According to IDC Canada, the financial services industry is hot on outsourcing IT tasks. IT outsourcing is expected to grow at a compound annual rate of 8.6 per cent to 2008 among financial firms. Compare that to a national IT outsourcing compound annual rate of 3.9 per cent.
IDC Canada analyst Matt Jarrett says that impressive growth rate comes from the financial industry’s desire to stay atop the high-tech curve without sinking millions of dollars into application development, network management and other technological undertakings. But as popular as outsourcing has become, it also brings certain risks.
BMO Financial Group, for example, learned how important it is to lock down your internal processes even if the IT obligation in question belongs to an external partner. In the fall of 2003, BMO experienced what could have been a public relations disaster when a simple misstep at an outsource service provider resulted in a pair of computers carrying BMO customer information going on the eBay auction block.
In its effort to make sure it never happens again, the bank had employees review corporate policies regarding data integrity. Robert Garigue, BMO’s chief information security officer and vice-president, also explains in an article on page 8 that his company has tough questions for service providers, to ensure that their internal processes are as stringent as those of the bank.
No matter how confident a company might be in its relationship with a primary outsource service provider, it can be more difficult to maintain such certainty when the service provider also works with secondary firms. It’s one thing for TD Bank Financial Group, for instance, to have confidence in Hewlett-Packard Canada Co. (HP), a company to which TD will outsource certain tech-related business tasks. It’s another thing for the bank to be as confident about some of the other service providers that HP has called upon to complete the outsourcing package.
Chuck Hounsell of TD explains that his firm took its time choosing HP as the service provider, and in that long process the bank investigated the agreements HP had with secondary providers as well (see page 4 for more on this). Hounsell’s experience suggests it’s imperative for businesses to scrutinize not only the primary servicer, but also the other companies involved in the entire outsourcing envelope.
There are more things to consider, not the least of which: the impact outsourcing might have on IT staff. For every story like the one Susan Maclean tells about CIBC’s successful transfer of some 200 employees to EDS when the latter firm took over the institution’s human resources processes (page 10), it seems there’s a corresponding cautionary tale, such as the situation in Swansea, a U.K. town that considered outsourcing PC and application support. Unionized IT staff got ready to strike over the issue.
The human element, as well as service level agreements, security measures and internal processes, will become all the more important as the financial sector continues to flock to outsourcing, as IDC Canada’s numbers suggest it will.