How to avoid costly mistakes when adopting new retail tech

The retail world continues to face significant turmoil, perhaps more than any other sector. The traditional high street is changing fast and even successful online operations are having to re-think how they maintain market share and profit. Interestingly, according to MasterCard, 2018 saw the best retail sales (online and offline) in six years, in-store sales increased by as much as 5%, while eCcommerce grew by almost 20%. Is this trend down to individuals simply having more disposable income, or are there other forces at play?

Retailers, who are increasingly turning to eCommerce in order to maintain market share, are using technology and data solutions in exciting new ways so that they can stay ahead of the curve.

The choice of new technologies is vast – knowing what to deploy, and when and how best to deploy it is not easy. We have noticed five key technology trends that are worthy of consideration:

  1. Experiential shopping: more sophisticated eCommerce platforms to enhance the shopper experience, especially for luxury brands
  2. Increasing use of mobile apps in retail
  3. Augmented reality
  4. Engagement with social media
  5. Speed of fulfilment: consumers increasingly expect same or next day delivery

When critical strategic decisions have been made about what technology to deploy, there are some key legal and commercial considerations to ensure that the opportunities offered by technological adoption do not turn into headaches. Here are a few issues for CTOs and C-Suites to consider.

What are you seeking to achieve?

Where do you need to invest to maintain business? What might you invest in to gain market share or improve the bottom line? 

Choosing tech is like any other business decision. It’s about due diligence. Research from the Queensland University of Technology has shown business leaders often make poor decisions when it comes to technology because they don't accurately weigh the benefits with the costs. Think about what the ‘oppo’ is up to. Competitive analyses have been around for decades, but can you widen the scope beyond potential threats and barriers to see what technology your rivals, or new upstarts, are leveraging?

Having the right tech, or leveraging existing tech in a novel way, to support your business has a way of making all things equal and allows a start-up to compete head-to-head with a well-established player. But remember: the key rule is only to invest in technology that fills a hole or makes real business sense.

Are your VIPs on board?

Having customer insights can help prioritise your technology needs and shed light on where to improve their experience online. Have you undertaken adequate market research, including from your customers? 

Don’t forget to get buy-in from your internal stakeholders. Appropriate resource needs to be allocated to any complex tech project and, of course, budgeted for to ensure that it runs smoothly, including setting up a project team and test user group.

Have you allowed enough time and resource?

Many advanced technologies require more than a financial investment - they demand a lot of time. It is difficult to rely on technology to take over completely. To avoid such a mistake, you should add a human component to all interactions and constantly do A/B tests to determine the best options.  

Technology solutions require experts to help you choose and deploy optimal solutions so spend some money on hiring external resource if you don’t have access to the right skillsets.

Managing supplier risk – the importance of due diligence and a robust contract!

Due diligence is under estimated – physical, financial and technical diligence on your vendor can be tedious but it is paramount. And, of course, don’t forget to speak to several referees who have deployed the same solution.

What about the legal stuff? Is the new tech replacing existing functionality or required to ‘plug-in’ to other platforms already in use across your business? What rights do you have to terminate those existing relationships or create connections with relevant platforms? How might you de-risk agile software development projects.

Contracts for new tech platforms should cover the following:

  • Data migration
  • Parallel running
  • How much configuration (or customisation) is needed
  • Deployment: phased or big bang
  • Availability and other key service levels/downtime
  • Support
  • Training
  • Data privacy and data security (see further below)
  • Remedies for breach and termination rights (including rights linked to unavailability and persistent service failures)
  • Liability and indemnities
  • Scalability
  • Compatibility and the use of APIs/SDKs
  • Roadmap of solution development
  • TUPE risks
  • Disaster recovery and business continuity - what is Plan B and how quickly can a workaround be deployed to keep an e-commerce system live?
  • Last but not least: cost certainty

Your ability to negotiate these topics may depend on your bargaining power, but consideration of these issues will help you assess the level of risk and allow decision makers to proceed on a well-informed basis.

Data protection impact assessment (DPIAs)

One of the new requirements for businesses under GDPR is to conduct a DPIA when performing any data processing, including certain specified types of processing, which are likely to result in a high risk to the rights and freedoms of individuals. Under the GDPR, failure to conduct a DPIA may leave you open to enforcement action, including fines. Not undertaking DPIAs remains a shortcoming for many firms unnecessarily exposing them to regulatory action and damage to reputation.

Initially, DPIAs were conducted using spreadsheets and other basic tools; now there are a number of software options to assist businesses in conducting DPIAs and accelerating the process. Online retailers are increasingly using these software options to conduct consistent, comprehensive DPIAs and to share the information with relevant stakeholders. 

As part of this, consider how you can get your third-party software developers and other providers to take responsibility for helping you to achieve compliance with GDPR compliance where they are designing new solutions for you.

Security, security and more security!

Many ICO fines relate to data breaches caused by poor security. This should be a key focus especially if your solution processes customer data. Your contract with third party providers should include adequate provisions designed to allow you, as controller, to comply with Art 28 GDPR (controller/processor processing provisions) which include a focus on security. In addition to that requirement (which is pretty generic), we suggest retailers seek robust contractual reassurances about specific security levels that meet their specific requirements as well as industry accreditations – such as ISO 27001. You may also need to share your own security standards with the vendor, check they can comply with these, and embed them into the contract. You may also wish to consider including requirements for the vendor to confirm what responsibilities they will have for penetration testing and for vendors to agree to provide you with the results of those tests and to implement remedial actions.

Police your contract

It can take substantial effort to police contracts well and doing so will really help to avoid problems, especially when deploying complex, time critical and/or cost sensitive solutions. Taking the time to implement and follow robust governance procedures will pay dividends. For example, is the supplier deploying all relevant patches in a timely manner? Not doing so a common failing (as shown in many ICO data breaches) and can lead to security vulnerabilities. 

New times, new skills

As technology progresses and retailers continue to innovate, relevant staff also need to be upskilled to ensure they are able to implement, maintain and use new solutions that are introduced. Above all, this applies to internal tech teams who are on the frontline when it comes to technological development and/or customers - having a good technical understanding of the intricacies of how new eCommerce platforms work will likely be beneficial to everyone in the business.

By their very nature, online retailers have embraced technology but as the eCommerce sector becomes increasingly competitive, continuing to move forward with technological advancements will depend on attracting, and retaining, the best tech talent. As we all know, the battle for the right tech talent is a competitive one. Building retail experiences of the future, which will attract customers and foster long-term customer loyalty is likely to require the best tech talent, making it vital to stay ahead of the game and to nurture the experts in these roles.