External risk variables

Krishnan Thiagarajan

UNLIKE frontline companies, such as Infosys Technologies or HCL Technologies, where risk management is integral to the business culture, for medium-sized companies this culture is yet to permeate the middle management level.

For medium-sized companies, caught up as they are in the chaotic and competitive world of spotting and translating business opportunities into concrete orders/contracts, risk management and mitigation strategies may be a luxury they can ill-afford. More so, as these companies are wrapped up in the formidable task of `scaling revenues' at rates higher than the average industry growth rate of over 50 per cent on a year-to-year basis.

But seen from an investors' perspective, an understanding of the `risk management strategies' of any company lies at the core of `investment decision-making process,' especially in an industry characterised by high growth rates and innovation. To put it in simple terms, between two companies with similar business profile and revenue growth, the company with a conscious and deliberate risk management framework is on any day a better investment candidate than the other which allows the business to be left merely to market forces.

Speaking at an Analyst Meet convened recently, Mr. Nandan Nilekani, Managing Director, President and Chief Operating Officer, Infosys Technologies, said that Infosys has followed what they call the PSPD (predictable-sustainable-profitable-derisked) Model for managing growth and moving up the software value-chain. According to him, the PSPD business model is founded on four pillars of:

* Predictability of revenues -- say, a certain proportion of revenues in the next 4, 8 or 12 quarters can be taken as assured,

* Sustainability of revenue streams -- from either certain vertical or horizontal domain which accrues on a regular basis and does not die out and needs to be replaced,

* Profitability of revenue streams -- generate acceptable margins and contribute to the bottomline, and

* Business derisking -- ensures that the business portfolio is not overly dependent on any client, technology, service offering or vertical domain. For instance, Infosys has chosen to limit its revenue from any one client to 10 per cent of its revenues. As of 1999-2000, Infosys' largest client accounted for 7.2 per cent of its total revenues and five largest clients accounted for 30.2 per cent.

Click here for Chart

This risk management strategy advocated by Infosys applies with equal force to any medium-sized company in the software industry. Clearly, a cross-section of senior management officials interviewed by Business Line were conscious of the need to devise `risk management strategies' but at present, the focus has been more on building business volumes than handling risks in a dynamic software environment.

External risks: As medium-sized companies, the perceived threats/risks, both at the macro (external) and micro (internal) levels are far greater and are expected to leave them much more vulnerable than their frontline peers. At the macro level, the risks for medium-sized companies stem from their ability to manage the following:

Managing growth or scalability: While the frontline companies, such as Infosys Technologies or Satyam Computers, enjoyed an early-mover advantage which made scalability easier in the mid-1990s, the window of opportunity for the medium-sized companies, despite being huge, is still barred by stiff competition. After starting from a small revenue base, a growth rate of 70-100 per cent was fairly easy to achieve for medium-sized companies in the early years of their existence.

But most of these companies, which have reached a critical mass in terms of revenue base, are facing threats from the external environment in the form of competition from software majors in India and abroad and internally in terms of improvements in management, technical, operational and financial parameters, quality and processes to cope with external competitive pressures. In this backdrop, `scalability of revenues' above industry averages becomes the key differentiator between successful companies and the ones which fall by the wayside. This dimension of risk in medium-sized companies is fairly high and needs to be closely monitored.

Acquisition risk: Operating in a competitive environment, the medium-sized companies have realised that there is a limit to organic growth and they have been quick to seize opportunities by using acquisition as a strategy to ramp-up business volumes. Unlike frontline companies, which are aiming to use acquisitions with a strategic intent of, say, gaining specialised domain expertise or moving up the software value-chain into IT/strategic consulting, second-rung companies, such as DSQ Software, Polaris Software and Silverline Technologies, which have made (or are in the process of making) acquisitions have done it mainly to bolster business volumes.

Through these acquisitions, these companies have attempted to acquire either a client base, proprietary technology expertise or vertical industry focus in one stroke. For instance, in an acquisition approved by the DSQ Software board, the company took over San Vision Technology Inc. based in New York, in an all-stock deal valued at $30 millions. With some 160 consultants, a prestigious client base such as AIG, JP Morgan, Merrill Lynch and AT&T, and revenues of $15 millions, it appears to be a good acquisition.

But the key problems of integration, retention of employees/consultants or customer base and managing the post-acquisition formalities such as cultural incompatabilities still remain. Or, in the case of Silverline Technologies, the acquisition of the Lorin Group in October 1998 led to a reduction in the gross margins due to a higher proportion of onsite work. Since, moving work offshore lies at the core of the acquisition, any failure to achieve this objective can prove disastrous for the company. As the topline and bottomline growth of medium-sized companies are linked to the acquisition, the risk associated with this activity assumes great significance.

Threats in the global environment: Going forward, if the US economy starts slowing down for some reason in the medium term, the medium-sized companies may face a much bigger threat to revenue growth as the first to cut down on IT spending will be the smaller companies in the US. Second, the consolidation among industries which is taking place at a frenzied pace in the US and has also been kickstarted in Europe through mergers/acquisitions, joint ventures and strategic alliances may shrink/eliminate the client base and the scope for outsourced work from India in the long run.

Finally, as labour costs surge in India, the Indian software players facing the threat of loss of business from players in Singapore, the Philippines and Ireland. Unless Indian companies gears up to make a conscious switch from legacy/client-based environment to the web-based environment, this threat may remain a live one, especially for medium-sized companies which may not have acquired a dominant mindshare of their customers in the US and Europe.