Enterprise technology leaders are actively partnering with start-ups to help make their organisations more innovative and agile. Co-creating with start-ups can help kickstart innovation, provide CIOs with access to hard-to-find skills in emerging technologies, and round out digital transformational strategies.
Their unique focus and approaches to innovation can make start-ups a highly advantageous partner in delivering business value in ways traditional vendors can’t offer.
“Start-ups often build new products and services using less cost. By working closely with them, IT leaders can become more dynamic, proactive, self-determining, self-regulated, flexible, strong, robust, and resilient,” says Dr Suresh A Shan, a technology consultant with Mumbai-based rural non-banking financial company Mahindra & Mahindra Financial Services.
Prior to working as a consultant with the company, Shan served as its head of digital innovation for over a decade.
But IT leaders must do more than simply embrace the innovation edge start-ups can offer; they must also ensure business continuity and sound operations. The rush to partner with start-ups can result in relationships that are not aligned to both parties’ interests, leading to significant business-technology risks for a CIO.
Here are some common traps IT leaders fall into when partnering with start-ups and how to steer clear of them.
Selecting start-ups based on technology alone
Identifying the right start-up to partner with can be challenging. There are so many start-ups vying for IT leaders’ attention that it can be difficult to filter through the clutter.
With start-ups proliferating across IT services, finance technology, technology hardware, enterprise software, and artificial intelligence, among other domains, knowing where to focus your search for an innovation partner can be overwhelming.
According to Sushant Rabra, partner for management consulting at KPMG, “a good multistage diligence process involving the start-up’s founders, customers, platform, among others, is a must while shortlisting a start-up. Enterprises organise hackathons to select start-ups based on a technical solution.
"While such initiatives help in evaluating the maturity of the platform, they fall short on other areas. In the absence of a multistage due diligence process, an enterprise could face third-party risks. There could be cases of IP infringement or pending claims against a start-up, which can come upon an enterprise also as it uses the same IP. Similarly, digital data laws are stringent; if an enterprise partners with a start-up that isn’t compliant, it too could be liable for penalty.”
This diligence doesn’t end at selection, Rabra adds.
“Even after a project has been awarded to a start-up after all the checks, the due diligence process should continue in parallel,” he says. “There have been instances of start-up founders and employees facing legal cases and regulatory actions. An enterprise can run into reputational and association risk if it partners with such a start-up.”
Overlooking the potential volatility in start-up partnerships
Start-ups can also introduce more volatility into your partnership portfolio. For example, a start-up could function smoothly for one or two years before folding up, owing to various reasons. The founders could pivot to a new business model or new investors could come in with a different focus for the company.
Also, the start-up landscape is extremely competitive and when one company becomes successful in a particular area, lots of other players come in. In such a situation, if the start-up doesn’t acquire customers aggressively, there could be viability issues. Any of these scenarios could result in a CIO losing capex and risking business continuity.
To hedge against such risks, CIOs should maximise their organisation’s brand power to their advantage.
“Start-ups need big logos on their resumes, but it is risky for any IT leader to engage with them as they are not known in the market and don’t carry impressive credentials," says Mayank Bedi, assistant executive director of IT at Dalmia Bharat Group, an Indian conglomerate with interests in cement, sugar, and power.
"The best way, which serves well for both parties, would be to work with start-ups on an evaluation basis without any commercial agreement."
Recalling his engagement with a start-up when he was led IT at agriculture equipment manufacturer VST Tillers Tractors, Bedi says, “We got the start-up to work on attendance automation and visitor management. There was nothing to lose as we were not commercially liable to the start-up and even if it left midway, there would be no impact on business as these were non-business-critical projects.
"Meanwhile, the start-up had to prove itself else it would lose a big brand like VST Tillers Tractors. It worked hard and delivered the project.”
Once the start-up passes the evaluation process, IT leaders should still take measures to guard against assuming too much continuity risk, he says.
“For enhancements and improvements to the solution, a CIO can then pay the start-up based on mutual understanding. However, it will still be prudent to hold 10 per cent to 15 per cent of the payment lest the start-up fails to deliver the complex change requirement. Also, IT leaders should have access to the source code so that they can deploy the project through another competent partner,” Bedi says.
Taking start-up talent for granted
Enterprise technology leaders expect complete and proper flow, planning, and execution of a project. “Often start-ups make tall claims to bag an enterprise account. They showcase their revenue, customer references, and large teams. However, the real picture emerges only once the work begins,” says Bedi.
And that’s where hidden talent factors can play an outsize role when partnering with lean start-ups.
“Start-ups are often dependent on a few star performers who could be in sales or technology. If these few individuals leave, then there is a talent risk for the start-up, which could impact its operations,” says Rabra.
For Bedi, it came as a rude shock when he found out a start-up he was working with on a project didn’t have an internal development team and instead relied on a third party for its deliverables.
“We had partnered with a start-up on a customer onboarding project. A delay of 15 to 20 days is acceptable but alarm bells ring when there is a significant overrun of timelines. In our case, there was a delay of more than two months,” says Bedi.
“Not only a lack of bandwidth but also the brief that the start-up receives from the enterprise and passes to the third party gets lost in translation. It doesn’t help that the start-up didn’t read the detailed business requirements document.”
Unfortunately, it’s tough to cut this risk altogether, Bed says. “There are few IT leaders who verify the credentials of a start-up to the extent of asking the CVs of their team members. Even if some do so, some start-ups resort to ‘body shopping,’” he says, referring to the practice of recruiting workers to contract their services out on a tactical short- to mid-term basis.
So, what’s the way out? The best approach is to open a clear line of communication with the start-up and ensure transparency.
“In my case, I asked the start-up what the issue was holding up the project. Once I understood the problem, I got the start-up, its extended arm, and my internal team to all come to the table and discuss the project and means to complete it on time. This way one can overcome the scope creep, disintegrated approach, and delayed timelines,” says Bedi.
Assuming cyber security
One of the biggest risks in partnering with any organisation stems from cyber security. More so partnering with start-ups, which are becoming top targets for organised crime as they are perceived as lacking robust defences against hackers. In a connected world, this could put their clients at risk.
According to the State of Start-up Security 2022 report brought out by Vanta, only 27 per cent of start-ups have a dedicated security team or person, and 75 per cent of respondents thought they should improve their security. The study included over 500 technology leaders from start-ups.
“While there is lot of progress happening around cyber security, there is no end to it," Rabra says. "At the end of the day, it is all about striking a balance between risk and control.
"For a large enterprise in a regulated industry, such as a bank, the risk appetite is very low, while a start-up has a moderate risk appetite as it prioritises nimbleness and innovation. So, it is up to CIOs to see whether their enterprises’ risk appetite matches with that of the start-up they want to partner."
“To ensure security, most CIOs adopt a compartmentalised approach wherein the start-up works in one compartment and the other business-critical infrastructure is in another compartment and nobody is allowed to touch this core. This way, even if a cyberattack does happen, there is minimum damage to the enterprise,” he says.
Shortchanging cultural challenges
This trap has more to do with the enterprise than the start-up. Enterprises culture can be tough to change. And when introducing a start-up approach or mentality into the equation, projects or transformations can easily be derailed by cultures resistant to change.
“For an organisation that has been around for more than two decades, accepting something coming from a start-up is not easy. People in large organisations, based at the last mile, are resistant to change. Then there is a difference in the working styles. A large enterprise moves at its own pace while a start-up works nimbly,” says Shan, who has worked extensively with start-ups in rural India.
Here, enterprise expectations can also be a problem, Shan says.
“When it comes to the levels of customisation in a project, enterprises have unrealistic expectations from their start-ups," he says.
"For instance, in a multilingual project it is tough to bring more than 60 per cent language clarity for any partner. However, I have seen corporates flexing their muscles and pushing start-ups to get it to 90 per cent, which is next to impossible and leads to friction. Some corporates even threaten start-ups of a takeover."
To promote acceptability of new technology in the enterprise, Shan leverage live use cases. “We showcase case studies on how technology can enable work more efficiently. We also incentivise users, by giving them gifts, to adopt new technology,” he says.
“Enterprises should have a clear idea about its process, policy, procedures, and the purpose of the outsourcing to the start-up, supported by documentation, people and processes," Shan adds. "The clarity of dos and don’ts from the corporate’s side gives more strength to the start-up to know, build, plan, and execute the project with full confidence."