Systems and vendors – a joint choice

The management and evaluation of vendor and service provider risk has never been more important than it is right now in the investment management industry.

A number of trends in the vendor playing field are the drivers behind this situation:

• the ongoing merger and acquisition activity in the marketplace continues unabated;
• high-profile vendor and service provider failures continue to make news of the unwanted variety;
• widely used systems and applications are slated for retirement with little to no warning signs;
• and recently acquired applications aren’t keeping pace with the industry due to vendor neglect.

Furthermore, the investment management marketplace is being transformed by a variety of factors including globalization, product diversification, and complex regulatory measures, all of which necessitates an increased reliance on external vendors, suppliers, and service providers. The time is now for asset managers to take stock of their exposure to what is undoubtedly a vast network of third-party providers within the technology and operations ecosystem.

A brief history of vendor risk

The buy vs. build conundrum

It wasn’t that long ago that firms, when evaluating the need for enterprise software, first needed to answer the question of “buy vs. build”. Building applications was seen as a competitive advantage and differentiator across several functions in the investment management lifecycle; many of these systems were highly customized with bespoke functionality that made sense for financial institutions at the time. The industry has largely moved away from this model due to a variety of factors, not the least of which was the expense of supporting such an infrastructure and the inability to scale and keep pace with the explosion of financial products and the highly regulatory culture that dominates the financial markets today.

Asset management firms now must evaluate enterprise software and application requirements based on not only the functionality inherent in a packaged solution or service, but also how best to deploy new technologies. The “buy vs. build” conundrum has evolved to include “buy vs. build vs. ASP/ SaaS vs. outsource,” which has in turn introduced a proliferation of vendors and third-party service providers of varying shapes and sizes to the discussion of how best to implement an operating model that is built to adapt to the shifting sands of today’s global marketplace.

Mergers and acquisitions reshape the industry

The vendor and third-party providers that cater to our industry have gone through multiple phases of expansion and contraction over the last decade. Vendor applications covering virtually every aspect of the investment management lifecycle have been merged, acquired and in some cases ‘sunset’ by their parent companies. The list of ‘legacy’ vendor products that have been acquired in the past few years is staggering and too lengthy to list here. However, any asset manager would be challenged to name a significant area of their IT application model that has not been impacted by an acquisition of a key piece of enterprise software in the past 30 months.

… any asset manager would be challenged to name a significant area of their IT application model that has not been impacted by an acquisition of a key piece of enterprise software in the past 30 months.Tom Secaur, Global Chief Operating Officer, the Citisoft Group

Nearly every critical operation in the asset management firm’s business that’s supported by a third-party vendor or service provider is subject to a shifting pool of solutions that cater to that particular function. Unless firms take a proactive approach to vendor management and pay close attention to the rapidly changing names and capabilities currently offered across the spectrum of each particular operation, they are likely to fall behind and incur unwanted and potentially crippling vendor risk.

Unless firms take a proactive approach to vendor management and pay close attention to the rapidly changing names and capabilities currently offered across the spectrum of each particular operation, they are likely to fall behind and incur unwanted and potentially crippling vendor risk. Tom Secaur, Global Chief Operating Officer, the Citisoft Group

The vendor playing field

An introduction to the growth-share matrix

An interesting visual tool that can be used to catalogue the vendor and service provider portfolio is the growth-share matrix (aka the “product portfolio matrix”) (Chart 1) that was originally created by the Boston Consulting Group (BCG) in 1970 to categorize and measure their business and product lines.

Chart 1: The growth-share matrix. Source: Boston Consulting Group

The matrix is a corporate planning tool and can be utilized holistically to capture the entire application portfolio, or on a function-by-function basis, and is helpful as a visual aid when depicting a high-level vendor risk profile.

Applying the growth-share framework to vendors

When considering the use of such a framework, it is important to better understand the quadrants and how they work together.

• Stars – these are the applications that operate and thrive with both high market share and a high growth rate. At one time, they were question marks that have ‘graduated’ into the star category, and are considered market leaders in their space. They are typically vendors and/or applications that invest heavily in R&D.
• Question marks – these are typically vendors or applications that are upstarts and in their initial stage of existence. These brands require analysis and consideration, as today’s stars were once question marks – it’s where all companies start.
• Cash cows – these are cash-generating brands or applications, albeit in a slower-growing sector of the marketplace. It isn’t difficult to pinpoint several applications in the investment management software market that unfortunately fit squarely into this category.
• Dogs – these vendor, applications and service providers are industry laggards, and probably not where firms should invest to build out a technology platform strategy. These systems are at the risk of being ‘sunset’ and exiting the market altogether, and should be avoided if at all possible.

Search and selection best practices

Forging new partnerships

Regardless of the shifting sands of the current software vendor and third-party service provider marketplace, there still is no substitute to running a tightly controlled search and selection process when looking to upgrade a certain aspect of a firm’s technology stack or to fill a gap in an enterprise application model. When beginning an evaluation and selection process, firms should first think in terms of timeframe – how long has the current system been in place, and how long will the target state platform be utilized? Entering a new vendor relationship should never be taken lightly; it’s a partnership and a marriage and should be approached accordingly.

Entering a new vendor relationship should never be taken lightly; it’s a partnership and a marriage and should be approached accordingly.Tom Secaur, Global Chief Operating Officer, the Citisoft Group

Key questions in search and selection

In the past, company information and profiles, while always an important aspect of evaluating systems, vendors and service providers, were not necessarily viewed on a par with the system functionality espoused by a particular solution. Request for Proposal’s (RFPs) could consist of 3,000+ questions going into excruciating detail about every single bell, whistle and nuance offered by a software vendor. While there are few substitutes for diving into the look, feel and capabilities of a specific system, the following aspects should be viewed on a par with the functionality that an application or service brings to an organization:

• Financial health of the vendor/service provider – surprisingly, a firm may need to ask more than once to obtain the data that is needed; some of the vendor ‘supermarkets’ that have risen to the fore in recent years can be notoriously difficult to work with when requesting product-specific data – financials, headcount, client addition/attrition, etc.
• R&D % funneled back into the product or services – what is the planned investment that will be utilized by the vendor to continue to develop and enhance its offering?
• Future-state roadmap – what does a vendor’s 3-5 year roadmap entail? Can the client be a part of this discussion? This should be a recurring question as part of any vendor-client relationship.
• Headcount and turnover – this is an easy metric to track, assuming that the vendor is being truthful. It doesn’t matter if the parent company has 2,000 employees, if only 60 FTE’s are devoted to a particular product or platform, that product may not have the level of support most clients need.
• References – evaluating firms should not be shy about asking for references, whether ‘sanctioned’ by a vendor, or unsanctioned. This is where networking can be critical, as there is no substitute for discussing an experience with clients that have been through a similar process.

Ongoing due diligence

Maintaining the relationship

Firms that keep in mind the longevity of their vendor relationships will take the most prudent approach to the search, selection and implementation of an enterprise software system or service. The maintenance of the client-vendor relationship is a two-way street, and should be prioritized and nurtured throughout the product lifecycle. In a perfect world, third party providers will grow with their clients’ businesses, and the relationships that are built should pay dividends for a decade or longer.

Steps for long-term management of vendor risk

Clients should, on an ongoing basis:

• Demand to see, touch and feel their product roadmap.
• Create a set of relationships with their mission critical vendors that goes beyond the round of golf or drinks at the annual user conference.
• Ensure that they have access to ongoing metrics that indicate the relative health of the company – financials, headcount, client list.
• Get involved in the vendor/solution/service provider user groups — whether sanctioned or unsanctioned. These are often the very best forums for discussion specific to the ongoing utilization of a product or service.
• Visit the vendor or service providers home offices. Put a face to the name, and properly assess the mood, working environment, facilities and day-to-day operation. There is no substitute to face-to-face interaction and properly developing these relationships.
• Stay ahead of the curve by “staying in the market” and issuing RFI’s on a periodic basis to keep abreast of services and solutions in the market, in addition to keeping current vendor or service providers honest and on-their-toes.

Conclusion

Whether it’s monitoring and preventing vendor-induced failures at the enterprise software level, or ensuing the going operations of the vendor-developed products deep in a firm’ technology stack, the criticality of proactively identifying mission-critical applications and instilling a comprehensive vendor risk management and oversight program has never been more essential.

Tracking, identifying and logging a risk and contingency for every vendor and system in the operations and technology ecosystem is highly advisable. We encourage asset managers to ask the tough questions of their vendors and be prepared to move on, however difficult, if strategies and goals no longer align. In our industry, a small mistake in search and selection or poor habits established early-on in a vendor relationship can easily turn into 10-year mistakes if not dealt with proactively.