acm-header
Sign In

Communications of the ACM

Virtual extension

A Five-Factor Framework For Analyzing Online Risks in E-Businesses


Why is it that e-businesses have not performed in line with expectations in the past years? Despite very optimistic projections for business-to-business (B2B) e-commerce not long ago, businesses have been very cautious in embracing this technology. One of the critical factors playing a major role is the risk associated with online commerce. Thus, a framework for evaluating online risks is needed to analyze the impact of e-business in the B2B world. The traditional process of buying and selling can be viewed as a model with conventional risk mitigation instruments including escrow, insurance, and contracts. As global B2B trade progresses using the e-business as its medium of choice, an array of new business models, new processes, new fulfillment needs, new services, and new technologies have emerged, resulting in a new set of online risks. These new online risks have created an imbalance in the traditional buying and selling process. Against this backdrop, we present a new framework for examining the various risks in the online B2B buying and selling process.

Are there fundamental flaws in the e-business models? E-business has paved a path for new growth potential for many businesses around the globe. E-business is emerging as the medium of choice in trade and is replacing traditional commerce. The quantum rise and then the fall of B2B vertical and horizontal exchanges within the electronic marketplace (E-marketplace) have been well documented. Current B2B models have three fundamental flaws: economics, not quality, is being pursued by the current models; sellers are being pressured by price wars, profitability, and customers; and customer priorities have not been considered [11].

Some of the brick-and-mortar companies have made e-business the solution of the future. Corporations can now trade goods and services, ranging from plastics to medical equipment, with potential unknown buyers and sellers using online technology. These trading hubs might be further enhanced in the future to deliver substantial value to their members, including greater liquidity, better pricing, good quality, better delivery time, faster transactions, and better quality assurance.

By creating these trading hubs, e-marketplaces are initially focusing on gaining a critical mass of buyers and sellers in order to establish themselves as the leader in their particular core competencies. The e-marketplaces are currently preoccupied with experimenting with different types of business models such as sell-side auctions, buy-side auctions and pure exchange formats. In the B2B exchange market segment, the ability to be the first in the business, that is, gain the first-mover advantage, is the paramount goal.

Amid this rush, many primary services that customers require have surfaced. These services include guaranteed transaction services, financing services, quality assurance, integrated shipping, foreign exchange and international fund transfers. Traditional service providers and new entrants have taken the reins to offer these primary services online.

Internet consulting firms believe in potential growth despite recent setbacks. New business models are evolving. New buy and sell processes will make an impact in e-business and some of them may fail. New technologies are paving a road for growth and some of them will be questionable. New fulfillment needs will arise and some of them will go unanswered.

With the advent of these online services, new technologies, new processes, new business models, new fulfillment needs, and new online risks have surfaced, and these risks have accounted for some of the downfall of the e-business. In this article, we conceptualize a framework of these risks to better understand the way we do e-business.

Back to Top

On the Subject of Risk

Although we have encountered both the positive and negative effects of B2B business, a formal comprehensive framework to analyze risks is yet to be presented. However, some models and frameworks have been proposed that address risk mitigation.

Some studies have drawn attention to certain aspects of risk. Some of the risks associated with e-business are due to weak procedures in the software development process, deficiencies in e-business protocols, and other technology-related problems [6]. There are hosts of other e-business risks that must also be addressed such as accidental or erroneous processing of business transactions [8].

One study illustrated that there are administrative threats in the form of risks such as password sniffing, data modification, spoofing, and repudiation [2]. Risks associated with fraud are due to the rapid growth of e-businesses in general as well as the rapid growth of e-business that lack internal controls and good business sense [1]. Many studies evaluate e-business risks solely from an IT and/or security point of view [5, 9].

A model of traditional and e-business designed to build trust in the e-business environments has been established [7]. A model using global e-business processes has been presented by Caelli [3]. This latter model includes integrated schemes by financial institutions and consumers, open standardization, international standards for security and technology, and international agreements on legal, social, and economic systems. However, these models have not explicitly considered the elements of risk. A framework for trust requirements in e-business was developed [4]. Although the framework does not view trust with respect to risk, it does identify complexities in the world of e-business. The complexities that are identified relate to technology, process, and services. These complexities may be extended to business models and fulfillment needs as well. The literature regarding the measurement-of-risk attitude of management concluded that decision makers can be simultaneously risk-seeking and risk-averse in different domains, that is, context-specific [10].

Since there are numerous risks surrounding online trade, a framework to study and understand these risks is necessary. This study illustrates a synergistic view of the online risks.

Back to Top

Traditional Buy and Sell Business

The traditional buy and sell business can be established as a process, as shown in Figure 1:

  • a. Buyer approves a vendor using certain criteria;
  • b. Seller approves a customer using credit feed from credit bureaus and other selection criteria;
  • c. Buyer orders goods and services through purchase order;
  • d. Seller accepts the purchase order;
  • e. Both parties guarantee payment and receipt of goods using a letter of credit;
  • f. Seller sends an invoice and the buyer accepts the invoice;
  • g. Seller initiates the order by shipping the goods using a logistics provider;
  • h. Buyer accepts the goods/services;
  • i. Buyer verifies goods and services for quality;
  • j. Buyer approves payment, gets financed if needed, makes payments using financial institutions;
  • k. Seller accepts payments;
  • l. Sometimes disputes are resolved after dunning, and payments are collected using external legal and collection agency services.

This process works well regardless of whether the supply chain and backend computer services are connected or not. The performance and efficiency of the process depends on the presence or absence of connectivity. If the supply chain and backend services function efficiently, the traditional process will perform very well.

In this traditional process, there are four different players: buyers, sellers, suppliers and service providers. As we can see in Figure 1, the financial institutions and other service providers, such as logistic providers, collection agents, and legal firms, constitute the service providers. Financial institutions offer services such as financing the buyer and financing the seller, as well as being the intermediary for payment processing. These financial processing services include traditional checks, wire transfer, and electronic fund transfer. On the consumer side of the buy/sell process, the financial institutions are also involved in credit and debit payments. Service providers offer logistics, warehousing, global transportation, inventory management, and all other fulfillment needs. The suppliers are material suppliers, contract manufacturers, and computer hardware, infrastructure, and software providers who support the traditional sellers. In addition, the suppliers support the buyers by providing them with consumer reports, computer hardware, infrastructure and software. These four players have efficiently provided a buy/sell process in the past and continue to be players in the traditional business arena. This balanced traditional model has certain risks. The service providers (such as financial institutions, logistics providers, credit bureaus, insurance companies, banks providing letter of credits) have mitigated most of these risks. In the traditional model, the service providers charge the buyers, sellers, and suppliers to mitigate their business risks. Evaluating the risks of the technology in use and enhancing the technologies using new, emerging technologies can mitigate certain technology risks. The players have evaluated the risks of doing business and lowered their exposure with proven processes, business models, technology, fulfillment methods, and services.

Back to Top

Transformation of Traditional Business to Online Business

Let us transform this traditional buy/sell process to the conducting of business online. As seen in Figure 2, the fundamental buy/sell process does not change significantly online; however, new risks have been introduced.

There is an established perception that online businesses are faster and this has changed the relationship between suppliers and sellers. Buyers expect faster fulfillment and suppliers have to work in maximum synchronization with the sellers. As with the traditional model, this online transformation of buy/sell process works very well when the supply chain and backend services are connected and work together. The performance and efficiency of the online process depends on the presence of this connectivity. If the supply chain and backend services function well, the online process will be efficient and will perform as expected for the online community of buyers and sellers.

In this new online buy/sell process, there is now an extra player who plays a critical role as shown in Figure 2. This is the required online service provider. These service providers are essential in bringing together the online buyers and sellers. These new online service providers offer credit verification services, digital authorization and authentication services, online financing, online payments, online business intermediations, Internet hosting, and Internet collaborative tools to buyers, sellers, and suppliers. There are also other new service providers such as online financial transaction companies, online insurance companies, and online logistics providers who have newer business models and new business processes. The traditional service providers of insurance, finance, and logistics have also set up these new online services. Therefore, the online scene has the traditional buyers, sellers, traditional service providers, suppliers, and the new online service providers. In addition, some of these new online service providers have collaborated with traditional service providers to form intermediaries. E-marketplaces that provide online buy/sell transactions are examples of these new online service providers.

Some of the new online service providers have established their new processes, new technology, and new business models. The traditional buyers, sellers, suppliers, and the service providers have also changed their business models to suit the new online method of doing business. Moreover, they have modified their processes, introduced new processes, and introduced new technology to do online business. By introducing these new processes, new business models, and new technologies, the buyers, sellers, suppliers, and traditional and online service providers have introduced new risks.

These new risks have been either partially mitigated or not mitigated at all. Figure 3 illustrates the framework of online risks caused by new services, business models, processes, technology, and fulfillment needs. The framework outlined in this article will help us to understand the various risks that have surfaced as a consequence of online B2B business.

Back to Top

Five Sources of New Online Risks

The new online risks may be attributed to the following five functions that have emerged for online B2B business: new services, new business models, new processes, new technologies, and new fulfillment needs. Each of these five functions plays an important role in this framework. These functions have, in fact, defined the role of online B2B business. Figure 3 illustrates the five functions of this framework. The functions of services, business models, processes, technologies, and fulfillment needs are offshoots of their traditional roles. They have been transformed to form these new functions to accommodate the online business scene.

New services. The rise of the e-business has changed the way that many organizations function and exist. The services that have been offered by the service providers are disparate, since the e-business promotes integration of systems which otherwise function as islands. When disparate services are provided to organizations, their exposure to risk increases. Furthermore, these services are threatened by internal factors including lack of standards, lack of regulations and rules, and lack of support systems. This contrasts with traditional service industries that have deep-rooted support systems, rules, regulations, and standards. The external factors that threaten the new online services are volatile online political sanctions, natural hazards, legal issues, environmental issues, and other political instabilities.

New business models. New business models have emerged on the online scene. Portal models such as dynamic pricing, free products and services, demand-sensitive pricing, and so on, may add further risks. Products and services have made their way to the e-business to be sold by original manufacturers, certified resellers, and sometimes non-certified resellers as well. The original manufacturer or service provider may find it attractive to channel their marketing and sales efforts using e-marketplaces or exchanges, only to find that the owners of the e-marketplaces or exchanges have different business models than their conventional marketing and sales practices. When the business models of the original manufacturer are not aligned with the certified resellers or non-certified resellers, the original manufacturers will be exposed to various new risks. The business models are threatened by internal factors like loss of revenue, due to the cost of poor image, and so forth. In this case, these business models are threatened by socio-psychological external factors including trust, confidence, and other such factors.

New processes. New e-business processes have surfaced to fill a real business need. Companies that have emerged onto the online scene have changed the old processes to build new business models. Integration of external partner process with internal process has created new reengineered processes. These new processes may expose new risks. The creation of real-time process for e-business may also expose new risks. New outsourcing processes may also create risks for the business. Some of these new processes are threatened by internal factors such as stringent product specifications for specific market needs. The processes are also threatened by external factors such as perceived quality of products and services.

New technology. E-business uses emerging technologies. Most of these technology applications may not have been tested for scalability, security, and availability. The integration with other software products has also been a challenge. Integration of various systems and software has exposed the integrated system's vulnerabilities. These vulnerabilities may highlight unique risks caused specifically by integration. Furthermore, security risks have been well documented in the literature [5, 9]. The internal factor that threatens new technologies is integration of systems and the external factor that threatens the technologies is security.

New fulfillment. The perception of online fulfillment has changed. Products and services are needed almost in real-time in this online world. E-business may bring in sales from many directions. The integration of these real-time sales orders with the existing supply chain management and order fulfillment may expose risks. Inefficient fulfillment integration with external distribution providers may also expose risks. The internal factor that threatens the new fulfillment needs is supply chain management. The external factor that threatens the fulfillment is the real-time demand for products and services.

Back to Top

Conclusion

The framework presented in this article can help us understand the various risks involved in B2B commerce. The conceptual framework presented examines risk from five critical dimensions—services, business models, technology, fulfillment, and processes. For all five factors, we also listed external and internal sources of risk. Online businesses can benefit from a careful consideration and analyses of these five factors that are primary sources of risk. Such a planned risk analysis exercise can provide insights to practitioners of e-business, procurement managers, marketing managers, IT managers, as well as academicians. It remains to be seen if understanding and mitigating risk will indeed be the turning point for B2B commerce.

Back to Top

References

1. Baker, C.R. An analysis of fraud on the electronic business. Electronic Business Research: Electronic Networking Applications and Policy 9, 5 (1999), 349–359.

2. Bhimani, A. Securing the commercial electronic business. Commun. ACM 39, 6 (June 1996), 29–35.

3. Caelli, W.J. Information security in electronic business. PACIS'97—The Pacific Asia Conference on Information Systems, Brisbane, Australia (1997), 1–5.

4. Jones, S., et al. Trust requirements in e-business. Commun. ACM 43, 12 (Dec. 2000), 81–87.

5. Kolluru, R., and Meredith, P. Security and trust management in supply chains. Information Management and Computer Security 9, 5 (2001) 233–236.

6. Muiznieks, V. The Electronic business and EDI. Telecommunications (November 1995), 45–48.

7. Papadopoulou, P., et al. Trust and relationship building in electronic business. Electronic Business Research: Electronic Networking Applications and Policy 11, 4 (2001), 322–332.

8. Ratnasingham, P. The importance of trust in electronic business. Electronic Business Research: Electronic Networking Applications and Policy 8, 4 (1998) 313–321.

9. Salisbury, W., et al. Perceived security and World Wide Web purchase intention. Industrial Management and Data Systems 101, 4 (2001), 165-176.

10. Shapira, Z. Risk Taking: A Managerial Perspective. Russell Sage, New York, 1995.

11. Wise and Morrison. Beyond the Exchange: The future of B2B. Harvard Business Review (Nov. 2000), 86–96.

Back to Top

Authors

Ganesh Vaidyanathan ([email protected]) is an assistant professor at the School of Business and Economics at Indiana University, South Bend, IN.

Sarv Devaraj ([email protected]) is an associate professor of management in the Management Department at the University of Notre Dame, Notre Dame, IN.

Back to Top

Figures

F1Figure 1. Traditional buy/sell process.

F2Figure 2. Transformation of traditional buy/sell process to online.

F3Figure 3. Framework of online risks.

Back to top


©2003 ACM  0002-0782/03/1200  $5.00

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. To copy otherwise, to republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee.

The Digital Library is published by the Association for Computing Machinery. Copyright © 2003 ACM, Inc.


 

No entries found