E-Discovery and Legal Process Outsourcing: ESIM Process Design and Choices between Outsourcing vs. Insourcing
December 21, 2009 by Bierce & Kenerson, P.C.
State and federal rules of civil procedure and emerging common law of the discovery process impose significant costs on businesses that are engaged in litigation. Pre-trial “discovery” serves to narrow the issues in dispute by forcing the disclosure of records, including electronically stored information (“ESI”) for judicial economy, to narrow the scope of disputed issues for adjudication (such as through motions for partial summary judgment, admissions and prior inconsistent statements), and to speed the actual trial process. E-discovery has become a daily challenge for the General Counsel, the CIO, the COO and the Risk Management Department. They face a choice of policies, procedures and technologies for insourcing (such as by using forensic software and employed staff) or outsourcing for electronic records discovery management. This article explores some of the differences between insourcing and outsourcing in terms of ESI records management, legal requirements for protection and production of electronic records, project management in forensic record examination, litigation readiness, knowledge management, risk management, ethics and legal compliance.
I. E-DISCOVERY AS A SUB-PROCESS OF RECORDS MANAGEMENT.
Record and Information Management (“RIM”) Policies and ESI Management (“ESIM”). The demands of e-discovery highlight the challenges of developing and managing effective governance policies and procedures for information of all kinds, including ESI, and the challenge of adopting and updating an ESI management (“ESIM”) plan for “business as usual.” The International Standards Organization has developed a records management standard (ISO 15489-1, at www.iso.org). ARMA International (www.arma.org) has identified eight standards for records and information management (“RIM”), namely, accountability, integrity, protection, policy compliance, retrievability/ availability, retention, disposition and transparency.
Memory-storage devices have proliferated, challenging the company’s records custodian. In addition to computers, there are cell phones, cameras (stand-alone or in cell phones), scanners, facsimile machines, USB “key” drives, backup hard drives and other storage devices. All pose a challenge for a fully compliant response to an e-discovery request.
Legal Requirements for Protection and Production of E-Records. Federal and state rules of civil procedure have evolved to include electronic records. See F.R.Civ. P. 26(b), 34 and 45 (subpoenas) and F. R. Evid. 901(a) (authenticity). State procedural rules have been adopted to implement the Uniform Rules Relating to Discovery of Electronically Stored Information issued by the National Conference of Commissioners on Uniform State Laws. [Copy available at http://www.law.upenn.edu/bll/archives/ulc/udoera/2007_final.htm]. Basic common law, statutory and civil procedure rules in e-discovery start with similar requirements:
- Protection: preservation of ESI through a “litigation hold” to prevent inadvertent loss when a third party demand has been made, or it has become reasonably foreseeable that such a demand will be made, and ensuring that the in-house attorney’s instruction is actually implemented (for example, avoiding the inadvertent over-writing of storage and backup tapes).
- Accountability: identifying the scope and “proportionality” of the e-discovery requirements in relation to the overall scope of the dispute.
- Cost allocation: allocating costs that are reasonable to the producing party and costs that are unreasonable to the requesting party.
- Cost management: using search terms and other cost-effective automated search technologies to get the reasonable or “agreed” coverage for the initial triage, fulfilling the approach that information technology can solve the problem of searching massive records databases using search technologies. See, e.g., Zubulake v. UBS Warburg, LLC, 2004 WL 1620866 (SDNY July 20, 2004, Judge Scheindlin) and other rulings in the same case, at 217 F.R.D. 309 (SDNY 2003), 216 FRD 280 (SDNY 2003) and 2003 WS 22410619 (SDNY Oct. 22, 2003).
- Integrity (authenticity and identification of the e-record): identifying appropriate methods and procedures for ESI production, including the appropriate level and nature of legal supervision of forensic inspections, to ensure authentication under F.R.Evid. 901(b) by using circumstantial information such as the file access permissions, file ownership, dates when the file was created and when it was modified, other metadata and hash values for the record when copied to a forensic computer for analysis.
- Accessibility: under the rules of evidence: identifying and managing risks of loss of evidentiary privileges by the mere use of electronic e-discovery tools and procedures.
- Accountability for Non-Compliance: identifying the sanctions for culpable conduct, mainly, “spoliation” (intentional or negligent destruction of evidence) or negligent collection done by the record custodian rather than by an automated process, such as:
judicial issuance of an instruction to the jury that the jury may validly draw a “negative inference” (or “adverse inference”) from the fact that the offending party could not produce the normally available documents in support of its legal arguments, resulting in a conclusion that, if the “lost” or “destroyed” records had been introduced into evidence, they would have supported a negative conclusion as to disputed factual matters; and judicial sanctions including an order to pay the reasonable expenses, including attorney’s fees, caused by the violation of discovery rules, where, for example, the adverse party incurred expenses to overcome the inability to access the “lost” or “destroyed” (spoliated) records.
Project Management in Forensic Record Examination. Within a holistic approach to ESIM, e-discovery tools and techniques can be identified along the continuum of “cradle-to-grave” (or more appropriately, “cradle to judge and jury”) progress. As a sub-process of electronic records management, an e-discovery process model can be used to identify the particular role or function of third-party software, in-house resources and an outsourcer’s resources. By looking holistically at the end-to-end chain of processes leading to satisfactory e-discovery compliance, under such a paradigm, the end-result, production and presentation of ESI, can be managed by effectively adopting either a total control at the “information management” level (when records are initially created and stored). The following is our own view of electronic discovery records management (“EDRM”) as a subset of an enterprise-wide holistic ESIM resource management paradigm for governance, risk management and compliance in e-discovery:
Litigation-Readiness: Converting “Business as Usual” IT into Information Management Operations for E-discovery. Information technology plays a strategic role in the enterprise’s ability to comply with e-discovery mandates. The enterprise’s legal department should team up with the IT department, the records management department and the line-of-business management to participate in the design – or re-design – of the enterprise’s information management operations and records management. E-discovery compliance features are now available through software that can troll the enterprise’s entire ESI, search for information according to a myriad of legal and business terms, technical parameters. In conjunction with the CIO and the records management department, the legal department can:
- Gap Analysis: Conduct a “gap analysis” to identify which features are missing from those that are recommended or required under the applicable rules of civil procedure and common law, particularly those policies and procedures that involve data collection, classification, accessibility, storage, retention and destruction.
- Strategic Access Plan: Develop a strategic access plan for the full life-cycle of “business as usual” and custody and control, including audit, of the company’s information and litigation-relevant information.
- Process Design using an ESIM Paradigm: Apply the e-discovery records management sub-process of the enterprise’s holistic ESIM model to identify and segregate functions that will be performed by in-house or captive resources and those for outside legal counsel and outsourcing service providers.
- Cross-Border Considerations: Integrate multinational and cross-border legal mandates into the design of the information technology and information management systems, at an early stage in the e-discovery process, to avoid breaches of foreign data protection and privacy laws when complying with U.S. judicial rules of procedure.
- Integration of Internal and External Resources: Develop policies and procedures for use of outside litigation support services providers and an array of personnel and technology resources both domestically and internationally to fulfill e-discovery compliance mandates, without adversely impacting the ongoing business operations.
Litigation-readiness must be added to the selection criteria for new IT initiatives such as “cloud computing” (here, the “software as a service” model, not the “variable IT computing-power as a service” model), internal and external social networks, Twitter and internal and external collaboration platforms such as wikis, e-rooms and Google Wave.
Knowledge-Management Readiness: Managing and Protecting Corporate Knowledge. “Knowledge management” refers to policies, procedures and technology that enable an enterprise to capture, organize, identify, re-use and protect the confidentiality of its trade secrets. Knowledge management (“KM”) procedures must also enable the enterprise to distinguish among sources of confidential information that may be trade secrets, copyrights or patents of third parties (including “freeware” and “open source” software) as well. Accordingly, CIO’s must adopt KM planning strategies that, in conjunction with legal and compliance departments, also serve regulatory and legal requirements. The IT infrastructure needs to identify all such trade secrets during the e-discovery process so that, if disclosable, they are subject to non-disclosure and non-use under appropriate protective orders.
II. RISK MANAGEMENT
Risk of Spoliation by Employees and Contractors. According to one e-discovery service provider, a large majority of all corporate litigation is employment-related. If employees have access to change ESI, disgruntled or negligent employees pose a major risk of spoliation. Employees can unknowingly or intentionally destroy ESI evidence. Such actions can range from concealment (through downloading pirated software that deletes files on the employee’s web surfing history) to sabotage (actually deleting documents).
As a result, the legal department and the CIO need to develop IT-enabled solutions to prevent such acts. This article does not address this particular issue, but it highlights the need for appropriate design of the overall information management architecture as a preventive measure.
Risk Management. From the risk-management perspective, a proper defensive strategy will require an alliance between the company’s Legal Department, its Risk Management department and its IT department.
- IT Role. The IT department needs to work with the Legal Department to ensure a proper chain of custody and proofs of authenticity.
- Insurance. The Risk Management Department needs to help design and review the e-discovery process. Sanctions for spoliation have implications for coverages for directors and officers, employment practices, errors and omissions and general liability. The records manager needs to understand how the company’s Records Management (destruction) Policy meets e-discovery requirements.
- Legal Department. The in-house Legal Department must not only manage the e-discovery process. It must design and manage effective records management policies, educate all employees about the e-discovery process and its role in management of risks, knowledge and records.
III. BUSINESS MODELS: INSOURCING, CAPTIVES AND OUTSOURCING
Business Models for Insourcing. Before comparing outsourcing and insourcing, it is helpful to consider the different business models in which an internal e-discovery operation can be financed. These models can be summarized:
- Infrastructure Investment in a Complete e-discovery Toolkit. At the “high end,” the enterprise can make a capital investment in the essential tools of a fully “in-sourced” e-discovery operation. Such an investment will have significant payback for enterprises having a high volume of litigation with predictable volumes of e-discovery demands. Such enterprises will need to invest in all the people, process and technology necessary for the operation. If the operation is highly automated, it can be effectively managed onshore. If it requires substantial human review, part of the operation may be handled in offshore locations with remote access, security controls and other measures to prevent loss of confidentiality, competitive advantage and effectiveness. This leads to consider a captive e-discovery service delivery center. In this case, outsourcing can be a viable solution for that portion of the e-discovery process that requires supervised human review and analysis.
- Pay-Per-Use Pricing. Where litigation is more volatile in terms of volume and timing, a “pay-per-use” pricing for insourced use of third-party technologies can prove cost-effective. This pricing model provides some benefits to enterprises that have very few litigations, but a large volume of ESI for assembly, analysis, protection and disclosure.
- Consumption-Based Pricing. Consumption-based pricing reflects the volume of ESI being sorted and analyzed. This pricing model provides benefits for enterprises that want to allocate litigation costs to individual lines of business or affiliated companies, as a charge-back accounting principle that effectively rewards litigation-free business managers for staying away from the judicial system.
Relative Advantages of Insourcing.
- Industries Affected by Persistent Litigation. Several software tools exist that allow in-house counsel and the CIO to conduct the full forensic discovery using staff employees. Internalization of the discovery process makes economic sense where the company is constantly involved in litigation. Such companies typically include insurance companies, banks, consumer products manufacturers, and can include food service chains and franchisees. Other companies that are subject to class action claims for torts or securities law violations can fall into this category as well, impacting virtually any publicly traded company that has a volatile stock price.
- Control of Records Management; Cost Management. Software and IT services companies argue that insourcing can significantly reduce the costs of e-discovery. They argue that, by taking control of the forensic search, collection, analysis and processing of a company’s electronic records, companies have more flexibility and control over the manner in which these critical discovery processes are conducted. This control can translate into cost savings by enabling a closer supervision on-site by the internal lawyers.Cost savings must be compared to comparable external services.Cost savings that might arise from an easier ability to make small changes in the search criteria, for example, may result in a loss of the hard-wired “e-discovery plan” that serves as the basis of justifying to the court that the discovery disclosures comply with civil procedure to locate and disclose all relevant records.
- Protection of Trade Secrets and Intellectual Property. Insourcing, or using captives, can provide a significant level of additional protection for knowledge management, trade secrets and intellectual capital. Such protection comes at the cost of maintaining internally controlled resources. Outsourcers will claim that their security levels are higher than those in many global enterprises. Outsourcers offer personal non-disclosure covenants by individual employees. But there is always a risk, whether through insourcing or outsourcing, that the personnel having access to trade secrets, for example, might abuse their positions of trust through tipping a securities investor, selling the ideas to a competitor of the enterprise or other tortious conduct. Even a non-disclosure agreement does not constitute a valid non-competition covenant, and even non-competition covenants are unenforceable as a matter of public policy unless strictly limited in time, territory and scope, and (in California and some other jurisdictions) they may require additional payments of consideration. In short, neither insourcing nor outsourcing appears to have a clear advantage in this field, except that e-discovery managers who are employed by the enterprise might offer an advantage by having ongoing knowledge of what is (and is not) a trade secret for faster, better, “cheaper” claims to a protective order.
- Effectiveness of Coordination and Collection of ESI. The use of skilled internal people who know the company’s operations may be able to provide better collection and coordination of ESI. However, “professional” e-discovery service providers may have the advantage in skills at the beginning as the company’s internal personnel become familiar with the processes and technology of e-discovery. Hence, insourcing might follow outsourcing until the processes can be internalized.
- Reduction of Risks of Noncompliance with e-discovery Rules. Well-trained, well-supported internal personnel might be able to reduce risks of non-compliance in the typical e-discovery process.
Relative Advantages of Outsourcing e-discovery. Outsourcing of e-discovery processes may be costly, but it may be the best solution for several reasons. This requires an analysis of the relative merits. This “gating analysis” should include appropriate considerations of staffing, quality, ethical risks and speed.
- Staffing. One of the key benefits of outsourcing, and one of the key parameters in selecting the right outsourcing service provider, is the service provider’s staff. The best outsourcers have developed a methodology for human capital management in the specialized field of e-discovery and related disciplines. The outsourcer designs a service delivery platform, recruits, trains and tests its staff in generic functions (including project management, information technology and security) and then offers this staff for custom-training on the litigating company’s particular process and e-discovery requirements.Using a business company to provide litigation support can run afoul of ethics and disciplinary rules applicable to the litigating company’s (or its law firm’s) lawyers. Law society rule in England will be changed if and when a pending draft law is modified to permit competent non-lawyers to perform tasks that might be considered the practice of law. Under applicable ethics opinions of the American Bar Association and various city and state bar associations, the in-house lawyer or outside law firm cannot escape certain core ethical duties:
- to supervise the work of the outside service provider;
- to avoid assisting in the unauthorized practice of law (“UPL”)
- to ensure the protection of client confidences;
- to avoid waiving any rule permitting a claim of legal privilege (and to rectify innocent or mistaken disclosures, see e.g., Fed. R. Evid. 502);
- to avoid conflicts of interest;
- to protect against data loss, theft or other act or omission that might constitute sanctionable spoliation;
- to comply with the rules of court relating to e-discovery and management of ESI at all stages.
- Vendor selection involves finding the right fit for the particular litigating company’s legal, regulatory, compliance, privacy, legal ethics and security requirements.
- Service Level Metrics and Quality Considerations. Few internal employees want to live by performance metrics. Outsourcers live by “guaranteeing” service metrics and other quality parameters.
Offshoring Issues. In considering an offshore captive or an offshore LPO outsourcing, the company’s lawyers must evaluate special cross-border legal issues.
- Export Controls. By transferring any U.S. data abroad, the company may require a license from one or more branches of the U.S. government. While commercial information may be subject to a general export license that does not require any notification, filing or administration, some information (such as software or design information that may have dual civilian and military uses) may require a specific license. Similar issues arise where the company’s ESI includes trade secrets, pending patent applications and other information that is subject to a required export license.
- Data Protection. Data protection rules under HIPAA and other legislation may apply to the data being processed. Foreign LPO service providers must ensure compliance.
- Privacy. Privacy rights arise from many legal sources and different jurisdictions. Depending on the source of any personally identifiable information (“PII”), any transfer of company records to a foreign LPO service provider may violate applicable rules. This issue suggests a proactive approach in the design and implementation of the company’s overall information management systems.
- Third-Party Consent. The information in a company’s database may include information that is licensed under restrictive disclosure conditions or where a third-party’s consent is required by an applicable law. Third-party consent may be required.
- Client Consent. The information in a company’s data base may also require the client’s consent
- Political Risk. Foreign service providers come with a suite of political risks that could impair service quality, timeliness of service, confidentiality and other custody and control issues for the ESI and the foreign nationals accessing such ESI.
IV. PROJECT MANAGEMENT
Most effective e-discovery procedures will require effective integration of internal and external resources. The design, planning, implementation, performance, intermediate re-balancing and supervision of all resources remain, of course, in the hands of the company, and, in particular, in-house attorneys. The Legal Department (which is ultimately responsible) may wish to consult with “outsourcing lawyers” not merely with litigation counsel on achieving a flexible, cost-effective, efficient design, vendor selection and supervision, review of compliance with ethics rules and project management.
Evaluation Process. Companies evaluating an LPO solution for e-discovery (or any other LPO) should therefore carefully explore all relevant implications, design the program for compliance and quality of service, address special issues involving any cross-border data flows and other commercial, judicial rules, legal and ethical requirements.
Project Management Roles. Each LPO project requires thoughtful and careful attention to ensuring that all responsibilities of the different parties are aligned with their roles. Within the outsourcing model, there is room for designing and allocating roles and responsibilities to give in-house attorneys control of the process so that they can manage the ethical responsibilities. The introduction of the LPO service provider raises new questions whether the cost-controlling measures will impair (or improve) the quality of the outcome. External lawyers could also manage the service providers.
V. BUSINESS MODELS
- Business Models. Currently, most LPO e-discovery services are conducted under business models of insourcing (including contract attorneys), captives and outsourcing.
- New Models. Over time, companies and their legal counsel will become more familiar with the tools, alternatives and strategies for effective LPO, including identifying and assessing risks and evaluating a risk-benefit matrix. With greater maturity in capabilities, new business models for identifying and managing e-discovery processes, tools and personnel may evolve. The impact of cloud computing, platform-as-a-service, software-as-a-service, virtualization of both servers and client computing and mobile computing will challenge enterprises and their technology and legal service providers to integrate a holistic and global ESIM process to incorporate the EDRM subset as “business as usual.”
Joint Venture between IBM and French Bank BNP Paribas
October 16, 2009 by Bierce & Kenerson, P.C.
On December 19, 2003, IBM and the French bank BNP Paribas announced the creation of a joint venture to manage BNP Paribas’s IT operations. The deal represents the evolution of a “partnership” model between service provider and its customer within the framework of the European Union’s protective labor laws.
Scope.
The joint venture was structured so that it would provide, initially, information technology services to manage and operate BNP Paribas’s operations. BNP Paribas is reportedly the number one bank in the Euro zone and a major international bank with operations in more than 85 countries. Its operations include commercial banking, investment banking, international private banking and asset management. The deal covers computing power for 26 billion operations per second (26,000 MIPS), online storage capacity of 400,000 billion characters (400 Teraflops) and 7,000 Unix or NT servers.
Motivation.
In its announcement, the bank indicated that, while benchmarking studies (“etudes de benchmarking”) conducted by the bank had revealed its technological excellence, the bank shared certain motivations of other major financial groups that decided to outsource their information technology services.
- Technology Changes.
The bank stated that its alliance with IBM, “world leader in information technologies and services,” could anticipate the future evolution of technologies through “a continuous retention of its staff at the best level,” improving the flexibility of the services rendered and assuring the ongoing continuity of excellence in information technologies. - Cost Management.
At the same time, the bank noted that this joint venture would promote the “mastering of information technology costs, which responds to the exigencies of the banking profession that is evolving in a highly competitive environment. “[translation.]” - Labor Relations.
BNP Paribas’s IT Director, Herve Gouezel, announcing the deal, stated that the partnership “guarantees that the BNP Paribas employees would retain their legal status as well as their mastery of their technical framework.” [Our translation.] - IT Services on Demand.
BNP Paribas’s IT Director expressed confidence in the “Information Technology on Demand” model that the joint venture offered, allowing the bank to obtain an assured provider of services that could be expected to evolve and develop to absorb organic growth and adapt to evolutionary changes in the banking sector. - Prior Business Relationship.
IBM’s success appears to have been generated by its prior relationship with the bank. In the 1999-March 2000 timeframe, United European Bank, Banque Nationale de Paris (BNP) and Banque des Paris et des Pays-Bas (Paribas) merged. IBM provided the integration services to facilitate rapid implementation of the merger on a technical basis. As part of the integration of the banks, IBM migrated their technology platforms from OS/390 systems to OS/390 Sysplex systems. The banks were already operating a management system of DB2 databases, IBM’s IMS transactions management system and IBM’s MQSeries solution allowing exchanges of data between heterogeneous platforms that BNP had installed in 1995 instead of undertaking its own internal updates of historical systems and a project for an inter-application exchange project. BNP Paribas and IBM had previously claimed that IBM’s merger-integration services had begun saving the bank €250 million per year in IT costs beginning in 2002.
Ownership.
The joint venture will be owned 50-50 equally by IBM and BNP Paribas. While not announced, each party would probably establish a separate subsidiary to own its share.
Employees.
By reason of the joint venture structure, BNP Paribas retains control and responsibility of its workforce. The 50-50 ownership allocation, however, suggests that the operational control will be exercised at least equally by IBM. Approximately 450 persons will be working for the joint venture to maintain the BNP Paribas infrastructure and IT operations.
The announcement was silent on the degree of integration of BNP Paribas’ shared IT services group, BNP Paribas Services, based in Geneva, Switzerland with approximately 400 employees, which reportedly provides IT solutions to the private banking arms of its parent group, BNP Paribas, after the merger of the three constituent banks of BNP Paribas in 1999-2000. Given the size of the staff and the fact that Switzerland is outside the European Union, it is possible that the bank might have retained such operations external to the IBM-bank joint venture.
Sales.
The joint venture is anticipated to have “sales” of approximately € 1.0 billion within five years after inception. The target customers, other than BNP Paribas, are not immediately clear. There appears no mention of any restraint in IBM’s ability to compete with the joint venture. We are waiting for such a disclosure on IBM’s next joint venture.
Lessons.
Selection of a joint venture structure in the European Union appears to offer some unique advantages that are local in nature. This legal structure overcomes a number of barriers to outsourcing under French and European Union labor laws. The management of a 50-50 joint venture requires an allocation of roles and responsibilities that can be virtually the same as a classic “independent contractor” agreement. The operating structure, scope definition, budgeting process, termination provisions and consequences, intellectual property rights and other essential elements undoubtedly resemble those in a well-drafted “independent contractor” agreement. If this is truly a joint venture, special considerations of fiduciary duty under the law governing each party and the joint venture merit attention.
Shared Services in Lieu of Outsourcing: Offshore Captive Internal Bank
October 16, 2009 by Bierce & Kenerson, P.C.
Summary.
In making the classic “buy vs. build” decision in relation to services to manage sophisticated business processes, enterprises may elect to establish a captive enterprise to perform “shared services” for affiliates. The “shared services captive” is an alternative to buying outsourced services. But it is also an alternative to internal administration of a business process separately by individual departments, divisions or lines of business. Shared services captives can provide key advantages for diversified multinational enterprises, particularly as a cost-reduction technique when sales and sales margins might be eroding in a global economic downturn.
Captive Internal Bank.
Sony Corporation, the Japanese-based electronics and entertainment group, announced in June 2003 that it was planning a major expansion of intercompany banking services to help reduce financing charges and manage currency risks for all affiliates.
Cost Savings.
According to Sony’s managing director for Global Treasury Services, Mr. Hiro Kurihara (as quoted in an interview with the Financial Times), the London-based shared services operation will generate cost savings of approximately $30 to $40 million per year.
Risk Reduction.
In addition, Sony projected reduction of risks of changes in currency in connection with the settlement of intercompany transactions. Sony plans to offset foreign exchange risks with services — normally offered by money-center banks — of “automatic cashless settlements” and “automatic sweeping.” This requires investment in information technology and integration with others in financial services markets.
Centralization, Specialization and Scale.
Sony’s Global Treasury Services acts like a clearing bank for all affiliates. In this centralized function, the shared services affiliate can aggregate volumes of transactions that are generic, but whose handling requires specialized skills. As a result, economies of scale can reduce per-unit costs and increase focus on specialized transactions that internal financial executives in operating affiliates might not have, or might find difficult, time-consuming or costly to acquire. The Sony shared services affiliate reportedly manages 95% of the enterprise’s financial derivatives and exchange swap transactions.
Transition and Transformation.
The transition to an internal financial services captive is part of a global restructuring that will result in accounting charges of approximately $1.2 billion. Restructuring to include new, enhanced shared-services affiliates may help multinationals such as Sony to transform their services models by increased efficiency and cost management.
Integration with Insourced Transactions.
Establishment of a shared services affiliate requires careful attention to integration with other internal processes. The shared services affiliate must define its “services offerings” and enable managers in affiliated lines of business to use the services with minimal cost and delay. As a result, virtually all “shared services” are digitally integrated. The degree of integration may range from the use of telephones and e-mails to a web-enable Internet-accessible portal. As a result, shared service affiliates generally are purchasers of services and technology from third parties.
Integration with Outsourced Transactions.
Indeed, shared services providers may be the largest purchasers of outsourced transactions. For example, Proctor & Gamble was negotiating for a complete sale of its shared services affiliate to a global outsourcing services provider in 2002. When P&G was unable to obtain its desired sales price at for the services charges that it wanted, P&G chose instead to hire Hewlett-Packard to provide selective outsourced services to support its insourced “shared services” operation.
Advantages in Shared Services.
Shared services affiliates, or “captive” service companies, have many of the advantages of an outsourcing without any loss of ownership and control over business processes, technology, intellectual property and personnel. Shared services captives can develop and retain knowledge capital involving sophisticated business transactions that individual affiliates cannot acquire due to smaller volume of similar transactions. As the business process involved becomes more subjective and susceptible to business judgment, shared services captives retain an advantage over outsourcing because that very subjectivity might be a core competitive advantage and might not be scalable.
Risk Management in Shared Services.
Adoption of a “shared services captive” approach involves a number of risks that can be managed by treating the captive as an external service provider of outsourced services. Such techniques include:
- adoption of “service level agreement” obligations, with financial incentives and consequences for failure, applicable to the management and employees of the shared services affiliates;
- details concerning the integration of the captive’s services with those of the other operating companies or lines of business;
- suitable insurance coverages;
- suitable contracting procedures for outsourcing of certain perfunctory tasks of the shared services captive to independent outsourcing services providers;
- human resources and intellectual capital management techniques for aggregation and accumulation of related processes and improvement in business processes, quality of service and optimal alignment with the key performance indicators of the core business’s mainstream operations.
Shared Services on the Continuum of Insourcing and Outsourcing.
In conclusion, shared services companies, or captives, perform roles that run along the continuum of fully vertically integrated insourced operations to a skeleton of core competencies supported by a network of outsourced operations. If a business process can be outsourced, it can also be insourced after the outsourcing. If it has been insourced, it could be structured more efficiently as a captive to look like an outsourcing. And once structured as an outsourcing, it could become a true outsourcing service provider to support non-affiliated customers, and could even be spun off to shareholders or sold to a strategic buyer. Thus, the captive shared services organization can mutate according to trends affecting customers, suppliers, corporate strategies, changing processes and changing marketplaces. In establishing internal captives, the lessons of outsourcing can improve performance and flexibility.
Case Study in “On Demand” Computing: American Express Company
October 9, 2009 by Bierce & Kenerson, P.C.
Motivations for an “On Demand” Computing Deal.
American Express Company is the world’s largest issuer of credit cards and provides financial services. Why did American Express Company decide in February 2002 to sign a $4 billion seven-year deal with IBM, the world’s largest information technology company, that the two companies hailed as “on demand” computing? The announcement says little about the structure of the deal, but is clear as to intentions.
American Express Company’s Cost Savings.
American Express calculated that this deal will save them “hundreds” of millions of dollars.
American Express Company’s Internet Initiative.
After 2001, Chairman and CEO Kenneth Chenault began pushing American Express to Web-enable its operations as much as possible. In a Web conference with investors on February 6, 2002, he noted that, “given the compelling economics of online servicing across all our businesses, several initiatives last year focused on shifting customer transactions to the Internet.” He asserted that self-service Web-enabled applications allowed the company to handle 78% of their customer transactions – from payments to disputes — via the Internet, with over 5.5 million U.S. cardmembers enrolled in this program, generating over 83 million logins in 2001, resulting in unit cost reductions of up to 60% for certain transactions, reduced rates of credit problems of credit card fraud (by up to 96% at certain merchants and overall by over 25% in 2001) and of customer disputes (by up to 50%). Other administrative chores have been permanently shifted to the Internet, such as employee and financial advisor processes.
American Express Company’s Restructuring Initiatives.
Due to a sharp decline in travel and in demand for financial services after September 11, 2001, the company accelerated its then current focus on cost cutting and restructuring. In 4Q2001, the company eliminated 5,500 to 6,500 travel-related jobs and took a restructuring charge of $240 to $280 million. In a news release on December 12, 2001, the company note that “reengineering initiatives being implemented or considered by the company include cost management, structural and strategic measures such as vendor, process, facilities and operations consolidation, outsourcing, relocating certain functions to lower cost overseas locations, moving internal and external functions to the internet to save costs, the scale-back of corporate lending in certain regions, and planned staff reductions relating to certain of such reengineering actions.”
Prior and Ongoing Business Relationships.
Announced in February 2002, MarketMile, an e-procurement service provider founded by American Express Company entered into an “e-business on demand” “alliance” with IBM to deliver to American Express’ customers the “benefits of e-procurement” and management of “indirect expense spending via the Internet. This service will be based on IBM’s “Leveraged Procurement Service,” IBM’s program for Web-enablement of a customer’s proprietary applications and supply-chain integration of the customer’s supplier network and customers. In March 2002, IBM and American Express announced an agreement to jointly develop a Web-based expense reporting and reconciliation software tool for reporting travel and miscellaneous business expenses and reconciling corporate purchases, to be marketed by American Express and hosted by IBM.
Interlocking Boards of Directors.
Good friends make good business, it seems. IBM’s Chairman Louis Gerstner from 1993 to March 2002 was formerly Chairman and CEO of American Express Travel Related Services from 1985 to 1989. American Express Company’s Chairman and CEO Kenneth Chenault is a member of IBM’s Board of Directors. This unusual bilateral interlock spanning 15 years of common business experience shows how aligned the interests of the companies have become. Could anyone say that this was the reason why IBM got the deal? (Or was it because of superior acumen, customer service and solid technology?)
IBM’s Investment in Changing Technology.
The selection process for a transaction of this size involves more than board-room and golf-outing relationships. IBM’s position as a manufacturer of computers gives it unique leverage in pricing. IBM’s “Project eLiza,” to deliver self-managing systems technology (including configuration, optimization, fixing and self-protection) across the company’s entire e-server product portfolio by 2007, offers customers the comfort of being with a market leader in hardware that supports e-business.
IBM Global Services: Are they the only game in town?
The promise of “on demand” computing requires a services provider to provide a “total smorgasbord” of services, even for third-party equipment, third-party software and third-party telecommunications. Who else could meet this challenge? Is this a challenge that makes sense for other services providers? Could a meaningful outsourcing contract be drafted that would overcome the inherent limitations of a narrow-scope services provider? Do equipment manufacturers (such as IBM, HP, Compaq and Dell) offer better terms than pure services companies? Or could a narrow-scope services provider compete effectively by becoming a better manager of third-party services than IBM? This deal opens these issues.
Deal Terms.
American Express will pay IBM Global Services about $4 billion over seven years to host its Web site, network servers, data storage, and help-desk support. According to IBM, this contract is IBM Global Services’ largest for utility-based service delivery. Payments are adds are based on actual usage of IT services rather than a flat fee. American Express projects “hundreds of millions of dollars” in IT savings during the life of the contract.
As part of the agreement, American Express will also move about 2,000 employees worldwide to IBM Global Services. The employees will continue to work out of American Express’ data centers in Phoenix and Minneapolis, as well as locations in England and Australia. In March, IBM will begin taking over American Express’ transaction-processing operations.
Utility Computing /On-Demand Computing.
While the concept of on-demand access to IT resources has been in the market for a few years, few large companies such as American Express have committed to it. Essentially, the services provider takes over responsibility for making all purchases, managing the technology and delivering technology as a service “on demand,” when and where needed, in scalable volumes. As a legal contract, however, the degree to which any service can be “on demand” involves prior agreement on the customer’s current and future technology plans, as well as any financial risks that the customer must shoulder to deal with changing customer needs, changes in technology and changing market conditions. The customer still remains responsible for IT strategy, planning and ensuring that it gets what it contracted for.