Outsourcing can help mitigate risks. Vendors and buyers should be prepared to share the burden to make risk-shouldering a worthwhile pursuit.
Like other forms of business process outsourcing, HRO provides opportunities to shift risks that would otherwise be retained. Let’s look at opportunities and battlegrounds for achieving this goal.
Enterprises pursue outsourcing for many reasons. Today, cost management is generally an essential justification. Process improvement—regardles of whether the HR department is a train wreck or a smooth-running operation—is a close second. But in finely-crafted contracts, one key strategy is to shift many risks.
For clarity, risk “shifting” does not include strategies for mitigating the customary operational risks of outsourcing. Such mitigation strategies target the new risks not present in an in-house or shared-services operation. Inherent operational risks need to be managed by careful drafting and negotiation in the outsourcing contract and managing the relationship.
There is a long list of such risks. They stem from the transition from in-sourcing to outsourcing, the loss of knowledge and personnel, new dependency on a third party, the key problems of managing a service provider’s performance, and developing a positive balance in relationship to governance. The enterprise customer still remains responsible for ensuring that HR administrative functions continue and that current and former employees receive their compensation, benefits, and personal career development. These risks need continual management and figure into the overall financial readiness assessment for outsourcing.
Insurance can play an important role in mitigating inherent risks and in gaining “deep pocket” comfort that is otherwise unobtainable from shared services or in-house operations. Service providers’ insurance coverage can ward against professional errors and omissions.
After risk mitigation, certain “strategic” risks are ripe for shifting to the service provider. Such risks arise from the possibility of any change associated with process administration. These include changes in the legal and regulatory landscape; audit and reporting; taxes; business continuity management; records management; market conditions; insurance premiums; knowledge capital; currency valuation; and intellectual property.
Other risks are more strategic and relate to the enterprise’s core business. Mergers, acquisitions, and divestitures can radically alter the landscape and profitability for the service provider through big swings in transaction volumes and changes in demographics and resulting shifts in compliance processes. Class-action litigation can easily arise from the repetition of a poorly engineered, poorly implemented or otherwise non-compliant HR administrative process. In fact, compliance appears to be one of the most treasured benefits of outsourcing.
Customer arguments for shifting such strategic risks can be summarized into a few concepts:
- First, the service provider’s touted expertise invites liability. Depending on its marketing campaigns and C-level presentations, the provider may hold itself out as “the expert.” Typically the provider knows, or should know, the rules governing all the details of the HR processes.
- Second, a provider is best situated to identify and spread risk. The potential for spreading cost among different customers invites liability as well. In the process, the service provider can incur the cost up front and charge all its customers a fraction of the actual cost of adaptation.
- Third, the transfer of personnel or shrinking of the retained staff will disproportionately increase the customer’s costs of adjusting to changes.
- Fourth, the service provider’s model should be designed to adapt to change, so risk assumption should come as no surprise or unreasonable burden.
In return, service providers have their own arguments for dealing with a customer’s strategic risk-shifting goals. First, the pricing should be determined after all risks have been defined. The RFP process does not always result in a clear view of risks until after due diligence and negotiation of the contract terms. The customer’s attempt to fix the price and negotiate terms might work once but not on a consistent basis. The provider’s service portfolio needs flexibility to include new pricing in response to new cost drivers and risks. If the customer wants the provider to be an insurer against certain risks, a fixed price should include a premium.
For strategic operational risks, the enterprise customer should have some ongoing responsibility for process improvement, at least insofar as methods of receiving the services and end-to-end process design.
As part of the self-assessment, vendor selection, and contracting phases, the enterprise customer needs to keep such risk management opportunities in the forefront. Similarly, service providers should be prepared for the challenge.