Ready to embrace Everything-as-a-Service? Prepare to assume more risk

As-a-Service offerings are exploding in the enterprise, unleashing an unprecedented wave of consumer-friendly applications and services. However, buyers of these services are often surprised that it is them, not the provider that assumes the risk for success.

It’s a common occurrence today: a SaaS provider wows a business unit with its comprehensive features, embedded analytics and native iOS and Android apps. The next-generation application solves huge problem for business line leaders and everyone is ready to begin a fruitful three-to-five year partnership.

However, when the pocket-sized Master Services Agreement (MSA) hits the desk of procurement and legal, one of two things happens: the business goes rogue and uses internal leverage to get the contract signed against the will of procurement or legal, or the process comes to a screeching halt, and nothing gets signed.

Why does this happen?

It’s usually about risk — specifically, risk being transferred to the buyer. Like it or not, business and commercial terms for most “as-a-service” offerings today heavily favor the provider. This is a shock for enterprise buyers who are used to dictating everything to providers on their own contract documents — everything from limits of liability to annual security audits. With as-a-service offerings, the tables have turned. The provider transfers risk to the buyer.

This is a relatively new phenomenon, and it’s because of one primary reason: multi-tenancy. The broad-based acceptance of highly standardized, massively scaled shared architectures is transforming the enterprise technology landscape, especially in the areas of sourcing and contracting. A multi-tenant architecture is not just a set of servers; it’s a representation of the way the provider does business. It’s the provider’s operating model.

So, the customer that buys an as-a-service platform is essentially accepting the provider’s operating model, and allowing it to permeate the buyer’s internal operating model. This is dramatically different than the traditional approach to sourcing technology services in which the customer injects its internal operating model into the provider’s external operating model with prescriptive request for proposals (RFPs), statements of work (SOWs) or MSAs that spell out how the provider should operate. 

Here’s a high level view of the traditional operating model transfer:

defined by buyer

And the emerging operating model transfer:

defined by supplier

This is a tectonic shift in sourcing and likely represents the future of managed service providers (MSP). According to J.B. Wood, author of the new book B4B: How Technology and Big Data Are Reinventing the Customer-Supplier Relationship, next generation MSPs will need to create world-class operating models and demonstrate the maturity (and courage) to extend that operating model to their customers. This extension, according to Wood, will create significant new kinds of value for both buyer and provider.

While some MSPs are doing this today, they are few and far between. We’re at the first stage of this evolution. Providers are extending relatively mature operating models to customers and are asking customers to trust them without providing appropriate ways to verify the veracity of the operating model. This is the primary reason as-a-service initiatives stall: There is too much risk inherent in the lack of ability to validate the provider’s operating model.

As-a-service initiatives also fail because some providers are taking advantage of the stampede to this new deployment model. Binding, click-through agreements, unreasonable data aggregation usage rights and exorbitant fee increases transfer too much risk to customers. And customers are right to reject these kinds of requests.

So, what’s an as-a-service buyer to do? How much risk should you assume?

Separating operating model risk from the commercial and legal risk is key. Buyers should avoid changing operating model risk during contract negotiations. Rather, it should be evaluated during the due diligence phase. This includes a deep dive into how the provider operates, how much visibility it provides into its operating model, and how much it will guarantee (in the contracting phase) that the operating model will have the same level of rigor three years from now as it does today.

The business and IT are usually the functions that determine if this risk transfer is appropriate, and usually focused on areas like data processing procedures, functionality updates, change management processes, maintenance windows and service levels.

The due diligence evaluation phase is a balancing act because some emerging (and even mature) as-a-service providers will change their operating model for a high-value prospect. While operating model concessions may initially feel like a negotiation win, it can also be a red flag: If a provider changes its operating model, it may not be confident in its ability to deliver on it, or it may be trying to buy the business. Both of these generally produce bad results for both sides.

During the contracting phase, which may occur concurrently with the due diligence phase, procurement and legal should aggressively negotiate the transfer of commercial and legal risk. This is usually focused on areas like price, payment terms, liability, data usage rights and termination. Keep in mind that terms will continue to heavily favor the provider for some time. It’s just the nature of the game today.

Be prepared that, unlike traditional on-premises technology service providers, many leading as-a-service providers will simply walk away from a negotiation that forces them to change their operating model or that makes them take on too much of the risk that they plan on shifting to the buyer. They’re in a heady growth period today and it’s a good bet another prospect is waiting in the queue to agree to their operating model and contract terms.

These dynamics won’t last forever. While revenue growth is incredibly impressive for leading as-a-service providers, margins are dismal. At some point, revenues will slow, Wall Street will want profits in exchange and, at that point, the risk transfer equation will likely begin to shift.


Copyright © 2014 IDG Communications, Inc.

It’s time to break the ChatGPT habit
Shop Tech Products at Amazon