12:20 PM
Effective vendor management enables insurance companies to get the most out of software, IT services and outsourcing contracts
Q: What steps must insurers take to get the most out of their vendor/partner relationships?
A: Russ Pass, Bridge Strategy Group: Clarity around goals is No. 1. Companies often fail to appreciate the things an incumbent does well and overlook them in requirements documents and RFPs. Next in importance is establishing the right kind of dialogue. If dialogue is infrequent and confrontational, with heavy reference to contractual commitments, the maximum you'll get is the minimum your provider is obliged to deliver. Lastly, pick a vendor for whom you will be a high priority. When push comes to shove, vendors assign their best people to priority accounts.
A: Art Barrios, PricewaterhouseCoopers: The first step is to establish the relationships at the right level for the vendor/partner — the more senior the better. Start with the CEO and go from there. This pays dividends in terms of the quality of the team working with your firm as well as the ongoing service. It also helps that when the inevitable issues arise, you have a direct line to the individuals who can make a difference.
Additionally, having transparency of information regarding the key performance metrics for the relationship is important. Focus on quality of services, fees relative to value, business value or improvements delivered by vendor, customer satisfaction surveys, etc. Also, appointing a senior sponsor from the insurer to interface with the partner account team ensures ongoing senior management exposure to help align partner competencies with insurance company needs.
A: Michael Risley, CSC: Three steps are critical to establishing successful outsourcing relationships: Understand the business drivers, determine what each party will gain from the relationship (additional capacity or scale? consolidated system environment? an anchor client?), and establish a relationship-management structure.
Host meetings regularly to discuss future goals, initiatives or changes in priority. Set noncontractual targets aimed at improving the relationship. Clearly articulate roles and responsibilities. Take advantage of the full breadth of the vendor's capabilities. And look for ways to use your vendor's capabilities or knowledge base to improve your business.
Q: Some insurers work with a key, preferred vendor while others choose a diversified portfolio of solutions providers. What are the pros and cons of each approach?
A: Pass, Bridge Strategy Group: With a preferred provider, you generally get a better rate, more-consistent and tightly integrated processes, and consolidated information for managing both vendor performance and your own usage. The leverage each of you has on the other is greater, and you hope the vendor is sensitive enough to its reputation not to exploit this. With multiple providers, you are less exposed to single points of failure and may be able to make better use of specialized expertise. But rates are higher and relationship management is more complicated. The ability to shift volume to reward higher-performing providers is a boon.
A: Karen Roche, LogicaCMG North America: Preferred vendors that know your processes, requirements and people make you comfortable. That can be a problem — vendors get complacent and you get lazy. You can miss new and better ways of reducing risk, saving money and operating efficiently if you don't make the effort to cultivate new suppliers.
A: Barrios, PricewaterhouseCoopers: Preferred vendor relationships are on the rise. The advantages are well-chronicled — better pricing power for the buyers, more incentive for the vendors to invest in getting to know your business, more attention as a larger customer. The downside is that an organization risks missing out on new and innovative ideas and services that may come from outside of their preferred vendor list. Focus on creating a core of preferred vendors, but keep the process open so that emerging players can join the group and one-off transactions are possible in exceptional situations.
It is very important for insurers to distinguish projects and project roles as either generic or specialized. Generic roles can be fulfilled with a broader number of vendors. Specialized roles typically require resources with specific industry, process or client knowledge, and will require a partner with experience within the client environment. This is where a preferred partner with a track record at the client can pay off.
A: Risley, CSC: Although multipartner models allow best-of-breed contracting and foster competition, this approach increases the complexity of managing the relationships and contributes to service-delivery risk. Significant questions need to be addressed. How do you deploy end-to-end delivery processes across multiple providers? How do you enforce accountability, liability and responsibility? How do you optimize the role of each partner, determine the scope of activities and, more problematic, change roles and scope over time? Knowledge transfer, governance, responsibilities and communication are more easily defined and managed with sole sourcing.
Q: How has increasing regulatory scrutiny affected insurance companies' relationships with their vendors?
A: Pass, Bridge Strategy Group: Outsourcing relieves an insurance company of none of its obligations. As far as regulatory bodies are concerned, the provider is a part of the company. To make sure vendors/partners don't compromise an insurance company's ability to meet obligations under regulatory mandates, a company needs visibility into its providers' processes and information systems — even into performance and incentive systems. It needs to verify that the necessary administrative, physical and technical safeguards are in place. Contractual remedies are insufficient. While a company can insist its vendors indemnify it against regulatory breaches, its reputation will suffer regardless.
A: Roche, LogicaCMG North America: LogicaCMG surveyed 350 executives recently — 68 percent said they were putting off outsourcing due to compliance issues. Insurers can never abrogate responsibility to drive compliance. They've got to ensure that vendors comply with regulations ... with the same rigor that the company would. Vendors must be on top of all legal issues [and] they must understand, and work toward, the ultimate goals of the regulations.
A: Barrios, PricewaterhouseCoopers: Regulators continue to hold insurers responsible for the actions of their service providers — insurers can't outsource regulatory compliance to third parties. This has meant an increased focus on vendor risk management and has led to such things as vendor contracts including penalties for noncompliance with regulations, more independent audits of outsourced operations and greater coordination of responses to regulatory inquiries.
Q: What are the unique challenges inherent in managing outsourcing/offshoring relationships?
A: Roche, LogicaCMG North America: The first challenge is the cost/benefit trade-off: "You get what you pay for." The client must balance reasonable investment with the increased value of using the outsourcing provider. Second is flexibility. Don't give up control of key deliverables and schedules when you outsource or go offshore. If priorities change, you'll have a tough time adjusting. Don't overlook the possibility of early reentry. Plan for it up front. You must move quickly to bring the work back in-house if the outsourcing provider can't deliver.
A: Risley, CSC: Long-distance management requires accommodation for time differences and limited face-to-face communication. These increase the risk of miscommunication and errors, resulting in delays, misunderstandings and missed problems. Extra security and quality assurance measures help protect intellectual capital and ensure data privacy. Carefully monitoring knowledge transfer helps ensure a successful hand-off. Vendors can mitigate these risks with a permanent presence offshore and an established global resource model. Controlling access and security requires a mature IT and security environment. Vendors should provide a comprehensive knowledge transfer process, routinely verify and audit processes, monitor access to file servers and source-code servers, and conduct risk assessments.
Peggy Bresnick Kendler has been a writer for 30 years. She has worked as an editor, publicist and school district technology coordinator. During the past decade, Bresnick Kendler has worked for UBM TechWeb on special financialservices technology-centered ... View Full Bio