Quintelli Technologies

Why Your Transformation Program Is Stalling (It's Not the Technology)

2026-01-10T00:00:00Z

At BCG, I worked on transformation programs where the strategy deck was brilliant — hundreds of slides, clear logic, compelling ROI projections. Eighteen months later, the client would be 30% through the roadmap, over budget, and quietly wondering whether to pull the plug.

Then I went to Razorpay and BrowserStack. Fast-moving companies. No transformation “programs” — just continuous change, sprint by sprint, with immediate accountability. Things shipped. Things broke. Things got fixed. The contrast was striking.

The lesson I took from both experiences: transformation fails because of execution design, not technology selection. The technology almost always works. The organization around it usually doesn’t.

The Four Failure Patterns

After seeing enough of these programs — from both the advisor side and the operator side — the failure patterns are remarkably consistent:

1. Technology-led strategy. Someone decides “we need to move to the cloud” or “we need an AI platform” without first defining what business outcome they’re trying to achieve. The technology decision precedes the business decision. This is backwards, and it leads to expensive infrastructure that nobody knows how to use for anything that matters.

2. Roadmaps without owners. The transformation roadmap exists as a beautiful Gantt chart. Everyone nods at the steering committee. Nobody owns specific outcomes. When things slip, there’s no individual who feels personally responsible. At Razorpay, every initiative had a single owner who presented weekly. The accountability was uncomfortable and effective.

3. “Change management” as communication. Most transformation programs treat resistance as a messaging problem. “People just need to understand the vision.” No. People resist change because their incentives, skills, and daily workflows aren’t aligned with the new reality. That’s a structural problem, not a communication one. Fix the structure, and the messaging takes care of itself.

4. Vendor dependency by accident. This one is insidious. It starts with a reasonable vendor selection, then scope creep, then institutional knowledge concentrating at the vendor, then the realization that switching would cost more than the original project. By the time leadership notices, the vendor effectively controls the transformation timeline. I’ve seen this pattern at government institutions where the vendor relationship outlived the original contract by years.

What Works Instead

Start with a 90-day horizon, not a 3-year one. Long-range roadmaps are necessary for budgeting, but they’re terrible for execution. The teams doing the work should be focused on what they’re delivering in the next 90 days, with clear milestones and visible progress. Course corrections happen quarterly, not annually.

Measure business outcomes, not project milestones. “Platform migration complete” is not a business outcome. “Customer onboarding time reduced from 14 days to 3 days” is. “60% of support tickets now resolved by AI” is. If your transformation metrics can’t be stated in terms a CFO cares about, they’re the wrong metrics.

Do vendor due diligence like you’re buying a company. Before committing to a major technology vendor, examine: What’s the total cost of ownership over 5 years, including migration, training, and customization? What’s the exit cost if the vendor underperforms? How dependent will you become on their professional services team? What happens if they get acquired? Most organizations evaluate vendors on feature checklists. That’s necessary but insufficient.

Build internal capability from day one. Every transformation program should be reducing dependency on external help over time, not increasing it. If your team can’t explain how the new system works six months after implementation, the transformation hasn’t really happened — you’ve just outsourced the problem.

The Due Diligence Most Organizations Skip

There’s a type of technology due diligence that almost nobody does well: evaluating a vendor’s claims against real-world performance with organizations similar to yours. Reference calls with the three clients the vendor recommends are worthless — of course those went well. The real signal is in the references the vendor doesn’t volunteer, the implementations that ran over budget, and the customers who switched away.

When we do technology due diligence, we look at four things that matter more than the demo: integration complexity with your existing stack, vendor staff turnover on your account, contract terms around price increases and exit, and the gap between the reference architecture and what you’ll actually deploy. The demo is the least informative part of the evaluation.

The Leadership Question

Transformation is a leadership exercise disguised as a technology project. The technology decisions matter, but they’re downstream of harder questions: Are we willing to change how we work? Can we hold people accountable for specific outcomes? Will we make the organizational changes that the new technology requires?

If the answer to those questions is “not really,” save the budget. No platform can compensate for an organization that isn’t ready to change how it operates.

Telecom Regulation Is Being Rewritten. Most Operators Are Watching.

2026-01-28T00:00:00Z

I spent years at Ericsson during India’s early network modernization — the period when the country’s mobile infrastructure went from nascent to one of the most active markets in the world. Later, at Google India, I watched the same sector from the policy side: spectrum auctions, infrastructure sharing debates, cybersecurity mandates, and the emergence of digital public infrastructure like UPI and Aadhaar.

What strikes me now is how much the regulatory conversation has changed. A decade ago, telecom regulation was primarily about spectrum allocation and interconnection pricing. Today, regulators are weighing in on network architecture choices, cybersecurity investment requirements, sustainability reporting, data localization, and even the environmental footprint of tower installations. The regulatory surface area has expanded dramatically, and most operators haven’t updated their approach to match.

The New Regulatory Agenda

Here’s what’s actually on the table in India and key global markets:

Network modernization mandates. Regulators aren’t just encouraging 5G — they’re setting coverage obligations, timelines, and quality benchmarks that force specific investment commitments. TRAI’s recommendations on 5G rollout obligations are just the beginning. Miss these targets, and spectrum license conditions come into play.

Cybersecurity as a regulatory obligation. CERT-In’s 2022 directives were a wake-up call: six-hour incident reporting, mandatory log retention, VPN user data requirements. For telecom operators running critical infrastructure, the cybersecurity compliance burden is intensifying. The Telecommunications Act 2023 adds further obligations around network security and lawful interception.

Sustainability requirements. This is the regulation that most telecom companies aren’t taking seriously enough. SEBI’s BRSR (Business Responsibility and Sustainability Reporting) framework, combined with growing investor pressure on ESG metrics, means operators need to account for the carbon footprint of their networks — including thousands of diesel-powered tower sites.

Infrastructure sharing pressure. India’s tower sharing model through companies like Indus Towers and ATC has been relatively successful, but regulators are pushing further: active sharing, spectrum sharing, and open-access fiber models. The IP-1 (Infrastructure Provider) licensing framework is evolving to enable new entrants and reduce duplication.

Why Reactive Compliance Is Losing

The default operator approach to regulation is: wait for the final order, then build a compliance program. This worked when regulation changed slowly and predictably. It doesn’t work anymore.

Here’s why: by the time a regulation is finalized, the terms have already been shaped by the companies that engaged during the consultation process. TRAI’s consultation papers, DoT working groups, and industry body submissions are where the actual regulatory design happens. The companies present in those rooms influence the outcome. The ones who show up after the gazette notification just comply.

I saw this clearly during my time leading government affairs at Google India. The technology companies that engaged early in the data protection conversation — with informed positions, credible data, and constructive alternatives — had meaningfully different outcomes than those who waited and reacted.

Spectrum Strategy Has Changed

Spectrum is still the most valuable regulatory asset in telecom. But the strategy around it has evolved beyond “bid high, win the auction.”

Portfolio thinking. Smart operators are managing spectrum across bands — not just acquiring new spectrum but optimizing existing holdings. Sub-1 GHz for coverage, mid-band for capacity, mmWave for dense urban and enterprise. The portfolio balance affects network economics for 15-20 years.

Sharing and trading. India’s spectrum sharing and trading framework opened in 2016, but adoption has been cautious. The operators that figure out creative sharing arrangements — particularly in enterprise and rural deployments — will extract significantly more value from their holdings.

Renewal and refarming. Several major spectrum licenses in India are approaching renewal. The conditions attached to renewal — coverage obligations, technology mandates, pricing — will be shaped by the operator’s relationship with the regulator and their engagement during the renewal process.

Regulators love infrastructure sharing because it reduces duplication, accelerates deployment, and theoretically lowers costs. Operators are more ambivalent because sharing can erode competitive differentiation.

The mistake I see most often: treating infrastructure sharing purely as a cost exercise. The real question is strategic. Which elements of your network are competitive differentiators (and therefore worth building independently) and which are commodities (and therefore worth sharing)? Passive infrastructure — towers, ducts, fiber routes — is increasingly commodity. Active elements and core network intelligence are not.

The operators that approach infrastructure sharing strategically, with clear views on what to share and what to protect, will do better than those who either resist all sharing (expensive) or share everything (commoditizing themselves).

What Smart Operators Are Doing

Three investments I’d recommend for any operator navigating this environment:

1. Regulatory intelligence capability. Not a policy team that reads gazette notifications. A function that systematically monitors consultation papers, parliamentary proceedings, judicial orders, and international regulatory trends — and translates them into strategic implications before they become compliance requirements.

2. Stakeholder relationships. Building trust with regulators, policymakers, and industry bodies is a long-term investment. It can’t be done in a crisis. The relationships need to be in place before you need them. This means engaging constructively on issues that matter to regulators (rural connectivity, cybersecurity, digital inclusion) even when they aren’t top commercial priorities.

3. Strategy-regulation integration. Technology decisions and regulatory strategy need to be developed together. If your network planning team and your regulatory affairs team operate independently, you’ll end up with plans that look great technically but face regulatory barriers — or compliant plans that make no business sense.

The telecom regulatory landscape is being rewritten. The operators that participate in writing it will shape their competitive environment for the next decade. The rest will operate within rules designed by others.

AI Governance Belongs in the Boardroom. Most Boards Aren't Ready.

2026-02-15T00:00:00Z

When I was at EY building AI products — competitive intelligence platforms, invoice reconciliation tools, commercial optimization systems — governance was barely a conversation. The question was “does it work?” and if the answer was yes, it shipped. That was five years ago. The world has changed.

Today, boards are asking questions about AI that most management teams aren’t prepared to answer. Not “are we using AI?” but “how are we governing the AI we’re already using?” And for companies operating across jurisdictions, the answer often reveals an uncomfortable truth: governance hasn’t kept pace with adoption.

The Real Problem Isn’t Missing Governance — It’s Bad Governance

The knee-jerk response to AI risk is to create governance layers. Approval committees. Review boards. Checklists. I’ve seen organizations where getting an AI use case approved requires sign-off from seven different functions — legal, compliance, risk, data privacy, IT security, the business unit, and a dedicated AI ethics committee.

The result? Innovation stalls. Teams route around the process. Shadow AI proliferates. The governance framework technically exists but practically doesn’t.

The opposite failure is equally common: governance that’s so high-level it means nothing. A one-page AI policy that says “we commit to responsible AI” without defining what that means operationally. No risk classification. No clear decision rights. No mechanism for enforcement.

What Actually Works

The governance frameworks I’ve seen succeed share a few characteristics:

Risk-based classification, not blanket rules. An AI model that recommends product features is a different risk profile than one that makes lending decisions. Treating them the same way — either too strictly or too loosely — is the core design error. The EU AI Act gets this right conceptually with its tiered approach (unacceptable, high-risk, limited risk, minimal risk). The implementation challenge is mapping your specific use cases to those tiers honestly.

Clear decision rights. Who can approve a new AI use case? Who decides when a model needs retraining? Who’s accountable if something goes wrong? These questions sound basic, but I’ve worked with organizations where nobody could answer them clearly. Good governance makes the answer obvious.

Automated monitoring where possible. Manual compliance reviews don’t scale. If your governance depends on someone remembering to check a spreadsheet every quarter, it’s already failing. Model performance monitoring, data drift detection, bias auditing — these need to be built into the pipeline, not bolted on as afterthoughts.

The Regulatory Landscape Is Converging

The EU AI Act is the most visible regulation, but it’s not the only one. India’s Digital Personal Data Protection Act affects how AI systems handle personal data. Sector-specific regulators — RBI for banking, TRAI for telecom — are developing their own AI guidelines. CERT-In directives are adding cybersecurity requirements that touch AI systems.

For companies operating in multiple jurisdictions, this creates a compliance matrix that’s genuinely complex. The pragmatic approach isn’t to build separate compliance frameworks for each jurisdiction but to design governance that satisfies the most stringent requirements and then adapt downward. Start with EU AI Act rigor and you’ll meet most other standards by default.

What Boards Should Be Asking

If you’re a board member reading this, here are five questions worth asking at your next meeting:

How many AI models are running in production right now? If nobody can answer quickly, that’s your first governance gap.
How are we classifying AI risk? If the answer is “we’re not,” or “we treat all AI the same,” that’s the second gap.
Who’s accountable when an AI system produces a bad outcome? Not the team, the individual.
How would we know if a model is drifting or producing biased results? If the answer involves a manual quarterly review, it’s insufficient.
What’s our exposure under the EU AI Act and India’s DPDP Act? If nobody has done this analysis, commission it.

Governance as Competitive Advantage

I’ll end with a perspective that’s unpopular in AI-enthusiast circles: governance done well is not a constraint on innovation. It’s a competitive advantage. The companies that can deploy AI quickly because they have clear governance — clear risk classification, fast approval paths for low-risk use cases, automated monitoring — will outpace competitors who are either paralyzed by over-governance or exposed by under-governance.

The worst position is the middle: enough governance to create friction, not enough to actually manage risk. If that’s where you are, fix it before a regulator or an incident forces you to.