Learn about Insider
Enterprise technology leaders are actively partnering with startups to help make their organizations more innovative and agile. Co-creating with startups can help kickstart innovation, provide CIOs with access to hard-to-find skills in emerging technologies, and round out digital transformational strategies. Their unique focus and approaches to innovation can make startups a highly advantageous partner in delivering business value in ways traditional vendors can’t offer.
“Startups often build new products and services using less cost. By working closely with them, IT leaders can become more dynamic, proactive, self-determining, self-regulated, flexible, strong, robust, and resilient,” says Dr Suresh A Shan, a technology consultant with Mumbai-based rural non-banking financial company Mahindra & Mahindra Financial Services. Prior to working as a consultant with the company, Shan served as its head of digital innovation for over a decade.
But IT leaders must do more than simply embrace the innovation edge startups can offer; they must also ensure business continuity and sound operations. The rush to partner with startups can result in relationships that are not aligned to both parties’ interests, leading to significant business-technology risks for a CIO.
Here are some common traps IT leaders fall into when partnering with startups and how to steer clear of them.
Identifying the right startup to partner with can be challenging. There are so many startups vying for IT leaders’ attention that it can be difficult to filter through the clutter. In the Indian market alone, startups have increased 90-fold over the past five years, from 726 in FY 2016-17 to 65,861 in FY 2021-22, according to Indian Commerce and Industry Minister Piyush Goyal. The US startup market is also booming, with more than 70,000 active startups. Partnering with startups is an option for CIOs across the globe.
With startups proliferating across IT services, finance technology, technology hardware, enterprise software, and artificial intelligence, among other domains, knowing where to focus your search for an innovation partner can be overwhelming.
According to Sushant Rabra, partner for management consulting at KPMG, “A good multistage diligence process involving the startup’s founders, customers, platform, among others, is a must while shortlisting a startup. Enterprises organize hackathons to select startups based on a technical solution. While such initiatives help in evaluating the maturity of the platform, they fall short on other areas. In the absence of a multistage due diligence process, an enterprise could face third-party risks. There could be cases of IP infringement or pending claims against a startup, which can come upon an enterprise also as it uses the same IP. Similarly, digital data laws are stringent; if an enterprise partners with a startup that isn’t compliant, it too could be liable for penalty.”
This diligence doesn’t end at selection, Rabra adds.
“Even after a project has been awarded to a startup after all the checks, the due diligence process should continue in parallel,” he says. “There have been instances of startup founders and employees facing legal cases and regulatory actions. An enterprise can run into reputational and association risk if it partners with such a startup.”
Startups can also introduce more volatility into your partnership portfolio. For example, a startup could function smoothly for one or two years before folding up, owing to various reasons. The founders could pivot to a new business model or new investors could come in with a different focus for the company. Also, the startup landscape is extremely competitive and when one company becomes successful in a particular area, lots of other players come in. In such a situation, if the startup doesn’t acquire customers aggressively, there could be viability issues. Any of these scenarios could result in a CIO losing capex and risking business continuity.
To hedge against such risks, CIOs should maximize their organization’s brand power to their advantage. “Startups need big logos on their resumes, but it is risky for any IT leader to engage with them as they are not known in the market and don’t carry impressive credentials. The best way, which serves well for both parties, would be to work with startups on an evaluation basis without any commercial agreement,” says Mayank Bedi, assistant executive director of IT at Dalmia Bharat Group, an Indian conglomerate with interests in cement, sugar, and power.
Recalling his engagement with a startup when he was led IT at agriculture equipment manufacturer VST Tillers Tractors, Bedi says, “We got the startup to work on attendance automation and visitor management. There was nothing to lose as we were not commercially liable to the startup and even if it left midway, there would be no impact on business as these were non-business-critical projects. Meanwhile, the startup had to prove itself else it would lose a big brand like VST Tillers Tractors. It worked hard and delivered the project.”
Once the startup passes the evaluation process, IT leaders should still take measures to guard against assuming too much continuity risk, he says.
“For enhancements and improvements to the solution, a CIO can then pay the startup based on mutual understanding. However, it will still be prudent to hold 10% to 15% of the payment lest the startup fails to deliver the complex change requirement. Also, IT leaders should have access to the source code so that they can deploy the project through another competent partner,” Bedi says.
Enterprise technology leaders expect complete and proper flow, planning, and execution of a project. “Often startups make tall claims to bag an enterprise account. They showcase their revenue, customer references, and large teams. However, the real picture emerges only once the work begins,” says Bedi.
And that’s where hidden talent factors can play an outsize role when partnering with lean startups.
“Startups are often dependent on a few star performers who could be in sales or technology. If these few individuals leave, then there is a talent risk for the startup, which could impact its operations,” says Rabra.
For Bedi, it came as a rude shock when he found out a startup he was working with on a project didn’t have an internal development team and instead relied on a third party for its deliverables. “We had partnered with a startup on a customer onboarding project. A delay of 15 to 20 days is acceptable but alarm bells ring when there is a significant overrun of timelines. In our case, there was a delay of more than two months,” says Bedi. “Not only a lack of bandwidth but also the brief that the startup receives from the enterprise and passes to the third party gets lost in translation. It doesn’t help that the startup didn’t read the detailed business requirements document.”
Unfortunately, it’s tough to cut this risk altogether, Bed says. “There are few IT leaders who verify the credentials of a startup to the extent of asking the CVs of their team members. Even if some do so, some startups resort to ‘body shopping,’” he says, referring to the practice of recruiting workers to contract their services out on a tactical short- to mid-term basis.
So, what’s the way out? The best approach is to open a clear line of communication with the startup and ensure transparency. “In my case, I asked the startup what the issue was holding up the project. Once I understood the problem, I got the startup, its extended arm, and my internal team to all come to the table and discuss the project and means to complete it on time. This way one can overcome the scope creep, disintegrated approach, and delayed timelines,” says Bedi.
One of the biggest risks in partnering with any organization stems from cybersecurity. More so partnering with startups, which are becoming top targets for organized crime as they are perceived as lacking robust defenses against hackers. In a connected world, this could put their clients at risk.
According to the State of Startup Security 2022 report brought out by Vanta, only 27% of startups have a dedicated security team or person, and 75% of respondents thought they should improve their security. The study included over 500 technology leaders from startups.
“While there is lot of progress happening around cybersecurity, there is no end to it. At the end of the day, it is all about striking a balance between risk and control. For a large enterprise in a regulated industry, such as a bank, the risk appetite is very low, while a startup has a moderate risk appetite as it prioritizes nimbleness and innovation. So, it is up to CIOs to see whether their enterprises’ risk appetite matches with that of the startup they want to partner,” Rabra says.
“To ensure security, most CIOs adopt a compartmentalized approach wherein the startup works in one compartment and the other business-critical infrastructure is in another compartment and nobody is allowed to touch this core. This way, even if a cyberattack does happen, there is minimum damage to the enterprise,” he says.
This trap has more to do with the enterprise than the startup. Enterprises culture can be tough to change. And when introducing a startup approach or mentality into the equation, projects or transformations can easily be derailed by cultures resistant to change.
“For an organization that has been around for more than two decades, accepting something coming from a startup is not easy. People in large organizations, based at the last mile, are resistant to change. Then there is a difference in the working styles. A large enterprise moves at its own pace while a startup works nimbly,” says Shan, who has worked extensively with startups in rural India.
Here, enterprise expectations can also be a problem, Shan says.
“When it comes to the levels of customization in a project, enterprises have unrealistic expectations from their startups. For instance, in a multilingual project it is tough to bring more than 60% language clarity for any partner. However, I have seen corporates flexing their muscles and pushing startups to get it to 90%, which is next to impossible and leads to friction. Some corporates even threaten startups of a takeover,” he says.
To promote acceptability of new technology in the enterprise, Shan leverage live use cases. “We showcase case studies on how technology can enable work more efficiently. We also incentivize users, by giving them gifts, to adopt new technology,” he says.
“Enterprises should have a clear idea about its process, policy, procedures, and the purpose of the outsourcing to the startup, supported by documentation, people and processes. The clarity of dos and don’ts from the corporate’s side gives more strength to the startup to know, build, plan, and execute the project with full confidence,” Shan adds.
Yashvendra Singh is regional executive editor for India and Southeast Asia.
View the archive