The worlds of the cloud and payroll are getting closer.
It sounds like a complete contradiction. We associate the payroll with precision, the highest security and data protection. The term “cloud”, on the other hand, suggests that data can be found anywhere in cyberspace where there is a little place free. But if the positive aspects of both worlds are combined, they really do create a new business model for the still very traditional world of salary administration.
Salary administration occupies an important position in HR and business life. In some companies, the monthly payroll is still almost the only fleeting point of contact between employees and the HR department. Mistakes in payroll accounting or lack of confidentiality damage employer marketing more than any other HR weakness: when it comes to money, we are sensitive.
In everyday usage, the terms “salary accounting”, “salary administration” and “payroll” are often used synonymously; the context defines the exact meaning. In reality, however, there are two interlinked but separate processes: master-data administration and the payroll accounting, whereby payroll accounting comprises exclusively the monthly payroll with the associated follow-up activities.
In the past, this separation was irrelevant. In many companies with in-house salary administration, one and the same person is responsible for both master data and payroll accounting. This scenario is the classic among the tried-and-tested business models: payroll accounting is kept in house. Software is purchased and installed on in-house servers, and the payroll accounting is done by the company's own personnel. Especially in small companies, the responsibility frequently lies on the shoulders of a single person, who had therefore better not get ill or go on holiday during the monthly payroll period. Weighing up the risks and benefits, some companies come to the conclusion that the potential internal security breaches and personnel risks are greater than those of a professional outsourcing provider and the whole matter is outsourced. The salary administration is therefore run on the payroll system of an outsourcing provider and, depending on the service level selected, the latter also takes care of the entire payroll with all associated follow-up activities. The personnel master data is then managed either by the outsourcer or by the company itself on the same system.
Cloud payroll now provides a clean distinction between master-data management and the payroll. This schism has not been artificially imposed, but is due to a new generation of human-resources information systems (HRISs). HRIS from the cloud allows companies to lease a complete HRIS system and use it for all operational and strategic HR processes. Cloud-based talent-management processes are now nothing new to us, but here we are concerned with much more: global and local master-data and data organizational management, no less.
Of course, it has been possible to manage employee data in cloud-based solutions for several years, but such applications were generally limited to global (globally unified) data and did not include any master data of direct or indirect relevance to the payroll.
The new HRIS-from-the-cloud developments are real all-rounders that leave nothing to be desired compared to their in-house competitors. They are lacking nothing: from country-specific local requirements through the consideration of company-specific needs to the maintenance of an accurate employee history.
And you can do even more than their predecessors. Employee self-services and mobile apps are part of the standard program and do not require complex technical implementation. Just one click into the app store provides a supervisor with the employee data of his/her team on his/her smartphone. The full advantages and flexibility of HRIS from the cloud are currently only available to a few companies. An HR department realises just how much easier it is to navigate such a ship especially during turbulent times of reorganization, company acquisitions, takeovers and other events that have a major impact on the personnel structure. Even though we talk of HRIS from the cloud, from a technical point of view, the cloud is usually private and hosted in a physical data centre of the software manufacturer.
If a company opts for such a latest-generation cloud-based HRIS, then just one “small” piece is missing from the puzzle to complete the HR processes: namely, the monthly payroll. All data and information required for this is already available, but a fault-free payroll has to be integrated and, of course, this has to be done in accordance with the applicable legal requirements for each country involved. The company will not generally implement this payroll accounting in house, as this would be starkly contrary to the chosen cloud strategy. Instead, the payroll accounting is handed over to a dedicated outsourcing partner, which reliably generates the payroll month by month and provides employees with electronic pay statements based on data from the cloud HRIS. For the company itself, the payroll system is a black box to which it will have no access at all. But why? Data integrity is the obligation of the company – it is responsible for its own HR data – the payroll system simply functions as a “computing machine” for which the outsourcing partner periodically provides the company with results and legal analyses. The services and payroll results are governed by transparent service level agreements between company and service provider.
In the end, only the result matters – correct pay statements in accordance with the legal requirements and punctual payment of wages into the accounts of the employees. What used to be the sacred cow of the Personnel department is now gradually becoming the commodity product that can be obtained from precisely from where the price/performance relationship is right. In summary, cloud payroll is based on three pillars: HRIS from the cloud, a lean payroll solution and a “magic” third component that ensures the clean integration and communication of the two core pillars.
Here, we are not talking about simple interfaces, but online communication, based on web services that ensure that, as soon as a new employee is included in the HRIS or a modification is made, this data is also reflected in the payroll.
If the HR department of a company is the heart and soul of this type of business model, a security officer can soon dampen its ardour by bombarding the provider with critical security questions, because security has to be guaranteed at all levels. On the one hand, this applies to the networks and communication paths, for which encrypted connections are mandatory, and on the other hand, the software provider's data centre must withstand the critical gaze of security experts. These scrutinize the data storage, backup procedures, recovery procedures, data access in the support department and other topics. Even if the data centre is in tip-top condition and decorated with ISO certificates and inspection reports (such as ISAE3402), unfortunately, this is still not enough to satisfy security freaks. Of course, the shared-service centre where the payroll is processed has to undergo the closest scrutiny. How do the employees work in this centre? Do they follow the prescribed procedures and safety guidelines? Where is the service centre actually located? The data centre could be located in Switzerland, for example, but the service centre operated from Ireland, and there could also be a whole network of subcontractors distributed around the globe. And who can guarantees that the reins of the service centre will not be passed from Ireland to India the day after tomorrow? The fact is that it is impossible to define all possible and impossible eventualities in advance and to the satisfaction of all parties. It just takes an amount of trust in the supplier, its business policy and its employees. A look at the provider's existing customer base and making contact with existing customers is extremely valuable in the decision-making phase and underpins the famous gut feeling. This gut feeling has to be supplemented by clear arguments that address the issues raised above. In the times of the NSA there will always be a residual risk, but it can be confined with the appropriate provider.
Published: 14. January 2014