Satyam Case: Experts Respond With Insight, Advice

Indian BPO/IT outsourcing firm Satyam Computer Services Ltd. has been rocked by a $1 billion financial fraud scandal that may have cast an unfortunate shadow over the offshore outsourcing industry: in much the same way as the Enron and Madoff affairs have roiled Wall Street.

 

The Associated Press reported that last weekend Indian police arrested Satyam’s CFO, Vadlamani Srinivas. He joined founder B (News - Alert). Ramalinga Raju and his brother, former managing director B. Rama Raju in being charged Saturday with criminal conspiracy, forgery, criminal breach of trust and falsifying documents.

 

The Indian government has dissolved Satyam’s board and on Monday it named three people to a new board. They are Deepak S. Parekh, Chairman of HDFC, Kiran Karnik, former President of NASSCOM, and C. Achuthan, Director at the National Stock Exchange, former Member of SEBI, and former Chairman of Securities Appellate Tribunal.

 

“Satyam welcomes this key development, which will ensure the company’s continued operations, help maintain customer confidence and associate morale, and restore investor trust,” a Satyam spokesperson said in a release. “The new members are eminent and accomplished leaders, recognized in India and around the world for their expertise in finance, law, administration and the IT services industry. Satyam’s leadership team has complete confidence in them, and pledges to work closely and in full cooperation with the new board,” the company said.

“This is a vital stabilizing development for Satyam, and it marks the beginning of a new chapter in the company’s history. It is the best news we’ve received in the past four weeks,” the company spokesperson added.

 

Given the importance and prominence of Satyam and of offshoring we obtained the view of experts at two firms very familiar with the Indian outsourcing industry. They are: Peter Brudenall, a partner in the global technology and outsourcing practice at the law firm of Hunton & Williams LLP and Steve Martin, partner, Pace Harmon, a technology sourcing consultancy.

 

 

1. What implications if any does the Satyam case have for offshoring outsourcing, to India in particular but also to other developing nations? Is the Satyam affair a one-off incident or is it an example of a systematic problem and if the latter please explain 

 

Brudenall:

 

I don't believe there is any systematic problem, and companies will continue to outsource services to Indian companies and to companies based in other countries.   Companies should, however, continue to undertake detailed due diligence and assessment of their outsourcing vendors, wherever they are based. Scandals, such as those experienced by Satyam, can occur anywhere, meaning that companies must thoroughly assess all strategically important service providers. However, although it is far too early to suggest that the Satyam issue has any broader repercussions for the Indian outsourcing community, we would suggest that companies be mindful of any further, similar incidents being reported and how the Indian regulators respond.

Companies should also ensure that contractual relationships with Indian, and other, outsourcing vendors enable appropriate "get out" clauses as well as sufficient levels of access to information, intellectual property and know-how.

 

Martin:

 

Companies typically plan for various disaster recovery scenarios when they manage IT programs, regardless of whether the operations are managed here in the U.S. or abroad in developing nations. For example, companies routinely establish backup data centers or mirrored application instances in preparation for any potential natural disaster or terrorist attack. However, the Satyam case introduces the need for another type of contingency plan-- for the potential financial meltdown of a supplier.

 

As the probability of this type of disaster is arguably higher in India and other developing countries where financial controls may not be tightly regulated and there is less financial transparency, when companies outsource to these countries, they will now increasingly think about putting this into their disaster recovery plan. While this will place a higher premium on outsourcing to these countries, it is necessary for adequate protection. For example, a company should include provisions for immediate transfer of their application development program to another outsourcer or to their internal operations, as well as requiring thorough documentation and adherence to particular software development standards, e.g., CMMI.

 

While it's too early to tell for certain, we are unaware of any credible evidence supporting the notion that this is more than a one-off situation centered on Satyam and its management. Other competing companies in the offshore outsourcing space, and quite possibly in the overall outsourcing arena, will most likely invite a high level of scrutiny over their financials and operations during the coming months to reduce any perception or concerns that will likely arise from the users of outsourced IT services that there is a systematic problem in the industry.  

 

2. What are the actual consequences for companies that have contracted with Satyam and what is your advice on how to ameliorate them?

Brudenall:

 

Companies contracted with Satyam should, as a matter of urgency, review their contracts. They need to be considering what options they have in the event that they need to transfer their outsourced services to another vendor, or to gain access to and take control of sensitive data or intellectual property.  Contracts will often have provisions allowing for termination rights where there has been damage to reputation, or in the event of a "material adverse change" under the contract, and will almost always have termination rights if there is a "change of control" – i.e: if Satyam is acquired by another company.  Customers need also to consider if key employees, crucial to their provision of services, start leaving the company as that will be an early warning sign that things might start getting very messy.

 

Martin:

 

Consequences range from highly significant to operational inconveniences. On the significant side, if a company depended heavily on Satyam resources for mission-critical operations and those resources are potentially preparing to exit en masse, there could be a materially adverse result in the stability of those applications – particularly if the company has not done a good job of disaster recovery planning; in the case of application outsourcing, sufficient disaster planning translates into high quality and up-to-date documentation, adherence to software development standards and best practices, and world class governance.  

 

In situations with poor governance, documentation, and software development practices, companies will urgently need to establish a knowledge repository and take all necessary means to secure the Satyam resources, whether by offering to pay retention bonuses or gaining permission to hire the resource directly from Satyam. This will increase the probability that the knowledge can be retained as long as possible to ensure a safe transfer of information and software code to another company or to internal resources. If Satyam resources are not managing mission critical business elements and/or their work is well governed, the likely outcome will obviously be less operationally impactful, but will nonetheless require a transfer of the applications to other providers, which could be costly and resource-intensive in the short term.

 

3. What due diligence steps do you recommend before outsourcing offshore, to India in particular, but to firms based on other similar countries?

 

Brudenall:

 

We would suggest companies do such things as the following:

-- Travel to India or the relevant country to talk to senior management of the vendor being considered;

-- Talk to customers of that vendor about their experiences;
-- Get advice from experienced counsel and consultants who understand the Indian outsourcing market (and the local issues relevant to any other country being considered);
--Ensure that the contract with the vendor includes provisions that enable the customer to terminate, without penalty, if there has been a "material adverse change" in either the vendor's corporate structure, assets, or the basis for which the contract was agreed;

-- Include "top table" provisions in the contract enabling the customer to call extraordinary meetings of the senior management of the vendor if there is an issue that has or may lead to service performance decreasing, or that may lead to reputational damage;
-- Ensure there are sufficient contractual audit rights and rights to information about the service (including access to intellectual property); and

-- Look at obtaining financial guarantees from the vendor if the contract needs to be terminated.

We would not suggest that companies necessarily delay entering into an agreement with an Indian-based vendor, other than Satyam, however it will be important to monitor the response of the regulators to the situation and any consequential regulatory responses.

 

Martin:

 

We recommend that companies design their vendor agreements and governance frameworks with a clear exit strategy in mind from the start. That strategy needs to contemplate a wide range of triggers, ranging from termination of the agreement under the normal course, to natural disasters, terrorism, and fraudulence. This practice is imperative for outsourcing in India as well as in other countries. By being prepared at all times to do a quick transition to another supplier, companies have a naturally higher degree of leverage over the incumbent providers and, moreover, are prepared for a wide range of scenarios that could precipitate the need for an unexpected and immediate transition.

 

In addition, companies should perform all possible research on the outsourcer, its owners/investors and its leadership team before executing an agreement with them. Learn as much as possible about situations that raise a red flag, ranging from questionable or seemingly unusual business transactions to fraudulent or criminal behavior.

 

As a further step, kick the tires by making site visits to the outsourcer’s facilities, talking with the people who will be performing your outsourced work, checking for standards compliance and other best practices around software development and disaster preparedness. As an added measure, take the necessary steps to ensure your right to retain (either through direct hire or the ability to have transferred to another outsourcer) the key outsourced personnel on your account in the event of a supplier-impacting event.