Hundreds of UK companies have taken their own passage to India, lured by low cost, skilled workforces to run their call centres. The moves have been politically sensitive and highly controversial – resulting almost in a sense of vague corporate shame, offset only by the financial savings on offer.

Pressure had been mounting on firms to pull out of India as a result of bad reactions from customers but this is now increasing considerably following a series of scandals surrounding data theft and breaches of customer confidentiality. The Indian call centre industry is suddenly on the verge of a major crisis with UK firms caught in the middle.

The catalyst

The latest crisis was sparked by an edition of Channel 4’s Dispatches documentary series that exposed two call centre employees who it claimed were ready to sell customer details. One offered to sell a database with the credit card, passport and internet banking details of as many as 200,000 people, while the second offered to sell the personal details of customers of companies like Halifax, Bank of Scotland and Woolwich for as little as £5 each.

Damaging business prospects

While offshoring can boost the bottom line, it can also damage the long term appeal of a business by alienating and driving away existing and potential customers.

One of the most vocal and long standing opponents of offshoring has been Nationwide. According to its research, 91 per cent of people say it is important to them that their calls are handled from call centres based in the UK, while 84 per cent say they would be less likely to deal with a company if they knew it used call centres abroad.

“Increasing numbers of companies are finding that overseas call centres are not the answer,” says Nationwide’s executive director Stuart Bernau.

“While outsourcing overseas may save costs in the short term, by being based in the UK Nationwide experiences less employee turnover than call centres overseas and we believe our employees are more productive as well.

“Call centres are at the very heart of our service offering which is why we are committed to keeping ours in the UK where we have strong links with the communities in which we operate. Call centres abroad may suit some of our competitors but they are not the right option for Nationwide or for our customers. We recently opened our latest call centre in Wakefield and have been delighted with the level of service it has delivered.”
Alliance & Leicester has had a similar reaction from its customers. Its own research indicates that 51 per cent of consumers are concerned about the security of their personal information in offshore call centres and that 87 per cent of people in the UK would prefer not to have their financial services handled by overseas call centres.

Over half were concerned about the security of their personal information, while 47 per cent thought it led to a poorer service. That is remarkably conservative compared to the findings of a study by the International Financial Services District Glasgow which found that 80 per cent of customers say offshoring damages the brand.

Nearly half – 49 per cent – say they would consider switching their custom because of offshoring.
But still companies choose to make the move. Aviva, owner of Norwich Union, is outsourcing 1,000 jobs to India while cutting jobs in the UK, despite its own research confirming that customers are ‘overwhelmingly’ opposed to offshore call centres.

A study carried out on its behalf found that 51 per cent of customers are ‘appalled’ by call centres based abroad with India picked out for particular criticism. Respondents say that call centres in India are difficult to deal with because the staff lacked knowledge of Britain

Some respondents claim that they found staff hard to understand because of their accents, while others complain about the use of scripts and suggest that service could be improved by moving call centres back to Britain.

But to no avail – Aviva has chosen to overlook its own findings. “We have to ensure that we remain a highly efficient and effective company in what is an increasingly competitive and dynamic environment,” says Norwich Union’s executive chairman Patrick Snowball.

Inevitably such exposures put firms on the back foot. “We have strict security measures in place and we are confident the people we employ and the procedures we use mean that information about our customers is not readily available to outside parties,” said a spokesman for Norwich Union, at the time.

"What you call a sting operation has actually tried to induce criminal activity and then make a show of it. It’s like creating a story and then printing it"

Kiran Karnik, president, Nasscom

Meanwhile a Barclays spokeswoman claimed: “None of the information acquired by the programme can be sourced to a banking call centre. In fact, it is standard information which has been culled from businesses who accept payments for goods and services by credit cards over the phone or the internet.”

Disturbingly, the initial reaction of the National Association of Software and Service Companies (Nasscom), the main trade lobby in India, was to become hugely defensive, resorting to a ‘shoot the messenger’ mentality. “We are concerned about the verifiability of such stories, especially sting operations where monetary inducements were provided,” says Nasscom president Kiran Karnik. “These operations sometimes go beyond uncovering wrongdoing and actually induce criminal activity that is then recorded and aired.”

Pulling out of India

Some companies have decided that enough is enough and booked a return journey from India. The most recent is Powergen that admitted that its use of Indian call centres had a negative impact on its customer services. Complaints about Powergen were twice the industry average, according to consumer body Energywatch.

From now on all calls made by customers will be answered in the UK rather than by call centres in India. Powergen plans to expand its centres in Bedford, Bolton, Leicester, Nottingham and Rayleigh in Essex and aims to recruit and train 980 new staff by the end of the year.

Nick Horler, Powergen’s managing director, says: “Offshore call centres may have their place for certain industries. However, we believe that we can best achieve industry-leading customer service by operating solely in the UK. When customers contact us they need to be confident that their query will be fully resolved quickly. Although the cost of overseas outsourcing can be low, we’re simply not prepared to achieve savings at the risk or expense of customer satisfaction. This change builds on the vast improvements that we’ve already made to our customer service – improvements highlighted in the latest Energywatch tables, which show that we’re improving faster than any other supplier.”

Last year, Abbey announced it was bringing call centre work back to the UK from Bangalore after a number of complaints from customers. The decision to shut a centre in Bangalore and move 1,000 jobs to Glasgow and two other sites in England was taken by Spanish bank Santander, after it bought Abbey for £9.5 billion.

Creating a crime

He claims that the TV channel’s sting operation was an attempt to induce criminal activity by offering money. “What you call a sting operation has actually tried to induce criminal activity and then make a show of it. It’s like creating a story and then printing it,” says Karnik. “In this particular case, one of the alleged criminals has stated the data he offered for sale was fake. This, and the lack of prompt cooperation by the producer with enforcement agencies, makes difficult the task of bringing to book the criminals involved.”

Even the race card has been played. “Few other countries are subject to the same level of scrutiny, [but] concern over data security is not limited to any one country,” says Karnik. “Such stories go to prove the lengths to which some vested interests will go to threaten this global industry with its reputation for customer value and security.”

He adds that far from being vulnerable to abuse, the Indian business process outsourcing (BPO) industry is actually the most secure in the world. “The few incidents in this country in comparison to the frequent cases of breach of data security is an indication of how safe the Indian BPO industry is,” he insists. “The customer should have the confidence that the data that is being processed outside their country is safer in India than it is in their country.”

FSA backing

Nasscom has some stong support closer to home. The Financial Services Authority has concluded that security at Indian centres is very good and in some cases more controlled than in the UK, a conclusion based on visits to 10 call centres and data from five others. It says staff at the centres were not allowed to take mobile phones or cameras to their workstations and if bags were permitted they were searched. The computers used did not have hard drives, floppy disc access or access to the internet, email or printers. Staff are often given numbered sheets of paper on which to take notes which had to be handed in at the end of a shift.

“There is no evidence to suggest customer data is at greater risk in India than in the UK,” the report states. “We observed a high level of security in operation and some firms stated that security is far more controlled than in the UK. For suppliers, controls over people, processes and access swipes are client specific; for firms it is in line with their own policies. Some have used their own or external security experts and internal auditors to define and review arrangements.”

"There is a crisis in the Indian call centre industry. Labour costs are rising, turnover is out of control and middle management is ill equipped to deal with the challenges of managing offshore services"

Dave Fleming, head of finance, Amicus

But the problem for Nasscom – and the Indian BPO industry in general – is that this is far from being the first incident of its kind. Earlier this year, three of the UK’s leading banks – HSBC, Barclays and Lloyds TSB – launched an investigation after a former call centre worker offered to sell UK customer account details to an undercover reporter from The Sun. The reporter was offered the account details of 1,000 Britons from a former call centre worker for $5,000 as well as details of mortgages and medical bills.

India takes action

Aside from Nasscom’s defensive posturings, the Indian authorities have taken some more positive steps to combat information theft and online frauds.

“Concerns have been raised both within the country as well as by the customers abroad regarding adequacy of data protection and privacy laws in the country,” admits Parliamentary Affairs Minister P R Dasmunsi. “A need is, therefore, felt to strengthen the legislation pertaining to data protection and privacy.”

An amendment to the IT Act, 2000 – which was originally intended to boost e-commerce in the country – will be presented to the Indian Parliament in the coming months. It will propose the development of alternative technologies for authentication of electronic records and will not warrant legislative changes each time a new and equally effective technology is evolved.

Nasscom is also setting up an independent Self Regulatory Organisation (SRO) to enforce stricter regulations for data protection in the BPO sector. The SRO aims to raise the bar in data security and privacy by including the best practises currently stipulated by certifications such as the ISO17799 standard for information security as well as data privacy and data protection laws worldwide. Besides setting benchmarks and training companies on the best data practises, the new organisation will also have the authority to punish and expel erring member companies.

“We are planning an SRO that will be initially set up by Nasscom but will operate independently with an independent CEO and board. Being a member of the SRO will, in effect, be a certification, as member companies will have to follow the best practises specified by the SRO,” says Sunil Mehta, vice-president of Nasscom. “We want to change the rules of outsourcing to India,” he says. “Customers should be interested in outsourcing to India not for lower cost alone but because of the superior data protection and privacy we offer.”

Research firm Gartner Group regards the actions as a positive development. “By increasing business confidence in outsourcing security, it potentially offers competitive advantages for Indian service providers,” says analyst Jay Heiser. “However, the body’s audit and enforcement provisions will need real power to be truly effective. Moreover, certain region-specific risks, such as those related to the enforcement of non-competition agreements and legal judgments, cannot be mitigated entirely by industry regulation. Businesses should continue to take significant steps themselves to ensure the security of their outsourcing operations, both offshore and onshore.”

Brand damage

Getting companies to talk about security matters is difficult enough; throw the words ‘India’ and ‘offshoring’ into the mix and they clam up beyond issuing a few ‘on message’ statements. It might be expedient to offshore and it might be in the best interests of the shareholders and the bottom line but from a brand and image point of view it is a hot potato.

For example, HSBC says the security measures employed in its overseas centres are exactly the same as those in the UK, that customer information is not stored onsite in its overseas centres and that operators in India can only access data remotely for the purposes of a specific customer enquiry. But while the proponents of offshoring might be conspicuously silent, its critics are not.

“It is becoming increasingly clear that the business case for offshoring is being eroded by the day,” says Dave Fleming of trade union Amicus. “There is a crisis in the Indian call centre industry. Labour costs are rising, turnover is out of control and middle management is ill equipped to deal with the challenges of managing offshore services.”

Corporate complicity

Critics would argue that UK firms have only themselves to blame. The low salaries that make India so tempting also mean that staff may be vulnerable to being tempted by cash offers from criminals. On the other hand, the same could be said of Eastern European countries or China. “This is an emotive subject, linked to the export of jobs in European centres to Asia, and largely to India,” says Graham Titterington, analyst with research firm Ovum. “There is no evidence to suggest that Indian workers are any less honest than their European counterparts, nor that these crimes are limited to outsourced services.”

He adds: “The regime in India may be as good as elsewhere but there is a big problem in ensuring security in any outsourcing contract and these difficulties are exacerbated by the remoteness of inter-continental arrangements. Security is about ensuring that things don’t happen. It is hard to prove a negative. If a contract says that the provider will do something, the customer can check that it was done. If the contract says that the provider won’t lose data it is hard to prove it hasn’t done so. There are major issues relating to all outsourcing contracts that need attention here, not just to offshore ones.”