Risks in outsourcing F&A functions have always been high. Most popular concerns are that of security of data and the fear of losing process knowledge to competitors through high attrition rates in India. During a panel discussion at NASSCOM, David A.J Smith, CEO, Global Head – GLT, HSBC, made it clear that he had a captive in India simply because it was extremely risky to partner with a vendor. He believes that could risk the commitment shareholders show in the company. Following are the top two risks he spoke of:

1. Delivery Risk: Ensuring that the teams (in-house, captives and third-party vendors) across the world work together efficiently. This is not an easy task. A number of integration programs have to be developed for employees and also involves matrix management.
2. Vendor Risks: Fear for losing control, knowledge and expertise.

Mark Serdar, VP, JPMC, has a different opinion. He believes that both the captive and third-party models have their own benefits. Using both has helped JPMC develop a healthy competitive spirit between them and focus more on high-value-based work (by outsourcing low-end jobs to third party). Mark follows a hybrid model and collaborates with partners to leverage best practices in both outsourcing models. However, he believes that before experimenting it is important that the 'location risks' are carefully evaluated. It is important to not only study countries or cities but also go deeper to understand the characteristics of the location (with the city).

These risks seem to be challenging, but they can be mitigated. This is because the BPO and IT services industries have moved up the maturity curve. Undoubtedly, risks have become higher, but they are a function of change. In order to mitigate risks it is important to learn how change can be managed. V.N (Tiger) Tyagarajan, COO, Genpact, believes that each client-vendor relationship has its own unique risk-reward equation. Hence, how closely the two parties work will really decide, how much risk can be mitigated.

While the three senior executives deliberated ways to mitigate current risks, there emerged two other risks that need immediate attention:

1. Employee-side risks, especially when they work across different geographies. It becomes extremely important to understand culture and needs of each location, so that they are aligned with goals of the company.
2. Disconnect between the business models of the service provider and the client. It is important to stick to certain basic-traditional models and develop on it to improve processes. While new non-linear growth techniques may be rewarding, the service provider must first connect with the existing model and then improvise.

The risks are many and they have only evolved over time. There are no guaranteed solutions for mitigating risks and with new technology and innovation, it will only get worse. For now, it’s best to be vigilant, know what the requirements are and evaluate a number of options to look for advantages outweighing risks.