India: Offshoring and Outsourcing Risks


Jayanthi Iyengar

India has proved to be an attractive offshoring and outsourcing destination for overseas companies. However, two important risks are being increasingly identified in relation to these operations. They are the high attrition rate and the risks emanating from the business continuity plans of the business processing units (BPOs) in India, including the back-offices of multinationals and the Indian BPOs, which offer third-party outsourcing services. The US regulatory body, the Office of the Comptroller of Currency (OCC), first set the ball rolling by inspecting the back-offices - often referred to as the captive operations - of multinational banks like Citigroup, American Express and JP Morgan-Chase, which have a BPO unit in India. Later, the OCC followed this up by extending its inspection and audit to the small and mid-sized Indian BPOs, such as payroll managers and equity research firms that service US clients.

Yet, the US was not alone in this move. In June, the Financial Services Authority (FSA) and Bank of England (BoE), the UK's financial sector regulators, began inspecting and auditing the operations of British BPOs in India, as well as those of Indian IT companies providing offshore services to UK clients.

Both the UK and US financial sector regulators have begun these inspections as they wish to safeguard their countries from a contagion effect, which could be transmitted to their own economies in the case of a crisis. Also, such audits are not new. The pharmaceutical sector, which exports drugs and provides R&D facilities, is already subject to audits by overseas regulators.

Currently, Australian and financial sector regulators in countries elsewhere have not yet started such audits, but many companies across the globe are forcing BPOs in India and other countries to subject themselves to global standards and third party audits. One such recent audit is the SAS 70. This is an audit which has been developed by the American Institute of Certified Public Accountants (AICPA). It is aimed at standardizing processes. These processes could help in checking data breaches, particularly of sensitive financial data, which could lead to identity theft. SAS 70 comes in the wake of a series of data security measures adopted by the global industry to protect client information, such as BS 7799, service level agreements (SLA) and data protection laws prescribed by various countries such as the Data Protection Act, 1998 (UK), IT Act 2000 (India) and the Gramm-Leach Bliley Act or GLBA (USA).

While there is no denying the benefits of outsourcing and offshoring today, companies need to be alert to the risks that such a venture carries. Some Indians, of course, view these developments as the imposition of non-competitive trade barriers by developed countries, in order to contain the loss of jobs to India. However, the leading Indian BPO service providers, who have global aspirations, tend to view these as necessary requirements and are more than willing to oblige customers that demand quality operations. Hence, other overseas companies doing business with Indian BPOs would be within their rights to demand such protection.

WATCHPOINT: Since the US and UK regulators and companies are more vigilant when it comes to safeguarding themselves against potential risks from outsourcing and offshoring, Australian and other overseas companies should monitor their approach and demand similar safeguards for their own operations.


About our company:

AFG Venture Group is an Asia and Australia based corporate advisory and consulting firm with over 20 years experience in creating alliances, relationships and transactions in Australia, South East Asia and India; including a 15 year history of corporate and equities advisory in Australia, undertaking merger, acquisition, divestment, fund raising and consulting for private and public companies.

Go to top