Multi-Vendor Arrangements

Matthew Snell – IBM Canada Limited Amy-Lynne Williams – Deeth Williams Wall LLP What are they? Multi-vendor arrangements in the outsourcing area involve contracting with several service providers to perform different parts of the outsourced services. Typically, outsourcings have followed a one service provider model, in which the service provider signs the agreement with the customer and then subcontracts the various pieces of the service offering to other entities and manages these subcontractors – known affectionately as the “one throat to choke” model. In a multi-vendor model, the suppliers know that other suppliers will also be providing services directly to the customer and also know that they must cooperate with each other to provide a cohesive product offering to the customer. The customer manages the multiple vendor relationships directly, either through an internal vendor management function or by using a third party organization to do so. The vendor management function is a key one, since it is responsible for service integration and management of service delivery and the service provider relationships. The customer needs to carefully think about how they want this vendor management office to function and who will manage it. It adds to the customer’s internal costs and management time and this needs to be factored into any decision to go to a multi-vendor model. Multi-vendor arrangements are not without their challenges, which are in addition to the traditional challenges already existing in any outsourcing. In some cases, if the amount of the deal when broken up among several suppliers, is not large enough for any one supplier it may be difficult to get the customer’s “preferred” supplier to bid, since that supplier’s piece of the pie is smaller than it would be if the supplier was subcontracting out all the towers of services and marking up the subcontractors’ fees. In addition, the customer, as the party charged with managing various service providers, must be able to get the service providers to cooperate with each other and avoid finger pointing when things do not go well. The customer needs to be reasonably sure that the service providers chosen are actually capable of what your kindergarten teacher would have called, “working and playing well with others”. Not all suppliers do this well. In a multi-vendor agreement, the traditional MSA issues need to be covered of course, but multi-vendor arrangements can add additional layers of complexity to areas such as the governance process, testing and implementation of new technologies, service levels, confidentiality and licensing and contract management, just to name a few. There are ways that some of the extra risks can be managed through the contracting process and in this paper we have suggested some approaches for the MSAs to be signed by the service providers. Contracting Process Unlike a more typical outsourcing that has one major master services agreement with the prime contractor, multi-vendor arrangements need MSA’s with each service provider. This, in many cases, necessitates contracting with all service providers at roughly the same time or at least using a common contracting template, because the customer will want each service provider to agree to a common set of objectives and a common governance and change and incident management process so that there can be coordination among the service providers. This is much easier to do at the same time and also gives the customer some leverage over each of the service providers since they know that the other service providers are being asked to agree to the same terms and there is some pressure to do so. The contracting consistency is very helpful to those managing the contracts so they are not dealing with a patchwork quilt of differing obligations, but rather a reasonably uniform approach. Having said that, it may not be reasonable to expect all vendors to agree to the same terms. Vendors have differing risk tolerances and areas of focus (e.g. allocation of IP rights) and some unique treatment is inevitable. The key focus is to keep the operational terms common so that all the service providers are rowing in the same direction. Statement of Objectives We have found that getting the suppliers to agree to a common set of objectives specifically geared to an environment where the customer wants the suppliers to cooperate can be useful for setting the groundwork for how the customer wants the relationship to work. In one of our deals, all the service providers agreed to a common set of general objectives, which included specific objectives related to the multi-vendor arrangement, including:

1. adherence to corporate values of collaboration, maintaining a balance of interests and transparency;
2. a commitment to open, honest, frequent and comprehensive communication and to a shared risk and reward model to build and maintain a relationship of trust and respect; and
3. the service provider’s effective and seamless participation in a multi-vendor environment and a willingness to cooperate with each other and other suppliers in good faith during moments of crisis and proactively confront and resolve any issues at the lowest appropriate level in a timely manner.

Included Services It is recommended that the agreement be very clear from the outset that the fees for the services include services required to work with the other service providers so that there are no surprises on either side, including the fees for:

1. co-operation with other service providers;
2. co-ordination of the Services with the services provided by the other service providers to ensure no interruption of the Services;
3. participation in the joint governance processes established to manage the services being received by the customer from the service provider and the other service providers; and
4. the resolution of any problems affecting the services being received by the customer from the service provider and the other service providers - without the necessity of first identifying the person responsible for the problem;

so that the aggregate services provided to the customer by the service provider and the other service providers are provided effectively, efficiently, seamlessly and in the best interests of the customer. Cooperation and Coordination Obviously, the service providers will have to agree to work together to ensure that the customer receives an integrated service offering and the MSAs should specifically deal with this. Confidentiality issues will also have to be dealt with, as will the ability of the other service providers to access and use the technology of the other service providers as necessary. If they are known, the other service providers could be named in each MSA and, in any case, the requirement to cooperate with them should be clearly stated. In addition to participating in the meetings and other processes set out in the governance procedures with the customer as well as with the other service providers designated by the customer, the service provider would be required to cooperate with and assist, and cause each of the service provider subcontractors to cooperate with and assist, the other service providers, as reasonably required, including, for example:

1. co-operating in discussions regarding interfaces to or to integrations with any third party materials that may be required;
2. attending meetings with the customer and the other service providers designated by the customer to review the service provider’s performance and the performance of any other service providers and to coordinate or resolve issues related to integrating or to interfaces with the third party materials;
3. granting access to applications, systems, service provider software, service provider proprietary materials or other software including tools, hardware, equipment, facilities and personnel being used by the service provider or any service provider subcontractor to provide the Services; and
4. otherwise cooperating in order to coordinate the supply of applications, systems or other software including tools, hardware or other products or the performance of services by the customer or any other service provider with the performance of the obligations of the service provider and the receipt by the customer of the Services in accordance with the requirements of this agreement.

The customer does need to be respectful of the reality that they are asking competitors to work closely together in a manner which may not be consistent with their past practice. The customer should anticipate areas of friction and ensure that robust confidentiality arrangements are put in place and should look for information exchanges only to the extent required to support the services. For example, as a customer you will be interested in hearing from vendors in their areas of expertise around future business strategy, technology road maps and other forward looking information relevant to your business. Expecting that information to be shared between competitors may not be realistic. Testing Problems can arise when one service provider is responsible for developing software or preparing changes to existing software and another service provider is tasked with deploying that software and operating it seamlessly in the customer’s environment. The customer wants to avoid finger pointing by the operations service provider every time a problem happens, so the MSA needs to clearly state the obligations of the operations service provider for software performance, even if it is software provided by another vendor in the multi-vendor arrangement. The agreement could provide that, notwithstanding the participation of the customer in any testing, the operations service provider would acknowledge that that service provider was ultimately responsible for determining whether a test component complies with and operates in accordance with its Specifications and is appropriate for use and deployment in a production environment on the operations service provider’s systems. The operations service provider would be required to complete an internal assessment of the test component to ensure that it conforms to and performs in accordance with the applicable specifications and the agreement, and, although the operations service provider would not be required to warrant the performance of the other service provider or be liable for any infringement of third party rights caused by products or services provided by the other service provider; the agreement could provide that once the design and development and delivery of the other service provider’s solution is completed, the operations service provider would perform all testing of the solution necessary, based on the processes mutually agreed by the operations service provider and the customer, in order for the operations service provider to be able to deploy, operate and use the solution on the operations service provider systems as required under the agreement and to take operational responsibility for the other service provider’s solution. Upon final acceptance of the other service provider solution by the operations service provider, that operations service provider would assume full operational responsibility for deploying, operating and managing the other service provider solution on the operations service provider’s systems and operating such solution as part of the Services as required under the agreement and for achieving agreed upon service levels using the other service provider solution. Change Management The change management process also has to accommodate a multi-vendor model, and that includes making the lines of communication and approval very clear and having all suppliers agree to the same process so that activities can be coordinated and the risk of things falling through the cracks can at least be minimized. The agreement would make it clear that the customer’s overall responsibility for all aspects of the contractual relationship encompasses the responsibility for managing all changes from the contracting service provider and other service providers’ changes and that, with multiple parties involved in the delivery of the services to the customer and given the unique responsibilities of each party, cooperation and effective communications are key elements of effective change management. Accordingly, the agreement would provide that only the customer can instruct or direct a service provider with respect to changes, any other service providers’ changes, any work to be performed in connection with changes or other service providers’ changes and service provider’s behaviour. The service provider would report solely to the customer and be accountable to the customer and would agree to cooperate with the other service providers in connection with the other service providers’ changes as reasonably required, provided that such other service providers are bound by appropriate confidentiality obligations. This cooperation could include:

1. working with the other service providers to define the responsibilities of the service provider, the other service providers and the customer in connection with any other service provider change and any related changes;
2. acting reasonably and cooperating with the other service providers to ensure the efficient, timely, cost-effective and seamless delivery of services to the customer;
3. providing information related to the Services, as required by the other service providers, including any information related to any services, equipment, software, systems or other items used to provide the Services or with which any services, equipment, software, systems or other items provided by the other service providers must interface or with which they must inter-operate;
4. cooperating with any services provided by the other service providers in connection with the other service providers’ changes including any design, implementation, testing, installation and operation activities carried out or coordinated by the other service providers; and
5. performing any testing or other services required to enable the other service providers’ changes to be implemented without unanticipated, unforeseen or adverse impacts on the business of the customer or on the service provider’s responsibilities under the agreement.

The customer would agree to reimburse the service provider for fees and expenses reasonably incurred by the service provider and agreed to by the customer in advance, in connection with any other service providers’ changes. Governance We all know that a clear and rigorous governance process, properly implemented, can go a long way to mitigating the risks inherent in any outsourcing, and in a multi-vendor arrangement, it is even more crucial. The various service providers need to agree to participate in a joint governance process and to openly discuss incidents and issues so that they can be resolved in a coordinated fashion, with less risk to the customer. In one recent transaction, the parties agreed to a joint governance process that set out some general principles, including:

1. an acknowledgement by the parties that, with multiple parties involved in the delivery of the services needed by the customer and given the unique responsibilities of each party, effective communications were a key element in building winning relationships and that it was critical that there be a common understanding of how communications are to work;
2. an agreement that communications between all parties, including other service providers in cross-functional working group meetings, would be free and open and that when project teams were established, members of the project team could communicate freely with one another as they saw fit. In all cases, where a customer staff member was not present at the discussions it was the responsibility of the service provider to ensure that the customer was kept fully up to date with developments; and
3. all requests for information made by a service provider, where the information would come from another service provider were to be channelled through the customer’s vendor management office. The customer could, at its discretion, refer the service provider directly to appropriate party, but in all cases the customer was to be copied on the response.

The agreement also provided that only the customer could instruct or direct a service provider with respect to the Services and any changes to be made. The service provider reported solely to the customer and was accountable solely to the customer. If a service provider staff member had a complaint or comment to make about communications, it was to be discussed with the customer and then, if required escalated to the relevant governance committee (transition or operations). The committee would discuss the situation and provide direction as needed to the parties involved. The recent governance process we used included a separate committee structure and process for transition and operations. During any transition services, the parties would each appoint a transition lead to manage communications and serve as a single point of contact for that party to represent that party with respect to any matters relating to the transition services. As necessary or as may be required by the customer, the transition leads could also include representatives from the other service providers and the existing service provider. The parties established an interim transition governance committee consisting of two (2) senior management personnel from the customer (from the vendor management office), the service provider, the existing service provider and, as required by the customer, the other service providers. After transition, the service provider’s operations manager, was to work with representatives of the customer vendor management office on the operations committee. The vendor management office was responsible for coordinating and managing contract performance, service management and relationship management and, as necessary or as required by the customer, the operations committee could also include representation from the other service providers. The members of the operations committee were required to work together with each other and the other service providers to ensure that all necessary specifications and other relevant information are provided. The customer and the service provider also established an Executive Council consisting of the chief executive officer (or his or her designate) of each of the customer and the service provider and again, as necessary or as may be required by the customer, the operations committee could also include representation from the other service providers. The inclusion of the other service providers on the committees, only as required by the customer, enables the parties to discuss issues as a group if needed and also ensures that if an issue is more confidential, or is unrelated to the services of one of the other service providers, the customer can decide not to have the third service provider attend a particular meeting. The NDA's between the service providers assist in encouraging them to discuss products issues and challenges more freely that perhaps they would otherwise. Operational Issues and Service Level Agreements Day to day operational conflicts are one of the key areas of challenge in a multi-vendor arrangement. In the “one throat to choke” model, the prime vendor deals with this and the customer need not concern itself generally with operational issue ownership other than as between the customer and the prime vendor. In a multi-vendor approach this should be a key customer focus area. Good contracting and operational hygiene upfront is immensely valuable in this area. The customer should not wait for there to be an issue to then try to figure out whose fault the problem was and who needs to fix it. The customer should take proactive steps to ensure clarity of responsibility and accountability. A common (i.e. across all vendors) procedures manual which includes line item detail on which vendor is responsible for each process element and which other vendors may be supporting is very important. A PACI or similar chart may be of use here. This is a detailed chart listing process components which identifies the party responsible for Performing the step, those parties that may be Assisting, those that may need to be Consulted with at the time of the action or in some cases provide their Consent and those that need to be Informed after the fact. Service Level Agreements or SLAs represent a particular challenge in multi-vendor arrangements. SLAs are contractual commitments by the vendor to deliver the services to a particular standard, which often include the potential for service level credits to be owing to the customer. The most useful SLAs are gauged against an easily measurable objective standard (e.g. availability or “uptime”, average response time, mean time to repair etc.). As systems have increased in complexity so have SLAs. Customers more and more look for “end to end” SLAs which best measure the impact on the customer’s business should an IT issue arise. The precise cause of an outage matters little to the customer, whether the outage was due to infrastructure, network or application issue, the business impact is the same. In single vendor arrangements it is easier to hold the prime vendor accountable for the end to end SLA as they have delivery responsibility, directly or through their subcontractors, for the end to end service. Where the service components are spread across multiple vendors, the customer must guard against the “blame game” as between vendors. This is particular problematic where there may be contributing causes to the failure across multiple vendors. An obvious solution is to revert to component based SLAs with each vendor so that they are held accountable for their component. However, this may not meet the business need of the client as it’s possible that in any given measurement period (e.g. a month) none of the vendors missed their SLAs but neither did they perform perfectly. The aggregate impact of this less than perfect performance may be unacceptable (and be the kind of performance that would trigger a miss of the end to end SLA). To address this, in addition to component SLAs, or as an alternative, the customer could look to use the operational processes (e.g. the PACI chart) and governance with some added incentives to mirror the behavior of a single vendor situation with end to end SLAs. For example, it is not unusual to allow a vendor to “earn back” SLA credits by providing stable service performance in the months following an SLA miss. In a multi-vendor environment, providing for an earn back of SLA credits paid by individual vendors for their components (or other incentives) based on the aggregate performance across all the vendors (i.e. the end to end measure) may incent the vendors to work more cooperatively to meet the customer’s business needs. Conclusion Whether a multi-vendor or prime vendor based approach is appropriate will depend on a myriad of factors including the scope and quantum of the services and the anticipated vendors involved. Prime vendor models will generally be preferred where service delivery requires the use of a number of smaller niche vendors where the customer may feel better dealing with a larger player and letting them manage the smaller piece parts. Where the service elements or towers are well understood (e.g. “commodity” type services) and can be more evenly distributed across similar tier providers, a multi-vendor model may be of benefit. It promotes internal competition between the vendors which would hopefully translate in to superior performance. Generally, the multi-vendor approach will require greater contract governance on behalf of the customer so the investment needs to be justified based on expected benefits. Successful arrangements will not solely be driven by procurement models and contracting, however – the collaboration between vendors needs to be ingrained in the operational approach to the services and the governance of the arrangement. The opinions expressed herein are those of the authors and not necessarily those of the IBM group of companies.