve more customer bases in a fairly wide set of things, you want to believe they have a better management toolkit, a better way of doing things. It’s hard to assess, but as people look back on it, you reach the conclusion that they were kind of at the edge, that their statements were somewhat less revealing than they should have been.”

A Step Farther
At some point, asking questions is not enough, according to the experts. Most recommend site visits and sit-down conversations to address such issues as how good the board and audit committees are at monitoring the work and investments. And price, despite its importance in times of economic hardship, should not be the only, or even the most significant, driver.

Be guided in your due diligence by the criticality of the work you are trying to outsource. If it’s something where the degree of how critical it is to your business is modest, you can do less homework. But if it’s a critical system or process, it behooves you to form a perspective on the management quality, financial quality, and cultural quality of your prospective partner.

According to Infosys’s Chaudhry, buyers themselves should “create transparency in the contract, to enable them to deal with problems quickly. They need to ask a lot of questions, to try to ascertain the culture of the company. As you build flexibility into the contract, also check its governance standards.”

Don’t just talk to the corporate team or managers, either. “Buyers should be talking to clients of the company they want to engage with, talking to people internally that they will work with. They must look at the quality aspects of the provider, not data alone, to help them understand the partner they choose,” Chaudhry concluded.

One thing buyers should remember as they consider their next moves is that this issue is not one of geography. “If buyers of FAO begin to evaluate companies differently depending on whether they are Indian, that would be unfortunate. That’s just wrong,” said Julio Ramirez, managing director, The Hackett Group. “At the end of the day, this was a financial fraud to mislead investors, not clients. Credit card information or confidential information from clients was not inappropriately used. That would have been much more serious than misleading stockholders.”

As Pace Harmon senior associate Dave Borowski remarked, “One thing that’s important is, until there is more evidence that this is endemic in Indian providers, don’t overreact. Don’t let this change business decisions. It was an isolated incident, and people need to realize that. It’s not a crisis.”

He added, “But this is the perfect opportunity to ask hard questions of any outsourcer.”