When it comes to outsourcing business processes the advantages seem obvious. It may make perfect sense to go this route so that you can focus on your core business activities, i.e. developing and marketing financial products. Leave the non-core activities to others, i.e. the administration. The only work involved for you lies in monitoring the SLAs. This appears to be an ideal route to go, and indeed for many it is. However the one area that is often overlooked when considering a case for outsourcing is compliance. The regulator is paying a lot of attention to the issue of where responsibility lies and it is worth being sure that, before you decide to outsource, you know exactly where you stand on this issue.
Many outsource providers will promise to take the whole issue of compliance off your hands and indeed they do for the day-to-day administrative activities necessary to remain compliant. However, the problems lie in the fact that the regulator insists that the insurer remains responsible. Only last year, a general insurer was fined over £8m and part of the reason was that it failed to provide adequate oversight of its outsourced service providers, so it was held responsible for their actions. This shows that you are ultimately responsible for issues over which you have no direct control and are reliant upon others for the information relating to both the success rate and the methods being used to achieve it.
Good outsource companies will not only implement the processes in a compliant manner, they will make sure that you have all the information and proof you need in the event that a regulator raises any issues. So, how this area will be handled is an oft-overlooked but increasingly vital part of contract negotiations when you are dealing with potential outsourcing partners.
Involving the compliance and audit departments in these negotiations is key to keeping your company in the clear when it comes to regulatory compliance. The requirements of these departments should then be incorporated in a clear and measurable way into the agreed service-level agreements (SLAs). After all, it is important not just for compliance to be done but also for it to be seen to be done. Hence, providers must be in a position to demonstrate that they have good internal processes for monitoring the levels of compliance and for making sure it is delivered from the outsourcing partner.
The other important area is the monitoring of SLA fulfilment. It is no defence for the insurer to have very strong SLAs if they are not being adhered to. The responsibility for making sure that this happens lies squarely with the insurer. UBS’s outsourcing partner had a big part to play in what went wrong with the bank but it was UBS who copped the $30M fine.
Keeping compliance at the forefront of your mind when approaching BPO deals is vital if the insurer is to avoid censure from the regulator, and the large fines and bad publicity that is attendant upon that. Even more costly will be the operation to bring the processes back in-house if the compliance issues cannot be resolved, so making sure that it forms the core bedrock of any agreement is the only way to ensure BPO success and reap the rewards that come from a BPO approach.
Norman Carroll
CEO, Exaxe
What do you think? Let us know in the comments below!