Enhance Your Next Vendor Partnership by Failing Catastrophically First

In this era of ever-changing member expectations, credit unions have a mandate to look outside their four walls in search of a partner with a solution, expertise, or simply with the time capacity to execute and deliver on a much needed or perceived member need.

This article is not one that focuses on the consumer, socio-economic or technology trends that credit unions need to pay attention to and that Filene regularly studies, but rather one that concentrates on the internal outsourcing processes to evaluate and select a third-party provider that can satisfy the project specifications.

Specifically, this aims to show decision-makers how they can use risk assessment and identify an inventory of potential situations that can jeopardize the initiative’s success by conducting a pre-mortem exercise. This tool will allow your team to temporarily transport themselves to a possible future where the partnership with a vendor failed. Performing this exercise allows your team to confront these situations head-on and together ideate practical alternative options on how to prevent that fate.

In a post-mortem exercise, an autopsy is performed to learn from how the project was executed by creating a list of (things we) did well, and (things we will) do better. While it is helpful to the team to understand what happened after the project or phase concludes, the retrospective look only offers insights for future initiatives and teams to benefit from this exercise. A pre-mortem exercise, on the other hand, is executed at the beginning of a project, so that the launch can be improved. It helps to identify potential barriers and vulnerabilities to the project success before they occur, and as a result, build intuition and sensitivity for the problems at hand.

Note that there is an essential difference between discussing what could go wrong versus starting with the assumption that, despite all of the team’s efforts, the project has failed catastrophically. Framing the discussion in this way will allow participants of this exercise to flesh out these risks. So, embrace your inner Debbie Downer, honor those individuals in your team with a tendency to see the glass half-empty and follow these steps:

1. Look in the mirror. As your credit union decides whether and how to work with a new potential partner, one of the biggest challenges decision-makers will face is determining whether or not you have the skills and knowledge to determine who is and isn’t a good fit.

Start by having the project team list any significant obstacles to success and how the organization might overcome them. Throughout the project, review this list periodically to remind the team of problems that could emerge, spot any rising symptoms and act on those signs early on.

Here are some questions to ask:

• What caused us to fail?
• What did we not do that caused us to fail?
• What did other external actors do that caused us to fail?
• What incorrect assumptions did we make?
• How will we know we failed? (Refer to symptoms and metrics.)
• When did we realize we failed?
• Why do these outcomes constitute a failure?
• The project is considered a failure if we don’t achieve __________.
• We consider the project a win even if we only achieve __________.

2. Choose the right partner. The accompanying figure illustrates the most important deciding factors in selecting an outside partner. Senior executives from 205 credit unions ranging in asset sizes from $57 million to $1.2 billion are represented in the responses. Ask your team to individually identify their selecting criteria, discuss what the team as a whole believes to be high priorities, and establish conversations or RFP responses from partners that match the team’s combined criteria.

3. Consider the impact to the credit union. When it comes to impact, there are two key areas to discuss as a team during the pre-mortem exercise:

Shift in labor: A new partnership could impact the makeup of the credit union’s current staff. For instance, partnering with a fintech may decrease the labor required for clearing, settlement and loan review. Many credit unions have employees with long tenure and are reluctant to adopt technologies that may reduce headcount.

Cultural impact: New partnerships could have a positive cultural impact toward innovation and greater risk tolerance, and away from the relative comfort of maintaining existing practices.

Here are some questions to ask:

• How did the partnership affect our existing staff?
• How well did we determine whether new staff was needed in either an operational or administrative role?
• Did we identify whether the current senior staff has the knowledge and ability to manage new tech staff? Did we allocate adequate investments in additional training or new leadership?
• Were the right steps taken to accommodate the increased costs and staff resources demanded to ensure security?

4. Consider technology implications. The risks associated with a technology partner imply that the level of IT risk prevention and cybersecurity planning, among others, must increase.

Here are some questions to ask:

• Did our IT and cybersecurity staff adequately understand the technology architecture of the vendor sufficiently to evaluate risks early on? Would we have been better served by bringing in an external consultant?
• Did we make sure the way the vendor considers appropriate vetting, screening or due diligence matched with our standards?
• Did we investigate the willingness of our credit union, league or CUSO to share data outside our usual channels to decrease risk exposure?
• Is there anything we could have done better to ensure security beyond our core processor?

5. Manage risk and compliance. The project team should dedicate time to discuss implications around compliance when choosing a new vendor, focusing on the vendor’s understanding of regulatory concerns and compliance-oriented culture.

Here are some questions to ask:

• Did we spend enough time understanding early decisions the vendor made regarding data security, customer privacy and the impact of its models on our members?
• Were the vendor’s algorithms focused on a limited or regionalized data set (e.g., early customers all in one state or region)? Are we confident its algorithms and models are finely and accurately tuned to make good decisions for a broader population?
• Did we take the proper steps to assess the vendor’s understanding of and readiness to be compliant with our regulations?
• Did we feel confident about the legal and regulatory impacts of relying on a third party for AML and KYC processing?

6. Bring it all together. You did it! Your team has identified what caused the project to fail. It is now time to prioritize the resulting list of potential reasons for failure by identifying those items that cause the most concern (in a two by two matrix, these will be issues that are both likely to occur and have the most significant negative impact for the project).

Now that your team has created a prioritized risk inventory, this last step will likely feel more natural for the team as you discuss one last question: What specific actions can your credit union take to avoid, mitigate or manage these issues?

Many of the questions listed above were extracted from Filene’s report, “Weighing the Risks of a Fintech Partnership.” A comprehensive list of questions your credit union should consider when choosing a fintech partner is available to all credit unions, regardless of membership status with Filene.

Elry Armaza is Custom Research Director for Filene Research Institute. He can be reached at 608-661-3750.