[colinmorelli]

Not that long ago, Kronos, another time management and payroll company, faced a ransomware issue that caused a complete payroll outage for a month at some of their companies.

The fact that a bank failed in 24 hours and Rippling made changes to the system to route around that bank and raised capital to front customer payrolls on behalf of their employees is incredible. The default action would be to wait it out.

You really should be able to show appreciation in a situation like this. This is not “normal course of business” stuff.

[TheNewsIsHere]

I fully agree this is obviously (and should be!) out of the ordinary.

I’d be glad to do business with a company that cares. In my business, I walk away from prospective vendors that don’t demonstrative proactiveness or that just follow the pack.

I would absolutely expect them to be able to route around issues with a single bank in the same way I would expect Cloudflare to be able to route around issues facing a single data center. with that kind of business it doesn’t make sense to have a single point of failure with the money you manage. There should certainly be more than one bank in their portfolio, and the differences should be small enough to capitalize in an emergency.

If you’re not mitigating risks brought by your most important vendors, then you’re not mitigating your own risks. Any organization that’s serious about payroll will ask it’s payroll vendor about planning for various out-of-band failures.

[colinmorelli]

I appreciate your take here, but frankly I think it ignores the absolutely enormous world of vendors and partners out there, and the challenges that startups face when navigating it.

Quite simply, there absolutely is neither enough time nor mental space to deeply evaluate and understand these types of risks for all of your vendors. Further, this is one of those risks that is abundantly clear in hindsight but a person without deep financial experience or one who hasn't gone through this exact problem would really have no reason to understand or ask about it.

In fact, a person without intimate knowledge in payroll software might have no reason to even understand that there is an intermediate bank account in which funds are parked en-route to employees. It's just extremely unrealistic to expect someone to be thinking about this when picking a payroll vendor. Just like it would be unrealistic for me to expect an employer to perform a deep analysis of an insurance company's historical MLR and books to ensure they're sufficiently liquid and solvent to fund an employee's medical emergency.

Like it or not, social proof is a fairly critical construct in the world, and without it we'd be stuck spending more time analyzing our decisions than we do living with them.