Malaysia’s enterprises are adopting cloud, analytics, and AI faster than their procurement frameworks can keep up. At a roundtable hosted by AWS in partnership with Jicara Media, IT and procurement leaders described how approval thresholds, governance controls, and tendering rules designed for physical assets now slow software buying, renewal, and delivery.
The discussion brought together leaders from energy majors, banks, investment firms, shipping companies, and other regulated enterprises. Across sectors, the core issue was the same: procurement is still optimised for lowest cost and compliance, while technology teams are measured on speed, stability, and business impact.
The persistent challenge of lengthy procurement cycles
One of the most frequently cited challenges was the time it takes to procure IT software, regardless of contract size. A roundtable member said that traditional procurement processes often treat a small software purchase no differently from a multi-million-ringgit deal.
“Regardless of the cost, millions or hundreds, even if it’s just 10,000 MYR, you are still going through the same traditional component,” they said.
For organisations that have already migrated heavily to cloud platforms, this mismatch between digital agility and procurement rigidity creates friction. In response, this member described how their organisation established a dedicated IT software procurement pathway through a digital marketplace, deliberately bypassing legacy processes designed for physical assets rather than subscription-based software.
“We formed a specific buying process on how to procure IT software through the marketplace, which gives us an upper hand in how we manage IT software procurement away from the traditional, completely different process,” they explained.
Governance, regulation, and approval overload
For government-linked and highly regulated entities, procurement challenges are compounded by governance requirements. One speaker described a system where approval thresholds trigger multiple layers of documentation and oversight.
“Anything more than 5,000 requires three quotations. More than 50,000 needs five quotations. Under 50,000 goes to the board, and for one single item, we end up with three documents,” they said.
This level of scrutiny, while designed to ensure transparency, often delays projects and undermines IT leaders’ ability to meet delivery timelines.
“Sometimes the delay affects KPIs, but you can’t tell stakeholders that procurement caused the delay,” the same speaker acknowledged.
To cope, some organisations now front-load approvals, begin paperwork months in advance, or lock in multi-year subscriptions to reduce repeated procurement cycles.
Vendor retention vs competitive tendering
Another recurring theme was the tension between vendor continuity and procurement rules that mandate frequent re-tendering. One panellist noted that long-term vendors often understand complex environments far better than new entrants.
“If I’ve been going with company A for the longest time and they know my environment very well, changing vendors is actually a very risky move,” they said.
Yet procurement teams often insist on re-quoting exercises to demonstrate price competitiveness, sometimes discouraging vendors from participating altogether.
“Some vendors become reluctant to quote because they know you’re just fulfilling criteria,” the panellist added.
Vendor onboarding, due diligence, and marketplace models
Banks and financial institutions identified vendor registration and due diligence as another major bottleneck. One participant described how quickly onboarding timelines escalate as the number of vendors increases.
“Vendor registration and due diligence can take a couple of weeks for a single vendor. If we have five vendors, it can take a few months,” they said.
Marketplace-based procurement models are increasingly seen as a way to streamline this process. Another roundtable member added that such platforms perform pre-screening of vendors, covering financial, compliance, and security aspects, while still allowing enterprises to conduct their own specialised checks.
“We do vendor onboarding, we screen banks, entities, compliance, cybersecurity posture, but enterprises will still have specific non-negotiables,” they said.
To further reduce duplication, marketplace platforms now provide vendor compliance dashboards, allowing buyers to view certifications such as ISO 27001, SOC 2, and PCI DSS without repeatedly issuing questionnaires.
Pricing, currency, and cross-border complexity
Cost transparency emerged as a nuanced challenge. Several participants observed that software purchased via marketplaces can appear more expensive due to currency conversion, FX volatility, and localised pricing strategies.
“When management sees the cost on AWS is higher, even by 100 MYR, they start questioning,” one participant said.
Cross-border procurement further complicates matters, introducing issues around taxation, withholding tax, digital services tax, and governing law.
“Sometimes even the tax team struggles. That’s when external consultants come in, and that adds another layer of cost and complexity,” another participant noted.
From lowest cost to value-based procurement
A consistent conclusion across the discussion was that price alone is no longer an adequate decision metric. Multiple leaders stressed the importance of value, service quality, stability, and risk mitigation.
“Cheap doesn’t mean value for money. If service is poor, the consequences come back to IT,” one participant remarked.
Some organisations have already restructured procurement frameworks so that cost accounts for as little as 20% of the evaluation score, with the remainder weighted toward service reliability, vendor reputation, and business impact.
“Commodity procurement can be price-based. Specialised IT procurement must be merit-based,” another speaker explained.
Procurement as a strategic partner
Perhaps the most significant shift discussed was the evolution of procurement from a policing function to a strategic partner. Mature organisations now deploy category managers who specialise in software, infrastructure, or cloud services and actively engage with business units.
“Procurement today is listening more. They understand the value of the application and its business impact,” one roundtable member observed.
This collaboration is essential, especially as boards remain highly cost-focused.
“Procurement enforces policy, but the board sets it. When things go wrong, accountability still sits with the business owner,” another noted.
Toward a more agile procurement future
The roundtable made one thing clear: Malaysia’s IT procurement landscape is at a turning point. While regulatory obligations and governance structures will remain, organisations are increasingly experimenting with digital marketplaces, standardised contracts, longer-term commitments, and value-based evaluation frameworks to keep pace with technological change.
As enterprises adopt AI, analytics, and cloud-native platforms, procurement models must continue to evolve, or risk becoming the bottleneck in an otherwise digital-first strategy.
