Managing Risks in Outsourcing: Part 1 – Supplier Selection


Outsourcings can offer organizations significant commercial benefits but they also present challenges and risks throughout the outsourcing life-cycle for the outsourcing organization whether during the supplier selection process, in the course of contract negotiations, during the implementation and day to day operation of the outsourced services, and on exit from the outsourcing contract. Here are some practical tips for organizations who propose to outsource on how to manage and mitigate some of these risks. In Part 1, I will focus on supplier selection. In Part 2, I will cover the negotiation process. In Part 3, I will address relationship management.

Supplier selection is an important step in the outsourcing process which can give rise to a wide range of risks. These include a procurement outcome which does not support your needs and objectives, delays leading to increases in the overall deal costs, discontinuity in the supply of essential goods and services, loss of influence in relationships with your existing essential suppliers, damage to your reputation, exposure of your directors and officers to prosecution and litigation, unauthorized disclosures of your confidential information or confidential information belonging to a third party, and ‘misrepresentation type’ claims brought by the selected supplier or unsuccessful bidders arising from incorrect, misleading or deceptive statements or information provided or made during the selection process.

The success of a selection process in outsourcing deals is dependent upon undertaking sufficient due diligence, preparation and planning. You should conduct a baseline review to identify and assess your current services and systems and the current costs of providing those services and systems. The quality and depth of this analysis is key. Not only will it form benchmarks for performance and service levels but it can also be used to confirm that the outsourcing business case is economically viable.

You should identify your business requirements as well as the outcomes you would like to achieve through the outsourcing in a manner which enables changes and growth to be efficiently accommodated.

You should identify the key risks arising from the deal and develop a strategy for dealing with those risks. You may like to consider producing a ‘risk register’ which identifies possible risks and sets out a description of each risk, identifies the likelihood of each risk happening and the impact that the risk would have should it materialize, as well as a strategy for mitigating the risks in question. In addition, the ‘risk register’ should identify the person who will be responsible for managing the particular risk.

You should investigate the market to understand the price you would be likely to pay for the deal you need and which suppliers are able to offer it. You may send potential suppliers a request for information, setting out the services you are considering outsourcing and requesting information about the supplier’s capabilities and experience in relation to those services.

You should give appropriate consideration to your sourcing strategy. In some cases a tender to the market may not necessarily be the best option. The most appropriate strategy will depend upon your needs and objectives. You may consider retaining your existing supplier to take advantage of the benefits of your relationship with the supplier and reduce transition risks. However, in looking to your existing supplier, you’ll have to address the risk that your existing supplier has less incentive to price its offering competitively.

You should consider whether one or more suppliers are required. The use of multiple suppliers can be one way of managing and spreading the risks of an outsourcing deal and avoids the problem of “lock-in”. It also forces suppliers to be competitive and provides a fallback strategy if one supplier withdraws. However, you will want to balance that solution with the increased risk of mismanagement.

Sufficient time should be allocated for suppliers to undertake due diligence to enable them to prepare a comprehensive solution. You should also try to ensure that tendered prices or the proposal are not conditional on further due diligence after the evaluation process is complete. This will help to ensure that the selection process is not prolonged or compromised by ‘indicative pricing’ which is subject to further review.

If you opt for a tender, you can mitigate risk mitigation by preparing a detailed and comprehensive request for proposal (RFP) which should include much of the internal analysis information obtained during the baseline review. You should ensure your RFP contains all information which may be relevant to enable suppliers to submit their best bids, including an accurate and full description of your business, the services which you require and the outcomes you would like to achieve. The more relevant information you provide to suppliers at this point the more meaningful bids you will receive. You may wish to include a form of outsourcing contract with the RFP and invite comments from the bidders which you can assess during the evaluation of their responses – this has the benefit of extending competition to the contractual terms as well.

You should not provide any confidential information to a potential supplier until they have signed a confidentiality undertaking. You should check all third party documents such as software licenses, contracts, reports or other records for confidentiality restrictions and, if required, seek consent to disclosure from the relevant third parties before making these documents available to potential suppliers. You should ensure that submissions and assessment data gathered by you during the evaluation phase are not communicated outside the evaluation team and your employees and contractors are reminded of their confidentiality obligations. In some cases, you may wish to require your employees to sign a non-disclosure agreement. The use of centralized repositories of information, physical safeguards or password protection should also be considered.

To minimize the risk of inaccurate, misleading or deceptive information being provided to potential suppliers (particularly during the tender) you should ensure that one single point of contact is appointed to deal with queries or requests for clarifications from bidders. It is also important to ensure that statements and clarifications made by you in response to those queries or clarifications are put in writing.

You should ensure that identical information is available to all potential bidders during the tender to best deliver the overall success of the tender and ensure that all bidders are treated fairly and equally. As stated above, procedures should be established to govern communication with bidders and your employees should not express any personal opinions on the procurement process publicly, privately or on the email system, particularly in relation to preferred potential bidders or prices, unless specifically authorized to do so.

To ensure that a procurement outcome which meets your needs and objectives is obtained, you should develop clear and specific criteria for evaluating the responses received from bidders. You should also undertake due diligence into each potential supplier to eliminate as much risk as possible before entering into the outsourcing contract. This due diligence should include interviews of supplier personnel and on-site visits, checking supplier references and verifying supplier financials.

An outsourcing arrangement will only succeed if it works for the supplier as well. Customers who seek to obtain an unfair proportion of the value from the outsourcing deal via, for example, unfair contract terms, risk not only losing high quality suppliers but extensive delays in contract negotiations. This is not merely just a waste of time but may often result in no contract being agreed at all between the parties.