2Q 2014 Pulse Survey Results: Five Key Takeaways for Global Business Services (GBS)

Stan Lepeak, Global Research Director, KPMG LLP


One key to driving greater global business services (GBS) maturity is improving the underlying capabilities of IT, both as a collective set of technologies and as the IT group, used to support GBS efforts, and better aligning them with these efforts. More standardized IT applications and systems enable a more integrated IT environment. Standards are critical to creating more integrated and end-to-end GBS operations across functions, geographies, and business units. Key to enabling this standardization is greater integration of IT operations into the GBS organization as well as formalized joint governance structures. It is also critical to define specific IT “innovation” strategies to exploit the creative potential of existing and new technologies, such as robotics process automation, to drive GBS maturity and integration.

Read: 2Q14 Global Pulse Survey Report


Challenges abound in any major service delivery change effort. They are many and varied, and unfortunately most of them are not new. They include weak or neglected change management capabilities and the perennial retained organization, transition, and governance issues. While organizations have improved their skills to address these challenges, the steady increase in the scale and scope of today’s GBS efforts continues to increase the complexity of these issues. To succeed, organizations need to balance their GBS ambitions against their capabilities to successfully address these challenges.

Read: The Art of Services Governance


Greater standardization of IT applications and systems, particularly enterprise resource planning (ERP) systems, is a key enabler of greater GBS maturity and integration. While moving towards a single instance of ERP to support GBS operations is not practical for many companies, it is advisable to at least strive for a model with a common ERP architecture and template across multiple instances of ERP and related enterprise systems.

Read: Service Integration: Maximizing the Benefits, and Minimizing the Risks, of a Multi-Sourced IT Environment


As greater focus is placed on the role of IT in enabling GBS success, IT organizations need to start to assess and “benchmark” the capabilities of their own GBS IT operations against industry best practices. Emerging frameworks such as enterprise services management provide the potential to help enable this.

Read: Executive Dilemma: Is Benchmarking the Right Path to Defining Opportunities for Improvement?


There are many drivers for organizations’ service delivery improvement efforts and even more challenges faced in successfully completing these efforts. Reducing operating costs remains the top driver; however, it is an assumed and tactical benefit. Improving process performance as well as global service delivery capabilities and operating models have gained in importance as GBS drivers. End-to-end process ownership, integration of GBS efforts across functions, and better integration of shared services and outsourcing efforts under the GBS umbrella are some of the keys to achieving these goals.

 Read: Drive to the top: The Journey, Lessons, and Standards of Global Business Services

For more on Global Business Services and other related topics, please view our library of papers on the KPMG Shared Services and Outsourcing Institute.

Spend Analytics Helps Avoid Awkward Moments With Suppliers

Dipan Karumsi, Managing Director, KPMG Procurement Advisory Services

Working with organizations in various sourcing and procurement roles over the past 17 years, one of the common challenges I see is not having access to information on a timely basis. The good news is, real-time, or near real-time spend analytics is within reach for companies willing to undertake a process of continual improvement, and there is a definite competitive edge to be gained by doing so.

Based on what I have seen, a three-month lag from the time of spend to availability of reporting is common, and many organizations cannot get access to data about spend that took place as long as six months ago. Real-time data is almost out of the question for most organizations, because by the time they run the reports, check for data integrity and test to make sure there are no big issues, a couple months have gone by.

The further you get down the road, the more likely it is that you’ll be looking at many transactions that will never recur, spending valuable time and effort on things you can’t optimize.

Lack of timely data, or bad data, can also create some awkward moments, such as having to go to your suppliers and ask them how much money you spent with them. This happens more often than you would think, and the supplier will simply ask, “For what time frame?” and they’ll usually be able to run the reports very quickly because they know their business on the customer side and can give you detailed information.

Not only is this an embarrassing situation, you also run the risk that they only give you what you ask for, or withhold material information. They’re not going to want to share anything that puts you in a better negotiating position. Robust spend analytics helps you avoid these awkward moments and show up to supplier negotiations with more information than they have.

Better, faster access to information lets procurement organizations make smarter decisions across the board, leverage their spend across business units or plants or sites, and really drive value through savings in the sourcing process. This is one of the goals that many companies are looking to achieve through their e-procurement initiatives.

Both direct and indirect spend are critical areas for organizations, though traditionally the focus has been on direct spend. In recent years I have noted that attitudes about indirect spend have changed significantly. Many organizations which previously ignored indirect spend because it was “less strategic” or smaller in value have begun to take interest in this spend, recognizing that the opportunity to drive value is in fact quite significant.

Most organizations are now organizing the procurement function to focus on indirect spend but in many cases have not invested in people, processes and technologies needed to manage it. They are just now starting to realize there are many applications that focus on getting visibility into indirect spend to drive additional value.

As organizations evolve in this direction, a question that quickly surfaces is how to set up spend analytics. One way is directly through the procurement tool. Another option is to pull the information into a broader data warehouse that has access to all the other areas of spend, including direct spend, so can you can generate reports from a single database. If you have global operations, you may want to pull data from all geographies so that you have access to all of your global data in one location. There are different ways to do it, but a key consideration is the speed with which you get access to that data.

The other key consideration is of course data quality. I see many companies that have access to data, but people don’t trust it. What ends up happening is they have to go to the individual parties in the organization that are doing the purchasing and ask a lot of questions, or again, back to the suppliers to get the information. It’s inefficient, and it’s humiliating.

The organizations I see that are doing this well are those that have e-procurement platforms and have placed a focus on driving adoption across the organization. They’ve set up a well-defined spend taxonomy, and made sure people know how to use it. Categories are required for all spend, and they have a governance structure with clearly defined roles that have the ability to approve category selection within the taxonomy. Additionally, they don’t use a category called “other” or “miscellaneous.”

Ultimately, the most efficient way to categorize transactions is to do it up front; this ensures a quick flow into the downstream analytics system and gets you quicker access to the information.

Remember, getting access to real time visibility is the big goal here. That doesn’t happen overnight, but as you start to get your category taxonomy deployed, upstream systems straightened out, and processes established, the effort around data validation should decrease.

The data should get better and better over time, so you get to the point where users can run reports in the application on an ad hoc basis with complete confidence. Then they are empowered to make smarter decisions and avoid those awkward supplier moments.


KPMG’s Procurement Advisory services focus on delivering enhanced business performance and driving bottom-line savings. Visit us on the Advisory Institutes to learn more about how we combine thought leadership and global perspectives to help you transform the way you source and manage your supply base.

Taking a Pulse on Global Business Services – Moving Up the Maturity Curve an Uphill Battle

Stan Lepeak, Global Research Director, KPMG LLP

KPMG recently released the results of its quarterly, global 1Q14 Sourcing Advisory Pulse surveys. These Pulse surveys provide insights into trends and projections in end-user organizations’ usage of global business services (GBS). The learnings are gleaned from KPMG firms’ advisors, who are working closely with end-user organizations that are actively exploring or undertaking GBS initiatives, as well as from leading global business and IT service providers. We highlighted the top findings from the 1Q14 Pulse in a prior blog.

The first-quarter edition of the Sourcing Advisory Pulse took a deeper dive into the state of GBS usage among organizations in the market today. GBS adoption rates continue to accelerate as illustrated in the Pulse survey, KPMG’s client work, and via a recent wide-ranging KPMG market study on GBS trending. For some organizations, “GBS” is mainly lip service to a new acronym using old service delivery models of shared services and outsourcing. But for others, it is a more fundamental rethink of back- and front-office service delivery best practices. Increasingly for more progressive organizations, GBS is an operating model and strategic governance framework that helps them transform end-to-end business support services to deliver more effective solutions for both the internal and external customers of the organization. GBS efforts focus on optimizing the mix of human capital, service delivery models, process innovation, and technology to deliver services on an enterprise-wide, cross-functional basis, to support the business strategy. Many of these organizations are continuing to expand the scale and scope of their GBS effortsto include a broad range of business and IT functions and processes. This expansion is also occurring geographically, cross-functionally—linking and integrating adjacent functions—and from an end-to-end process standpoint.

The maturity of GBS capabilities in most organizations adopting the model, however, is still often evolving, or more bluntly, quite weak overall in most functional areas where the model is applied (see Figure 1). While more organizations are improving GBS maturity within individual process areas such as finance and accounting, or within a single business unit or geography, most still struggle with managing processes on an end-to-end basis (i.e., source to pay as opposed to just within account payables) or between operations supported via both shared services and outsourcing. In this respect, as GBS efforts expand, the bar is being raised on what is “good enough” much less best in class GBS capabilities.

9253 Fig 1


Yet pursuing a GBS model with the goal of end-to-end process ownership across all geographies and business units in a highly integrated manner is not practically achievable for most organizations and in many cases impractical given overall business models. A firm organized in a looser, federated, or holding company model, for example, would benefit less from a highly integrated back-office GBS model and the level of effort it would take to achieve. In this context, not all firms pursuing GBS maturity should necessarily strive for the top level of maturity, but most organizations can drive much more GBS maturity before they achieve what is optimal for their firms’ situations. It is also critical to balance their GBS expansion ambitions with their capabilities to adequately manage these efforts.

Driving GBS maturity is a multidimensional effort. Inherent to improving GBS maturity is greater consolidation and leveraging of common IT systems and applications and business process models including adoption of leading practices to deliver the in-scope services more efficiently and effectively. End-to-end process ownership, overall governance between collective shared services and outsourcing efforts, the integration of IT services into GBS business functions, and talent management of GBS resources are all common areas where many organizations must improve capabilities. While determining how mature is “enough” depends on many organization-specific factors, most GBS adopters are at the early stages of their maturity improvement efforts. Improving GBS maturity is critical to achieving the typical stated benefits sought from GBS efforts but also to maintain organizational operational competitiveness on a global scale. Indeed, KPMG research increasingly finds direct correlation between improved GBS maturity and market leading or at least market competitive financial performance as assessed by such metrics as profitability and return on equity.


Five Keys to Succeed in “Running IT Like a Business”

Steve Bates, Principal, CIO Advisory

Mandates for enterprise IT departments have taken a 180° turn since the 2008 financial crisis began easing. While board of directors and business leadership had been calling for slashed costs, their new directives are for provision of IT transparency and proof of real, tangible business value delivered.

Realizing the need to transform IT into a high-performing, value-focused business partner, an increasing number of CIOs and CFOs are turning to Technology Business Management (TBM), which is effectively a discipline to “run IT like a business.” They are finding that TBM helps them by:

  • Enabling collaboration among IT, finance, and business partners
  • Driving alignment between technology supply and business demand
  • Guiding and demonstrating the value of technology to business partners
  • Utilizing the principles of marketplace economics to drive change.

For organizations beginning to embark on a TBM journey, following are five KPMG-identified keys to succeed in running IT like a business.

The demand for IT transparency starts at the top

Boards and executive leaders are demanding IT make a significant change in its capabilities. The result is altering the very fabric of how organizations invest in and interact with both customers and suppliers. KPMG’s podcast, IT Transparency: New Capabilities Driven by the Boardroom, provides more details.

IT transparency enables transformation

IT transparency can transform the relationship between IT and business from a supply-based model to a business-demand consumption model. The second in KPMG’s IT Transparency podcast series, IT Transparency: An Accelerant to Transformation, delivers insights into how IT transparency enables transformation, why traditional IT delivery models cannot react with agility to changing business conditions, and the new lens through which IT is being evaluated.

IT staff must gain new capabilities to run IT like a business

To achieve IT transparency success, the IT organization must make fundamental behavior shifts to ensure value is delivered and business measures are achieved. KPMG explores this topic in its third IT Transparency podcast, IT Transparency: Changing the IT Mindset.

Changing the IT discussion from a cost to a value investment

Managing the business of IT through an integrated view of technology cost, performance, supply, and demand is a value-oriented conversation bigger than IT alone. To transform from technology provider to value-focused business partner, IT must address its business audience and tie into corporate culture, strategy, and goals. KPMG’s thought leadership paper – Moving Information Technology from a Cost to an Investmentdelves deeply into the three domains of TBM, the four stages of value optimization, and managing the journey and realizing value.

Learn from your peers

First American Financial Corporation, a TBM pioneer, recently shared with KPMG its multi-step journey from legacy spreadsheet-based models to collaboration with its business units, and its challenges and successes along the path to running IT like a business. The KPMG podcast, The TBM Journey at First American Financial Corporation, provides valuable lessons learned that have practical application to your own organization’s TBM initiative.

To learn more about KPMG’s approach to TBM and how we can help you run IT like a business, please contact me at sjbates@kpmg.com.

Taking a Pulse on Global Business Services – Short Term Progress but a Long Term Journey

Stan Lepeak, Global Research Director, KPMG LLP

KPMG recently released  the results of its quarterly, global 1Q14 Sourcing Advisory Pulse surveys. These Pulse surveys provide insights into trends and projections in end-user organizations’ usage of global business services (GBS). The learnings are gleaned from KPMG firms’ advisors, who are working closely with end-user organizations that are actively exploring or undertaking GBS initiatives, as well as from leading global business and IT service providers.

The first quarter edition of the Sourcing Advisory Pulse performed a recurring and ongoing analysis on general trends in the used of shared services, outsourcing, and global business services, including market demand and deal characteristics for third party services.  It also took a deeper dive into the macro state of the GBS market and the impact current economic and geopolitical market conditions are having on global sourcing.  The following are the key findings from this quarter’s Sourcing Advisory Pulse survey.

9252 Figure 1

Do You Have the Right KPIs to Run IT Like a Business?

Dave Conroy, Managing Director, CIO Advisory

You might remember the old saying about the cobbler’s children—they have no shoes. In fact, the IT function has long been providing “shoes” for everyone in the company except itself as it helps the CEO, COO, and other business leaders exploit information and business intelligence for competitive advantage.

But what if we think about the CIO as the leader of a business that just happens to be IT? Then we can better understand how the right analytics can enable CIOs to gain the insight they need to truly run IT as a business. Basically, it all comes down to leveraging the same practices and measurements that IT customers have been using for years.

Needed: an end-to-end view

Today’s IT function is an enabler for success, serving as a partner that drives innovation, finds new ways to exploit emerging technologies for competitive advantage, and works with its customers to understand demand and then effectively deliver new services and solutions around this demand. In the same way, the IT leadership model also needs a strong focus on demand, with an end-to-end view across the entire IT value chain, not just a point solution. This means that CIOs need to develop a balanced perspective around their investment and service delivery portfolio; retain a strong sense of governance, risk, and control; and bring that entire package together to create the right value both for the IT function and for the customers they serve.

Finding the right KPIs

The real challenge about analytics for the IT organization is not absence of data. IT is flooded with information generated by IT service management, help desks, CMDBs, the complexity of the project portfolio, tracking systems, etc. Instead, the real challenge is how to find the KPIs that IT leaders can use to make the best changes, interventions, and decisions for their IT organization.

These KPIs should go beyond traditional IT metrics involving budget, cost of IT, SLAs, scalability, and reliability. They need to be KPIs that allow CIOs to answer fundamental questions about their organization, such as “how well are the IT projects aligned to the business priorities?” and “how well is the IT organization positioned to enable rapid entry into new markets?”

Since information gathering takes time and resources away from other tasks, CIOs really need to focus just on those five or ten KPIs that actually make a difference. Using a top-down approach, CIOs can build dashboards that provide valuable business intelligence to support decision making without inflicting any unnecessary overhead on the IT organization.

The right information at the right time from the right sources

Developing the right kind of KPIs for IT isn’t something that comes off the shelf with a technology solution. Sure, there are analytical engines out there, along with data warehouses and a host of platforms that are used to facilitate the process, but if you are unclear about the KPIs that drive true value, then all of that technology is largely misguided.

A KPMG-developed framework, called the Intelligent Enterprise, helps business leaders get the right information at the right time from the right sources. This framework can also be applied to the IT organization. In a nutshell, it can define the right KPIs and strategic measures as a function of IT’s business strategy. These KPIs may not necessarily be discrete data points. What they should be are strategic indicators of performance.

KPIs for the IT organization are all about getting the basics right and establishing an environment that has a data hierarchy aligned around the IT organization’s goals and objectives. Three or four years down the road, the next step might be predictive analytics and being able to mine unstructured information for greater insight. For now, however, we think the big opportunity for IT is about finding the most efficient and effective way to deploy the resources of the IT organization as a whole to deliver the best results for their business customers. And that’s not a challenge that requires the most sophisticated big data analysis techniques. It’s more profound. It’s organizational, using the right KPIs to track the things that truly move the needle for the IT function.

Hear Dave talk about how CIOs are utilizing management information as business intelligence to make the most effective decisions in terms of running the business of IT in the KPMG Advisory Institute podcast: IT Analytics Shape the Future of the IT Organization.

New Study Shows Major Investment in Global Business Services

Companies to spend $40 billion annually. Analytics, IT, and talent cited as success factors. 

Global Business Services (GBS) is a next generation operating model for driving performance, added value, and deeper savings in business services.

Among other benefits, GBS can help organizations to lower costs, get products to market faster by using their process footprint, quickly integrate acquisitions to accelerate growth, and drive growth in emerging markets by seamlessly supporting operations in new geographies.

We’d like to share some highlights about the primary challenges and opportunities of GBS for 2014, based on findings from “The Global Business Services Industry Study,” one of the largest and most comprehensive GBS studies ever conducted. Conducted by KPMG and HfS Research, the study covered the dynamics and intentions of 416 enterprises, with more than $1 billion in revenue, representing various regions and industries.

Key findings from the study
In the study, almost two-thirds of respondents from mature companies said they intend to move to GBS or significantly evolve their GBS within the next two to three years. Even more telling, we found evidence suggesting that —

  • Global enterprises plan to spend $40 billion dollars per year on improvements in GBS.
  • Back-office centralization is well developed, with the majority of companies (51 percent) already centralized.
  • Analytics will provide the value-differentiator for GBS organizations, providing strategic operational analytics to improve services, contain costs, and enhance decision making.
  • GBS organizational models fundamentally change the structure of companies by replacing traditional siloes with matrixed processes.
  • Limited executive experience in key areas slows progress.

Success with GBS
According to our recent study as well as our experience in the field, the successful development of GBS can include the following initiatives.

Developing an effective, long-term, analytics road map
Accessing meaningful data to support decision-making will provide a crucial value-differentiator for GBS organizations, with three-quarters of enterprises viewing investments in analytics as important for reducing costs, gathering more data on customers, and improving profits. Success will be measured by process improvement, cost control, and the capability of governance executives to produce quality operational data upon which to support management decisions.

Supporting business enablement of IT
Most mature GBS organizations own multifunctional processes, as well as the underlying technology. With today’s technology, they can integrate the back office with the front office, managing cohesive, end-to-end processes that connect disparate systems, owners, and activities. They can also organize skill sets in appropriate groups to drive efficiency and additional controls. Furthermore, they can support multiple services within a diverse commercial enterprise resource planning (ERP) environment, while taking advantage of multi-tenant platforms offered by software-as-a-service (SaaS) providers.

Improving talent management
With new technology, changing markets, and the growing complexity of business requirements, talent shortages–especially in middle- and higher-level roles–remain a top challenge for GBS organizations. GBS organizations can determine the right mix of in-house training, third-party resources, and outside recruitment to gain the skill sets they need. It is important to be seen as an “employer of choice.” Bringing in the right talent will help foster innovation and prepare the organization for the future.

Learn more
Access “The Global Business Services Industry Study” to learn more about GBS trends and issues. Topics include:

  • An exploration of the newest global operating models to enable new technologies, capture the value from data and analytics, empower the business, and simplify the extended enterprise
  • Leading practices for planning and implementing global business services
  • Process and industry trends
  • Progress toward achieving global business services
  • Desired business outcomes
  • Operating maturity and readiness
  • Actions needed to drive success
  • The future role of analytics and data governance

Business Process Management: What You Manage is Key to Strategic Business Alignment

Anand Sekhar, KPMG Director, Advisory Services

Unlike much process management or process optimization, Business Process Management (BPM) is about large, overriding processes that support the business strategy in fundamental yet agile ways. As such, a larger view, better management and measurement, and a key understanding of the business will generate success. Here, I’ve listed our top ten for effective BPM.



Prioritize your initiatives.

Process improvements should be prioritized according to their importance to the business.
Start with the most mission-critical processes, assign process owners, establish key performance indicators (KPIs), and give the process owner the authority for maintaining consistency across the organization.



Define governance and communication.

Strive to create a balance in your process team while maintaining clear, frequent communication.
Consider appointing a single process owner along with sub process stewards who work with local representatives while continuing to drive global consistency.



Apply BPM beyond operational efficiencies.

Instead of focusing on cost reduction, consider opportunities to increase revenue. Process mentality can illuminate easier ways to purchase, better ways to analyze consumers and markets, and opportunities to engender more loyalty among those who have already purchased.



Define your objectives and metrics.

Do you know what success looks like? Many companies have stated goals but have trouble
translating them into meaningful KPIs. Beyond cost KPIs, consider cycle time, percentage increase
in sales, and other meaningful cost and productivity measures.



Assess project success.

You have to measure what matters. Too often, the mechanics of BPM are measured but not the desired outcomes. While some of the detail is mission critical, some of the minutiae has little bearing on success.



Build to change, not to last.

BPM is a configurable solution for processes that will constantly change based on
alterations to the business direction, market operating models, regulations, and user requirements.
Simply put, change the recipe when tastes change.



Institutionalize a system for change control.

Plan for change up front. This means remaining agile, gathering feedback, making adjustments,
and communicating regularly and repeatedly. BPM never changes in isolation—
as other organizations change, BPM must respond accordingly.



Consider the user experience in defining the solution.

Is your BPM easy? User-friendly? Responsive?
Or does it ask users for the same information over and over again?
Strong BPM should help others get their jobs done better, faster, and with more satisfaction.



Do not underestimate the power of high-quality data.

The success of BPM depends in large part on the right enterprise content.
If you have data quality issues in the source systems, you could face serious problems.
It’s time to find the right data, cleanse the source data, and manage the master data.



Focus more on target state versus current state.

Finally, do not dwell too long on your current state—it will change sooner than you think.
So focus your energy on defining where you want to be (“Target state”) and
how to get there (“Roadmap”) leveraging BPM. Participate in BPM communities,
apply leading practices, and industry and domain reference models such as APQC, eTom, etc.



BPM is both an art and science. It’s not just about what you’ve done, but what you will do and how that will satisfy and delight internal and external customers alike.

If your company struggles to sustain cost savings and identify new opportunities for process improvement, read my whitepaper Ten Steps to Continually Derive Benefits From Business Process Management on the KPMG Advisory Institute, or listen to my recent BPM podcast.

The Dollars and Sense of Driving Global Business Services Maturity

Stan Lepeak, Global Research Director, KPMG LLP

The “upper right hand quadrant” is a coveted place in the business world. Two-by-two matrixes and four-box visuals are common means to depict where an organization is at, and where it should strive to be, around a myriad of business and technology topics. Whether a tech vendor or service provider pining for positioning in the upper right of a Gartner “Magic Quadrant” or Forrester “Wave” or a global business services executive eyeing “level 5” in KPMG LLP’s (KPMG) global business services maturity curve (see Figure 1 below), being higher up and upper right is generally connoted as good, desirable, and the place to reside.


Only it is not this simple, at least when it comes to global business services (GBS) maturity.

In contrast to other comparative matrixes, level 5 is not the desired end-state goal for all organizations when it comes to GBS maturity. As with moving up any maturity curve, there are costs and requirements associated with reaching each new level. And with GBS maturity, there are important considerations to address in terms of defining the ideal level of GBS maturity given an organization’s overall business strategies, operating mode, culture, and style.

As is noted in the diagram, level 5 designates integrated. Implied in this level of maturity are organizational characteristics such as wide-ranging process ownership and management of GBS functions, integration and coordination, outsourcing governance GBS operations across geographies and supported business units, and tight integration between GBS processes and underlying supporting information technology applications and systems. These attributes are generally desirable and most GBS organizations should seek to gain them, but only if they fit and mirror the overall organization. Achieving a highly integrated GBS operation may not make sense, or may practically prove impossible to achieve, for example, in a conglomerate of more loosely federated organization. Organizations that lack active executive management support for driving greater GBS maturity should measure their aspirations in the context of what it is viable to achieve.

Part of this decision-making process in determining how far and fast to push GBS maturity involves measuring the cost and benefits of driving for greater maturity. It is easier to achieve greater executive management support, for example, if there is a solid, measureable, and bottom-line-focused business case, and this goes beyond just cutting costs. One dimension of this is to measure financial benefit of greater GBS maturity. This is a complex process, but early results from KPMG’s ongoing GBS maturity research efforts have found, at least directionally, that organizations with more mature GBS capabilities tend to perform better financially as measured by several common financial metrics.

KPMG correlated the maturity scores of the organizations that have participated in the GBS maturity research effort against 12 financial performance metrics such as return on equity (RoE), return on assets (RoA), and cost of goods sold as a percentage of revenue (COGS/revenue). Results are encouraging relative to the positive impact GBS maturity can have on its users’ financial bottom line (see Figure 2). There was a high direct correlation between GBS maturity scores and COGS/revenue (+0.63)* and cash from operations (year over year % change to cash flow, +0.57) for all participants in the GBS maturity research effort. Examining just the firms with the highest overall GBS maturity scores found a high correlation for both RoE (+0.97) and RoA (+0.93). Not all correlations were positive, however, as illustrated with the negative correlation between standardization and EBITDA (earnings before interest, taxes, depreciation, and amortization).

9247 Fig 2

While many factors impact financial metrics such as the ones assessed here, the positive link between GBS maturity and several measures of financial performance is in itself a positive correlation. This is another key set of factors to assess and interpret in determining the aggressive and scope of efforts to drive GBS maturity.

* Correlation calculations were based on the following industry accepted norms:

  • -1.0 to -0.80                Highly negative correlation
  • -0.79 to -0.50              Moderately negative correlation
  • -0.49 to + 0.49            Mathematically Insignificant correlation
  • +0.50 to +0.79            Moderately positive correlation
  • +0.80 to +1.0              Highly positive correlation

Third-Party Vendor Services for Banks: Managing Risks in Today’s Regulatory Environment

Eugene Kublanov, Managing Director, Shared Services and Outsourcing Advisory
Greg Matthews, Managing Director, Risk Consulting

For today’s banks, managing third-party vendors and suppliers has never been more challenging. We would like to talk about these challenges, effective ways to address them, and the tools available to help banks mitigate risks related to third-party vendors.

First of all, why is third-party management such a critical issue these days? One reason is the simple fact that banks are increasing their third party spend. Given the current low-interest rates, banks are trying to build efficiencies and strip out costs, often by using cost-effective, outsourced providers. As a result, many banks are dealing with more vendors than ever before, but managing and coordinating so many vendors is not proving to be a simple task.

The main reason, however, involves the growing regulatory scrutiny in the U.S. For example, the Consumer Financial Protection Bureau has introduced new regulations that apply to services that banks provide to their consumers — even if these services have been outsourced. In effect, the CFPB is saying to banks —”You must look after your vendors as if they were a division or a department of your bank. So the same oversight you apply to your employees must also apply to your vendors.”

If banks are responsible for third party oversight, who in the organization has a single view of those third parties that would properly conduct the monitoring activity? More specifically, who is responsible for compliance? Is it the line of business that appointed the vendor? The procurement function in charge of contracting with the third party? Or is it the compliance department?

To address these challenges, banks need to adopt a risk-based approach that begins with a careful assessment and categorization of the third party portfolio. After assessing the risk associated with each category of third party, banks need to develop an effective approach for managing the existing portfolio and adding any new third parties in the future.

Any effective approach should take into account five key areas —planning, due diligence and selection, contract negotiation, ongoing monitoring, and termination.


While most banks will define the objectives for the third-party relationship, assess the risk exposure, and work through IT and security-related topics, few put together a comprehensive relationship management plan, assess the resource and skill requirements for managing the relationship, and have a structured road map for managing change with internal and external stakeholders that are impacted by the decision to leverage a third party. Too often, organizations find themselves in the RFP process before adequate time and energy has been spent defining what happens after the contract is signed.

Due Diligence and Selection

The key challenge organizations face tends to arise in the scope of due diligence performed. While core areas of a third party’s business are certainly reviewed, including financials, operations, business continuity plans, and IT and physical security, other areas that may be more difficult or time consuming to assess may go unvetted. These areas might include the experience and reputation of the third party’s principals, subcontracting relationships, compliance training, incident and reporting systems, and conflicting arrangements with other third parties.

Contract Negotiation

Governance professionals in the banking industry need to pay particular attention to contractual terms that firmly bind the third party to performance levels expected of an internal business unit and clear definitions of repercussions in case of failure to perform. Special attention should be paid to the third party’s compliance with company and regulatory requirements, compliance training, customer management, information protection, subcontracting, and right to audit.

Ongoing Monitoring

After contracts are signed is typically when the hard work begins. The ongoing monitoring and management of third-party relationships requires investment, good discipline, process orientation, and the right resources to manage risk and capture the full value of the contracted arrangement. Unfortunately, the monitoring phase of the sourcing life cycle is the one governance organizations are least prepared to manage and where compliance breakdowns and the resulting fines typically occur. Successful third-party management programs will have five key components in place:

  • A sufficiently staffed and skilled organizational model for third-party vendor management
  • A process-driven approach to executing the vendor management function
  • Defined metrics to provide enterprise-wide visibility on third-party performance and compliance
  • Leverage enabling technologies to create efficiencies, elicit insights from data, and maintain an auditable account of compliance obligations tracking
  • A portfolio management approach that adjusts the third-party portfolio to align with internal company changes, economic cycles, and risk appetite


Not all third-party relationships are destined to end well. Banks often face situations where a third party may not be meeting performance expectations, financial obligations, or contractually agreed-upon terms. In order to shield the company from potential risk or find ways to create value, vendor management organizations need to perform the critical role of proactive portfolio management and terminate third-party relationships. In terminating or off-boarding vendors, governance organizations need to pay keen attention to a host of transition-related activities and functions. These may include the capabilities and resources required to manage an orderly transition from one third party to another, the risks associated with data retention, data destruction and decommissioning of user access, handling of joint IP issues, and potential reputation risk to the bank as a result of termination.

Business is all about taking on risk for return. With a solid understanding of risk exposure, an effective approach to managing risks and a vendor management function entrusted with ongoing monitoring banks can be well positioned to thrive in the current economic and regulatory environment.

Hear Eugene and Greg discuss more about issues related the Financial Services industry in the KPMG Advisory Institute podcast: Managing Vendors – It Isn’t What It Used to Be.