Category Archives: Technology

Dangerous Procurement Predictions Part I

If you read my predictions post, you know SI hates predictions posts. It fully despises them because the vast majority of these posts are pure optimistic fantasy and help no one. Why are the posts like this? Because no one wants to hear the sobering reality off of the bat in the new year and the influencers care more about clicks than actually helping you.

But given how dangerous and costly the hopeful fantasy has become, not only did SI swallow its disgust and give you a realistic predictions post, but it’s going to collect and lay bare the most dangerous of the predictions that, even if seemingly innocuous, will lead you astray if you believe them. And now some of the influencers and LinkedIn aficionados are taking up the claims, and the charge, but like many other claims, they are overstated.

Today we tackle the first three, but you can expect this to be the first of many posts as dangerous prediction posts flood your feeds for the rest of the month.

1. The “Great Convergence” Accelerates

The claims of of the ORChestration providers is that all roads lead to them, the convergence will accelerate, and you won’t have to worry about what you need because, as long as you have orchestration, you’ll have it all!

For example, if you want to use the largest orchestration provider in S2P, your are limited to the platforms they have already integrated. The same goes for the second or third largest. Plus, if the providers you want to integrate aren’t reasonably sized Source to Pay providers, good luck expecting the workflow to support them appropriately.

Moreover, they were built to minimally support the existing solutions, not emerging solutions in the Source to Pay and extended Supply Chain Marketplace. In other words, the convergence will continue at a snails pace, but it will never be great!

2. “X” Finally Gets Modern Attention

It doesn’t matter what X is — if X has been needed, but ignored, for the last ten years, it’s NOT going to all of a sudden be addressed this year. For whatever reason, it will continue to be ignored.

Example #1, Cybersecurity.

As per my recent post on breaking down the risks: IP / cyberattacks, the risk of cyberattacks has been high since 2014, a year when 71% of organizations were affected by a successful cyberattack! Ten years later, 70% of small to medium sized businesses are still getting hit by cyberattacks. (Which means that if it was going to get major attention, shouldn’t 2014 have been the year?!?)

Nothing has changed — the reason? Cybersecurity is seen as a cost, not a return. So, when a successful attack results in significant losses, organizations spend on improved cybersecurity, and ignore it until the next significant successful attack hits, and that is the only time they will spend for new systems across the board, and that’s it. That’s why cybersecurity, inside and outside the organization, won’t get any more attention this year than last year.

Example #2, Risk Management.

There’s a big reason it’s been the exact same risks in the state of procurement studies and reports for at least the last five, if not the last ten, years. It’s because, despite the fact that risks keep increasing, no one ever does anything about it … there’s no additional investment in risk management software. Why? Again, it’s seen as a cost and not an investment. And when you’re already paying for insurance, why pay for what, at best, seems like more?

Even though the cost of insurance will soon be unaffordable given that natural disaster and fraud losses are going through the roof, if you can even get insurance at all, risk management solutions are still being ignored by every organization that hasn’t suffered a major loss as a result of a risk-related event. (And who knows if insurance will cover AI losses when AI escapes the vending machine? It’s a question you should definitely be asking!)

Example #3, Direct.

That’s supply chain, right? Right?

Wrong! But that’s the view that the vast majority of Source-to-Pay providers have taken since the beginning. Sure a few big suites picked up a few smaller players that specialized in direct sourcing, but that’s about it from the big players. And there are a few startups here and there, but they’re all overlooked, underfunded, and not getting any traction.

Because it’s hard. Damn hard. And the majority of S2P players don’t want hard. They want easy. They built easy. They sell easy. And that’s all they want to do. (And, often, all they can do!)

We could continue, but you get the point.

3. One of the big legacy S2P suites will go out of business.

This is a prediction straight from the genius of Gary Wright. Only a Dream Weaver would predict this! This has happened exactly once since our space began in the late 1990s, and it wasn’t exactly going out of business, it was a big acquirer deciding the space wasn’t profitable enough and shutting the vendor down. Specifically, it was IBM shutting down Emptoris and shunting all the customers to SAP Ariba in 2017.

Every big provider in this space is controlled by PE who have poured tens, hundreds, or thousands of millions (that’s billions) into the firm. If it starts losing money, and if they think they can’t turn it around, rather than shutting it down, they’ll flip it to another firm at a loss (to recover some investment) who will pick up some fire sale acquisitions, integrate them, update the UX, install a whole new management team, fluff it up, rebrand it, and bring it out with a whole new spin. Like ERPs, Suites never die. Even if they’re twenty years behind the times.

So if a new big player hits the scene, check under the covers, do a bit of research, and dig up those skeletons. PE knows how to make everything old new again, but tech is not like fashion, and you don’t want two decades old SaaS, as that’s just the same old sh!t.

Who’s Funding Your ProcureTech Vendor?

This question is more important now than ever! Not only is the RCD (Relative Corporate Debt) of many FinTech companies too high right now (See: Calculating RCD), signalling a decline in customer service and potential abandonment, if not outright vendor failure down the road, but the ongoing viability of many VC and PE firms, or at least their ability to support their investments, is also in question.

Many firms are too heavy on AI plays that are still losing as much as $4 (or more) for every $1 of revenue they take in, requiring massive ongoing investments to maintain. Even big PE funds only have so much cash to burn, and the only way they can do this is to liquidate assets and holdings if they can, or, in the worst case, simply write off losses (and associated future costs) of those holdings they can’t liquidate.

Softbank’s end-of-year investment in OpenAI really puts this into perspective, as chronicled by Mr. Klein of Curiouser.AI and Berkley in this LinkedIn post.

As far as I am concerned, this is bad news for any of SoftBank’s FinTech holdings that may require funding in the next few years, and a warning to make sure you don’t select / continue / depend on any of their FinTech holdings where they have a large or majority stake until verifying those holdings are profitable and likely to stay that way! (Now, SoftBank has traditionally had very good investment chops, so it’s likely the majority of holdings are profitable …)

However, they aren’t the only firm making huge over-investments in AI and weighting the portfolio down with companies that might never see a profit. This means that this warning also applies to many other Tech investment funds, starting with Thrive, Dragoneer, Altimeter, and Coatue who also have large stakes in OpenAI. They could all end up in the position where they are going to have to sell off / dump assets to maintain the ridiculous losses OpenAI is seeing, and any holdings not performing well will likely be the first to go / get dropped. (Remember that the average age of the first three of these groups is 15 years, and they are [becoming] modern SaaS/AI heavy, whereas Softbank Capital has been investing for 30 years, and is a lot more diversified. Softbank may be able to weather a complete crash in OpenAI valuation if it occurs. But these other firms may not!)

But, as we noted, the real warning is not for SoftBank or these other mega funds (in the significant 8 and 9 digit range) that have funds to weather a storm. It is for the smaller funds, especially those less than 1 Billion, that are too AI heavy.

As a result, when selecting any FinTech platform, you need look at the portfolio of any investment player with a substantial majority stake. If a large segment of the portfolio of a significant/majority investor is “AI” companies losing money hand over fist, then the vendor of that FinTech platform cannot be considered a stable vendor if it is not profitable. This is because you can’t count on the fund having the resources to support the vendor to profitability, even if vendor is a fund darling. This is the case even if the RCD calculation looks good! A lot of the smaller funds can’t afford an AI crash given the AI-heavy focus of their SaaS portfolio.

(Face it. An AI crash is coming. Too much valuation against too little return, and investors only have so much patience. The only thing we don’t know is how severe the crash is going to end up being. Is it going to be a minor drop across the tech markets or a major crash like the 2008 housing crash or the 1999/2000 dot com crash?)

The Real Value of the Sourcing Innovation Mega Map (2026 Ed)

1) It shows you how expansive the space is and why you need proper Assisted Solution Selection:
[Successful Vendor Selection: The Series]

2) It shows you how unstable the space is:
a) Fifty-Four (54) companies are gone.
b) Ten-Plus (10+) have been acquired and/or renamed …
… and could be discontinued / go out of business at any time!
c) for some functions, there are too many options!

a+b) While a disappearance rate of roughly 6% a year is only about 20% higher than normal, it’s just the tip of the iceberg! Right now, the RCD (relative corporate debt) of a majority of vendors is too high and we’re on the cusp of a purge unseen in two decades (that most of you won’t remember). I am still predicting up to 15% disappearance for the next 18 to 24 months between

* mergers/targeted acquisitions so both firms can remain on the cusp of viability
* fire-sale acquisitions to pick up talent and customers
* outright bankruptcies from vendors who aren’t getting funding

because the market is still tight, the software project failure rate is at an all time high (88%, 94% for Gen-AI), and your C-Suite (who got burned last time) is still afraid to give you budget.

Post Edit: Happy to say I’m not alone. See THE PROPHET‘s predictions for the FinTech investment market for 2026:

c) even when you segment by spend-size (not market size), culture (not geography), and industry, you still can’t support more than a few dozen players. In some cases we have 100!

3) It proves that, statistically, there are quite a few vendors that are not good.

[How to Select a Vendor NOT likely to screw you over; Part of
The MOST important clause in your (Procure)Tech (SaaS) Contract Series]

I’m going to remind you again that some estimates put the number of psychopaths in professional positions in NA at 5%, 3 of the 4 top jobs they seek are Salesperson, Lawyer, and CEO … and they are all attracted to the industries with the most money. Right now, that’s FinTech (subsumes ProcureTech).

As many as 1/20 sales people/CEOs don’t care if you get value or not, as long as they get the deal. Especially when the firm took too much money and they have to hit unrealistic sales targets to keep their jobs!

For those of you who believe all founders and all sales people honestly want to deliver value, as a former developer/architect/CTO, I will tell you this: bullsh!t!

Some founders see their peers doing startups and getting rich in 5 years and just want the same. They’re building to sell, not to build long term customer value.

But sales people can be much worse! I have had the displeasure on more than one occasion to work for companies in tech positions where, even after the sales person was expressly told the product didn’t do X, couldn’t do X for Y months/years, and it wasn’t on the roadmap, still told the customer X was available today and they’d have it on initial implementation if they signed the deal now. (These are usually the same salespeople that never seem to stay anywhere too long …)

And here’s our updated Cascading Mega-Map 2026 Edition!

STOP PAYING PROCURETECH/FINTECH ADVISORIES A DOLLAR JUST TO LOSE THREE DOLLARS!

Last week, in our post where we asked if ProcureTech Generated Billions While Practitioners Lost Trillions, we noted three things:

  1. Approximately 1.8 Trillion Dollars (more than the annual GDP of 92% of the countries on Earth) will be wasted this year on Tech-Related Spending
  2. Approximately 600 Billion Dollars will be spent with the big consultancies and analyst firms who do Financial (Technology) and Procurement (Technology) consulting and advisory
  3. That’s three dollars lost for every dollar spent on big consultancy and advisory firms

So how do you stem the bleeding? Especially if you can’t STOP spending mooney on tech advisory because you can’t stop spending money on technology because you can’t survive in today’s digital world without it?

You STOP forking over (high) six and seven figures without a guaranteed return! In other words, unless they save you some coin, then your money they will not purloin!

More specifically, if they are promising outcomes, then (the majority of) their compensation should be 100% dependent on outcomes. If you don’t make bank, then their compensation will tank.

To be even more precise, don’t buy:

  1. any technology platforms where the majority of compensation is tied to successful sourcing events, transactions, etc.
  2. any GPO services unless it’s 100% outcome oriented
  3. any functional outsourcing unless the majority of compensation is tied to ROI

Now, the technology providers and consultancies will push back, steadfastly claiming that their technology and services are worth way more than they are charging, but here’s how you counter:

  1. you will pay a base annual fee for the platform that will cover 150% of their base hosting costs, so they won’t lose, and then a percentage of transactions, identified savings through sourcing events, contract value, etc. where the percentage is calculated such that if you save 100% of their promised savings, they will make 50% more than what you would pay on a fixed cost after negotiation — if they are so confident in their claims, this should be a no-brainer
  2. you will pay a fixed amount on each transaction, calculated based upon the expected savings before you sign the contract, and if they can deliver the savings, you will definitely be using them regularly — and, as with the Tech Provider, you will calculate this so that they win bigger than if you pay them a fixed cost IF they generate a return for you
  3. you will pay a fixed rate per hour that is enough to cover the assigned personnel cost (their salary plus 30% overhead), and any compensation beyond that will be dependent on the department delivering an ROI beyond a certain amount (which is the amount required to cover the basic fee you are paying them); and again, you’ll fix the compensation such that if they deliver 100% or more of what they promise, they will win big too

Now, you’re probably saying the doctor is daft by telling you to offer them 50% more than what you’d have to pay on a fixed cost basis if they deliver, but here’s the reality, without incentive, THEY WILL NOT DELIVER!

There is an 88% technology failure rate across the board, and 94% failure rate if it’s a (Gen-) AI project. The reality is, as we pointed out in our series on how, even if they have good intentions in the beginning, your (technology) vendor will screw you, the vast majority of systems fail to deliver, because, once the contract is signed and you have access to the system, they have zero incentive to do anything else for you.

Similarly, once they have you on a multi-year contract, why should the GPO or consultancy have any incentive to go beyond the minimum? If you want them to continually serve you and look for ways to generate a return for you, make it worth their while. And then you won’t be paying them one dollar just to lose three dollars in return!

This is where you start. Then, you question any consulting contract over 100K to 200K as a mid-market and 1 Million as a large global enterprise. At that point you have to define the value you expect and what gain-share agreement you are going to craft to ensure it.

Breaking Down the Risks: IP/cyber attacks

The risk of cyber-attack and IP theft over digital domains is constant and high and not going away. Not much need to be expounding the pounding on this one, but we will and give you a few tips on reducing the risk.

Expounding the Pounding

Cyberattacks remain high. Incredibly high. In 2014, a high year for cyberattacks, a NetIQ (acquired by AttachmateWRQ) Cyberthreat Defense Report found that 71% of organizations were affected by a successful cyberattack in 2014 (while only 52% expected to fall victim again in 2015). ( Source )

In 2024, North American organizations experienced an average of 1,298 cyberattacks per week, according to Check Point Research, which represented a 55% year-over-year increase in attacks. These attacks affected over 70% of of small to medium-sized businesses, according to Embroker. In other words, despite the continued increase in security software, standards and protocols, cyberattacks haven’t decreased, and neither have their success rate.

Reducing the Risk

Procurement is going to have to finally embrace cybersecurity best practices in everything they do as well as work with IT to ensure that all of the applications they buy or license meet these best practices as well.

Note that when we say best practices, we don’t just mean ensuring the technology meets all the latest specs, but that the organization, and its personnel, also ensures that they they take information security, operational security, and physical security seriously as well. An organization that doesn’t protect its information outside of systems is insecure, and if this includes passwords, the systems have been compromised with one login attempt. An organization that doesn’t maintain proper physical security makes it easy for an experienced hacker (who understands social engineering) to walk in, access a system that is logged in, extract the access keys for the broader systems, and the organization’s systems are then completely accessible by a hacker. And of course, if the organization doesn’t maintain proper operational security, its employees will let hackers right in no questions asked and all of the systems will be compromised.

This will require proper training and monitoring until everyone understands the issues across the entire organization.