HONG KONG, 29 JULY 2009 – Asia-Pacific banks are under pressure to strengthen their vendor management practices in the current economic crisis, said research firm IDC Financial Insights.
The focus on vendor risk management has been forced by the current economic crisis, with the tumultuous environment putting into question the viability and sustainability of vendors' businesses, while banks are called for expanding regulation, a consolidating vendor landscape, and more stringent vendor selection guidelines.
IDC Financial Insights’s Asia Pacific report titled ‘Best Practices: Are Asia/Pacific Banks Ready to Turn The Spotlight on Vendor Risk?’ (July 2009) highlights several improvements in how Asia-Pacific banks assess, mitigate, and monitor risks in their vendor relationships.
Vendor’s financial and performance metrics
Leading banks have generally followed a cohesive framework of vendor risk management (see Figure 1), with growing attention given to vendor due diligence to ensure that vendors will be able to sustain operations, especially amid the current crisis.
Banks are going beyond the cursory evaluation of annual reports, but are also looking more closely at other financial and performance metrics. Evaluation of the vendor's corporate governance structure is also being taken more seriously.
Figure 1
IDC Financial Insights Asia/Pacific IT Benchmarking Vendor Risk Management Framework
Source: IDC Financial Insights, 2009
Michael Araneta, senior consulting and research manager at IDC Financial Insights Asia Pacific, said: “The efforts of banks to look at operational risk practices, either on their own or as part of the broader Basel II programme, have put IT risk high on the agenda. Banks have recognised that technology failures, including the failure of technology vendors to deliver, can have dire implications for business continuity and their institution's reputation. As such, they have raised the yardstick when assessing vendor risk."
Vendors have become more mindful of fee structures and engagement margins, said Araneta. Banks justifiably have to be on their guard for vendors drastically cutting staff levels as well as those showing declines in service-level agreement (SLA) compliance and performance. Furthermore, as the IT department is being pressured to justify technology spending, the vendor management office is compelled to put more effort into vendor due diligence, monitoring, and scrutiny of SLAs.
"We applaud moves by several vendors to significantly improve corporate governance and transparency. Disclosures made by vendors to current and potential clients have become more detailed to include other client references, new wins, and other metrics for performance and delivery. Overall, the practice and standards of corporate governance have improved. It remains to be seen, however, whether changes are for the long-term or just coterminous with the weak economic climate," he said.
