Ergebnisband des E-Finance Lab

Transkript

1 Ergebnisband des E-Finance Lab Top-3-Publikationen je Cluster des Jahres 2007

2 Inhaltsverzeichnis: Cluster 1: Sourcing and IT Management in Financial Processes (Prof. Dr. Wolfgang König) Wagner, H; Weitzel, T (2007): Towards an IT production function: understanding routines as fundamental for IT value creation. In: Journal of Enterprise Information Management (JEIM), Vol. 20, No. 4 (August 2007). Gewald, H; Franke, J (2007): The Risks of Business Process Outsourcing: A Two-Fold Assessment in the German Banking Industry. In: International Journal of Electronic Finance (IJEF), Vol. 1, No. 4, pp Beinborn, D; Martin, S; Franke, J (2008): Value Chain Crossing: Insights and Opportunities for Future Research. In: International Journal of Electronic Business (Forthcoming). Cluster 2: Emerging IT Architectures to Support Business Processes within the E-Finance Industry (Prof. Dr.-Ing. Ralf Steinmetz) Berbner, R; Spahn, M; Repp, N; Heckmann, O; Steinmetz, R (2007): Dynamic Replanning of Web Service Workflows. In: IEEE International Conference on Digital Ecosystems and Technologies 2007 (IEEE DEST 2007), Cairns, Australia. Schulte, S; Repp, N; Eckert, J; Berbner, R; von Blanckenburg, K; Schaarschmidt, R; Steinmetz, R (2007): General Requirements of Banks on IT Architectures and the Service-Oriented Architecture Paradigm. In: 3 rd International Workshop on Enterprise Applications and Services in the Finance Industry (FinanceCom 2007), Montreal, Canada. Repp, N; Schulte, S; Eckert, J; Berbner, R; Steinmetz, R (2007): An Approach to the Analysis and Evaluation of an Enterprise Service Ecosystem. In: ICSOFT'07, Workshop on Architectures, Concepts and Technologies for Service Oriented Computing, Barcelona, Spain. Cluster 3: Customer Management in the Financial Services Industry (Prof. Dr. Bernd Skiera) Gensler, S; Skiera, B; Böhm, M (2007): Einfluss der Nutzung des Online- Bankings auf das Produktnutzungsverhalten und die Profitabilität von Bankkunden. In: Zeitschrift für Betriebswirtschaft, Vol. 77, No. 6, 2007, pp Heiligenthal, J; Skiera, B (2007): Optimale Verteilung eines Budgets auf Aktivitäten zur Kundenakquisition, Kundenbindung und Add-on-Selling. In: Zeitschrift für Betriebswirtschaft, Special Issue 3/2007. Wiesel, T; Skiera, B (2007): Unternehmensbewertung auf der Basis von Kundenlebenswerten. In: Schmalenbachs Zeitschrift für betriebswirtschaftliche Forschung, Vol. 59 (September).

3 Cluster 4: Reshaping the Banking Business (Prof. Dr. Mark Wahrenburg) Bosch, O; Steffen, S (2007): Informed Lending and the Structure of Loan Syndicates Evidence from the European Syndicated Loan Market. In: 19 th Australasian Finance and Banking Conference (Sydney, 2006); AFFI Paris International Meeting on Finance (Paris, 2006); Campus for Finance Research Conference (Vallendar, 2007); South Western Finance Association Meeting (San Diego, 2007); Skinance 2007 (Lech, 2007); Eastern Finance Association 43 rd Annual Meeting (New Orleans, 2007). Gewald, H; Gellrich, T (2007): The impact of perceived risk on the capital market s reaction to outsourcing announcements. In: Inf Technol Manage, Vol. 8, pp Güttler, A; Wahrenburg, M (2007): The adjustment of credit ratings in advance of defaults. In: Journal of Banking & Finance, Vol. 31, pp Cluster 5: Managing the Securities Trading Value Chain (Prof. Dr. Peter Gomber) Gomber, P; Lutat, M (2007): Applying Pricing Engineering for Electronic Financial Markets. In: Electronic Markets, Vol. 17, No. 4. Budimir, M; Schweickert, U (2007): Benchmarking Latency in Secutities Trading An In Depth View on Trading at Light Speed. In: Pre-Conference Proceedings of the 1 st Special Focus Symposium on Market Microstructure: From Orders to Prices - Best Execution in the Age of Algo Trading and Event Stream Processing. 1 st International Conference on Advances and Systems Research, Zadar, Croatia. Gomber, P; Chlistalla, M; Gsell, M; Pujol, G (2007): Status und Entwicklung der MiFID-Umsetzung in der deutschen Finanzindustrie. In: Zeitschrift für Bankrecht und Bankwirtschaft (ZBB), 4/2007, pp Die Autoren bedanken sich herzlich für die Unterstützung aller ihrer Arbeiten durch das E-Finance Lab!

4 Cluster 1: Sourcing and IT Management in Financial Processes (Prof. Dr. Wolfgang König) Wagner, H; Weitzel, T (2007): Towards an IT production function: understanding routines as fundamental for IT value creation. In: Journal of Enterprise Information Management (JEIM), Vol. 20, No. 4 (August 2007). Gewald, H; Franke, J (2007): The Risks of Business Process Outsourcing: A Two-Fold Assessment in the German Banking Industry. In: International Journal of Electronic Finance (IJEF), Vol. 1, No. 4, pp Beinborn, D; Martin, S; Franke, J (2008): Value Chain Crossing: Insights and Opportunities for Future Research. In: International Journal of Electronic Business (Forthcoming).

5 Towards an IT production function: understanding routines as fundamental for IT value creation Heinz-Theo Wagner E-Finance Lab, Goethe University Mertonstr. 17, Frankfurt, Germany Tim Weitzel Chair of Information Systems and Services Otto Friedrich University, Bamberg, Germany Brief biographical statements of authors: Heinz-Theo Wagner has earned his Ph.D. at the Institute for Information Systems at J. W. Goethe University, Frankfurt, Germany. His research interests include the economic and organizational aspects of IT, Social Network Theory, and the IT business value creation process. He is now engaged in a multi-university industry/academic research program researching issues relevant for the financial services industry (E-Finance Lab). He has served several years as a management consultant to companies in the financial services industry regarding IT-related topics. Tim Weitzel is Professor of Information Systems at Bamberg University. He received his PhD from Goethe University in Frankfurt, Germany. Tim s research on standards, outsourcing, IT business alignment, E-Finance and Human Resource IS has been published among others in MIS Quarterly, DSS, Electronic Markets, Wirtschaftsinformatik, ZfB, JECR. The contact author is Prof. Dr. Tim Weitzel Bamberg University, Chair of Information Systems and Services Feldkirchenstr. 21, Bamberg, GERMANY weitzel@is-bamberg.de Phone:

6 Towards an IT production function: understanding routines as fundament of IT value creation Abstract Purpose of this paper The goal of this paper is to identify core IT value drivers in firms and to model them as an IT production function to help disclose and measure the IT value creation process and to guide managers in seeking adequate ways of employing the IT resource. Design/methodology/approach Based on a critical review of the literature on the resource-based view, an IT value framework based on the constructs IT capability, resource, and routine is developed and then formalized as an IT production function. Findings Organizational routines are decisive for turning firm resources into an IT capability and in turn into better business process performance. We show how the IT value creation process in general and routines in particular can be measured and formalized. Practical implications As the interaction between IT and business units is crucial for IT value generation, organizational routines provide for important knowledge flows that turn firm resources into value generating capabilities. We propose a concrete method to measure and evaluate these routines and thereby contribute to making the IT resource controllable. What is original/value of paper Our main contribution is the identification and analytical formalization of the role of routines for IT value creation. We show how insights from the resource-based view, microeconomic theory (Cobb-Douglas/CES production function), and Granovetter s strength of ties argument can be used to describe, measure, and guide IT value creation and to develop an IT production function. Keywords: IT Capability, Resource, Routine, Production Function, Resource-based View, Alignment

7 - 1-1 INTRODUCTION Determining the impact of information technology on business value is a key challenge for IS researchers. The answer to this IT value question is not merely relevant as a justification of IT spending but rather holds the conditions for a systematic and advantageous use of the IT resource. In microeconomics, the concept of a production function has been developed over the decades to link quantities and qualities of inputs via transformation processes to well defined outputs. For IT, there have only been very few approaches to develop such a production function. As IT is typically a crosssectional business function rather than a primary business process, recent literature on the business value of IT suggests a rather indirect and more complex relation between IT and its business value (Lee, 2001). Notably, Melville et al. (2004) propose a unified conceptual model on IT business value. They show how the resource based view (RBV) has provided very instructive general insights into how to use the IT resource to generate and maintain a sustainable competitive advantage (SCA). Still, like most parts of the literature, their framework relies on broad constructs and is quite general. As a consequence, the transformation process from IT to value still largely resides in a black box and it is difficult to both, empirically substantiate the ways in which IT creates value and to derive concrete managerial guidelines on how to develop the IT resource. In this paper, extending Wagner and Weitzel (2005b) we propose a basic IT production function that especially incorporates organizational routines and alignment as suggested by the recent literature. We thereby strive to answer these research questions: What are core IT value drivers in firms? (sections 2 and 3) How can these value drivers be codified in an IT production function? (section 4) Based on a thorough review of the literature we clarify some of the key concepts of the RBV. Particularly, we propose organizational routines as common denominator underlying the diverging understanding in the literature of how IT and non IT assets form an IT capability. Drawing on arguments from microeconomic theory, we then translate the IT value creation framework to a basic IT production function. As routines are based on the interaction between persons, we next extend the IT production function by quantifying the interaction effects using Granovetter s strength of tie argument. 2 LITERATURE REVIEW Research on the relation between IT spending and business value is inconclusive. There are empirical studies showing a positive (e.g. Brynjolfsson and Hitt, 2003), a negative (e.g. Berndt et al., 1995) or no relation (Strassman, 1990; Harris and Katz, 1991). Main reasons for this discrepancy are vague concepts and a lack of well established measurement models. Recently, Melville et al. (2004) have proposed a unified IT value model that is based on the resource-based view. The RBV focuses on the firm, as opposed to the industry, and explains differences in a firm s competitive position with resource heterogeneity among firms, thus explaining sustained competitive advantage (SCA) through

8 - 2 - the resources controlled by a firm. Literature also suggests a business process perspective to identify IT impacts on performance (Melville et al., 2004; Barua et al., 1995). The rationale is that a firm comprising several business processes may excel in some and is average or below average in other processes, which leads in total to some net effect at firm level. Similarly, Serrano and den Hengst (2005) propose to develop an integrated view of IS and business processes and to concretely model the relationships between both domains. In contrast to their modelling framework based simulation approach we develop an analytical approach that offers similar advantages but has a stronger emphasis on IT value creation than integration. In the following, we critically review the concepts of resources, capabilities, and routines as these are key elements of our IT value creation framework (section 3) that are later used to develop an IT production function (section 4). 2.1 IT resources One root of the RBV is the work of Edith Penrose, who viewed the firm as a collection of productive resources guided by an administrative function (Penrose, 1959). Rumelt specifies that a firm s competitive position results from bundles of unique resources and relationships protected by isolating mechanisms (Rumelt, 1984, our emphases). The term describes mechanisms protecting uniqueness; examples are causal ambiguity and reputation, limiting the mobility, imitability, and substitutability of resources. According to Barney, a resource has to be valuable, rare, non-imitable, and nonsubstitutable to provide for a sustainable competitive advantage (Barney, 1991). The definitions for resources are rather broad in the literature, making theory of factor demand or portfolio theories special cases of the RBV (Wernerfelt, 1984, p. 171). Melville et al. (2004, p. 294f.) partly following Mata et al. (1995) specify IT resources as the technological IT resource (IT infrastructure and business applications) and human IT resource, both consisting of technical and managerial knowledge. Single information systems can be an example of IT resources providing a competitive advantage for the firms implementing them. For example, WalMart could reduce its inventory costs with the adoption of a purchase/inventory/distribution system and General Electric could differentiate its service support by the introduction of an answer centre (Mata et al., 1995). Also, technical IT skills can be defined as know-how for development and operation of IT applications (Mata et al., 1995, p. 498, Ross et al., 1996). IT skills enhanced with considerable experience e.g. in very large and complex IT projects are rarer and building them up takes time. On the other hand these resources, considered as single human beings, are mobile and can be acquired by a competitor for example in the form of technical consulting. Managerial IT skills include management s ability to conceive of, develop, and exploit IT applications to support and enhance other business functions (Mata et al., 1995, p. 498, Ross et al., 1996). Understanding the business needs, working together with functional managers to develop a solution, coordinating IT activities in order to support functional managers, and anticipating future IT needs are listed, among others, as examples of this sort of skill.

9 IT capabilities Grant (1991, p. 119f.) points out that resources are inputs into the production process but mostly do not create value on their own. Resources must work together in order to create organizational capabilities referring to the ability to team resources. These capabilities can then implement competitive advantages (Barney, 2001, p. 647). Accordingly, in contrast to the resource-picking perspective described above, the capability-building perspective focuses on enhancing existing resources (Makadok, 2001). Amit and Schoemaker (1993, p. 359) define capabilities as a firm s capacity to deploy resources, usually in combination, using organizational processes, to effect a desired end. Correspondingly, Day (1994) defines capabilities as complex bundles of skills and accumulated knowledge, exercised through organizational processes that enable firms to coordinate activities and make use of their assets. He also provides a scheme to categorize capabilities into three classes common to all businesses. First, inside-out capabilities respond to market requirements and opportunities and tend to be internally focussed (e.g. transformation activities, logistics). Second, the externally oriented outside-in capabilities enable the firm to anticipate requirements and create relationships with market participants outside the firm. Third, spanning capabilities integrate the two other categories. Examples are new product development and price setting which need the integration of inside-out and outside-in capabilities. According to Day capabilities are based on organizational processes which in turn can be identified as routines (Nelson and Winter, 1982). The effect of IT capabilities was underpinned by a study presented by Bharadwaj (2000) finding a superior IT capability associated with significantly higher profit ratios. 2.3 Reconsidering capabilities and the role of routines Despite common agreement on the general importance of capabilities for business value, we still lack a more complete framework that considers not only the environment but also the mechanisms that are used to acquire IT resources, employ them in the firm s processes and in turn impact the environment. As can be seen from the literature review, definitions are rather broad, and the connections between constructs seem unclear and ambiguous. Therefore, we now try to clarify the basic term capability and in turn the underlying concept of routines. Based on this, a framework is developed showing the value chain within a firm from an RBV perspective. Some authors identify capabilities as organizational processes (e.g. Eisenhardt and Martin, 2000; Wade and Hulland, 2004; Ravichandran and Lertwongsatien, 2002) while others focus on their content and characteristics (e.g. Grant, 1991; Barney, 2001; Day, 1994; Teece at al., 1997) and use the term capabilities as an ensemble of underlying constructs. IT capability in the sense of Bharadwaj (2000) is defined as [a firm s] ability to mobilize and deploy IT-based resources in combination or copresent with other resources and capabilities. According to Amit and Schoemaker (1993, p. 35) capabilities refer to a firm s capacity to deploy resources, usually in combination, using organizational processes, to effect a desired end while the desired end can be interpreted as competitive advantage (Barney, 2001, p. 647). Eisenhardt and Martin (2000, p. 1107) extend this somewhat static view by introducing the notion of dynamic capabilities as a means to integrate, reconfigure, add, and

10 - 4 - release resources. Capabilities as described above can be seen as complex bundles of skills and accumulated knowledge, exercised through organizational processes that enable firms to coordinate activities and make use of their assets (Day, 1994, p. 38). Capabilities in this sense are built up by information-based firm-specific processes, developing over time and based on information-exchange through the human capital of a firm (Amit and Schoemaker, 1993, p. 35). Hence, organizational processes are central for the creation and activation of capabilities. The term process is often used to refer to explicit structures while there are implicit actions as well. Galunic and Rodan (1998) call them tacitly-held and explicitly-held routines to address the fact that routines can contain tacit knowledge and also explicit knowledge. Accordingly, Ravichandran and Lertwongsatien (2002, p. 579) identify IS capabilities as the routines within the IS department that enable it to deliver IT services to the firm. Correspondingly, routines can be seen as part of a learning process leading to continuously improving capabilities (Andreu and Ciborra, 1996, p. 115). Thus, organizational processes are central for capabilities either capabilities are identified with such processes (see Eisenhardt and Martin, 2000), or they are necessary to build up and activate capabilities (see Amit and Schoemaker, 1993). Table 1 summarizes the discussion above by distinguishing three components of a capability common to many studies regarding this subject. A capability in the sense of the discussion above is a meta-construct incorporating other concepts used in the RBV. IT Capability consists of Routines (exchange and integrate knowledge) (Amit and Schoemaker, 1993; Grant, 1996, Nelson and Winter, 1982) Human IT Resource Technological IT Resource (skills, knowledge) (IT assets) (Day, 1994; Ross et al., 1996) (Ross et al., 1996) Table 1: Capabilities, routines, and resources In the following 'IT resource' refers to both capability components, technological and human IT resources. The third, routines, is elaborated in more detail in the following section. 2.4 Routines Recently, Becker (2004) has presented a literature review on routines covering a broad range of aspects. In this section we focus on a knowledge integration perspective (Grant, 1996). It has been argued that routines are an important building block for capabilities and also a basic mechanism for value transformation. The competitive advantage of firms lies with its managerial and organizational processes, shaped by its (specific) asset position, and the paths available to it. By managerial and organizational processes we refer to the way things are done in the firm, or what might be referred to as its routines, or patterns of current practice and learning (Teece et al., 1997,

11 - 5 - p. 518). Organizational routines thus are regular and predictable patterns of activity which are made up of a sequence of coordinated actions by individuals (Grant, 1991, p. 122) and represent the skills of an organization, incorporating tacit knowledge acquired by learning and unconscious coordination as introduced by Nelson and Winter (1982, p. 14 / p. 124; Andreu and Ciborra, 1996). Therefore, routines are known as effective mechanisms for knowledge integration (Grant, 1996). As Galunic and Rodan (1998, p. 1199) put it, individuals interacting frequently come to share a common meaning by developing a common language and symbols improving the exchange of knowledge. An example of routines at work is a simple practice of Japanese firms called quality circle. It took years to imitate it in the U.S. and Europe with similar success. The problem was the needed cooperation and the attitude of the employees codified in routines (Grant, 1991, p.127). Routines as used here are formal and informal processes based on the interaction between human agents. By these interactions knowledge is transferred and attitudes are formed which in turn leads not only to an adaptation of the knowledge base but may also lead to an adaptation of behaviour and attitudes. These adaptations can facilitate the information flow. At the same time, smoothly functioning routines come at the price of inertia in rapid changing environments since routines per se are a stable element. In volatile environments, new firms can have an advantage over incumbents through faster learning as they are less committed to routines (Grant, 1991) and thus less constrained by the organizational system of which they are part (Galunic and Rodan, 1998, p. 1199). In the next section, these arguments are used for a concrete IT production function. 3 A FRAMEWORK OF IT AND COMPLEMENTARY RESOURCES FOR BUSINESS VALUE Applying and extending the findings so far we can now develop an IT business value framework consisting of capabilities, resources, and routines as elaborated above (Figure 1). Following Makadok (2001, p. 389), capabilities improve the productivity of other resources of a firm. This requires a successful acquisition of valuable resources. Therefore we also have to consider the external environment. The first step in the acquisition of valuable resources is the selection of factors from factor markets in order to create Ricardian rents (Barney, 1986; Peteraf, 1993). Once selected, factors are controlled by the firm but do not necessarily contribute to the resource base. According to Teece et al. (1997, p. 516) factors are undifferentiated inputs because they lack a firm-specific-component. An example is potentially valuable raw marketing data that is not adapted to the firm s needs. Thus, factors have to be made available to the firm s processes. The third step is to combine resources into a business process. Resource configurations are the basis for competitive advantage (Eisenhardt and Martin, 2000, p. 1106) and form a business process as the place where the transformation from inputs to outputs occurs. The mechanisms to extract factors from the environment, add them to the resource base, and combine them within a business process are organizational processes identified as routines. These routines can be categorized using the scheme of Day (1994) into internally oriented routines like transformation processes, externally-oriented routines like managing external relationships, and spanning

12 - 6 - routines across organizational boundaries (in Figure 1 within and between IT and business units). To interact with the environment and to select factors from factor markets externally-oriented routines are needed. To make this usable for the firm spanning processes must be in place to transfer the externally acquired factors to the resource base. Employing internally-oriented processes the resource base is used to find resource configurations to build up business processes which in turn produce outputs for the market. In order to keep Figure 1 simple, accumulating and learning processes are depicted as double arrows. For example, the combination of resources within a business process leads to new uses and configurations which in turn are available within a changed the resource base. This also resembles learning processes embedded in the routines depicted as block schemes (see Andreu and Ciborra, 1996). IT Factor market Selection of factors and control Factors available to the firm Add to resource base Resource base Combine resources Environment IT Business Routines Routines Externally Externally oriented oriented spanning Crossdomain- spanning spanning Internally Internally oriented oriented Resource configuration in business process context Business Factor market Selection of factors and control Factors available to the firm Add to resource base Combine resources Resource base Product Market Environment Figure 1: RBV framework: complementary IT and business domains The framework extends the model of Melville et al. (2004) by disclosing the value creating mechanisms from human and non-human resources to business process performance. It is thus useful as by clarifying the role of routines and the ways capabilities impact business value we can now develop an algebraic IT production function that incorporates exactly these arguments. This next step of extracting insights from conceptual work for an analytical model is rare in the literature. We thus use the valuable insights provided by the RBV and propose to explicitly introduce a basic RBV concept (i.e. routines) into a microeconomic model. This eventually enables simultaneous parameter sensitivity analyses and a concrete evaluation of the impact of IS structure and management measures.

13 - 7-4 DEVELOPING AN IT PRODUCTION FUNCTION 4.1 Applying microeconomic analysis According to Melville et al. (2004, p. 269) business processes are the activities residing in the black box of microeconomic production theory that transform a set of inputs into outputs. Correspondingly, for explaining the transformation from inputs to outputs we apply a business process perspective and employ a production function. In prior work on studying the IT productivity impact, production functions have been used to relate output to several inputs including IT. In this case, the output is a number of physical units or services per period of time; IT, and other inputs generating output, are measured assuming homogeneous in- and outputs. These approaches were augmented by incorporating both quality and heterogeneous inputs and outputs into a production function (Mukhopadhyay et al., 1997). Different output levels in terms of quality are considered using weights for amounts of output produced at certain quality levels. Different input characteristics are considered by engaging corresponding input factors within the function like fraction of raw material with a given index of quality. Furthermore, production functions were amplified by introducing parameters for quality of management (Mefford, 1986), time trends and innovation shifts (Haynes and Thompson, 2000), and lagged variables (Brynjolfsson and Hitt, 2003), for example. Moreover, especially in the case of service production, balance sheet measures for output and inputs (e.g. earning assets, liquid assets) were used instead of physical amounts (Haynes and Thompson, 2000). 4.2 Types of production functions To examine the transformation process, specific technical interrelationships are mapped to a mathematical interpretation (production function). One of the most often applied production functions is the Cobb-Douglas function (Cobb and Douglas, 1928). Despite its dispersion, the Cobb-Douglas representation was criticized for several reasons. One reason is the assumption of an elasticity of substitution of 1 which can be very limiting in practice as it has an important effect on the returns and factor shares (Dewan and Min, 1997). This has lead to the development of the CES production function (Arrow et al., 1961) which also has a constant elasticity of substitution but allows for values other than 1. Dewan and Min (1997) propagate a CES-Translog representation which they call superior in comparison to the Cobb-Douglas and employ three factors which are IT capital, non-it capital and labour. This form has been previously used in productivity studies of payment processing and extensively applied in the banking literature. The CES-Translog is a more general form and can be reduced to the Cobb-Douglas production function, thus incorporating the latter as a special case. Nevertheless, recent studies employed the Cobb-Douglas form because both results were similar to the other function types and estimation was easier due to the simple form (Brynjolfsson and Hitt, 2003; Haynes and Thompson 2000). Therefore, for the purpose of this paper a Cobb-Douglas form is chosen.

14 Basic IT production function The general functional representation assumes divisibility for any amounts of factors. It represents a neoclassical production function and follows the law of diminishing returns: n α i y = α 0 ri i 1... n ; α 0 > 0 and constant; 0 α i < 1 and constant i= 1 Let r i represent the factors of production and y the output. α i is the elasticity of production given by i ε i = αi ri x x r = and indicating the change rate of output if factor input varies by a marginal rate. Because of 0 α i <1 the increase of output while increasing factor input is under proportional. Economies of scale depend on the sum of the production elasticities. α = 1 implies constant economies i of scale (> 1 increasing and < 1 decreasing economies of scale). The elasticity of substitution of all factors r i and r j is always constant and equals 1. According to Fandel (1994) the parameter α 0 comprises three components. It codifies statistical noise, exogenous technical progress, and organizational factors like learning effects. 4.4 Incorporating routines by using Granovetter s strength-of-tie-argument n i= Incorporating routines Mukhopadhyay et al. (1997, p. 1658) state that the experience from their study employing a Cobb- Douglas function implies that an appreciation of operations management and organizational behaviour is crucial in understanding the role of these [input factors and output, the authors] control variables. These organizational elements are introduced in the following using the concept of routines as elaborated above. The concrete business process employing IT and business resources can be seen as a result of internally-oriented routines. Using routines it is determined which resource is deployed in which constellation. The parameter α 0 influences the level of output given a set of inputs. As discussed before, internally-oriented routines concentrate on the transformation process and determine the ordering of activities and the mode of resource deployment. Errors in designing the transformation process may result in severe deficiencies during operations. This can be compared to a software development process from which is known that errors in early phases account for the most severe and costly deficiencies later on. In the following it is shown how routines can be recognized within α 0 in the sense of an organizational parameter affecting the level of output Routines and knowledge flow Routines are based on interaction between individuals or organizational units, incorporate the motivation and socialization of the members of the organization, and lead to patterns of activities that can

15 - 9 - be rather stable. As proposed in (Wagner and Weitzel, 2005a) these interactions can be measured using the strength of tie-argument of Granovetter (1973) by developing the strength of a tie as a dichotomous variable that can be either weak or strong at a given point of time. Hansen (1999) uses an average of frequency and closeness scores to measure the weakness of a tie. A division's tie weakness score is the average weakness of all its ties to other divisions in a given year. The interaction is necessary for knowledge transfer between the units which is a prerequisite of cross-domain planning activities. This also reflects the claim of Campbell et al. (2005) who find that especially collaboration between business and IT employees on all hierarchical levels is fundamental for alignment. Knowledge to design and develop a complex system resides in different organizational units where strong ties provide the channels for the knowledge flow and increase the probability of sharing information while enhancing the development of a shared understanding (Tiwana et al., 2003). Accordingly, strong and weak ties can be deployed with the parameters s and w which are a measure for the interaction between organizational units. These parameters can be standardized between 0 and 1. Within the depicted scenario (design of a transformation process), more strong ties provide for an increased flow of knowledge. The complexity of such a design as a proxy of knowledge complexity can be formalized using the adapted coefficient KQ (originally denoting knowledge quantifier; Schrott and Beimborn, 2003). KQ is redefined by dividing the project at stake, measured by degree of complexity (e.g. budget as a proxy), by all projects carried out within a certain timeframe. KQ takes on values between 0 and 1 with 1 indicating high and 0 no complexity. KQ and the measure of ties are now related to successfully accomplish the project (as complex problem) by the following formula with p as a probability. In this context, p can also be interpreted as factor of alignment (Wagner and Weitzel, 2005a). Because s and w can be 0, ε1 and ε2 are introduced according to the table below. The Euler function is used for standardization. It transforms the coefficient to a range between 0 and 1. A decrease of parameter α also decreases the achievable values of p, thus reducing the effect of strong ties on the solution et v.v. The coefficient x shapes the function. For example, x=0.5 will result in a sort of square root function having the effect that the n+1 th -tie has a lower effect on problem solving competence than the n th -tie. x KQ α ( s+ ε1) if s = 0 ε1 = infinitesimally small number if s > 0 ε1 = 0 p e w+ = ε 2 with α > 0; x 0 if w = 0 ε2= infinitesimally small number if w > 0 ε2= 0 A KQ of 0 (no problem) delivers the highest possible value for p, which is unity for all values of s and w. Therefore, p is independent of the number of ties. A KQ of 1 delivers very low functional values for low s, or high w, respectively. Here, the complexity is so high that a knowledge transfer with a few strong ties but a lot of weak ties is hardly feasible (Granovetter, 1973). High values of s in turn lead to a fairly high value of p, but unity cannot be reached. The lower KQ the higher the positive effect of an additional strong tie and the higher the resulting value of p et v.v. The parameter p also refers to two effects known form the RBV. The higher p the more probable a successful outcome. This depends on the accumulation of know-how and the ability to interexchange knowledge between the

16 organizational units involved. The first reflects technical skills and experiences, the second routines, thus covering two aspects of the previously discussed concept of capabilities. IT resources themselves are the objects which are considered while designing the transformation process and later on get deployed. 4.5 Considering experience and routines for the IT capability Considering this effect within a production function, more output will be produced with a given set of input. In microeconomic theory, accumulating effects are also known. The traditional learning curve effects refer to the decrease of costs (or increase of output) depending on the amount of units produced (Lapre et al., 2000). In our case, routines within a given problem context in a previous period determine output levels of the following period. The problem context incorporates a learning perspective in that p is high if similar problems have occurred in the past and the interactions between the organizational units dealing with that context are strong. A further difference to traditional learning curve considerations is that p does not refer to the amount of output produced in the past which is the outcome of the operational process. Rather, p reflects problem solving capability in the planning phase of a business process which is identified as a transformation process according to Melville et al. (2004). For that reason it seems inappropriate to apply this parameter to the amount of output produced by the specific process in the past. Rather, an Euler function is employed which is common in microeconomic theory when considering technical progress. The production function considering routines and classes of inputs can be restructured as follows: n β y e p α = η r i i i 1... n, η > 0 and constant; β 1, 0 p 1, 0 α i < 1 and constant i= 1 with r i = {1,,l} representing IT resources; r i = {l+1,,m} labor; and r i = {m+1,,n} non IT resources following Mukhopadhyay et al. (1997). η represents the traditional technical progress and statistical noise. p represents the probability of successfully completing the project of designing a transformation process. β is introduced as a scaling factor because the order of magnitude of the described effect of routines cannot be restricted a priori. Within a production function the input factors r i and their amounts used can be measured in the sense of a proxy (Melville et al., 2004) like transactions per second. Furthermore, inputs can be disaggregated as appropriate because the focus is on a business process level (see Mukhopadhyay et al., 1997) considering inputs with different characteristics. This is done by distinguishing between classes of factors and allowing for several factors within each class. Furthermore, following Mukhopadhyay et al. (1997) the output of the production function can be defined incorporating quality levels. While employing this approach for a postal service the approach can also work within a banking environment. Let us assume a bank s credit process. The output of the process can be defined as the number of credits of a certain volume within a given period of time. We further assume that the time for the successful completion of this process for a specific credit is an appreciated quality parameter. Then, credits produced faster will receive a higher weight, i.e. the output of the credit proc-

17 ess increases. If errors occur the process cannot be completed successfully and some activities of the credit process must be repeated. The effect will be a reduction of credits per unit of time which means less output. In the latter case the affected credit will take longer to complete and get a lower weight which in turn results in less output. Thus, errors within the process are also recognized by the cycle time. In sum, the production function reflects the combination of resources at a business process level allowing for a differentiation of input factors considering quality aspects. Furthermore, the basic concept of routines that is elementary in the RBV is introduced affecting the level of achievable output. As indicated in this section regarding CES-Translog functions there are limitations according to the chosen functional representation. Beside this there are further limitations considering measurement problems especially in service production (Haynes and Thompson, 2000). 5 CONCLUSIONS AND FURTHER RESEARCH 5.1 Summary Methodologically, we used a critical discourse of the literature on the resource-based view to identify basic underlying concepts and to develop a conceptual framework of IT value creation. In particular, organizational routines were found to be necessary to deploy complementary business and IT resources. In the RBV, the transformation from IT factors to sustainable competitive advantage depends on smoothly functioning routines between IT and business units and within these domains. The interaction between units manifested in routines not only serves to exchange information but also to adapt knowledge and attitudes over time which is important for developing and implementing IT systems appropriate for the business requirements. Despite the predominant role of routines for IT value creation, routines have so far mostly only been considered in conceptual models. As a consequence, the concrete transformation process from IT to value lacks analytical clarity, making empirical research and the evaluation of managerial measures difficult. Going one step further than most of the literature we therefore applied microeconomic production theory to map the transformation part of the IT value framework to a production function. Additionally, we proposed a way to explicitly consider the concept of routines into a production function by using Granovetter s strength-of-tie argument to formalize routines. Thus, the incorporation of quality and of heterogeneous inputs in a traditional production function could be discussed and the important concept of organizational routines was explicitly considered. This approach is appropriate as it shows that once clarified the usually quite vague and broad constructs of the RBV can be modelled making explicit functional relationships in a comparatively simple form. The production function introduced explicates the transformation process using the concept of routines in the context of knowledge transfer. To our knowledge the function is the first attempt to explicitly incorporate routines in a production function making variables explicit that are considered to be important in large parts of the literature. Using the algebraic formulation we can therefore identify conditions of successful routines for IT alignment, apply simulation studies to understand and develop the interaction patterns between

18 IT and business units (for first results see Wagner and Weitzel, 2005a) and to evaluate management practises and measures for employing the IT resource. See Serrano and den Hengst (2005, p ) offering similar advantages (dynamic model, visualizing interdependencies and quantitative impacts, evaluation prior to implementation) using a simulation approach. 5.2 Managerial implications From a practical point of view, the algebraic function helps to understand the importance of the transformation process from IT to performance. It also indicates that routines can increase output. We can now explicitly model quality aspects and routines thereby making them manageable and disclosing a main lever of successful IT usage. In this context, the proposed model can be used to identify optimization potential and then to leverage the capacity of routines by establishing more formalized interaction. First steps are regular meetings, not only at top management level, covering business and IT items. Eventually, special organizational units (often called liaison units) could be created to foster information flows. At the service delivery side of IT another managerial recommendation is to internally create service level agreements (SLAs). Besides providing the foundation for quality measures of IT services, the process of SLA development itself can be a substantial step towards understanding business necessities and the role of IT and thereby to reduce complexity and mitigate risks. 5.3 Further research We will use the proposed IT production function to build a production model for financial services with special respect to IT capital and sourcing services. The effect of routines on the production of services, especially the learning effects, will be analyzed and empirically tested using case studies in the financial service industry. First results indicate that indeed routines have a positive effect on output. In this respect, some enhancements are employed and restrictions need to be relaxed. In the actual model, capacity restrictions of a single actor (e.g. organizational unit) and costs associated with a tie within routines are not yet considered. The stronger the ties the higher the value of p as forecasted by the literature. For the purpose of optimization, another step will be the formulation of a corresponding cost function. Further projects are aimed at applying the model to other contexts like esp. the adaptation to a changing environment and the generation of innovation. Also, especially regarding the derivation of concrete managerial guidelines, extending the alignment concept to incorporate intertwined alignment issues at different levels of an organization (as proposed by Campbell et al., 2005) and better distinguishing between strategic and operational alignment (Wagner et al., 2006) appears promising. Eventually, we also expect promising methodological advances in the way we can measure the value contribution of IT as discussed in the IT productivity paradox beyond the arguments brought forward so far. Our recent empirical work on IT business alignment and IT value indicates that the available statistical methods as especially structural equation modeling might have a limited explanatory power as they rest upon the assumption of ultimately linear relations between endogenous and exogenous variables while the real world might rather exhibit multiplicative relations, as has been captured by

19 production functions in non-it areas for a century. That is why the development of an IT production function might be a quite relevant and interesting area of IS research. REFERENCES: Amit, R. and Schoemaker, P.J.H. (1993), Strategic Assets and Organisational Rent, Strategic Management Journal, Vol. 14 No. 1, pp Andreu, R. and Ciborra, C. (1996), Organisational learning and core capabilities development: the role of IT, Journal of Strategic Information Systems, Vol. 5, pp Arrow, K.J., Chenery, H.B., Minhas, B.S. and Solow, R.M. (1961), Capital-Labor Substitution and Economic Efficiency, Review of Economics and Statistics, Vol. 43, pp Barney, J.B. (1986), Strategic Factor Markets: Expectations, Luck and Business Strategy, Management Science, Vol. 32 No. 10, pp Barney, J.B. (1991), Firm Resources and Sustained Competitive Advantage, Journal of Management, Vol. 17 No. 1, pp Barney, J.B, (2001), Resource-based theories of competitive advantage: A ten year retrospective on the resource-based view, Journal of Management, Vol. 27 No. 6, pp Becker, M. C. (2004), Organizational routines: a review of the literature, Industrial and Corporate Change, Vol. 13 No. 4, pp Berndt, E. R. and Morrison, C. J. (1995), Hightech Capital Formation and Economic Performance in U.S: Manufacturing Industries: An Exploratory Analysis, Journal of Econometrics, Vol. 65 No. 1, pp Bharadwaj, A.S. (2000), A Resource based Perspective on Information Technology Capability and Firm Performance: An Empirical Investigation, Management Information Systems Quarterly, Vol. 24 No 1, pp Bharadwaj, A.S., Sambamurthy, V. and Zmud, R.W. (1998). IT Capabilities: Theoretical Perspectives and Empirical Operationalization, Proceedings of the 19 th ICIS, Helsinki, pp Broadbent, M. and Weill, P. (1993), Improving business and information strategy alignment: Learning from the banking industry, IBM Systems Journal, Vol. 32 No. 1, pp Brynjolfsson, E. and Hitt, L.M. (2003), Computing Productivity: Firm-Level Evidence, The Review of Economics and Statistics, Vol. 85 No. 4, pp Campbell, B., Kay, R. and Avison, D. (2005), Strategic alignment: a practitioner's perspective, Journal of Enterprise Information Management, Vol. 18 No. 6, pp Cobb, C.W., and Douglas, P.H. (1928), Theory of Production, American Economic Review, Vol (Supplement), pp Day, G.S. (1994), Capabilities of Market-Driven Organizations, Journal of Marketing, Oct., pp Devaraj, S. and Kohli, R. (2003), Performance Impacts of Information Technology: Is Actual Usage the Missing Link?, Management Science, Vol. 49 No. 3, March, pp Dewan, S. and Min, C. (1997), The Substitution of Information Technology for Other Factors of Production: A Firm Level Analysis, Management Science, Vol. 43 No. 12, pp

20 Eisenhardt, K.M. and Martin, J.A. (2000), Dynamic Capabilities: What Are They?, Strategic Management Journal, Vol. 21, pp Fandel, G. (1994), Produktion I: Produktions- und Kostentheorie. Fourth Edition, Springer-Verlag, Berlin, Heidelberg, New York. Galunic, D.C. and Rodan, S. (1998), Resource Recombinations in the Firm: Knowledge Structures and the Potential for Schumpeterian Innovation, Strategic Management Journal, Vol. 19 No. 12, pp Granovetter, M.S. (1973), The Strength of Weak Ties, American Journal of Sociology, Vol. 78 No. 6, pp Grant, R. M. (1996), Prospering in Dynamically-competitive Environments: Organizational Capability as Knowledge Integration, Organization Science, Vol. 7 No. 4, pp Grant, R.M. (1991), The Resource-based theory of Competitive Advantage: Implications for Strategy Formulation, California Management Review, Vol. 33 No. 3, pp Grant, R.M. (2002), Contemporary Strategy Analysis: Concepts, Techniques, Applications, Fourth Edition, Blackwell Publishers Ltd., Oxford. Hansen, M.T. (1999), The Search-Transfer Problem: The Role of Weak Ties in Sharing Knowledge across Organizational Subunits, Administrative Science Quarterly, Vol. 44 No 1, pp Harris, S. E. and Katz, J. L. (1991), Organizational Performance and Information Technology Investment Intensity in the Insurance Industry, Organization Science, Vol. 2 No. 3, pp Haynes, M. and Thompson, S. (2000). The Productivity Impact of IT Deployment: An Empirical Evaluation of ATM Introduction, Oxford Bulletin of Economics and Statistics, Vol. 62 No. 5, pp Henderson, J.C. and Venkatraman, N. (1993), Strategic alignment: Leveraging information technology for transforming organizations, IBM Systems Journal, Vol. 32 No. 1, pp Kearns, G.S. and Lederer, A.L. (2001), Strategic IT Alignment: A Model for Competitive Advantage, Proceedings of the 22nd ICIS, Barcelona, pp Lapre, M.A., Mukherjee, A.S. and Wassenhove, L.N. van (2000), Behind the Learning Curve: Linking Learning Activities to Waste Reduction, Management Science, Vol. 46 No. 5, May, pp Makadok, R. (2001), Toward a Synthesis of the Resource-Based and Dynamic-Capability Views of Rent Creation, Strategic Management Journal, Vol. 22, pp Mata, F.J., Fuerst, W.L., and Barney, J.B. (1995), Information Technology and Sustained Competitive Advantage: A Resource Based Analysis, Management Information Systems Quarterly, Vol. 19 No. 4, December, pp Mefford, R.N. (1986), Introducing Management into the Production Function, The Review of Economics and Statistics, Vol. 68 No. 1, pp Melville, N., Kraemer, K. and Gurbaxani, V. (2004), Information Technology and Organizational Performance: An Integrative Model of IT Business Value, Management Information Systems Quarterly, Vol. 28 No. 2, pp

21 Milgrom, R. and Roberts, J. (1995), Complementarities and fit: Strategy, structure, and organizational change in manufacturing, Journal of Accounting and Economics, Vol. 19 No. 2-3, pp Mukhopadhyay, T., Rajiv, S., and Srinivasan, K. (1997), Information Technology Impact on Process Output and Quality, Management Science, Vol. 43 No. 12, pp Nelson, R.B. and Winter, S.G. (1982), An evolutionary theory of economic change. The Belknap Press of Harvard University Press, Cambridge. Peteraf, M.A. (1993), The cornerstones of competitive Advantage: A Resource-Based View, Strategic Management Journal, Vol. 14 No. 3, pp Ravichandran, T. and Lertwongsatien, C. (2002), Impact of Information Systems Resources and Capabilities on Firm Performance: A Resource-Based Perspective, Proc. of the 23 rd ICIS, pp Ross, J.W., Beath, C.M., and Goodhue, D.L. (1996), Develop Long-Term Competitiveness through IT Assets, MIT Sloan Management Review, Vol. 38 No. 1, pp Rumelt, R.P. (1984), Towards a Strategic Theory of the Firm ; in: Lamb, R.B. (ed.), Competitive Strategic Management, Prentice-Hall Inc., Englewood Cliffs, pp Schrott, G. and Beimborn, D. (2003), Informal Knowledge Networks: Toward a Community- Engineering Framework, Proceedings of the 24th ICIS, Seattle, pp Serrano, Alan and den Hengst, Marielle (2005), Modelling the integration of BP and IT using business process simulation, Journal of Enterprise Information Management, Vol. 18 No. 6, pp Strassman, P. A. (1990), The Business Value of Computers, Information Economics Press, New Canaan, Connecticut, USA. Teece, D.J., Pisano, G. and Shuen, A. (1997), Dynamic Capabilities and Strategic Management, Strategic Management Journal, Vol. 18 No. 7, pp Tiwana; A.; Bharadwaj, A., and Sambamurthy, V. (2003), The Antecedents of Information Systems Development Capability in Firms: A Knowledge Integration Perspective, Proceedings of the 24th ICIS, Seattle, pp Wade, M. and Hulland, J. (2004), Review: The Resource-Based View and Information Systems Research: Review, Extension, and Suggestions for Future Research, Management Information Systems Quarterly, Vol. 28 No. 1, pp Wagner, H.-T. and Weitzel, T. (2005a), Modeling the impact of alignment routines on IT performance: an approach to making the resource based view explicit, Proceedings of the 38th Hawaiian International Conference on System Sciences (HICSS-38), Hawaii, USA. Wagner, H.-T. and Weitzel, T. (2005b), The impact of IT on Competitive Advantage: A microeconomic approach to making the resource based view explicit, Proceedings of the 13th European Conference on Information Systems (ECIS 2005), Regensburg, Germany. Wagner, H.-T., Beimborn, D., Franke, J. and Weitzel, T. (2006), IT Business Alignment and IT Usage in Operational Processes: A Retail Banking Case, Proceedings of the 39th Hawaii International Conference on System Sciences (HICSS-39); Kauai, USA.

22 Wernerfelt, B. (1984), A Resource based View of the Firm, Strategic Management Journal, Vol. 5 No. 2, pp

23 420 Int. J. Electronic Finance, Vol. 1, No. 4, 2007 The risks of business process outsourcing: a two-fold assessment in the German banking industry Heiko Gewald* Strategy & Change Practice IBM Deutschland GmbH Wilhelm-Fay-Straße Frankfurt am Main, Germany heiko.gewald@de.ibm.com *Corresponding author Jochen Franke Johann Wolfgang Goethe University Frankfurt, Germany Abstract: This paper tackles the question of whether the risks inherent in Business Process Outsourcing (BPO) differ significantly from the risks of Information Technology Outsourcing (ITO), and subsequently investigates which are the most salient risks inherent in BPO. By applying structured expert interviews and a quantitative survey among Germany s 200 largest banks, it turns out that the risk categories relevant to ITO and BPO are fundamentally the same, but differ in magnitude. Digging deeper into the risks associated with BPO, and using Perceived Risk Theory as a theoretical framework, we found that financial risks are most important to decision makers, followed by strategic and performance risks. Keywords: outsourcing risk; Business Process Outsourcing; BPO; Information Technology Outsourcing; ITO. Reference to this paper should be made as follows: Gewald, H. and Franke, J. (2007) The risks of business process outsourcing: a two-fold assessment in the German banking industry, Int. J. Electronic Finance, Vol. 1, No. 4, pp Biographical notes: Heiko Gewald is a Managing Consultant in the Technology Strategy Group at IBM Corporation. He has a PhD in Information Systems from the Goethe University in Frankfurt, Germany. His current research interests include IT strategy, e-finance and sourcing strategies in the banking industry. Jochen Franke was a Researcher at the Information Systems Department at the Goethe University in Frankfurt, Germany, where he worked in the E-Finance Lab ( His research interests included IT management, alignment of business and IS, and e-finance. Copyright 2007 Inderscience Enterprises Ltd.

24 The risks of BPO: a two-fold assessment in the German banking industry 421 Within the final phase of finishing this paper, the life of Jochen Franke ended abruptly and unexpectedly. The academic community lost a talented researcher and I personally lost a close friend. We will keep the memory of Jochen in our hearts and will remember him for the great things he had already accomplished in his much too short life. Heiko Gewald 1 Introduction Driven by the rapid development of information technology, the financial services industry has changed considerably during the last decade. Especially the rapid growth of the internet, which has led to an increasing electronic integration, has been a key enabler of self-service banking anywhere and anytime. Today s clients are better informed and much more self-guided than ever before, and constantly demand better service at a lower price (Laukkanen, 2006). This evolution has increased pressure on banks all over the world. Therefore, banks need to continuously assess their service portfolio and rearrange it according to their specific strengths and weaknesses. This leads to a phenomenon that has long been attributed solely to the manufacturing industry: the continuous optimisation of the supply chain by reducing the vertical range of manufacture. Banks are starting more and more to apply this strategic option as well and outsource parts of their business that are either not core competencies, or can be produced at lower costs by external service providers (Gewald and Lammers, 2005). The first wave of outsourcing almost 25 years ago focused on information technology (Information Technology Outsourcing, ITO) (Lee et al., 2003) and has been extensively discussed in the academic literature (Dibbern et al., 2004). The external production of business processes (Business Process Outsourcing, BPO), in contrast, is a comparatively new strategic option for many banks that has not yet gained much academic attention (Rouse and Corbitt, 2004) and entails many open questions. This paper addresses one of the major open issues, namely, the nature and impact of the risks involved in BPO, which are of particular interest in the financial industry. We assess this question by considering two subquestions, starting from the better resolved ITO point of view to first disclose whether the risks of ITO and BPO differ, yielding: 1 Do the risks of BPO differ from those of ITO? And, if they do indicating a case for research on the risks specific to BPO 2 What are the most salient risks of BPO? This research adds to the current knowledge on BPO, a field of research currently characterised by a virtual absence of academic publications on the topic (Rouse and Corbitt, 2004, p.2). This is surprising as the importance of this topic has been indicated by both researchers (Lancellotti et al., 2003; Lacity et al., 2004; Willcocks et al., 2004) and practitioners (it is estimated that the worldwide market for BPO will increase from USD 110 billion in 2002 up to USD 173 billion in 2007 (Gartner, 2004)). The paper is structured as follows: Following this explication of the research questions, we introduce in greater detail the research design of the combined qualitative and quantitative empirical study and the underlying concepts and definitions. Subsequently, we present the results of our qualitative study and discuss the implications

25 422 H. Gewald and J. Franke for our first research question. Thereafter, the results of the quantitative empirical survey are presented and discussed with respect to our second research question. Both sections also include details on the applied methods and data sources. Finally, based on a synthesis of both parts, the overall findings are reflected upon, limitations are pointed out and an outlook for further research is given before the paper closes with some conclusions. 2 Research design To address the research questions outlined before, we applied a two-fold methodological approach based on qualitative and quantitative empirical data analyses: 1 We conducted structured interviews to assess whether industry experts see structural differences in the risks of ITO and BPO (qualitative approach) to address the first research question. The initial list of risks relevant to BPO used in those interviews was derived from the literature on the risks of ITO. 2 Based on the insights gathered in the qualitative interviews, we conducted a quantitative empirical survey among Germany s 200 largest banks to determine the most salient risks of BPO as perceived by senior managers in the banking industry (quantitative approach). Hence, as suggested by a number of authors (see, e.g., Kaplan and Duchon, (1988); Lee (1991)), we combine qualitative and quantitative empirical data to capture the rich context of our research questions and apply different methodological approaches. As the unit of analysis, we chose the German banking industry and more specifically four well-defined business processes of German banks. We chose this industry for two reasons: 1 This market is currently undergoing severe changes, with major players refocusing their business on core processes and outsourcing non-core areas (Breuer, 2004). 2 Owing the specific German regulations on outsourcing (Deutsche Bundesbank, 2001), banks (and service providers for banks) in Germany have a similar understanding of outsourcing topics, which results in an inherently homogeneous reference framework for the qualitative interviews and the quantitative empirical survey. 3 Underlying concepts and definitions 3.1 Outsourcing For the purposes of this paper, we chose a broad view of outsourcing and regard it as the divestment of corporate functions and the repurchasing of those services from one or more external vendors (this definition has been inspired by the arguments of De Looff, 1995). We distinguish the following two archetypes of outsourcing for further reference: In analogy to Earl s (1996) definition, ITO is defined as outsourcing hardware-orientated IT activities such as data centre operations. This definition includes a variety of activities such as user helpdesk services, network management. BPO is defined as

26 The risks of BPO: a two-fold assessment in the German banking industry 423 outsourcing one or more specific business processes together with the IT that supports them (Halvey and Melby, 2000), where a business process is defined as a set of logically related tasks performed to achieve a defined business outcome (Davenport and Short, 1990). The process of outsourcing can be divided into five main phases (based on Ilie and Parikh (2004)). For all empirical analyses in this paper, we concentrate on the delivery phase, the point in time when the client no longer has direct control over the outsourced employees, processes and information systems. During the delivery phase (arguably also within later stages of the transition phase), a point of no return is reached, because of the severe costs that would be incurred if the outsourcing engagement were to be terminated (Rouse and Corbitt, 2004). Hence, this phase turns out to be the most relevant for a thorough risk assessment in the long run and therefore represents the focus of this research. 3.2 Risk Throughout the outsourcing literature, no consistent and generally accepted definition of risk has yet emerged (Aubert et al., 2002; Quelin and Duhamel, 2003). In many cases, causes and effects are not separated or risks and problems are confused (Barki et al., 1993). For the purposes of this research, we adopt a broad definition of risk, regarding it as the potential for an undesired outcome owing to uncertainty about future developments (see the discussion in Aubert et al. (2002)). This definition allows us contrary to closer-cut definitions to include qualitative as well as quantitative risks in the same reference framework. Reviews of alternative risk definitions are available in Baird and Thomas, (1990); Barki et al. (1993) and Aubert et al. (2002). 4 Research Question 1: do the risks of ITO and BPO differ? Owing to the lack of literature regarding the specific risks of BPO, we derived the risks of ITO from current literature, then built propositions on how these risks would apply to BPO, and challenged our propositions in structured interviews with outsourcers and service providers/vendors. 4.1 Risks of outsourcing As a starting point, we chose a review of the literature on the risks of outsourcing conducted by Gewald and Hinz (2004) and updated this basis with papers that had become available in the meantime. In the following, the risks identified in this review process are briefly introduced, and references are given. Security breaches in IT systems are widely identified as a risk in outsourcing arrangements (Kern et al., 2002b; Khalfan, 2004). As a result of the necessary interfaces between outsourcer and vendor, the number of potential security vulnerabilities in the deployed systems may rise. The risk of incapable vendor resources (Alexander and Young, 1996; Jurison, 1998; Kern et al., 2002a; Quelin and Duhamel, 2003; Adeleye et al., 2004) refers to a faulty estimation of the resources required by the vendor and may rise if the vendor has little prior experience with outsourcing projects. Unrealistic expectations on the outsourcer or vendor side resulting from inexperienced outsourcers

27 424 H. Gewald and J. Franke or vendors are discussed by various authors (Earl, 1996; Willcocks et al., 1999; Kern et al., 2002a; Bahli and Rivard, 2003; Baccarini et al., 2004; Khalfan, 2004). Service debasement refers to a creeping decline in service quality over time (Alexander and Young, 1996; Aubert et al., 2002; Lacity, 2002; Young and Hood, 2003). Differences in functional and procedural agreements resulting in communication mismatches are considered to be another risk in outsourcing relationships (Alexander and Young, 1996). The issues associated with failing interfaces between outsourcer and service provider have been raised by researchers (Alexander and Young, 1996) and regulators (Deutsche Bundesbank, 2001; BIS, 2004a) alike. The outsourcer s dependence on the vendor, resulting from the transfer of specific assets or the difficulty of backsourcing a specific function, can lead to a lock-in situation and has been extensively discussed in the Information Systems literature (Alexander and Young, 1996; Jurison, 1998; Barthelemy and Geyer, 2001; Aubert et al., 2002; Quelin and Duhamel, 2003; Rouse and Corbitt, 2003; Gonzalez et al., 2005). The degree of not achieving the originally planned benefits in the delivery phase is often used as an indicator for outsourcing performance and success (Bahli and Rivard, 2003). The default of vendor during the delivery phase of the outsourcing contract is a further risk identified in outsourcing literature (Kern et al., 2002a). Firms engaging in outsourcing face the risk of losing business flexibility and innovation capacity, as an external provider might not be as flexible and easily controllable as an internal business unit (Earl, 1996; Lacity, 2002; Rouse and Corbitt, 2003; Young and Hood, 2003; Khalfan, 2004). Furthermore, the loss of competence, as former internal units no longer deliver certain services that have been handed over to the service provider, thus resulting in a lack of organisational know-how, is a frequently cited risk (Quinn and Hilmer, 1994; Jurison, 1998; Willcocks et al., 1999; Aubert et al., 2002; Quelin and Duhamel, 2003; Rouse and Corbitt, 2003; Young and Hood, 2003; Khalfan, 2004). Also, the risk of a loss of cross-functional skills, i.e., losing employees who are knowledgeable in more than one process, is also cited frequently (Quinn and Hilmer, 1994; Bahli and Rivard, 2003). 4.2 Interview study details Six interviews with seven interview partners from five different organisations (labelled A E) were conducted (see Table 1). Two organisations were major providers of BPO, two were major international banks with headquarters in Germany, and one organisation was a medium-sized consulting company specialised in BPO consulting. Owing to the sensitive context of this research, our interview partners asked for confidentiality. Table 1 Characterisation of interview partners Role of interview partner Two senior risk managers Senior operational risk manager Senior BPO business manager Member of the board (COO) Head of retained organisation Member of the board Employer of interview partner Large German bank (A) operating as BPO client Large German bank (B) operating as BPO client Large IT services firm (C) operating as BPO provider Large German BPO provider (D) Large German bank (B) operating as BPO client Medium-sized consulting firm (E), specialised in BPO consulting

28 The risks of BPO: a two-fold assessment in the German banking industry 425 Our interview partners were either employed within operational risk management or were business managers in charge of a specific BPO deal. The interviewees had 5 to 15 years of experience in their field and all of them had experience with ITO and BPO engagements. The meetings lasted between 1.5 and 2.5 hours and were prepared as structured interviews. We stated the risks derived from the literature on ITO and our propositions on how these would apply to a BPO context. The interviewees then gave their assessment of the tendency of a risk to be higher, lower or the same in BPO as in ITO. Each interview closed with an open discussion on the specific risks of BPO and on whether risks not relevant to ITO exist that had not been included in our original list. The results of the discussions have been used to revise and expand our propositions. Remarks of special interest or importance have been recorded separately. 4.3 Summary of interview findings In this section the outcome of the interviews is briefly presented. 1 The interviewees gave their opinions, based on their experience, as to whether they regard the individual risks of BPO to be higher, lower or the same as those of ITO. The reasoning behind their responses and additional remarks of our interview partners are given in the following. Security breaches: Our interview partners stated that the risk of security breaches tends to be same or higher in BPO as compared to ITO. The risk may increase if the execution of the process requires the service provider to access an IT system that has not been designed to allow access to only a limited area of its data. In this case it may turn out to be very difficult to comply with current security standards and regulations. Incapable vendor resources: As the BPO market is the least mature outsourcing market, the risk of incapable vendor resources has an inherent tendency to be same or higher in BPO as compared to ITO. The magnitude of this risk strongly depends on the maturity and specific structure of the business process to be sourced out. For a process of low to medium complexity, which is usually the more mature process with regard to outsourcing, the risk of incapable vendor resources can be seen as equivalent to ITO. If the process is more complex and less standardised, it generally does not have a long track record in outsourcing. This relationship between complexity of the process and maturity of the market seems to be the driving factor for this risk. All our interview partners quoted this risk as being a major risk of BPO. Inexperienced outsourcers or vendors: Our interview partners stated that the risk of inexperienced outsourcers or vendors is definitely higher in BPO. Experience with BPO is lower for outsourcers and vendors as compared to ITO. Therefore the risk of errors caused by lack of experience is generally assumed to be higher. In analogy to the risk of incapable vendor resources, the level of experience depends on the maturity of the market regarding the individual process in question. Service debasement: The risk of service debasement is stated to be same or lower. Generally, there seems to be no difference between ITO and BPO with respect to decreasing service quality. Interview partners from the outsourcer side see a correlation of this risk with the achievement of planned benefits, as service providers are assumed to lower their service quality to save costs if they do not achieve the originally calculated benefits. Communication mismatches: All our interview partners strongly suggested that the risk of communication mismatches is clearly lower in BPO as compared to ITO. As the external production of business processes requires well-documented processes, the

29 426 H. Gewald and J. Franke danger of misinterpretation is regarded as being lower. This proves especially true if the contract is also based on interfaces and bilateral deliverables, and not solely on process descriptions. One interviewee added that with BPO, as compared to ITO, it is the case that business process professionals from both the outsourcer and vendor sides have to deal with each other, thus reducing the potential for misunderstandings, as the vendor needs to take care that his IT department implements the business process correctly. In ITO, in contrast, business professionals often have to interact directly with IT professionals, each with their respective mentalities and terminology. Therefore, this risk is only seen as a negligible risk of BPO. Failing interfaces: Assuming that the execution of a business process requires more human interaction between outsourcer and service provider than traditional outsourcing, the chance of failing interfaces is higher, because of communication mistakes. Our interview partners regarded this risk as severe and stated a tendency for it to be higher in BPO. The choice and design of the interfaces between both partners is seen as crucial for an engagement s success. Lock-in situation: Our interviewees assign a tendency to the risk of a lock-in situation to be same or higher in BPO. First, the level of standardisation and complexity of the process plays a major role as a driver of this risk. The more customer-specific a process, the greater the difficulties associated with it when switching to another service provider. Second, the maturity level of the market has a significant influence, as the dependence on a vendor may change over time as the market becomes more mature and a significant number of service providers are available to offer plug-and-play business processing, thus empowering the outsourcers to more easily switch vendors if the service is no longer satisfactory. Not achieving the originally planned benefits: The risk of not achieving the originally planned benefits is stated to exhibit a higher to same tendency in BPO. The tendency of this risk strongly depends on the experience of the outsourcer with outsourcing engagements and of the vendor with providing the business process in question to its clients. Default of vendor: The insights taken from the interviews suggest that in general, the risk of default of vendor is about the same as with traditional outsourcing and is regarded as a negligible risk by our interview partners. Losing business flexibility: The risk of losing business flexibility and innovation capacity overall is stated as being higher in BPO. As external providers of business process functionalities rely on a one-to-many business model (Kern et al., 2002b), they inevitably need to provide their clients with standardised processes to achieve economies of scale. This limits the outsourcer s flexibility to change the business process quickly to react to changing market requirements or business opportunities. As the functionality provided by the vendor is available to all customers simultaneously, there are no competitive advantages. In our interviews, the risk is assumed to be higher in BPO as compared to IT outsourcing, as the drivers of flexibility and innovation in the financial services sectors are more likely to be business processes than hardware and software. One interviewee (B) remarked, since processes which offer competitive advantages should be kept internal, the outsourced processes are regarded as not carrying significant potential for first mover advantages. Therefore, the risk of loss of flexibility and innovative capacity, despite being higher in BPO, is regarded as being low overall.

30 The risks of BPO: a two-fold assessment in the German banking industry 427 Loss of competence and loss of cross-functional skills: As our interviewees stated, the risk of losing competence is somewhat higher in BPO than in traditional outsourcing. Assuming that the outsourced process is not one that carries a competitive advantage, the loss of competencies in this area is of minor importance. Nevertheless, it is a loss of banking-specific knowledge, which may turn out to be negatively loaded in the long run. In addition, all interview partners agreed that the risk of a loss of cross-functional skills in BPO is the same as in ITO. 4.4 Resolving Research Question 1 Our findings suggest that the risks in BPO and ITO are to a large extent analogous, but differ in magnitude. Sound reasoning was provided for each of the risk categories for potential deviations specific to BPO. This indicates that the list of risks derived from ITO is an appropriate starting point for research on BPO, while at the same time demanding a closer investigation of the individual magnitudes of the identified risks, leading to our second research question. In summary, comparing ITO and BPO, two risks are classified as tending to be lower, two remain the same and eight risks are classified as tending to be higher. This yields a comprehensive list of risks in BPO that will now be analysed in the following quantitative survey. 5 Research Question 2: what are the most salient individual risks of BPO? Extending the findings from the qualitative interviews, we now focus on the magnitude of the risks in BPO, as they have been indicated to significantly differ in magnitude from those of ITO. 5.1 Research model, data and analysis When applying a positivist approach and testing a set of hypotheses in a structural equation model, a strong underlying theory is highly recommended (Dibbern, 2003). Therefore, starting from the individual risks identified in the previous section, we used Perceived Risk Theory (PRT) (Bauer, 1967; Cunningham, 1967) as a theoretical framework for this research. PRT seems well suited, as it is a psychologically based theory that has been broadly applied in marketing research to explain the behaviour of people based on their subjective perception of the risks involved in their actions. We grouped the risks identified during the qualitative study into four major risk categories, namely, financial risks, performance risks, strategic risks and psychosocial risks, in accordance with the theoretical framework of PRT (see Table 2). None of the risks discussed above fits into the psychosocial risk category of PRT as suggested by Featherman and Pavlou (2003), therefore the risk indicators in this category have been adapted from additional literature research. According to PRT, all risk categories positively influence the overall perceived risk of BPO. Our research model adopts this theoretical proposition and analyses the individual contributions of financial, performance, strategic and psychosocial risks to the total perceived risks in BPO as depicted in Figure 1 to address our second research question.

31 428 H. Gewald and J. Franke Table 2 Risk categories of PRT applied to the outsourcing context Construct Performance risk Financial risk Strategic risk Psychosocial risk Definition The risk that the service provided by the outsourcing vendor will not be delivered as expected by the bank The risk that the actual costs may exceed the planned/budgeted costs of the outsourcing engagement The risk that the bank will lose its ability to react flexibly and unconstrainedly to changing market conditions The risk that the decision to outsource a business process will have a negative effect on the responsible manager s peace of mind or self-perception (i.e., loss of status in one s social group) Propositions qualitative study Security breaches Incapable vendor resources Inexperienced outsourcers or vendors Service debasement Communication mismatches Failing interfaces Lock-in Not achieving the originally planned benefits Indicators quantitative study The service provider will not be able to provide a level of security for confidential data that meets the standards of the bank. The process is too complex to be properly executed by the service provider. The service provider does not have sufficient outsourcing experience. Throughout the period of validity of the contract, the quality of service steadily declines. Employees of the bank and the service provider do not properly collaborate. The cost of switching service providers is so high that the bank faces a lock-in situation with the vendor. The transition costs and duration exceed the calculated budget and time frame. Default of vendor The service provider tries to increase his profit through hidden or non-transparent costs. Loss of flexibility By outsourcing business processes, the bank becomes dependent on the service provider. Loss of competencies Loss of cross-functional skills By outsourcing business processes, the bank loses control over decision-making processes. The bank loses its capability for long-term operational innovativeness. The service provider and the bank pursue contrary objectives. Outsourcing the business process for which you are responsible will damage your standing among colleagues and business partners. Outsourcing of the business process is de facto irreversible. Errors of the service provider damage the reputation of our bank.

32 The risks of BPO: a two-fold assessment in the German banking industry 429 Figure 1 Research model for quantitative survey Lock-in Loss of flexibility Not achieving the originally planned benefits Financial Risk Strategic Risk Loss of competencies Security breaches Loss of cross-functional skills Incapable vendor resources Inexperienced outsourcer or vendor Perceived Risk of BPO Personal standing/reputation Service debasement Communication mismatches Performance Risk Psychosocial Risk Irreversibility of decision Reputation of the bank Failing interfaces Two individual risks analysed in the qualitative study (communication mismatches and the default of vendor) have not been incorporated into the quantitative survey as the qualitative study showed that these factors are of virtually no importance to senior management. However, three additional individual risks have been included in the quantitative survey, all relating to the PRT. The reason for this is that the psychosocial risks derive from PRT, which was not applied to the qualitative research. With respect to this category, the quantitative study was enhanced compared to the qualitative study. All individual risk categories have been hypothesised to positively contribute to the perception of the overall BPO risk Questionnaire development The questionnaire underlying this analysis was developed based on extensive literature work to use as many validated indicators for measurement from prior studies as possible. The principal contributors of previously tested indicators were the following studies: Dowling (1986); Moore and Benbasat (1991); Ang and Straub (1998); Hu et al. (1999); Benamati and Rajkumar (2002); Dibbern (2003); Featherman and Pavlou (2003); Bahli and Rivard (2005); Wahrenburg et al. (2005). As research focusing on the specifics of BPO is scarce, several items had to be adjusted to the specific context of this research. The initial questionnaire was discussed with academics and practitioners knowledgeable in the field of outsourcing. Following their input, the questions were revised and a series of independently conducted pre-tests with managers from different banks not included in the later sample were scheduled. The questionnaire was again modified to make it precise and understandable for the intended audience. All questions provided a risk statement and asked for the level of agreement on a positive-to-negative 7-point Likert scale (strongly agree predominantly agree rather agree neutral rather disagree predominantly disagree strongly disagree). A full list of the (translated) indicators used in this study is given in Table 1 in the Appendix.

33 430 H. Gewald and J. Franke Data sample In 2003, 2226 banks were registered for conducting business in Germany. For this research the 200 largest banks in Germany were chosen, based on their total assets as reported in the balance sheet in The cumulated balance sheets of the 200 largest banks account for more than 90% of the cumulated balance sheet of the whole German banking market (estimation based on Bundesbank (2004); Karsch (2004)). To assess the risk perceptions of the managers in charge of business processes, four banking processes were selected, which are generally not regarded as core competencies for banks (Lamberti and Pöhler, 2004): back office/settlement processes for transactions in securities, consumer credits, domestic payments and foreign exchange/ money market. All of the 200 banks were contacted by phone to personally identify the managers in charge of the business processes mentioned above. Some banks do not have all four business processes in place, therefore only 593 questionnaires were sent out. Overall, 218 usable questionnaires from 126 banks were returned. This equals a response rate of 36.8% amongst managers and 63% of the banks approached. The distribution of the banking groups (private banks, savings banks, cooperative banks, other banks) among the respondents satisfactorily matches the distribution in the sample. The responses per process are shown in Table 3. Table 3 Responses per process Process Number of responses Distribution (%) Securities settlement Consumer credits settlement Domestic payments settlement Foreign exchange/money market settlement To account for the impact of bank or process type, multigroup analysis as suggested in Chin (2000) was conducted and no statistically significant influence of either factor on the structural model was detected Model estimation This section presents the results of the model test, including the test of the measurement model and the structural model. Since the individual risks have been found to form the risk categories, a formative measurement approach was adopted. For an overview of the distinction between the factors influencing the choice of formative and reflective measurement, we refer the reader to Jarvis et al. (2003). The research model depicted in Figure 1 has been operationalised and transferred into a Structural Equation Model (SEM) to be analysed with the Partial Least Squares (PLS) approach (Chin, 1998a). In contrast to covariance-based approaches, such as LISREL, AMOS or EQS, PLS has minimal demands on measurement scales, and residual distribution (Chin, 1998a). Moreover, as we apply both a formative measurement model for the risk categories and a reflective measurement model for the overall perceived risk of BPO, PLS is the only choice, as formative and reflective measurement models cannot simultaneously be

34 The risks of BPO: a two-fold assessment in the German banking industry 431 calculated with covariance-based methods (Fassott, 2005). All calculations were carried out with PLS-Graph Version 3.0; the estimation results for the measurement model are depicted in Table 1 in the Appendix. To evaluate the quality of the measurement model, the design of constructs (Diamantopoulos and Winklhofer, 2001) and the relevance of indicators (Chin, 1998a) need to be analysed. There are five critical issues determining the quality of the measurement model: content specification, indicator specification, indicator reliability, indicator collinearity and external validity. In the following, first the quality of the formative measurement model (risk categories) is discussed, and then that of the reflective measurement model applied to the overall BPO risk. Finally, the structural model connecting the constructs of interest is evaluated Evaluation of the formative measurement model Content specification consists of defining the scope of the latent constructs to be measured. This is of particular importance in formative measurement models, as the indicators form the latent variable. The breadth of definition is extremely important to causal indicators (Nunnally and Bernstein, 1994, p.484), because failure to consider all facets of the construct will lead to an exclusion of relevant indicators (Diamantopoulos and Winklhofer, 2001, p.271). The research model presented in this paper includes four constructs to be measured with formative indicators: strategic, financial, performance and psychosocial risk. These constructs were thoroughly described and their scope has been intensively discussed in the process of preparing the study to ensure proper specification of the applicable content. A definition of the scope of each construct is given in Table 2. Indicator specification comprises the identification and definition of indicators that constitute the constructs. As the aggregation of all formative indicators defines the scope of the latent variable, indicator specification is particularly important for models using formative indicators (Diamantopoulos and Winklhofer, 2001). The indicators used in this model were identified by intensive literature review and have been validated through several pre-tests with senior bank managers knowledgeable about the topic of this research. Following their suggestions, some initial indicators have been altered to be more precise and understandable to the target audience. Indicator reliability analyses the importance of each individual indicator that forms the relevant construct. Two quantitative arguments have to be accounted for in formative measurement models: 1 the sign of the indicator-construct-relationship needs to be correct as hypothesised 2 the weighting of the indicator should be at least 0.1 (1994). The model shows correct signs for all indicators and a weight of more than 0.1, and that all indicators are at least significant at the 0.1 level (the full set of figures is given in Table 1 in the Appendix). Because formative measurement models are based on multiple regression, substantial indicator collinearity would affect the stability of indicator coefficients (Diamantopoulos and Winklhofer, 2001). The maximum variance inflation factor comes to 3.65, which is far below the cut-off threshold of (Cohen, 2003); therefore, multicollinearity does not pose a problem.

35 432 H. Gewald and J. Franke External validity stresses the suitability of the indicators by assessing the extent to which formative indicators actually capture the construct (Chin, 1998b). External validity can be supported by creating a set of reflective indicators measuring the same construct (Fassott and Eggert, 2005). If the formatively measured construct strongly and significantly correlates with the reflective construct, external validity is given (Diamantopoulos and Winklhofer, 2001). For all constructs measured in a formative way, equivalent constructs with reflective measurement models have been evaluated and shown to be highly correlated, thus supporting the external validity of the formative measurement models Evaluation of the reflective measurement model The quality of the reflective measurement model (overall BPO risk) is determined by convergent validity and discriminant validity (Bagozzi, 1979; Churchill, 1979; Peter, 1981). Convergent validity (Bagozzi and Phillips, 1982) is analysed by evaluating indicator reliability and construct reliability (Peter, 1981). Indicator reliability can be examined by looking at the construct loadings. In the model tested, all loadings are significant at the level and above the recommended 0.7 parameter value (significance tests were conducted using the bootstrap routine with 500 resamples (Chin, 1998b)), as depicted in Table 1 in the Appendix. Construct reliability is tested by evaluating Composite Reliability (CR). The estimated value of is well above the recommended threshold of 0.6 (Bagozzi and Yi, 1988). Discriminant validity of indicators can be analysed via the Average Variance Extracted (AVE). The calculated figure of is above the recommended threshold of 0.5 (Chin, 1998b) Structural model The adequacy of indicators in the measurement model enables one to evaluate the explanatory power of the entire model as well as the predictive power of the independent variables. The explanatory power is examined by looking at the squared multiple correlations (R 2 ) of the dependent variables. As can be inferred from Figure 2, 46% (R 2 = 0.46) of the variation in the overall perceived risk is explained by performance, financial, strategic and psychosocial risks. Predictive power is tested by examining the magnitude of the standardised path coefficient estimates between constructs together with the corresponding t-values. All path coefficients exceed the recommended 0.2 level except for psychosocial risk. A bootstrapping evaluation with 500 resamples revealed a strong significance for all paths (at the level) except for psychosocial risk (at the 0.1 level). Figure 2 depicts the findings graphically.

36 The risks of BPO: a two-fold assessment in the German banking industry 433 Figure 2 Structural model findings Weight: Significance: Weight: Significance: Weight: Significance: Weight: Significance: Weight: Significance: 0.1 Weight: Significance: 0.05 Weight: Significance: 0.1 Weight: Significance: Lock-in Not achieving the originally planned benefits Hidden costs Security breaches Incapable vendor resources Inexperienced outsourcer or vendor Service debasement Failing interfaces Financial Risk 0.243*** 0.212*** Strategic Risk Perceived Risk of BPO Performance Risk 0.224*** AVE = CR = R 2 = * Psychosocial Risk Significance Key: * p <= 0.1 ** p <= 0.05 *** p <= 0.01 Loss of flexibility Loss of competencies Loss of cross-functional skills Contrary objectives Personal standing/reputation Irreversibility of decision Reputation of the bank Weight: Significance: Weight: Significance: 0.1 Weight: Significance: Weight: Significance: Weight: Significance: Weight: Significance: Weight: Significance: 0.001

37 434 H. Gewald and J. Franke 5.2 Summary of findings Financial risk The perceived financial risk of BPO is composed of unexpected transition costs, hidden service costs and switching costs. These indicators significantly contribute to the financial risk facet. The high impact of hidden costs (weighting: 0.537) and unexpected transition costs (0.411) indicates that the managers primarily blame the service provider for an overrun of planned costs. Switching costs are seen as a problem (0.302), but do not weigh as high as the other risks. The path connecting the financial risk with the overall perceived risk (0.243) is the highest of all risk facets. This indicates the relative importance of financial risk perceptions for the overall perceived risk. This result is as expected, as managers are still mainly evaluated by quantitative figures. Therefore their main interest is to avoid missing financial targets Performance risk The performance risk facet comprises the individual risks of communication mismatch (0.355), security breaches (0.284), inexperienced service provider (0.246), process complexity (0.226), and service debasement (0.195). These indicators have significant weights in terms of the risk facet, although those of service debasement and process complexity are only significant at the 0.1 level. The risk of communication mismatch between the bank and the service provider contributes most to performance risk, as previously described by Alexander and Young (1996). In addition, managers perceive possible security breaches as a severe risk (compare Jurison, 1998; Khalfan, 2004), which is understandable considering the contemporary media coverage regarding security breaches (see, e.g., Dash and Zeller, 2005). The banking industry in particular tends to be sensitive to this risk. The third most important performance risk is selection of an inexperienced vendor (see Willcocks et al., 1999; Bahli and Rivard, 2003). This is assumed to be due to the relatively young BPO market in Germany and indicates that banks do not assume that existing service providers offering new BPO services automatically execute these services at the same level as the other services in the portfolio. The findings indicating the relevance of the risk of service debasement and process complexity for an outsourcing venture are in line with previously conducted research by Lacity and Willcocks (1995), Ang and Straub (1998), Aubert et al. (1998), and Bahli and Rivard (2003), but rank lowest on the performance risk scale Strategic risk The strategic risk facet is composed of the individual risks of lock-in with the vendor (0.446), contrary objectives of vendor and outsourcer (0.338), loss of innovative capabilities (0.330) and loss of control (0.179). All of these individual risks have a significant impact on the risk facet, although loss of control is only significant at a level of 0.1. The dependency of the bank on the service provider has the highest effect on strategic risk, which complements the analogous discussion of the psychosocial risk facet below and is in line with previous findings (e.g., in addition, managers perceive great risk from divergent objectives between the partners of the BPO engagement and the possible loss of innovative capability). These risks have previously been identified by researchers (Earl, 1996; Lacity, 2002) and add to findings that focus on dependency and lock-in

38 The risks of BPO: a two-fold assessment in the German banking industry 435 (Cheon et al., 1995; Aubert et al., 1998; Bahli and Rivard, 2005). The loss of control loads comparatively low, which is surprising, as loss of control has previously been reported to be a major risk (Quinn and Hilmer, 1994; Jurison, 1998). An explanation for the fact that the risk of losing control has declined in importance could be that the deployment of outsourcing governance mechanisms has become more widespread in recent years (Gewald and Helbig, 2006). By establishing effective governance structures, the collaboration at all levels of the involved corporations increases, thus decreasing the bank s risk of losing control over vital decisions Psychosocial risk The psychosocial risk facet is constructed of one social and two psychological risks. As mentioned above, it is typically very difficult to measure this facet, which has also turned out to be the case in this study, as the psychosocial risk facet has the lowest (yet still significant) loading of all the risk facets in the perceived risk construct. Nevertheless, the three indicators tested here provide interesting insights. The de facto irreversibility of the outsourcing decision causes a perception of high risk for the manager (0.502) (Jurison, 1998). The damage to one s personal reputation amongst peers caused by outsourcing of the business process is also regarded as being a high risk (0.490). This is understandable, taking contemporary media coverage into account, which is overwhelmingly negative towards outsourcing because of the expected loss of jobs and wage cuts. The third most important psychosocial risk is the indirect responsibility for process execution (0.458). Even if the manager is no longer in charge of the operation, s/he (and the bank) will still be blamed for all errors that are made, eventually damaging the bank s reputation. This responsibility without direct control obviously causes a high-risk perception. 5.3 Resolving Research Question 2 The empirical survey brought up some interesting findings. Three of the four risk categories tested showed a reliable relationship with the overall perceived BPO risk. We see that financial risks score highest, followed by performance and then strategic risks. Contrary to our expectations, psychosocial risks are of virtually no importance to the responding managers. The explanation for this ranking may be the measurement systems deployed in banks, which focus very much on quantitative figures. Therefore managers are eager to perform in such a way as to satisfy the figures (financial and performance risks), and tackle more qualitative issues (strategic and psychosocial risks) as a lower priority. In a kind of self-fulfilling prophecy, those tasks watched over closely are much more likely to reveal problem areas, as the respective tracking is closer, and in the case of the quantitative risk facets it is much easier to spot if negative events or trends occur. 6 Limitations and further research 6.1 Limitations of this research There are certain points to be kept in mind when interpreting the results of this research. This study has focused exclusively on the German banking sector. Therefore, the results may not be representative of other industries or across countries. This is of

39 436 H. Gewald and J. Franke special importance, if one takes the inherent reference framework of outsourcing and the associated risks and responsibilities into account, as required by tight national regulation. The national character may change in years to come, when the international supervisory body for the banking system (the Bank for International Settlements) finally releases its recommendations for outsourcing in financial services (BIS, 2004b) to be incorporated into national regulations. Furthermore, the digital character of the banking industry acts as a strong driver for outsourcing. Applying the findings of this study to other industries might introduce additional risks or change risk magnitudes owing to increased staff operations. 6.2 Further research After analysing the perceived risks of BPO in greater detail, a comparable approach to the perceived benefits of BPO seems promising. A combination of the findings of both measures and their influence on managers attitudes might add to the understanding of the outsourcing decision. Furthermore, the development of innovative risk-sharing approaches seems to be a relevant area for additional research, especially taking into account the advances of the Bank for International Settlement regarding the sanctions for operational risk in the banking system (BIS, 2004a). The transfer of risk in accordance with the transfer of the risk-carrying business processes from bank to service provider is a major field for further research with great potential for the academic and practitioner community. 7 Conclusion As a survey of the outsourcing literature shows, the risks involved in ITO have been addressed by numerous authors, whilst there is little research on the risks inherent in BPO. Building on a list of ITO risks, our first research question was to determine whether the risks of ITO and BPO systematically differ. Applying qualitative empirical research in structured interviews with outsourcing experts, and focusing on the delivery phase in outsourcing ventures, the risks of BPO have been compared to those of ITO. Our findings suggest that the risks in traditional ITO and in BPO are fundamentally the same, but differ significantly in tendency. In process outsourcing, as compared to ITO, two risks are classified as tending to be lower, two remain the same and eight risks are classified as tending to be higher. Extending this qualitative approach, a quantitative empirical survey among Germany s 200 largest banks has been conducted to investigate the individual magnitude of the risks associated with BPO. It has been clearly shown that financial risks are most important to decision makers, followed by strategic and performance risks. Although a specific ranking between these three risks has been identified, they were still quite close together. Psychosocial risks, in contrast, scored much lower and were only just statistically significant. This comes as a surprise, as one would commonly expect the managers who are responsible for a business process to be much more reluctant to outsource this process and to see more negative imperatives for themselves. Perhaps business managers react more rationally than expected.

40 The risks of BPO: a two-fold assessment in the German banking industry 437 Acknowledgements The authors gratefully acknowledge the support of the E-FinanceLab, Frankfurt am Main, Germany. All views expressed within this research paper are solely the author s and do not necessarily reflect the position of IBM corporation or any of its affiliates. References Adeleye, B.C., Annasingh, F. and Nunes, M.B. (2004) Risk management practices in IS outsourcing: an investigation into commercial banks in Nigeria, International Journal of Information Management, Vol. 24, No. 2, pp Alexander, M. and Young, D. (1996) Strategic outsourcing, Long Range Planning, Vol. 29, No. 1, pp Ang, S. and Straub, D. (1998) Production and transaction economies and IS outsourcing: a study of the US banking industry, MIS Quarterly, Vol. 4, pp Aubert, B.A., Patry, M. and Rivard, S. (1998) Assessing the risk of IT outsourcing, Proceedings of the 31st Hawaii International Conference on System Sciences, Hawaii, USA. Aubert, B.A., Patry, M. and Rivard, S. (2002) Managing IT outsourcing risk: lessons learned, in R. Hirschheim, A. Heinzl and J. Dibbern (Eds.) Information Systems Outsourcing Enduring Themes, Emergent Patterns and Future Directions, Berlin: Springer, pp Baccarini, D., Salm, G. and Love, P.E.D. (2004) Management of risks in information technology projects, Industrial Management & Data Systems, Vol. 104, No. 4, pp Bagozzi, R.P. (1979) The role of measurement in theory construction and hypothesis testing: toward a holistic model, in O.C. Ferrell, S.W. Brown and C.W. Lamb (Eds.) Conceptual and Theoretical Developments in Marketing, Chicago, pp Bagozzi, R.P. and Phillips, L. (1982) Representing and testing organizational theories: a holistic construal, Administrative Science Quarterly, Vol. 27, September, pp Bagozzi, R.P. and Yi, Y. (1988) On the evaluation of structural equation models, Journal of the Academy of Marketing Science, Vol. 16, pp Bahli, B. and Rivard, S. (2003) A validation of measures associated with the risk factors in information technology outsourcing, Proceedings of the 36th Hawaii International Conference on System Sciences, Hawaii, USA. Bahli, B. and Rivard, S. (2005) Validating measures of information technology outsourcing risk factors, Omega, Vol. 33, pp Baird, I.S. and Thomas, H. (Eds.) (1990) What is risk anyway? Using and measuring risk in strategic management, Risk, Strategy, and Management, Greenwich: JAI Press, pp Barki, H., Rivard, S. and Talbot, J. (1993) Toward an assessment of software development risk, Journal of Management Information Systems, Vol. 10, pp Barthelemy, J. and Geyer, D. (2001) IT outsourcing: evidence from France and Germany, European Management Journal, Vol. 19, No. 2, pp Bauer, R. (1967) Consumer behavior as risk taking, in D.F. Cox (Ed.) Risk Taking and Information Handling in Consumer Behavior, Cambridge, USA: Harvard University Press, pp Benamati, J.H. and Rajkumar, T.M. (2002) The application development outsourcing decision: an application of the technology acceptance model, Journal of Computer Information Systems, Vol. 42, No. 4, pp BIS (2004a) International convergence of capital measures and capital standards, Bank for International Settlements, The Joint Forum, Basel Committee on Banking Supervision.

41 438 H. Gewald and J. Franke BIS (2004b) Outsourcing in financial services, Bank for International Settlements, The Joint Forum, Basel Committee on Banking Supervision. Breuer, R-E. (2004) Editorial, in H-J. Lamberti, A. Marliere and A. Pöhler (Eds.) Management von Transaktionsbanken, Berlin: Springer, pp.5 8. Bundesbank (2004) Bankenstatistik Dezember 2004, Frankfurt am Main: Deutsche Bundesbank. Cheon, M.J., Grover, V. and Teng, J.T.C. (1995) Theoretical perspectives on the outsourcing of information systems, Journal of Information Technology, Vol. 10, pp Chin, W.W. (1998a) Issues and opinions on structural equation modeling, MIS Quarterly, Vol. 22, No. 1, pp Chin, W.W. (1998b) The partial least squares approach to structural equation modeling, in G.A. Marcoluides (Ed.) Modern Methods for Business Research, London: Lawrence Erlbaum Associates, pp Chin, W.W. (2000) Frequently asked questions partial least squares & PLS-Graph, (accessed 25 October 2005). Churchill, G. (1979) A paradigm for developing better measures of marketing constructs, Journal of Marketing, Vol. 16, February, pp Cohen, J. (2003) Applied Multiple Regression/Correlation Analysis for the Behavioral Sciences, 3rd ed., London: Lawrence Erlbaum Associates. Cunningham, S.M. (1967) The major dimensions of perceived risk, in D.F. Cox (Ed.) Risk Taking and Information Handling in Consumer Behaviour, Boston, MA: Harvard University Press, pp Dash, E. and Zeller, T.J. (2005) Mastercard says 40 million files are put at risk, The New York Times, 18 June, p.1. Davenport, T.H. and Short, J.E. (1990) The new industrial engineering: information technology and business process redesign, Sloan Management Review, Vol. 31, No. 4, pp De Looff, L.A. (1995) Information systems outsourcing decision making: a framework, organizational theories and case studies, Journal of Information Technology, Vol. 10, pp Deutsche Bundesbank (2001) Circular 11/2001 Outsourcing of Operational Areas to Another Enterprise Pursuant to Section 25a (2) of the Banking Act, Frankfurt am Main. Diamantopoulos, A. and Winklhofer, H.M. (2001) Index construction with formative indicators: an alternative to scale development, Journal of Marketing Research, Vol. 38, May, pp Dibbern, J. (2003) The Sourcing of Application Software Development and Maintenance, Berlin: Springer. Dibbern, J., Goles, T., Hirschheim, R. and Jayatilaka, B. (2004) Information systems outsourcing: a survey and analysis of the literature, The DATA BASE for Advances in Information Systems, Vol. 35, No. 4, pp Dowling, G.R. (1986) Perceived risk: the concept and its measurement, Psychology and Marketing, Vol. 3, pp Earl, M.J. (1996) The risks of outsourcing IT, Sloan Management Review, Spring, pp Fassott, G. (2005) Die PLS-Pfadmodellierung: Entwicklungsrichtungen, Möglichkeiten, Grenzen, in F. Bliemel, A. Eggert, G. Fassott and J. Henseler (Eds.) Handbuch PLS-Pfadmodellierung Methode, Anwendung, Praxisbeispiele, Stuttgart: Schäffer-Poeschel, pp Fassott, G. and Eggert, A. (2005) Zur Verwendung formativer und reflektiver Indikatoren in Strukturgleichungsmodellen: Bestandsaufnahme und Anwendungsempfehlungen, in F. Bliemel, A. Eggert, G. Fassott and J. Henseler (Eds.) Handbuch PLS-Pfadmodellierung, Stuttgart: Schäffer-Poeschl, pp Featherman, M.S. and Pavlou, P.A. (2003) Predicting e-services adoption: a perceived risk facets perspective, International Journal of Human-Computer Studies, Vol. 59, pp

42 The risks of BPO: a two-fold assessment in the German banking industry 439 Gartner (2004) Outsourcing market view: what the future holds, Management Update, G Gewald, H. and Franke, J. (2005) A comparison of the risks in information technology outsourcing and business process outsourcing, Proceedings of the Eleventh Americas Conference on Information Systems, Omaha, USA. Gewald, H. and Helbig, K. (2006) A governance model for managing outsourcing partnerships, Proceedings of the Thirty-Ninth Hawaiian International Conference on System Sciences, Hawaii, USA. Gewald, H. and Hinz, D. (2004) A framework for classifying the operational risks of outsourcing, Proceedings of the Eighth Pacific Asia Conference on Information Systems, Shanghai, PR China. Gewald, H. and Lammers, M. (2005) What is core an assessment model for the strategic sourcing decision, Proceedings of the San Diego International Systems Conference, San Diego, USA. Gonzalez, R., Gasco, J. and Llopis, J. (2005) Information systems outsourcing risks: a study of large firms, Industrial Management & Data Systems, Vol. 105, No. 1, pp Halvey, J.K. and Melby, B.M. (2000) Business Process Outsourcing Process, Strategies and Contracts, New York: John Wiley & Sons. Hu, P.J., Chau, P.Y.K., Sheng, L.O.R. and Tam, Y.K. (1999) Examining the technology acceptance model using physician acceptance of telemedicine technology, Journal of Management Information Systems, Vol. 16, No. 2, pp Ilie, V. and Parikh, M. (2004) A process view of information systems outsourcing research: conceptual gaps and future research directions, Proceedings of the Tenth Americas Conference on Information Systems, New York, USA. Jarvis, C.B., MacKenzie, S.B. and Podsakoff, P.M. (2003) A critical review of construct indicators and measurement model misspecification in marketing and consumer research, Journal of Consumer Research, Vol. 30, No. 2, pp Jurison, J. (1998) A risk-return model for information technology outsourcing decisions, in L.P. Willcocks and M.C. Lacity (Eds.) Strategic Sourcing of Information Systems, Chichester: John Wiley & Sons Ltd., pp Kaplan, L.B. and Duchon, D. (1988) Combining qualitative and quantitative methods in information systems research: a case study, MIS Quarterly, Vol. 12, No. 4, pp Karsch, W. (2004) Die 100 größten deutschen Kreditinstitute, Die Bank, Vol. 8, pp Kern, T., Kreijger, J. and Willcocks, L.P. (2002a) Exploring ASP as sourcing strategy: theoretical perspectives, propositions for practice, Journal of Strategic Information Systems, Vol. 11, pp Kern, T., Willcocks, L.P. and Lacity, M.C. (2002b) Application service provision: risk assessment and mitigation, MIS Quarterly Executive, Vol. 1, No. 2, pp Khalfan, A.M. (2004) Information security considerations in IS/IT outsourcing projects: a descriptive case study of two sectors, International Journal of Information Management, Vol. 24, pp Lacity, M.C. (2002) Lessons in global information technology sourcing, Computer, August, pp Lacity, M.C. and Willcocks, L.P. (1995) Interpreting information technology outsourcing decisions from a transaction cost perspective: findings and critique, Accounting, Management & Information Technology, Vol. 5, Nos. 3 4, pp Lacity, M.C., Willcocks, L.P. and Feeny, D.F. (2004) Commercializing the back office at Lloyds of London: outsourcing and strategic partnerships revisited, European Management Journal, Vol. 22, No. 2, pp

43 440 H. Gewald and J. Franke Lamberti, H-J. and Pöhler, A. (2004) Die Industrialisierung des Backoffices am Beispiel der etb, in H-J. Lamberti, A. Marliere and A. Pöhler (Eds.) Management von Transaktionsbanken, Berlin: Springer, pp Lancellotti, R., Schein, O., Spang, S. and Stadler, V. (2003) ICT and operations outsourcing in banking, Wirtschaftsinformatik, Vol. 45, No. 2, pp Laukkanen, T. (2006) Consumer-perceived value of e-financial services: a means-end approach, International Journal of Electronic Finance, Vol. 1, No. 1, pp Lee, A.S. (1991) Integrating positivist and interpretive approaches to organizational research, Organization Science, Vol. 2, No. 4, pp Lee, J-N., Huynh, M.Q., Kwok, R.C-W. and Pi, S-M. (2003) IT outsourcing evolution past, present, and future, Communications of the ACM, Vol. 44, No. 5, pp Moore, G.C. and Benbasat, I. (1991) Development of an instrument to measure the perceptions of adopting an information technology innovation, Information Systems Research, Vol. 2, No. 3, pp Nunnally, J.C. and Bernstein, I.H. (1994) Psychometric Theory, 3rd ed., New York: McGraw-Hill. Peter, J.P. (1981) Reliability: a review of psychometric basics and recent marketing practices, Journal of Marketing Research, Vol. 16, February, pp Quelin, B. and Duhamel, F. (2003) Bringing together strategic outsourcing and corporate strategy: outsourcing motives and risks, European Management Journal, Vol. 21, No. 5, pp Quinn, J.B. and Hilmer, F.G. (1994) Strategic outsourcing, Sloan Management Review, Vol. 35, No. 4, pp Rouse, A. and Corbitt, B. (2003) Minimising risks in IT outsourcing: choosing target services, Proceedings of the Seventh Pacific Asia Conference on Information Systems, Adelaide, Australia. Rouse, A.C. and Corbitt, B. (2004) IT-supported Business Process Outsourcing (BPO): the good, the bad and the ugly, Proceedings of the Eight Pacific Asia Conference on Information Systems, Shanghai, China. Wahrenburg, M., König, W., Hackethal, A., Weitzel, T., Beimborn, D., Franke, J., Gellrich, T., Holzhäuser, M. and Schwarze, F. (2005) Kreditprozess-Management Status Quo und Zukunft des Kreditprozesses bei Deutschlands 500 größten Kreditinstituten, Norderstedt: Books on Demand. Willcocks, L., Hindle, J., Feeny, D.F. and Lacity, M.C. (2004) IT and business process outsourcing: the knowledge potential, Information Systems Management, Summer, pp Willcocks, L.P., Lacity, M.C. and Kern, T. (1999) Risk mitigation in IT outsourcing strategy revisited: longitudinal case research at LISA, Journal of Strategic Information Systems, Vol. 8, No. 3, pp Young, P.C. and Hood, J. (2003) Risk and the outsourcing of risk management services: the case of claims management, Public Budgeting & Finance, Vol. 23, No. 3, pp Note 1 The interested reader will find detailed documentation in Gewald and Franke (2005).

44 The risks of BPO: a two-fold assessment in the German banking industry 441 Appendix Table 1 Loadings, weights and significance level of deployed indicators Construct Indicator Measurement Load/weight Sign. level Perceived risks Outsourcing of business processes Reflective is associated with a high level of risk. There is a high level of risk that the expected benefits of outsourcing will not materialise Overall, I consider the outsourcing of business processes to be risky. Performance risk The service provider does not have Formative sufficient outsourcing experience. Throughout the period of validity of the contract, the quality of service steadily declines. The process is too complex to be properly executed by the service provider. Employees of the bank and the service provider do not properly collaborate The service provider will not be able to provide a level of security for confidential data that meets the standards of the bank. Financial risk The transition costs and duration Formative exceed the calculated budget and time frame. The service provider tries to increase his profit through hidden or non-transparent costs The cost of switching service providers is so high that the bank faces a lock-in situation with the vendor. Strategic risk By outsourcing business processes, Formative the bank becomes dependent on the service provider. The service provider and the bank pursue contrary objectives. The bank loses its capability for long-term operational innovativeness By outsourcing business processes, the bank loses control over decision-making processes. Psychosocial risk Outsourcing the business process Formative for which you are responsible will damage your standing among colleagues and business partners. Outsourcing of the business process is de facto irreversible Errors of the service provider damage the reputation of our bank

45 Int. J. of Electronic Business, Vol. x, No. x, xxxx 1 Value Chain Crossing: Insights and Opportunities for Future Research Daniel Beimborn E-Finance Lab / Chair for Information Systems and Services, Otto-Friedrich-University, Bamberg, Germany Fax: daniel.beimborn@wiai.uni-bamberg.de. Sebastian F. Martin E-Finance Lab / Institute for Information Systems, Goethe University, Mertonstr. 17, Frankfurt am Main, Germany Fax: smartin@wiwi.uni-frankfurt.de. Jochen Franke E-Finance Lab / Institute for Information Systems, Goethe University, Mertonstr. 17, Frankfurt am Main, Germany Abstract: In this paper, we present a research framework that tackles a promising area of e-business largely neglected before, namely the lateral cooperation of firms from two different industries that interconnect their business processes by means of electronic integration. We refer to this kind of e-business cooperation as value chain crossing and explore, as an exemplary application domain, the integration of financial processes in non-banks and financial service providers. To support our research proposal, we provide exploratory findings from an empirical survey accompanied by a series of case studies which indicate that research in this area of e-business is worthwhile to be conducted. We identified empirical evidence for a large potential of value chain crossing but also found substantial inhibitors for the adoption of this idea. Keywords: business process outsourcing, value chain crossing, innovation adoption, lateral cooperation Reference to this paper should be made as follows: Beimborn, D., Martin, S.F., Franke, J. (xxxx) Value Chain Crossing: Insights and Opportunities for Future Research, Int. J. Electronic Business, Vol. x, No. x, pp Biographical notes: Dr. Daniel Beimborn graduated in Economics and Business Administration at Goethe University, Frankfurt, where he also received his Ph.D. in Information Systems. He currently works as an Copyright 2007 Inderscience Enterprises Ltd.

46 2 Beimborn, D., Martin, S.F., Franke, J. assistant professor at the Otto-Friedrich-University, Bamberg, Germany. His research interests include business process outsourcing in financial industries, controlling and standardization of IS infrastructures and especially the impact of web service technologies on their design. Daniel has published articles in various journals, including MIS Quarterly, Information Systems and e-business Management (ISeB), and WIRTSCHAFTSINFORMATIK, as well as in the proceedings of various conferences, including ICIS, AMCIS, HICSS, PACIS, and ECIS). Sebastian F. Martin graduated in Economics and Business Administration at Goethe University, Frankfurt, where he currently works as a research assistant at the Institute of Information Systems. His research interests focus on organizational innovation adoption, business process outsourcing, and IT business alignment. So far, his work was published in the proceedings of several international conferences, including AMCIS, HICSS, PACIS, and ICEB, as well as in various book chapters. More about Sebastian s work can be found on Jochen Franke was a research assistant at the Institute of Information Systems, Goethe University, focusing on sourcing of financial processes, IT business alignment, and IT flexibility. He has published articles in various journals, including International Journal of Electronic Finance, Journal of Information Systems and e-business Management (ISeB) and WIRTSCHAFTSINFORMATIK, as well as in the proceedings of various conferences, including ICIS, HICSS, AMCIS, PACIS, and ECIS. He was also the author of several successful books on web development. Jochen passed away in December Introduction Many firms have used advancements in information and communication technology in order to automate their primary processes, to integrate internal systems, and to tighten the network of partners transcending the firm s borders and thereby rearranging the entire value chain, having already exploited large efficiency potentials. But, global competition requires a continuous quest for efficiency improvements. Firms are increasingly forced to optimize their supportive business processes (e.g., HR management, Finance & Accounting etc.) as well. Because these secondary business processes (Porter 1985) usually do not belong to a firm s core competencies, business process outsourcing (BPO) with tight electronic integration between the business partners becomes apparent. Despite its relative recentness, BPO has been discussed to be one of the most promising areas of growth in the outsourcing market (Gartner Group 2004). But until now it has received little attention in academic literature (Rouse and Corbitt 2004). BPO is defined as the delegation of (parts of) organizational business processes to a third party provider including the underlying IT (Meyer and Schumacher 2003; Willcocks et al. 2004) i. Thus, BPO is orthogonal to the concept of ITO since it does not only outsource the production

47 Int. J. of Electronic Business, Vol. x, No. x, xxxx 3 resource but the business execution as well. On the other side, the tight connection between business unit and IT unit gets not interorganizationally separated (Rouse and Corbitt 2004; Dayasindhu 2004). Secondary processes usually represent cross-sectional functions which serve multiple other areas within the firm. Consequently, tight integration of the sourcing partners information systems is required. The services provided by a BPO vendor (e.g. cash management, electronic bill presentment and payment) have to be seamlessly plugged into the (outsourcing) firm s IS landscape. We refer to this particular type of selective BPO as value chain crossing (VCC): particular activities of an organization s secondary processes are fulfilled by (crossed with) an external provider s service (which is a primary process of this provider firm and part of its value chain). VCC thus 1. represents a special kind of BPO, based on lateral cooperation of firms from different industries. It represents neither cooperation along the value chain (vertical) nor cooperation in similar activities (horizontal). 2. includes the technical perspective. VCC means a seamless electronic integration where an external service is plugged in to the outsourcer s financial chain. An old existing example which almost represents a VCC, but is not technically integrated in a seamless manner, is the EDI transmission of payment runs. Another example is integrated Electronic Bill Presentment and Payment (EBPP), offered by an external provider, since it becomes embedded in the firm s financial processes (Skiera et al. 2004). The VCC definition goes along with the service-oriented paradigm, where (e.g. web) services can be plugged in and out within a modular business process landscape and may be replaced by services from external vendors (Berbner et al. 2005; Krafzig et al. 2005). In this paper we argue that this specific research area within the e-business domain has so far been neglected although it shows particularities which embrace promising research potential. We theoretically underpin our claim for specific research within this promising area of e-business and we substantiate our proposition by discussing selected relevant findings from an empirical survey as well as from a set of case studies. Both case studies and survey were specifically conducted to explore potentials for the outsourcing of (secondary) financial business processes by non-financial companies. Because secondary processes typically exhibit very heterogeneous characteristics, we dedicatedly focus on VCC in financial processes. In an empirical survey with the CFOs of Germany s 1,000 largest enterprises, we found that VCC on financial processes can offer a substantial source of value not used by many firms yet. This paper is intended to open a discussion on this research topic by providing exploratory empirical findings from an area of e-business research largely neglected so far. In the following, we first discuss related research (section 2). In section 3, we develop and theoretically underpin a research proposal for the e-business area of VCC. After this, we substantiate our research proposal with some empirical results which give valuable insights into this research area and finally draw a conclusion based on the conceptual and the empirical discussion.

48 4 Beimborn, D., Martin, S.F., Franke, J. 2. Related Research 2.1. Interorganizational Cooperation and Business Process Outsourcing Based on Englert (2000), we refer to inter-firm cooperation as the non-hierarchic collaboration of two or more independent organizations that is targeted towards a common goal. Several reasons for inter-firm cooperation have been identified by Buse (1997) like, e.g., economies of scale and scope, access to complementary resources, risk reduction (e.g., in R&D), or increasing market power. Access to superior or complementary resources and to new markets has been found in empirical studies to be the most important reason for cooperation (e.g., Fontanari 1995; Glaister and Buckley 1996). Although it is not a new phenomenon, cooperation has gained importance with the occurrence of so-called interorganizational systems (IOS) (Klein 1996). IOS represent the set of technologies which carry out the integration between two or more organizations (Cash and Konsynski 1985). IOS have been shown to facilitate and intensify inter-firm cooperation, help to raise entry barriers for competitors, and to diminish risks and disadvantages of cooperation by providing enhanced control options for the cooperation (Klein 1996). How can IOS be leveraged to support lateral cooperation between two or more firms? On an industry level, this issue has been examined in some conceptual papers that discuss the virtual corporations, or clusters, that as a group compete against other groups or clusters of organizations (e.g., Gomes-Casseres 1994). Nevertheless, there is quite a lack of research analyzing lateral cooperation through IOS on a business process level. Decisions to outsource particular parts of a business process are determined by different process characteristics. As with cooperation in general, drivers for outsourcing have been found to be economies of scale (by merging redundant processes and saving fixed costs) (Panzar and Willig 1977; Robinson 1934) and skill advantages of the partner/provider firm as it is more competent in operating particular processes and therefore can deliver lower costs and operational risk, increased quality and flexibility, and thus added value (Prahalad and Hamel 1990). From a theoretical viewpoint, research on outsourcing certain business functions is often based on the resource-based view (RBV) (Penrose 1959; Wernerfelt 1984) and the core competence theory (Prahalad and Hamel 1990). These theories analyze the competitive impact a business function (encapsulating its resources and capabilities) confers to a firm and give suggestions about which resources, capabilities, or competencies are better kept in-house. By outsourcing certain functions, firms may profit from the competence of specialized service providers, for whom the insourced function itself is a core competence. The lack of internal resources and capabilities has been found in numerous empirical studies to be a main driving factor for the outsourcing decision (Dibbern et al. 2004) Adoption of Innovations The adoption of innovations literature strand is mainly concerned with understanding the factors that either inhibit or facilitate the adoption and diffusion of innovations by individuals or organizations (Fichman 2004). The ultimate goal is to provide managers

49 Int. J. of Electronic Business, Vol. x, No. x, xxxx 5 with guidance on whether, when, and how to innovate (Fichman 2004; Swanson and Ramiller 2004). In this paper, we refer to an innovation as an idea, practice, or object that is perceived as new by an individual or other unit of adoption (Rogers 2003, p. 12). Research so far has focused on the characteristics of the organization, the environment and the innovation itself, analyzing their potential to act as enablers or inhibitors for innovation adoption. This kind of research is labeled by Fichman (2004, p. 316) to be conducted under the dominant paradigm, in which authors assume that organizations with a greater quantity of the Right Stuff will exhibit a greater quantity of innovation. Such organizations may also be said to fit the innovator profile. Interorganizational cooperation and, more specifically, outsourcing, have been discussed from the perspective of organizational innovation adoption (Loh and Venkatraman 1992; Saunders and Clark 1992). In a conceptual paper, Loh and Venkatraman (1992, pp ) argue that outsourcing represents an administrative innovation, thereby fulfilling three important conditions: First, it represents a significant shift in the mode of governance from the traditional locus of control and coordination within the hierarchy (combined with relatively standardized market transactions with vendors) towards newer modes that could be characterized as hybrids. [ ] Second, [ ] outsourcing represents significant changes in the internal processes of the user organizations. [ ] Third, [ ] outsourcing constitutes a significant change in the organizational routines used to deal with the external environment. Using institutional theory as a lens for understanding the factors that influence the adoption of interorganizational linkages (IOL), Teo et al. (2003) empirically found that isomorphic pressures stemming from the institutional networks in which organizations are embedded (mimetic, coercive, and normative) have a significant positive effect on managerial intention to adopt IOL. In a later study, (Khalifa and Davison 2006) distinguished between internal and external pressures and further found perceived feasibility and perceived desirability of IOL to significantly influence managerial IOL adoption intention. Organizational readiness (in terms of financial and human resources, process maturity, IT sophistication, etc.) has also been discussed to be a significant influential factor for the adoption of IT-based IOL (Chwelos et al. 2001; Iacovou et al. 1995). Furthermore, readiness of the trading partner has been found to be an enabler for the adoption of IOS (Chang and Chen 2005; Chwelos et al. 2001). In a later study, Loh and Venkatraman (1995) empirically tested a model of IT outsourcing and found that technical and business benefits as well as control and opportunism risks are critical explanatory factors for outsourcing. 3. A proposal for VCC adoption research VCC represents a major administrative innovation for today's organizations, very similar to the way IT outsourcing represented a fundamental change for the way organizations could meet their IT needs in the early 1990s (Loh and Venkatraman 1992). This view is consistent with Rogers definition of an innovation as [ ] an idea, practice, or object that is perceived as new by an individual or other unit of adoption (Rogers 2003, p. 18). This perspective will allow researchers to base their research efforts on prior findings

50 6 Beimborn, D., Martin, S.F., Franke, J. from the literature on organizational adoption of innovations, which thus together with the literature stream on interorganizational cooperation and BPO provides a suitable theoretical basis for developing a research framework for VCC adoption. Comprehensive overviews on the inhibitors and drivers of the innovation adoption process are given by Frambach and Schillewaert (2002) and Jeyaraj et al. (2006). Besides the drivers and inhibitors identified in prior innovation adoption literature, adoption research can be used to gain further insights on the specific issue of VCC. One prominent research model on a related topic is developed by Iacovou et al. (1995): in their EDI adoption framework they found organizational readiness, perceived benefits and external pressure (pressure from competition and imposition by partners) to be the main factors that influence EDI adoption. EDI is a preliminary example of technical integration (usually along vertical cooperation) and thus a related domain from an adoption research perspective. We propose that research on VCC should focus on the facets of VCC adoption depicted by Figure 1. Figure 1. Facets in VCC adoption research 3.1. Benefits and Risks Perceived benefits and risks in the context of Business Process Outsourcing (BPO) explicitly regarded as an administrative innovation have been in the focus of some recent works. On the benefits side, Gewald (2006) found four types of benefits to be the main drivers for BPO intention: cost advantages, the possibility to focus on the firm s core competencies, access to specialized resources, and quality improvements. Studies show that in BPO of secondary processes the arguments of cost savings from economies of scale and skill (i.e. access to superior capabilities and resources) play the most influential role (Skiera et al. 2004). Interestingly, Gewald found that managers with prior outsourcing experience had other mental frameworks for evaluating the benefits of outsourcing than managers without prior experience. While managers without prior