The concept of outsourcing has taken the business world by storm. Although, it has been woven to become one of the most used buzzwords in corporate jargon, there is still scope of it being misconstrued from a governance perspective.
In essence, companies tend to outsource their business processes to third parties to carry out certain non-core activities or operations on their behalf. The processes that generally comes to mind when business process outsourcing is discussed are facilities management, customer service support, human resources, payroll and IT support. But, along with these processes, other related activities are also outsourced that involve compliance to statutory and regulatory requirements. These processes include obtaining and renewing of licenses to operate business, carrying out concurrent audit functions, managing investor records among others.
As these tasks are outsourced, companies tend to assume that the responsibility for these duties rests with the related vendors and third-party professionals. However, an important element is usually overlooked, which is the accountability factor for good governance. This accountability rests with the company itself and is an extremely important facet of determining how ethically conscious the company is.
Let’s review some common scenarios and ponder over a few corresponding questions that may surface:
- Organizations appoint third parties to liaison with government departments for obtaining licenses and other regulatory compliances. Does this mean that organizations are not liable for bribery and corrupt practices of these intermediaries while fulfilling their obligations to their clients?
- Companies appoint Registrars & Transfer Agents (RTAs) for maintaining records of investor details and transactions. Having outsourced the duties to an intermediary, does it also mean that the governance responsibilities of the company have been outsourced?
- Banks engage concurrent auditors for perpetual review and monitoring of process and controls in day-to-day operations. However, does it mean that banks have outsourced their governance for implementation and monitoring of control mechanism?
Here are a few responses that have been relayed by companies, when any instances of flouting of norms by outsourced third parties have come to the forefront:
“We appointed a third-party for liasoning purposes and we included an anti-bribery clause as part of our contract with the service provider… hence we are not responsible for their improper acts.”
“We have concurrent auditors who should have pointed these out….”
Outsourcing of governance – reality check
Companies need to realize that business-related operations may be outsourced to third parties and intermediaries, but the governance accountability associated with the outsourced activities still lies with the company.
Companies with operations in India need to obtain and regularly renew licenses and permits for operating business either in leased premises, or for constructing and maintaining their own office premises. The process, however, is complex and requires every company to fulfil certain conditions laid down under respective statutes, and their rules and regulations, stipulated by the Indian regulatory system. Given the complexity, many companies outsource these compliance functions to respective third-party vendor firms who have the requisite knowledge and competence of dealing with government officials for obtaining or renewing licenses and permits.
Companies are often under a misconception that through elimination of a direct role in these dealings, they would avoid the anti-corruption scanner. They seldom realize that the liability for such demeanours still resides with them. They still continue to be accountable for any acts undertaken by the vendors they outsource their work to, as the ultimate beneficiary of the license is the company.
As per EY’s 14th Global Fraud Survey 2016, “Corporate misconduct – individual consequences”, 58% of the respondents in India believe bribery and corruption happens widely in the country; the global average on this metric stand at a lower percentage of 39% of the respondents. Furthermore, 44% of the respondents consider practices such as entertainment, personal gifts or services, cash payments or misrepresentation of financial performance acceptable means to meet business targets. Given this scenario, it is important for companies to stay abreast of any unethical practices demonstrated by their outsourced vendors. They should deploy efficient control mechanisms to ensure compliance to rules and regulations and discourage vendors from being involved in any unethical practice driven by the objective of demonstrating favourable results to the company.
Companies resort to outsourcing to either reduce costs or for strategic reasons. However, outsourcing without assessing risks or deploying adequate monitoring processes could have a severe impact on an organization’s reputation, resulting in the erosion of stakeholders’ confidence, and also impact the organization’s growth.
Along with appropriate anti-bribery clauses in contracts, companies should create a comprehensive risk profile of outsourced vendors. There must be complete transparency in the way a third party is remunerated, not just in fees or commission, but also in its expenses.
The key takeaway here is – you can outsource responsibility, but you can never outsource your accountability towards governance.
(This is the first of a two-part series on outsourced governance)
Srikrishnan Soundararajan, Manager, Fraud Investigation & Dispute Services contributed to the above post.