Researchers from the Indian Institutes of Management (IIM) at Lucknow, Amritsar, and Kashipur have collaborated to develop a comprehensive framework aimed at guiding India’s capital market players and banking sectors in adopting Software-as-a-Service (SaaS) technologies. These cloud-based services allow software applications to be delivered over the Internet, eliminating the need for organisations to install and maintain software on their own servers.
Despite the widespread global adoption of SaaS, its uptake in India has been relatively slow, particularly within regulated industries such as banking and capital markets. The research, which has been published in the esteemed Journal of Organisational Computing and Electronic Commerce, delves into the reasons behind this hesitation and provides valuable insights on how firms can assess the risks associated with SaaS adoption.
“Popular SaaS applications like Google Drive and Microsoft 365 are familiar to many, offering cost savings and flexibility,” explained Professor Arunabha Mukhopadhyay from IIM Lucknow, who led the research. “However, SaaS adoption has been slow in India, particularly in highly regulated sectors, mainly due to concerns over data security, privacy, and regulatory compliance.”
The research team aimed to address these concerns by introducing a risk-based IT governance framework designed specifically for organisations in regulated sectors. The framework helps these organisations assess and manage risks related to cloud-based software, focusing on key issues such as data security, loss of control, and regulatory compliance.
The team also identified that decisions surrounding SaaS adoption in regulated industries are often shaped by how leadership views and manages these risks. To support these decisions, the researchers developed a model that takes into account factors like an organisation’s risk tolerance, security protocols, and internal processes. If the perceived risks of adopting SaaS are deemed too high, the model suggests that firms should take appropriate steps to mitigate them before proceeding. Conversely, if the risks are manageable, organisations can confidently move forward with SaaS adoption.
“Our study, which includes a case study of a capital market firm, demonstrates that organisations evaluate SaaS adoption not solely by assessing the technology itself, but by thoroughly assessing the associated risks,” said Professor Mukhopadhyay. “We highlight the importance of managing risks related to data security and regulatory compliance, which are crucial in sectors like banking and capital markets.”
The research offers practical implications for both SaaS providers and organisations in regulated industries. For SaaS providers, the findings provide valuable insights into how they can tailor their offerings to address the specific security and compliance needs of businesses operating in these sectors. By understanding the concerns of regulated industries, SaaS providers can better align their solutions with customer expectations, making them more attractive to potential adopters.
More Read
For organisations, particularly those in banking and capital markets, the study provides a framework to evaluate and manage the risks associated with SaaS adoption. Understanding how to effectively navigate these risks will enable organisations to adopt SaaS solutions with greater confidence and ease, ultimately driving innovation and efficiency.
The research team also included Swati Jain from IIM Amritsar and Shubhendu Dutta from IIM Kashipur. Together, they emphasised that the framework they developed contributes to a deeper understanding of the factors that influence technology adoption, particularly in industries where regulatory requirements and security concerns are paramount.
In conclusion, the research from IIM Lucknow, Amritsar, and Kashipur offers valuable insights into how India’s banking and capital markets sectors can more effectively adopt SaaS technologies while managing the risks involved. With the help of this new framework, organisations can confidently navigate the complexities of SaaS adoption, ensuring that they meet both operational and regulatory requirements while embracing the benefits of cloud-based solutions.
