Since the heyday of offshoring in the 1990s, international call centers and back offices have played an important role in the day-to-day functioning of many global banks. But the coronavirus pandemic has highlighted call center risks and vulnerabilities, which banks must address swiftly with their suppliers to avoid a run-in with regulators, industry insiders say.
The size of the global outsourcing market has more than doubled since 2000, and amounted to $92.5 billion in 2019, data from Statista shows. India and the Philippines are two popular destinations for call center work and business process outsourcing, and after strict lockdowns were implemented there in March, tens of thousands of staff suddenly pivoted to remote working. In India, Prime Minister Narendra Modi called a blanket lockdown March 24 with only four hours' notice.
News outlets including The Washington Post and NPR reported mid-April that callers to airlines, retailers and banks faced long wait times as call centers in India and the Philippines were unstaffed.
"A lot of banks had not modeled the impact of a global pandemic on their suppliers," Angela de Wet, head of risk across new technology and technology change at Lloyds Banking Group, said during a May webinar organized by Qube Events.
The perfect storm
Two colleagues video chatting with each other.
Outsourcing partners had to scramble to procure laptops and headsets, while many younger call center workers in Indian cities had to work from cramped hostels and bedsits, she said.
The closure of call centers coincided with a spike in customer demand, a perfect storm for long waiting times for callers, according to Terry Cordeiro, product lead and banking tech at fintech consultancy 11:FS.
"In today's climate of mortgage 'holidays', furloughs and redundancies many customers need the kind of direct, intuitive help that FAQs and self service content found on apps and websites can't provide, which makes calling the only option available. With fewer staff to service calls, longer waiting times are already leading to increased customer frustration and dissatisfaction," he said in an email, adding that many traditional call center woes are the result of them not being set up for remote operation.
But senior executives at two outsourcing companies that serve British, American and Australian banks told S&P Global Market Intelligence that, despite teething problems, they had managed to get the majority of their staff set up for home working within a matter of weeks.
Infosys Ltd., an Indian-headquartered outsourcing and consultancy firm that provides outsourced call center and IT services to multinational companies, including banks, got 93% of its global workforce set up for remote working shortly after the national lockdown was called in India, according to Mohit Joshi, president and head of financial services and insurance. The company shipped over 35,000 assets to employees' homes and set up broadband internet, he said in an emailed statement.
Infosys is now cautiously moving some India-based staff back to the office, Joshi said. But looking ahead, homeworking could play a much bigger role in the industry, with a shift to a "hybrid" model of both remote and office-based staff, he added.
Darren Saumur, global operating officer at global outsourcing business Genpact Ltd., also faced a challenge of shifting thousands of staff to homeworking after lockdown. The company has 65,000 employees in India alone. After an initial struggle to source laptops, most staff were able to transition, Saumur said in an interview. Not only that, but 55% of call center staff are working at higher productivity, while accuracy and customer satisfaction metrics all improved considerably, he added.
Balancing privacy concerns
Enabling remote working during the pandemic was just half the battle. Home working has raised concerns about data privacy and client confidentiality for financial services firms, Genpact's Saumur said. His firm encrypted or masked certain information, such as credit card numbers or addresses, so that call center operatives working from home would not be able to view it.
Some clients temporarily moved the work they considered most sensitive back onshore, he said. Banks generally class anything to do with loan and mortgage applications as highly sensitive, but are more comfortable with the idea of back office functions such as accounting and payroll being carried out by home-based workers, he said.
"I think our banking clients would generally like us to get staff back to the office due to the sensitivity of data," he said, adding that Genpact was being extremely cautious about this due to the risk of a second spike in infections.
Mark Lewis, senior consultant at law firm MacFarlanes, who has worked extensively on international outsourcing contracts in financial services, also said that privacy issues could become a stumbling block.
"The challenge for many businesses, not just the banks and other regulated firms, is to ensure that remote working and other relocation arrangements have remained, and will continue to remain, compliant with confidentiality, data security, cyber and data protection/GDPR regulation and contractual requirements. It would be silly to deny that this isn't a challenge or a major headache," he said in an email.
GDPR, or the General Data Protection Regulation, was enforced in the U.K. and the EU in 2018 and governs the way that customer data is processed and stored. Companies found to be in breach of the regulation face fines of up to €20 million, or up to 4% of turnover, whichever is highest.
Lewis added that he was not aware of any data or cyber breaches affecting U.K. banks that had occurred in the context of a work-from-home arrangement.
John Worthy, a partner in the technology and outsourcing practice at law firm Fieldfisher, said banks have been more focused than ever since the pandemic on service quality and resilience in recent negotiations around outsourcing contracts.
But there is another reason for their caution that predates the coronavirus.
"[As well as the pandemic] banks have been responding to the impact of the latest Outsourcing Guidelines issued by the European Banking Authority, which came into force in September 2019. These guidelines require banks to focus, among other things, on service resilience and business continuity planning, which can present a challenge when dealing with offshore providers," he said in an email.