Any handbook on the millennium bomb should have ‘Don’t Panic’ in very large print on the cover. Apparently the beguilingly simple problem of computers that think ’00’ is the year 1900 could result in scourges ranging from environmental disaster to the collapse of the financial markets. And it’s not just technology companies at risk: it’s everyone.
The millennium bomb, like Zaphod Beeblebrox’s spaceship, was initially rendered invisible by a ‘somebody else’s problem’ cloaking device. Everyone assumed the IT crew had it under control. But this is one area where delegating just won’t work.
‘You cannot delegate this sort of problem to junior IT staff,’ says Nigel Swycher, a partner at law firm Slaughter and May in London. He says it should be the charge of a CFO or other senior executive who has the power to seize the initiative and drive forward a solution process throughout the company. ‘The year 2000 problem is a commercial issue, it is not an IT or legal issue.’
Although the financial community has been relatively slow to react, it seems that analysts and investors on both sides of the Atlantic have woken up to the issue. JP Morgan analysts, for example, recently updated their prognosis: ‘It’s much worse than we thought.’
In short, IROs are finding that it’s no longer somebody else’s problem: it’s theirs too. ‘It’s looming out there,’ intones John Kahwaty, BankBoston’s IR director. ‘Anything that’s two years away doesn’t monopolize investors’ thoughts, but the level of interest is growing to a crescendo.’
‘Companies should realize this is a big deal from an IR standpoint,’ states Brian Lane, the SEC’s corporation finance chief. ‘As investors are more and more aware of the year 2000 problem, companies will have to show that they have it under control. Shareholders are going to need a lot of hand holding.’
The millennium bomb is a ‘forest fire’ threatening global information systems, and it could have ‘an impact on the stock market valuation of those companies, the market as a whole,’ Reuters CEO Peter Job recently warned Spanish business leaders.
Then there’s Senator Bob Bennett, leading the charge in the US and now taking his crusade to Europe: ‘I don’t mean to be a fear monger,’ he told a group of Germans in October, ‘but I am worried that the problem is not being addressed seriously enough. It could trigger a worldwide recession.’
Edward Yardeni, chief economist at Deutsche Morgan Grenfell in New York, is an acclaimed ‘superbull’ who also warns of a recession caused by Y2K (aka the year 2000 problem). The Gartner Group reckons spending on the problem will total $300-600 bn worldwide, an estimate at first greeted with hoots of derision but now regarded as rather conservative. As Yardeni gloomily points out, that’s a pretty big number compared with last year’s $407 bn in US company net profits.
The Gartner Group goes on to predict that perhaps one-half of companies with the year 2000 problem (and that’s virtually every company in one way or another) will not be fully compliant in time, a view that foreshadows torrents of litigation.
Some companies, of course, are getting their act together big time. However, the companies taking the threat seriously are definitely skewed towards large caps – those with the resources to really back up an effort.
Reuters followed up the comments from its chief executive in November by announcing its plans to cope with the problem. It mailed some 50,000 information packs to customers and suppliers explaining what the company is doing to change its systems. Geoff Wicks, director of corporate relations, says Reuters will divulge the likely costs of its millennium program to the financial community early next year – at the moment it is being absorbed in the group’s operational costs.
‘It certainly has become an issue with the City,’ says Wicks, adding that Reuters began raising the matter before being asked about it. Some other UK large caps are also getting their act together. Miranda Pode, senior manager of investor relations at UK supermarket chain Sainsbury, says the company announced back in May that it intends to complete updating all of its internal systems by the end of 1998. The bigger problem is ensuring that all Sainsbury’s suppliers are also up to scratch. Pode is keeping analysts and investors informed of progress there too. ‘We are working with our suppliers, not with a whip approach, but more with a helping hand. It’s a matter of cooperation.’
Many small and medium-size companies have not been so quick off the mark. ‘There really is far too much of a head-in-the-sand problem among them,’ says Martin Richards, a spokesperson for the UK’s Department of Trade and Industry. ‘All companies need to realize they have to do something about this now.’ And that means keeping investors and other stakeholders informed on the current state of play.
A recent DTI study found 45 percent of UK small and medium companies had not even examined their systems for millennium problems, let alone told anyone the timetable and costs of compliance. Scary Numbers
In the US the problem is just as acute. The latest data from Cap Gemini America, a French-owned computer services company, shows that only one in six Fortune 500 companies have begun implementing a Y2K strategy, while just one quarter have a detailed plan in place.
Howard Rubin, the millennium bomb guru who conducted the Cap Gemini survey, points out that the real cost of fixing the problem won’t even show up in the IT budget – that will only amount to 1-2 percent of companies’ total revenue – but in ‘the diversion of work to cover the fix as well as the true business impact.’ Rubin adds, ‘Investor awareness of the financial impact is still low. It will be a big issue in late 1998 and early 1999.’
Cap Gemini recently conducted a similar survey in the UK and found a corresponding level of complacency among companies of all sizes. Jacky Olivier of Cap Gemini UK warns that it is all very well showing investors a plan with milestones and completion dates, but there is an urgent need to secure the resources to back that up. She points out that available skilled personnel to deal with the millennium problem are going to become increasingly scarce over the next year. The end result will be higher wages and a greater effect on bottom lines. And a healthy contingency level should be built into the plan, adds Olivier, which should always be remembered when dealing with IT issues. ‘No two companies are alike and no two plans are alike,’ she says. ‘Dealing with the problem is like peeling an onion – revealing more layers underneath.’
In the News
Certainly attention is now being diverted to the millennium bomb in a big way, even if many investors are slow on the uptake. The US Securities Industry Association is spearheading an effort to overhaul computer code at financial institutions and initiate ‘street-wide’ testing, holding a ‘scenario planning’ session in September with another slated for January.
The US senate has been holding hearings on Y2K with testimony from the likes of the SEC’s Arthur Levitt and Brian Lane. Now legislation forcing listed companies to deal with the issue is under consideration.
But time is running out – fast. Nigel Swycher at Slaughter and May in London does not think legislation is an option – in the UK or anywhere – since by the time it is passed it will be too late. Swycher also questions the attitude of resorting to litigation before or after the event to gain recompense from other parties for lost business. There’s very little time to do it before the millennium now, and afterwards companies may just be surrounded by a collapsed business. Cooperation with other parties has to be the way forward.
In the meantime, a lot of confusion surrounds disclosure of year 2000 problems by public companies. For instance, news reports have suggested US companies are required to report year 2000 exposure and expenses as a potential liability in annual reports. And New York IROs at a recent National Investor Relations Institute chapter meeting wondered exactly when, not if, they would have to start disclosing spending.
In fact, the SEC has no millennium bomb rule nor plans to create one. Lane notes that companies have to report all material information, so if the year 2000 problem is material to a company’s results, it will be reported anyway. ‘We are reluctant to write a rule forcing disclosure of something that may not be material to certain companies.’
That’s not to say the SEC is ignoring the issue. Indeed Lane is keen to see IROs take the lead in raising Y2K awareness. ‘This is an opportunity for management to send calming messages to investors without necessarily cluttering up their disclosure documents. How about putting something about the millennium bomb on your Web page or in the annual report chairman’s letter, even if it’s not material to your company: We just want to assure you that we’re aware of it, we’re looking into it and we’re taking steps.’
The SEC will be monitoring filings carefully in case disclosure isn’t up to scratch and new rules turn out to be needed. Its year 2000 task force noted the stickiness of the issue in a June report: ‘It is not, and will not, be possible for any single entity or collective enterprise to represent that it has achieved complete year 2000 compliance and thus to guarantee its remediation efforts. The problem is simply too complex for such a claim to have legitimacy. Efforts to solve year 2000 problems are best described as risk mitigation.’ Guidance from the SEC is in the corporation finance division’s ‘current issues outline’ as well as ‘staff legal bulletin #5’.
Lane will work with Niri, or similar groups, to develop best practice guidelines. IROs, he says, could even be the ones to initiate task forces. ‘Companies should use this to their advantage. They should think about turning it into a positive message for a shareholder base that is only beginning to awaken to the problem.’
Into the Morass
All this is too little, too late, says Bob Austrian, senior enterprise software analyst at Nationsbanc Montgomery Securities. He helped prepare a broad-ranging report, Millennium Morass, which in September was sent to all Montgomery clients as well as companies covered by the firm’s securities analysts. The report shows that companies are seriously behind schedule, and that disclosure should be a lot more detailed. A search of 1996 reports from Fortune 500 companies revealed hardly any mention of the millennium bomb. Even more alarming, a survey sent to 5,000 IT managers in March was returned by just 67, showing either a lack of awareness and progress, or a disturbing unwillingness to disclose initiatives.
The millennium bomb affects all companies, not just a few, says Austrian, who also testified before the senate subcommittee in October. An investment of over $40 mn to fix the bomb is common, while some companies have estimated they will spend more than $200 mn. The average Fortune 500 company will probably spend $100 mn. ‘Yet current policy has resulted in only a few companies saying anything at all,’ Austrian continues. ‘Others are unaware of the problem, or they’re aware but not saying anything. And even the information from companies that do reveal a year 2000 problem is far too general to help investors size up the risk.’
Austrian says some of the reticence might be explained by a concern over liability. ‘It remains unclear whether speaking up about the millennium bomb is a good idea from a risk management and liability perspective. Then there’s the possibility of legislating one-time costs to fix the problem, instead of the existing pay-as-you-go solutions, which are a burden on operating earnings.’
BankBoston’s John Kahwaty, for one, proudly claims his company is ahead of the Y2K curve, and can even show shareholders proof in the form of ITAA Year 2000 certification. ‘We have invested a lot of time in the project and can tell a pretty good story,’ he says, citing a 50-strong team working full-time to fix the problem. Kahwaty adds they should be ready to start testing by the end of 1998. ‘Technology is a black box to so many people, but we can tell them Here’s what we’ve done, where we stand and where we intend to be.’ Another question BankBoston has to field is what the fix costs – about $50 mn for this company.
Kahwaty also notes the long reach of the millennium bomb. ‘We’re constantly passing information to and fro in this highly electronic world. We may be able to control our own code, but what about other companies we deal with? We have to make sure we’re aware of all those intersections and permutations, proactively understand how far along others are, and see what we can do to accelerate the solution.’
Failing that, why not invoke the contingency plan suggested by one UK IRO? He intends to be in a cottage in the middle of nowhere on January 1, 2000 – well out of the way of any flight path. He’s buying a load of food, candles, coal and books and will only re-emerge once things are completely back to normal.
But how long into the new millennium will he have to wait?
What questions have we heard from investors?
- Is spending on this problem incremental or part of existing IT budgets?
- If the spending is to come from existing IT budgets, what will be cut?
- Will spending on this problem end in the year 2000?
- Will the IT industry be able to make it through this crisis?
Source: JP Morgan Securities Equity Research
Information investors should have:
- Estimated amounts and timing of direct costs (comprised of labor, software and hardware investments), liability risks and their respective probabilities
- High-level quantified assessments of systems that need to be fixed
- Schedules for achieving compliance
- Quarterly reporting of milestones completed relative to the plan as well as new risks recently encountered
Source: Nationsbanc Montgomery Securities
