Ever been asked to support an exciting new technology program, whose funding you feel may be better invested elsewhere?

For some risk and compliance functions, technology represents significant expense for limited benefit. This can be for several reasons, one being that the wrong technology was procured. Other times, the purchase was simply unnecessary.

Technology should never be the start point

While a desire to buy something shiny and new isn’t unusual, it’s a behaviour that may need tempering. The business case for technology investment typically centres on things like quality, reach, insight or efficiency, but these aspirations may be better solved by a focus on things like strategy, culture and process. Even if these fundamentals don’t warrant change, they’ll be central to defining your technology strategy anyway, where the right strategy may be to ‘do nothing’.

Buy for today or tomorrow?

If a change in business direction, or market conditions, impacts what risks matter and how you monitor them, then might this make any supporting technology redundant and/or too narrow in scope? Clearly, any anticipated change in direction should be accommodated in your technology, but there will be limits as to how it can be future-proofed.

In the past, many businesses have played safe by selecting risk and compliance solutions with a broad range of capabilities, at the detriment of specialist capabilities to meet their immediate needs, on the basis that this provides more flexibility in the long run. However:

• In our experience, the strategy of deploying one technology to manage all risks has generally gone badly. Most experts now accept that a range of specialist solutions is the way to go.
• While that may in turn raise a question regarding connectivity, various technical solutions now make data sharing between disparate systems much easier.

Hidden in plain sight

When helping clients to select new technology the first thing we do is look across the business for incumbent applications that may meet program needs. In which case, there may be no need to look externally.

However, the incumbent technology may be out of favour with users, while other times, political motivations hamper objective consideration. While an incumbent solution may have limitations, these need to be weighed up against the cost of buying something all-new – a cost that is far more than the sticker price of the software itself. How would a decision to look outside for new technology, if not strictly needed, be perceived by a cost-conscious board?

The wrong shortlist…

Having considered the above, the right decision can still be to go to market and select an all-new risk and compliance solution(s). But, if that’s the case, how do you avoid being the Risk or Compliance officer responsible for a costly mistake? Poor technology selection can be down to a poor requirements and assessment approach, or it can be something more fundamental - that your shortlist doesn’t include the best solution for you. It’s out there, but you didn’t know about it.

Falling into this trap is easy - this technology is typically procured every 5-7 years, so it’s a sufficiently rare event for key decision makers to lack adequate knowledge of what’s available today. In the absence of expert advice, many buyers resort to:

• A general web-search, meaning vendors are more likely to make the shortlist because of their marketing strategy, rather than their relevance.
• A peer enquiry, relying on experience of others, whose own knowledge of the market is limited and their actual experience of these solutions, even more so.
• Unsolicited approaches from technology vendors whose capabilities may be good, but not for the requirements at hand.

…based on imperfect market information…

Such enquires may be supplemented with reference to analyst reports, but these provide an over-simplified and/or incomplete view of available solutions, while other times, they are plain wrong:

• Most analyst reports will score solutions based on an average of several functional areas. A solution that scores badly because it’s focused on 1-2 key areas might actually be the right choice for you.
• Some vendors will actively avoid being on analyst reports, for fear that their offerings will be misrepresented (a justifiable concern). Again, said vendors may provide the best fit with your needs.
• For any solution in an analyst report that does meet your specific requirements, there could be potentially 5-10 others that haven’t been included. Areas such as IT risk, vendor risk, sustainability, business continuity etc., are awash with vendors who focus on one of these areas, and nothing else, and may be flying under your (and the analysts’) radar.

…leads to the wrong outcome

The inevitable consequences of a poor shortlist are a commercial deal that’s more expensive than it needs to be, for a solution that doesn’t meet your requirements as well as other options might have done. The fallout can be long-term, as the stickiness of these solutions make it hard to change what’s been deployed, without incurring further investment, potentially leading to a high annual maintenance charge, for a solution that no one in your business wants to use.

Look beyond the obvious

It’s quite possible that the right solution may be whatever came top in a google search or one of the leaders in an analyst report. But why leave it to chance? You ideally want a broader range of options as part of an informed search and select process.

Casting the net wider and looking for more specialised solutions, invariably means looking at smaller vendors who provide many benefits beyond a better product fit:

• Specialist knowledge: Many vendors will have been founded by a small team of industry experts, well placed to understand your needs. The benefits of this aren’t just a better-aligned offering, but a better-informed product roadmap.
• Greater agility: Where solutions offered don’t quite fit your need, it’s easier for a smaller vendor to make any necessary changes.
• Better service: You’re likely to be part of a smaller client roster and represent a big piece of their total revenue with greater influence over future product roadmap. You’ll also benefit from a team more personally invested in your future success.

Against these benefits are some potential risks of engaging a smaller vendor that need to be thoroughly reviewed. Naturally, short and long-term financial stability is one consideration, but so too is the robustness of their core products. For example, is a willingness to flex their solution to your requirements, symptomatic of an approach whereby all customers are on heavily customised deployments which, in the long run, won’t be sustainable?

Where now?

If you’re about to invest and want to avoid the risk of buying the wrong technology, contact us. We provide impartial advice, untainted by reseller agreements or any other direct or indirect incentivisation, ensuring our objectivity.

we are
combined.

local expertise, global experience.

© CMBYND Inc. All rights reserved.