> The moat protecting the market share of the big RPA companies is created by the mature deployment systems that enable large enterprises to run hundreds or thousands of automated processes

This is completely incorrect. Managing processes and bots is the absolute easiest thing they do, because it's entirely under their control and a solved problem.

The actual moat is legacy compatibility -- how broad a tech stack does your RPA engine cover?

Microsoft Active Accessibility? Excel? Excel + VBScript? Legacy Windows native? VB6? Early Java with custom UI grid classes?

The point the author should be making is that Microsoft, Google, and Amazon have zero interest in eating UiPath's lunch. It's expensive (in people-time-dollars) and custom per customer. And ultimately, it's a long-tail game.

Microsoft's play is to trivially link together new deployments or migrations (i.e. to O365), then continue adding customers as more migrate to them.

Why pay to chase the customer, when they're already running towards you?

(FWIW, I think UiPath realizes this, which is why most of their new products / features are pivoting to become an Appian-esque rapid app platform. AA and BP? Less clueful)

The real utility RPA solutions are supposed to provide to the enterprise is cost savings. These savings should then be put toward upgrading those legacy systems that required the RPA solution.

I have never seen a company disciplined enough to direct those savings in that way. RPA companies have been so caught up in being a "hot item" and classified as a sub-category of AI (for whatever reason) that they don't seem to realize they've been selling their own demise.

Couple that with woo like "self-healing", "insights", and "big data", etc along with dog whistles like "People will be scared you're automating them out of a job. You need to use discretion when implementing solutions".

I feel like the way RPA is sold to big corporations is analogous to how health-food stores sell muscle supplements to teenage boys.

IT promise to business: "You can use RPA if we tell you we can't build a thing in time."

Business promise to IT: "We'll turn off RPA at such time as you deliver us a working solution."

And then be very particular that business needs to have documentation of their RPA in order to implement in production (business process / ask, notsomuch technical).

This accomplishes a few positive things: (1) takes {insert dumb / hard / bad ROI business request off IT's priority plate}, (2) forces business to think about what they actually want, (3) forces business to document what they actually want, (4) provides business the flexibility to change their automation, when the realize they don't want what they thought they wanted, & (5) burns not-developer time learning all the intricacies and quirks of {legacy software / website / data}.

In the end, when IT comes back around knocking, their business counterparts actually have gasp documentation. And furthermore, documentation that's actually been battle tested and seen prod systems & data.

(It's an admittance that most IT projects fail not for lack of technical feasibility, but for incomplete or shifting specs)

This is the _whole_ life-cycle of a correct RPA implementation. The only successful RPA automation is the one that gets turned off because it has been solved for in the enterprise application level.

* Person in the business area implements RPA. Business area is happy.

* Person who implemented RPA moves on to greener pastures.

* RPA breaks, business area calls IT.

* IT is horrified at the unsupportable mess that's just been dropped in their laps.

I’ve seen it happen with excel, access sql-server; and RPA. Some some Frankenstein’s monster is cobbled together to solve a problem whose best solution would be “stop producing the report that nobody looks at” only to have it slowly decay out of orbit.

The other major flaw with RPA is non-engineering LOB employees (in my experience) are incredibly myopic and implement solutions to get shit done now without thought about future consequences of their decisions. They try to replicate the 800 steps they take to make something work instead of asking “more steps adds opportunity for failure; what is the minimum I need to do to reach goal”.

/soapbox (Sorry)

You're not going to stop them doing things -- because there's never "enough" IT / they always have Excel.

So what's the next least bad?

IMHO, give them something flexible enough (RPA) that they don't have to go outside of the box + require they leave a documentation trail of what / why they built. (Oh! And teach them about SLAs and SRE best practices!)

Then come down like a ton of bricks if they don't follow the latter. Carrot & stick.

Cheaper pressure release valves (RPA), not expensively overengineered containers (hiring more engineers).

---

Ironically, the hardest conversation at (insert F500 I designed an RPA practice for)?

"Business users shouldn't be able to use IT change control tools!"

Wait... isn't this exactly what we're always griping they don't do?

> Wait... isn't this exactly what we're always griping they don't do?

This is something I hate. In IT, we use change control processes - change requests which have to get approved, discussed at the change advisory board, etc.

There are a lot of questions to answer before something goes into Production: Was it tested internally? Did the business area test it and sign off on the change? Is there evidence of said testing? Was code review completed? Is there a backout plan?

I've never seen the same rigour applied to configuration or processes that are managed by the business area, even though their configuration can do quite a bit of damage. Change the inactive customer purge time from 2 years to 2 days? Oops, virtually all of the customers have been purged.

There was a delivered process to do a particular job, but it didn't work. Nobody thought to tell IT that it didn't work, instead they built a Ruby+Selenium script and ran it on a spare computer. Which worked great until it didn't.

In simple cases, it's clicking a button.

In real practice, it's triggering some esoteric sub-event the developer hooked, or returning coherent data tables from whatever not-table thing a developer cobbled together.

Example from current work (US government system, Oracle Forms / Java based): a scrollable "grid", actually composed of individual, carefully-lined up text boxes, containing 12 rows, which moves / updates the contents of each box as the user scrolls.

And long tail, accreted one weird customer at a time things are definitely a moat.

The more serious players shadow Windows events.

The real stuff does process injection and directly shadow copies / modifies in-memory data structures.

Traditional RPA is here to stay, and only getting bigger. By "traditional" I mean screen-scraping and click bots. It's not only for legacy apps. It also addresses two development pain points that will never go away: (1) complexity and (2) missing features.

On (1), I've worked with companies whose APIs are so convoluted and poorly supported, and distributing your client in their ecosystem is so complex, that I've thrown up my hands and gone, "Forget it, I'll implement this with a service account." An RPA process logs into the front end, clicks around, scrapes some data, outputs it to the next process in my pipeline, and it's done. I've written processes like this that have been running for years with basically no maintenance due to stable-enough UIs. UI changes are still a risk, but if you have a mature UI, it's a great, simple alternative to a more complex process.

Regarding (2), APIs don't always expose all the features of the UI, and sometimes vendors won't, or can't, add them in a given budget or time frame. I worked with a partner whose API had essentially one read-only endpoint. Their product was fantastic and they had other integration methods; they just hadn't prioritized API development, which they could afford to do because they delivered so well in their niche otherwise. We had to get creative in how we would pull the data.

I would add, RPA isn't as fragile as its reputation sometimes suggests anyway. Sure, using it on a top-500 site is going to be a problem because of frequent UI changes. But we've successfully used it on systems in less "move fast and break things" industries that have been there twenty years, and they're going strong.

An example is a SME which wants to download the billing information of 100 employee from ATNT’s customer port

Sometimes, it's because the feature cuts against the vendor's business model (e.g. Verint's terrible CCTV server appliances / software client not allowing bulk export).

More often, it's because it's not a priority (e.g. mass-updating on a system that only allows a single update at a time).

Without a dedicated account your RPA bot needs to essentially impersonate a human or let the human login first and then drive the dashboard until the bot completes and the human can resume using their desktop seat. Very inconvenient for the human, and problematic for logging of who's really doing what.

Another use-case could be the cloud probably – like scraping your salesforce apps. And this is just .... sad?

Or, is it possible MSFT knows that when selling to "enterprise", it works a lot better to say you've got a better version of "thing they know", instead of a brand new thing that will replace "thing they know".

I think where MSFT gets mixed up is that they are obsessed with their products being able to solve *everyone's* use-case. Which means if they're talking to the business then it's a friendly "Low-Code" platform that any citizen developer can use. However, when they're talking to IT it's an amazing CI/CD tool for developing powerful enterprise applications! What's something that corporate IT is obsessed with? Making sure the business isn't creating shadow IT and developing enterprise applications.

I have worked at and know of so many place that are "no, you can't spend money on that product, you have to use the equivalent from MSFT that is already included in our deal." Which is one reason it might be in MSFT's benefit to convince you that their thing is in the same class as some other thing you could spend money on, or may already be spending money on. And also, yeah, they are indeed convincing decision-makerse that they meet everyone's use-case and is whatever you want it to be, it's working....

A good example is that Flow/Power Automate can be triggered using an API end point. That can then be configured to provide a http response (including headers). It makes it super easy to setup APIs that have no security and expose corporate data.

I think the Power platform is like a modern Excel. Simple and inoffensive at first glance. But full of features that let unskilled users do risky things that will quickly become business critical. But the convergence of Office 365, SharePoint, Flow, PowerBI and dynamics is unstoppable.

Isn't the answer the same as it has always been? That is, maintain a relationship with the business where you are trusted.

When IT and the business units trust each other (to some extent) then you see better feedback cycles. This is an infrequent occurrence because of the attitudes of IT. When trust exists, the business areas will share information on their apps and partake in exercises to properly productionize apps.

IT break trust in multiple ways often simultaneously. They try to stamp out apps without giving the business an interim solution, fail to communicate well, implement security policies which aren't grounded in good practice, etc. These are just a litany of missteps that you have to unravel when you are asked to recover situations like these.

Though with Power Apps and Power BI all of that starts showing up on IT's dashboards (Azure Portal; Microsoft 365). Microsoft hasn't been great about messaging that, but unlike hidden Excel files in random network shares or VB+Access apps in PCs in cupboards, that "amazing CI/CD tool for enterprise applications" also means that it can't just live in the shadows and will get seen by IT.

If anything, I've seen "citizen developers" turn away from Power BI/Power Apps precisely because their M365/Azure admins are too micro-managing to use the tools for what they were intended for and such people just go back to that Excel+VBA macros on a network share in a broom closet.

Which yes, gets back to Microsoft is trying too hard to meet everyone's use case and in forcing Power BI/Power Apps into M365/Azure they've trapped out some of the "I just need to get stuff done" "citizen devs" because some IT departments are so scared of shadows that they are preemptively blocking one of the tools they could use to keep an eye on it better. It's a lovely irony.

I've been on both sides of the IT gatekeeping story, and enjoy the irony that we've gone full circle from the mass exodus of business users to SaaS to circumvent gatekeeping only for the success of those tools to introduce centralized management to appeal to more IT organizations.

IMHO, the key is change control.

Programmatic change control (and CI/CD when more evolved) should be an organizational tool, not an IT tool.

"We found a user doing wrong" should be an opportunity to ask "What would this user need to do it right?" rather than simply telling them no. Because oftentimes they literally can't do things "IT-correct" (because of permissions, job title, org location, etc).

It seems maladaptive to blame users for not using tools & processes they haven't been allowed to have.

RPA products are increasingly becoming integration products. For example, and vendors like UiPath increasingly provide native API integration capabilities where possible. I've even seen integration products that formerly would have fit into the "iPaaS" space market themselves as RPA solutions, even though they are primarily providing what is essentially an API abstraction layer, and they have no roots in "true" RPA.

I think this is happening due to the hype around RPA, and how effective the terminology is with the target audience.

I agree that "traditional" RPA is already a legacy solution, but at the same time, RPA vendors are rapidly pivoting to support API integrations (see UiPath's recent acquisition of Cloud Elements).

I hate the muddiness, but I've also had to take a step back and re-orient how I think/talk about RPA products due to how quickly the space has evolved.

Source: Also work in the RPA and Integration Platform space, primarily on the Product Management side.

You say that Microsoft's strategy is not about enabling the development of "enterprise applications". Then you say it's about providing tools for "business process applications". What's the difference?

Then you say it's not about providing tools for "applications" but rather "API integration and orchestration". Are you trying to say that the latter is about building headless processes without a UI? Don't a lot of processes require forms and human input? Aren't those "applications"?

Enterprise applications are those that are built for, enable, and underpin enterprise sized concerns.

So for your financial department you want and enterprise application that owns, orchestrates, and audits the work of finance.

However most if not all business processes cannot exist solely within an enterprise application, so you want to give them "tools for application to the business process". That's probably more high-handed than it needs to be, but eh :D

So in this what I'm arguing is that MSFT here isn't trying to position Power Apps/Automate as a tool for developing enterprise applications, but rather high-grade capabilities (I'm remiss to say "enterprise grade" as people will then conflate that too) that allow the business to tie all ends of their business process together. The best way to do this is by giving everything outside of the enterprise application knowledge and reach to each other via API.

To your point, yes, this could require the business to build applications for their own processes, but these aren't enterprise applications, simply process specific applications.

Traditionally these were macro enabled Excel workbooks and Access apps that were squirrelled away deep in so many Network Drives, underpinning vital business process functions but wholly unknowable to leadership or those maintaining the enterprise application itself.

I wouldn't say API orchestration is the "new RPA", though. It's rather the "old BPM", and "current IPaaS". That is, we already have tools for API orchestration. It's nothing new. RPA is something different entirely.

And it's benefit isn't just for automating legacy systems. Automating the UI they're already familiar with is a much more intuitive experience for lots of people than going out of band to integrate with APIs.

Sure, getting an API schema and then writing a GET request in C#, Node, etc to get invoice data out of your financials system is out of band for a business user, selecting the action "Get invoice by number" from the "IBM Cloud Financials" connector in Power Automate is well within band.

The RPA library requires those working with it to examine the page HTML in order to hook into it, since it’s highly dynamic: you have to see what form fields are available and their internal IDs in order to interact with them. Meanwhile, the API layer gives access to all the same CRUD, and maybe with better documentation (I have not seen it).

If you don’t have a human user, just use the APIs! That’s what they are there for!

I have always felt RPA was the ' poor mans' option for automation.

Yes, as a SWE when you actually see how these RPA solutions run they are not impressive. Heck, before they moved to the cloud most of them were simply providing a wrapper for Windows interop assemblies (COM, Office, what-have-you) and its native Task Scheduler capability.

As a piece of technology their real value proposition is the deployment, orchestration, & management of the automations. Even four years ago they should have included VMs/VM environments in that package, so that you're not just managing a "bot", but the whole kit-and-caboodle. This would have made their offering absolutely unique and more comprehensive.

Not sure about legacy. Modern glorified ducktape to make legacy stuff play nice is more like it imo

Companies will always confuse these terms as they fight the marketing wars. UIPath, for instance, refers to any RPA solution that includes API integration as "end-to-end RPA". But the substantive difference between RPA and IPaaS is whether or not the API or the UI is the point of integration.