Comment Blog 5 April, 2018

Risky business? An introduction to risk in the procurement of public services

The public-private debate has been renewed and government outsourcing is under scrutiny. Since the collapse of Carillion, a manufacturing firm responsible at the time of liquidation for 400 government contracts, there have been four select committee inquiries launched into outsourcing.

Government outsources public services to achieve value for money for goods and services. Many parts of the public services—from IT services to means-testing benefits to construction work and the manufacturing of MRI scanners—are outsourced to a third party. This should achieve better value for money, as the third party is able to deliver the goods or services more cheaply and expertly than government.

Government also tries to outsource risk. This is increasingly a priority to public sector commissioners. Gill Plimmer and Jonathan Ford in the FT report, one of the two main arguments in favour of PFI is “transferring risk” to the private sector. Good risk management is essential to the government achieving value for money when outsourcing public services. However, risk is not managed perfectly or understood properly by government. Bernard Jenkin MP, Chair of the Public Administration and Constitutional Affairs Committee, explained last week:

“we’re looking at the whole relationship between government and a set of 27 or so contractors. Where government seems to have transferred a great deal of risk to these business without understanding how much risk it’s actually transferred and how much risk it actually cannot transfer and this risk in relation to Carillion has come boomeranging back to government because government clearly didn’t understand those risks”.

Some risks are better outsourced than others

Risk in public sector procurement describes the uncertainty with which goods or services might be delivered (i.e. will they be delivered on time, at the right cost, volume, condition, etc.) Within a public-sector context, risk can be either a threat or an opportunity. A service might be delivered cheaper or faster than expected thus creating an opportunity for the provider. Conversely, if the good or service is delivered later or at a greater cost, the public sector does not lose out.

Risk is assessed and outsourced according to types or categories:

  • Market risk: the risk that the public-sector market might change. For example, an economic shock might increase unemployment thereby changing the profiles of people referred to employment services.
  • Financial risk: the risk that the project will cost more than expected. This might be the result of unforeseen circumstances. For example, a failure in the supply chain may force a company to buy goods at a higher price.
  • Political /policy risk: the risk that a change in policy or political climate will affect the demands of the service. For example, a change to health and safety regulations could prohibit certain medical treatments in the UK. The provider responsible may have to supply new treatments at a different price or quantity.
  • Reputation risk: the delivery of a service may be unpopular or unsatisfactory among the public or in the political sphere, which may threaten the reputation of the organisation. For example, the private-sector provision of sensitive services, such as work-capability assessments, are more likely to receive criticism based on the nature of the service being outsourced, rather than the quality of delivery.

Some risks should not be outsourced to the private or third sector. Third parties cannot manage political risk as well as government can, as government is in the best position to forecast policy and to lesser extent public opinion. Attempting to outsource this risk will not lead to good risk management.

Conversely third-parties can manage the financial and market risks. If they are responsible for financing the project initially – as they tend to be in PFI deals – it makes sense that they shoulder the risks of poorly forecasting expenses. Yet financial risk cannot be totally outsourced. In the rare event of supplier collapse – as was the case with Carillion – the government can still incur financial costs. Nonetheless, outsourcing some of these (financial and market) risks can be exemplar of good risk management – not risk transfer. In the Work Programme, providers were not paid (after year 3) unless they helped people into work. The supplier therefore bore the risks of its approach working or not.


Risk shared, not transferred

Mr Jenkin revealed an important truth: risk cannot be fully outsourced to third-party providers of government services. Ultimately, government is legally responsible for providing a good or service – from shelter and healthcare to employment services. Contracting a provider to deliver these services cannot fully outsource responsibility. As is the case in the Work Programme example, government remains responsible for achieving policy aims such as reducing unemployment. Furthermore, even types of risk such as financial risks cannot be totally outsourced or transferred.  If the company collapses, the government will still have to pay for the public service. The word ‘transfer’, then, is misleading as the government can only ever share the risk. This is not to say sharing risk with the private sector is useless, but to say that transferring the risk to the private sector is not totally possible. A further blog will explore how risk can be shared, and ultimately better managed, between government and third-party providers.

Rose Lasko-Skinner, Research Assistant, Reform