Joining the Data Dots
Challenges with Connecting them
Challenges with Connecting them
Driving digital improvements compared with other types of change management initiatives should be similar, but in fact the execution failure rate is higher with challenges occurring at the start, middle or end of a project or combinations thereof. Broader observations point to a number of factors causing this, both at holistic and more detailed levels.
The bottom line is that new initiatives need to be carefully thought through, on an end to end basis with all relevant stakeholders’ before any project start. However, these days what should constitute the definition of end to end.
Data silos, shadow IT, data management, an increasing focus on compliance, ESG initiatives, global tax harmonisation (BEPS 2.0) and lack of current data timeliness and quality, all need to be tackled within any end to end process to create a modern data driven & collaborative organisation, and all contrasted against the democratisation of IT related processes.
Timing is becoming even more critical as the deep challenges associated with the pandemic are also joined by increasing inflationary pressures on operating margins that may or may not be short term, not to mention higher interest rates becoming visible on the horizon.
Not only that, but there are other emerging external drivers from global regulators and governments to further streamline tax policies (ie BEPS 2.0) and / or integrate tax collection into real time processes, all adding to the urgency of being able to efficiently join the required data dots together at any point in time.
With business complexity and risk environments increasing the business imperatives to seek the joining of data dots together are becoming more upfront and centre to stakeholders, but what are some of the challenges that you should be aware of before starting digital enablement roll outs.
Areas that are proving to be a challenge for corporates include:-
1. Digital ROI. Project justification processes within every organisation can be very different and each corporate has its own level of financial maturity and materiality. To set the scene further, even casual assessments made by you into the efficiency of your business workflows today will reveal a large number of negative observations, but simply put there are so many of these (after all this is about streamlining everything that has been created over many long years) that priority setting becomes vital. Typically digital justifications fall as follows: those having to go through a formal multi stepped process, and those that get ad hoc budget approval, simply because of the stakeholders involved (ie closed loop), because intellectually on the surface it seems to make a lot of sense, despite it being difficult in some cases to get to any really meaningful hard supporting numbers.
Additionally corporate sign off procedures for ERP software are now more complex than ever and increasingly involves more detailed considerations around vendor onboarding, various levels of cybersecurity sign off that includes penetration testing, multi-cloud keys management, and increasingly considerations around ESG.
Often some of these steps become a surprise to the local corporate entity of a global company, because they are only triggered as the transaction progresses down the various functional lines of command for authorisation. Vendors working with customers, and vice versa, during the early stages can help to ring fence where an issue might arise, so that it can be headed off and factored into UAT schedules to avoid or minimise delays etc.
Corporates, it is worth mentioning, often have no detailed view on the costs nor time required for existing process execution, either within or across entities for the same business workflow. Up to now few organisations would be knowledgeable as to the number of full time employees (FTE) for actual work steps being taken outside of the system to make it possible in the first place, nor compare the same process metrics across their other entities. This is now changing, albeit slowly, but is likely to accelerate as more efficiencies become visible to various types of stakeholder.
2. Do you Replicate Current Processes or Re Design. When not pioneering new value creation flow strategies, should the same existing process be incrementally automated, or is there a bigger change that would drive more value. After all, if you simply replicate what you have now, then you will have the same underlying inefficiencies, regardless of platform ie cloud, hybrid or on premise.
Looking at it another way, there is always a balance between driving forwards and investments to achieve it. The advantages of being able to work at a more granular level is that you can leverage what works well, rather than fully replacing systems or parts thereof, whilst keeping projects manageable from both a time and cost perspective.
3. Will processes be within or across functional domains. Changes to business workflows within a single functional domain area are much easier to implement, than when they cross others that are managed by different people. Why? Call it what you want, but typically it comes down to politics preventing it from happening, i.e. functional domain staff not wanting to lose control, or there being a different functional culture or domain focus that values certain operational attributes higher than others, for example around areas of detailed compliance, including cut-off.
Essentially, making real positive progress comes down to underlying management focus and drive, or there being present a functional power user, as has been illustrated by researchers exploring efficiency metrics of similar organisations within the same business sector.
4. Traditional HR structures can exacerbate change management, as does the observation that only the CEO is typically involved across the entire management organisation. This coupled with the fact that digital enablement teams are often put together without enough functional representation, means that many of the issues described above and below will come to a head during any project.
Solving this is not easy, but points to creating a much more fluid structure or one that sees virtual teams that are created and disbanded as projects proceed to completion. Both scenarios must have stakeholders that can proactively engage to remove the barriers touched on above. This however today does challenge the working models of many corporates.
Often the success of FinTech digital enablement comes from the fact that compliance is already a strong part of the operational culture, plus processes are more finite in nature with less sprawling uncontrolled dependencies. Compare this with retail where the initial purchase is fulfilled, but where there are many secondary items and processes to consider like supply chains, logistics, replenishment times and replacement costs etc, all of which are very topical today. Businesses have all types of course, but extra care is needed around any functional lines.
5. Modern digital systems meet legacy. This is a barrier that can get in the way of successful project execution, and the macro challenges faced here are the same ones that have in fact caused inefficient spreadsheets to be used in many processes on a repetitive basis in the first place.
Simply put, data needs to be transformed so that it can be useful from a practical perspective, and achieving this often requires knowledge of multiple system types, including legacy, so that data can easily flow in the right formats for the required end result. The challenge here is that the knowledge to undertake this is not always within a single person, nor organisation.
One often finds that very sophisticated successful front end processes stop dead in their tracks when functional team lines are crossed, so that momentum and business velocity is lost. Therefore take time to understand any dependencies that you have on systems integrations and ensure that you have access to required specialist person(s) etc that will be required during actual execution.
6. Data Compliance. Considerations re the physical, logical, legal and taxable location of data is also very relevant and topical here. Whilst there is a primary focus on designing business flows, the same amount of energy is not always given to building-in multiple levels of compliance, at least at the beginning.
Increasingly, focus here is becoming ever more important as regulations around data handling are changing frequently, and might require the use of multiple cloud vendors to reach a workable solution, noting that not all cloud vendor solutions have the same primary or secondary product availability (ie service offering related to the primary solution), in each country of operation.
7. Cybersecurity and Privacy. These are on the flip side of the same coin and need to be considered end to end throughout the process. There are strengths and weaknesses to automated workflows.
On the one hand, less or no manual intervention might be required during processing, and this positively equates to a reduced chance of human error or ad hoc nefarious data interaction. On the other hand, this lesser human interaction also means that not only is there is a broader more automated threat vector surface area open to attack, but also a reduced risk of threat actor detection by the corporation due to the lower number of staff interactions with data.
As a result, broad based tight controls should be in place at all times, and as will be expanded on further below there should be a proactive mechanism to keep employees and management in the loop about best practises surrounding cybersecurity.
8. Ongoing Proactive Communication re Automation Projects. One constant is that organisations are always looking to do more with less people in order to increase productivity (and that was before disruptions occurring from what is termed the Great Resignation), despite ever increasing complexities regarding compliance. However, it is easy for staff to get the wrong idea as to why there is a focus to improve efficiencies, so constant communication remains important to secure proactive buy-in, particularly as many ideas are generated from those with detailed active knowledge of a process.
9. Replicating successful Processes. Extensive transactional processing is sucking time away from other detailed checks and balances, not only in one entity but across them all, again distracting these organisations from other digital improvement projects.
Solving a challenge in one location means that it can often be replicated with small granular changes in another, whilst taking into account local compliance to drive a multiplier effect regarding time savings. This also shows the types of cascading benefit that can be achieved within a single functional area like the “Office of the CFO”.
10. HR Policies, Reinforcement for Cybersecurity. A threat actor’s general intent is twofold. First, their task is to gain entry into a corporate system, and then to move horizontally to your more valuable data to steal or encrypt it, i.e. ransomware. Secondly, to hijack processes in order to get you to redirect material cash funds to the threat actor i.e. supply chain payments, treasury movements, significant asset acquisitions etc.
Whilst either may be part of a highly targeted threat to reach an end goal, attacks typically fall into either i) scattergun attacks ie a numbers game to get any employee to click on a nefarious link which actually then triggers a bad program to run ie that encrypts business files for a ransomware demand etc or ii) be highly targeted. In the case of the latter, deep fake videos and / or voices of an employee’s boss have been successfully used by threat actors to reach their end goals. As ii) is very expensive to execute today (prices are reducing!) they tend to be highly targeted to previously pre-identified staff members (identified via earlier call-ins, social engineering or specifically targeted email to a key person(s) containing nefarious links etc). A new tactic, ironically to improve the productivity of threat actors, is to use automated robo calls together with your active participation, to fill in within process forms for acquisition of your credentials.
Regardless of which, employees (and management) have to understand and be aware of how attacks happen and what they can do through additional steps and / or operational controls to mitigate them as far as possible.
Connectivity and smarter interconnected processes are compelling to corporates, despite the risks, for the reasons of achieving faster work execution as well as greater visibility on an ongoing basis. In order to reduce risks, one should aim for cybersecurity to be part of your business culture with ongoing reinforcement.
Digital enablement is driving tangible results and becoming even more compelling to corporations, but at the same time many projects are not delivering against their intended results. Project derailment can come at the beginning, middle or end or combinations thereof. A common denominator of failure comes down to how change management is undertaken within a project, and specifically the appointment of relevant project team members that must also be able to handle, not only the defined end to end process objectives, but also the other top to bottom compliance considerations described above within the same process, such as cybersecurity, privacy, and compliant data management.
Acceptable and clear functional demarcation lines need to be drawn internally, recognising that deep broad change should be a strategic consideration of the CEO overseeing the entire management organisation, whilst functional management works alongside to support the common goal. Of course both might progress at different speeds depending on a multitude of different factors until the data dots become joined, in what will ultimately be a simpler yet more comprehensive picture achieved with far fewer disparate data dots, but which also has more collaborative interconnections between them to improve data equity. A game changer!
FlexSystem is a financial, human resources, and operations business software vendor to 1 in 10 Forbes Global 2000 (May 2020), and 1 in 5 Global Fortune 500 (August 2020), operating at the intersection of new digital process and payment technologies, whether on-premise or cloud, to provide you with iterative opportunities for value creation.