Regulation Archives - Bad Buying

Bad buying obviously covers every potentially sector and category, but I have had a long interest in professional services spend and procurement for many years, including as co-author of “Buying Professional Services”, my first published book.

A couple of recent stories highlighted that although most of the people working in that sector are highly educated and intelligent, they can still behave just as badly and even illegally as any petty criminal.

The first story was about a survey of lawyers run by the “rolllonfriday” website, anonymous of course given that 35.5% of the respondents admitted that at some point they have been guilty of adding time that hadn’t been incurred to their time sheets (which then means the invoices to clients are also inappropriately inflated). As the report sai d,

Thirteen percent admitted they did it regularly, 12.6% confessed to being “occasionally” culpable, while around 10% said it was something they had done, albeit “rarely”.

Well, that probably won’t come as any surprise to most of us, but it was interesting to see our suspicions as cynical buyers confirmed. It reinforces the view that whenever possible, engaging professional service providers on some sort of fixed fee, outcome, output or success based basis is better than a simple “time and materials “ hourly or daily rate.

However, it can be difficult in the world of law, because we often don’t know just how much work will arise from a particular assignment, particularly if other parties are involved (litigation for instance). So it is hard for the parties to arrive at a sensible view of risk, which you need in order to agree a fair fixed price.

You should always look for where you can define some sort of clear work package and agree a price for that, but one thing buyers can also do is challenge their provider if bills look “padded”. Many people feel nervous about actually digging into a statement and saying to their lawyer, “so did you really spend 30 minutes on that two-line email”?

Now they are unlikely to immediately back down and reduce that bill, but next time, they might just think “perhaps I’ll just put 20 minutes for this email” because they know you will challenge. So don’t be scared to be a nuisance and analyse billing carefully.

The second piece of news was even more shocking. Consulting and auditing firm KPMG was fined in the Netherlands for endemic cheating around professional examinations taken by their staff. As the Times reported, “The Public Company Accounting Oversight Board in the United States found that between 2017 and 2022 hundreds of KPMG workers in the Netherlands, including senior partners and managers, had shared questions and answers with one another. This included for exams that they had to sit to test their understanding of professional ethics”.

Cheating on an ethics test! You have to laugh really. But I don’t understand why it is the US regulator doing the fining though rather than the Dutch equivalent.

To make it worse, KPMG lied to the investigators, saying they knew nothing at senior levels about the answer sharing – but it turned out two board members had indulged in these activities themselves! A $150,000 fine was also imposed on Marc Hogeboom, who used to run KPMG’s Dutch audit division, and he was banned for life from working for any firm that audits American public companies.

These people are auditing public companies and giving investors confidence (or otherwise) in those businesses – so having the right skills and training is critical beyond just KPMG’s own operations. The cheating means there may be incompetent people doing important work, which is not a good thought, and of course it means buyers have paid for people whose qualifications (which largely determine the level of fee paid) were bogus. Maybe some big clients should sue the firm now.

It seems that it isn’t the first time this has happened and KPMG is not the only firm that has transgressed. Last week the American regulator also fined Deloitte’s businesses in the Philippines and Indonesia $1 million each for answer-sharing on professional tests. And two years ago EY was fined $100 million by the US Securities and Exchange Commission, because a “significant number” of its American auditors cheated on the ethics component of their Certified Public Accountant exams.

The lack of ethics and morals of those involved is quite shocking for supposed “professionals”. Whilst the latest fine was substantial, it does not seem to be enough really to reflect the seriousness of the crime. I think it would have been appropriate to ban KPMG from all audit work in the Netherlands for a few years. I also think maybe a few jail sentences for the most senior people involved might have made others sit up and take notice.

So the advice to procurement people is this. As with the lawyers, don’t necessarily believe everything your consultants or auditors tell you, or everything they put on the invoice, just because you think they are ethical and trustworthy professionals. Not all seem to fit that description.

In my Bad Buying book, I wrote about the IT disaster that affected millions of TSB bank customers back in 2018. Here is the story from the book.

“In 2015 Sabatell acquired TSB, a UK-based retail bank, formally part of the Lloyds TSB Group. TSB at some point needed to move onto its own IT platform, rather than continuing to use the Lloyds group systems, as they were now competitors to their former parent company. But the move, in April 2018, turned into a disaster.

Account holders couldn’t use mobile or Internet banking, and some reported seeing accounts details from other account holders. Customers struggled for weeks to make mortgage and business payments, as the new TSB systems failed to function properly. The issue was serious enough to be raised in the British Parliament, and in September 2018 TSB’s CEO, Paul Pester, resigned.

In March 2019 The Sunday Times reported that an investigation into the affair put much of the blame onto the IT firm that handled the transition.13 However, the twist was that this firm was SABIS – which is part of the Sabatell Group itself. So although it has a separate identity, this was in effect the internal IT function of the group that owned TSB.

Reports suggested a range of technical and programme management issues around the deployment of new software, rather than problems with the underlying infrastructure. But whatever the cause, the whole episode cost TSB £330 million,14 and there is a ‘provisional agreement’ (according to the firm’s annual report) for SABIS to pay TSB £153 million. In November 2019 an independent report from law firm Slaughter and May concluded that the issues arose because ‘the new platform was not ready to support TSB’s full customer base’ and, second, ‘SABIS was not ready to operate the new platform’.

Questions have to be asked about the choice of ‘supplier’ here. Was SABIS the right choice to carry out this challenging task? It certainly doesn’t appear so, in retrospect. Did TSB have a choice, or was the firm told by top Sabatell management that it had to use SABIS? Would a firm with a wider and broader experience of banking systems than SABIS have done better? And why didn’t TSB accept the offer of help from Lloyds, which was made as soon as news of the problems broke?”

Now, five years later, there is an interesting postscript. Carlos Abarca, who was the TSB chief information officer, has been fined £81,620 by the Prudential Regulation Authority (PRA), the body that provides oversight of the UK banking system. In their 35 page report, they explain how Abarca’s failure caused a debacle that might have threatened financial stability more widely.

He apparently ignored early signs that the migration was not going well before the big switchover. He “did not ensure that TSB formally reassessed Sabis’s ability and capacity to deliver the migration on an ongoing basis”. Sabis told Abarca that they were migration ready and that subcontractors had given written confirmation that their infrastructure was fit for purpose. but the Authority felt this was not enough because the statements were caveated with comments about outstanding tasks. Abarca also did not obtain a written updated confirmation of readiness from Sabis when he told his own Board everything was ready for the transition.

The PRA said, “Mr Abarca’s failings undermined TSB’s operational resilience and contributed to the significant disruption TSB experienced to the provision of critical functions and potentially impacting on financial stability”.

This might be the first time a senior executive has been fined and disgraced for a failure in contract and project management. Now clearly in most industries, there is no equivalent of the PRA to carry out this sort of investigation and take such action if someone screws up in a similar manner. But if you are in the financial services industry in the UK, it is a warning. If you are responsible in some way for operations, and that includes some procurement and contract management activities, then you must be very careful and must conduct your work with considerable diligence. And make sure you cover your back carefully at every point if a supplier tells you, “yes, everything is fine, don’t worry”!

Tag Archive for: Regulation

What Happened to Ethics, we ask “Professional” Services Providers!

TSB Systems and Contracting Failure- CIO Fined