Because of political pressure and security concerns surrounding offshore outsourcing, U.S. financial institutions have reservations about pursuing the benefits of contracting with an overseas third party, suggest industry observers. But setting up and maintaining safe offshore outsourcing relationships is possible if realistic goals and strict legal guidelines are defined.
Offshore outsourcing is controversial largely because of the social impact of losing jobs to low-wage countries. But the savings theoretically can free up resources for more highly skilled and higher-paying jobs in the U.S., it has been suggested. Most banks have a long list of projects stalled because of a lack of resources. With offshore outsourcing, banks should be able to reallocate budgets and redeploy IT staff to meet unfilled needs, according to Virginia Garcia, senior analyst at TowerGroup (Needham, Mass.). "Cutting costs and cutting staff is not the case with institutions with a backlog of IT projects," asserts Garcia. "Banks may say, 'I'm going to get my people to work on this back log while I outsource and free up capital for IT spending.'"
However, according to Garcia, many banks still are looking to offshore providers simply to cut costs. "Job loss is very painful, and it is contributing to the negativity [about] offshore outsourcing," she says. But, Garcia adds, redeploying some jobs to current employees, while outsourcing other jobs overseas, can sometimes quiet the negative buzz offshore outsourcing has been generating.
Although job loss in the U.S. is one of the most critical issues of offshoring, data security concerns speak more directly to firms' bottom lines. And though many banks are saving money by outsourcing business processes and call centers overseas, their ROI cannot be calculated without factoring in the cost of keeping data safe.
By being proactive in risk management, banks can be comfortable with their overseas outsourcing arrangements, according to Tom Patterson, former partner emeritus, security services, at Deloitte & Touche Germany, and author of Mapping Security, due out this fall, which covers the security aspects of outsourcing offshore. But not all banks are spending the money to ensure that non-U.S. employees are trustworthy, and that is where the trouble begins, asserts Patterson.
"In the U.S., it is now very common to do a background check on employees before they are hired, and the average company pays less than $20 to get a very good background check in the U.S.," he says. "Outside the U.S., the average cost of a background check on an employee is $20,000. So we don't know how many companies are going to be checking all these staffs or not."
Despite the increased challenges of securing data overseas, banks make more mistakes regarding customer data inside the U.S. than they do as part of offshore outsourcing agreements, asserts TowerGroup's Garcia, yet the errors and incidents that occur overseas are amplified by the media. "Information security breaches happen all the time in the U.S.," she says. "We have breaches that are not talked about as much as [those in] offshore environments. If something got out about security breaches in an offshore environment, it would be a big deal, but it happens in the [U.S.], too."
Lapses in information security in any environment are major problems that can lead to hefty fines and other penalties for banks. But with outsourcing offshore, banks have to be extra careful because of the increased scrutiny, according to Garcia. "We have to apply this security in [foreign] countries, plus some," she says. "[Banks] have to make sure information is completely secure."