For the past 12 years, Pramata has been providing solutions to identify and eliminate revenue leakage at some of the most successful companies in the world, including Microsoft, McKesson, Comcast, CenturyLink, FICO, Novelis, and NCR. At its core, revenue leakage happens when you’re not capitalizing on the full value of your existing contracted commercial relationships. This can equal up to 5% of a company’s revenue and poses a significant, ongoing business problem for complex, B2B organizations.

Pramata is the only company to provide solutions that target and eliminate leakage at key points in the customer lifecycle. Using a purpose built human-assisted AI technology stack delivered through a managed service, our solutions convert commercial documentation into an intelligent view of the current state of the commercial relationships across your portfolio. This information is deployed to your sales, billing, legal and other frontline teams through our cloud-based software applications expressly designed to manage the modern commercial relationship by creating a complete, current commercial relationship system of record. 


As part of our Proof of Concept (POC) process, we analyze 5-15 of your full commercial relationships (documents include MSAs, Amendments, Order Forms, etc.) to pinpoint potential areas of revenue leakage in your organization. We then populate your critical commercial information into our applications, and review a prototype solution with you. This process enables us to find and prioritize revenue leakage sources, share how our solutions eliminate them and ensure a rapid ROI in deployment. 


Pramata POC Frequently Asked Questions

+ What if I don’t know if or where I have revenue leakage?

One of the challenges most of our customers face is that they do not know if, where, or how much revenue they may be leaking. The first step in our POC process is to use our best practices to identify potential areas of leakage, assess magnitude, and agree on the priority focus areas.

+ What does the POC output look like?

Our POC process is designed to have standalone value for your company even if you decide not to move forward with Pramata. The output of this process includes:

  • An analysis of the set of commercial relationships you provide us and associated documents that summarize potential areas of leakage.
  • An assessment of the favorability of your commercial terms, detailed by customer.
  • Demonstration of a prototype Pramata solution using your actual relationships.

+ How do I know my information is secure?

Pramata hosts critical and confidential data for customers, and we maintain a very high standard for Information Security. Our security and confidentiality policies and controls have been reviewed and accepted by some of the most prominent companies in the healthcare, financial services, telecommunications, manufacturing and high-tech industries. These leading companies include Cisco, HPE, NCR, McKesson, and Comcast.

Pramata’s information security and confidentiality controls are designed with ISO 27001 as a reference standard. Pramata is ISAE 3402 SOC 1 Type II and SOC 2 Type II compliant. Pramata’s information security and confidentiality controls have been jointly developed in partnership with KPMG, and Pramata has engaged KPMG to perform an annual assessment of our control objectives at physical, network, operating system, and application levels. For information security further details please refer to: https://pramata.box.com/v/techoverview.

+ Where is my information stored?

The Pramata technology underpinning the Service (the “Platform”) is an enterprise-class cloud SaaS platform designed for performance, scalability, security, and high availability. The Platform is hosted on Amazon Web Services (AWS) in the United States, with Northern Virginia as the primary site and Oregon as disaster recovery (DR) site.

+ Will my data be mixed with Pramata's other customer data?

No. The Platform is a multi-tenant cloud platform, meaning that computing resources can be shared across multiple tenants. However, to prevent cross-contamination of data, each customer’s data is fully segregated. Pramata leverages schema isolation to achieve this. Each customer has a separate database schema and a separate cloud file storage (“bucket”). Furthermore, all customer data is encrypted with tight security controls in-place to prevent any unauthorized access. This allows us to achieve two fundamental principles of multi-tenancy:

  • Security: No customer is able to access another customer’s data
  • Trust: No customer’s data is ever cross-contaminated by another customer’s data

Pramata primarily holds legal and commercial data extracted from commercial contracts. As a result, we generally do not store information that could be categorized as personal data or sensitive personal data. Even so, we recently conducted a Privacy Impact Assessment (PIA) to identify, assess and mitigate privacy risks associated with the contract processing activities we perform. As a Data Processor, Pramata is committed to achieving GDPR compliance within 2018, and to support our customers in achieving their compliance.

+ Who does the analysis? How are the applications populated with commercial information?

With Pramata, you never enter a single piece of information. As part of our subscription with customers, we extract, normalize, map, and ensure the quality of all commercial relationship data. We do this by leveraging a purpose-built technology stack of over 20 different technologies including machine learning, OCR, and rules engine technologies. This technology is deployed by a managed services team of data scientists, commercial experts, and lawyers, who configure the system, ensure quality, and close gaps where technology alone is not enough.

+ What security measures apply to your managed services team?

Pramata conducts third party security and background checks on all of our employees. Our facilities are controlled with biometric devices with audit logging, and entry points monitored by security personnel 24x7x365. All computers are encrypted at the OS and hard drive levels, and we prevent printer or USB access on all review and analysis terminals.

+ I know my contracts have confidentiality provisions. Am I allowed to share them with you?

Pramata enters into a Mutual NDA prior to beginning our POC process and takes the protection of your information very seriously. It’s common for our customers to have contracts that limit disclosure of the terms of the contract. However, it’s also common for companies to allow their auditors, attorneys and other key advisors to have access to that sort of confidential information in the course of providing services to the company. Our customers see Pramata as the same level of key advisor and service provider—analogous to their attorneys and auditors—and have all concluded they are comfortable sharing their commercial contracts and related data with Pramata.

+ What should I send you, and how can I do it securely?

As part of our POC process, we typically analyze 5-15 relationships for potential revenue leakage. To get an accurate assessment, we ask that our customers collect complete relationship documentation (MSAs, Amendments, Order Forms, and Exhibits) from relationships across business segments where there is a higher potential for leakage. These segments are typically those with relationship complexity created by M&A, negotiations, third-party paper, high dollar value, and frequent amendments and orders. Depending on the business challenge, we may also ask for billing or entitlement actuals to validate deviation from the contract baseline.

In transferring the data, we will often defer to a customer’s preferred method of file transfer. To expedite the transfer, we can leverage our Secure File Transfer Protocol. All Pramata data in-transit is encrypted and secured using HTTPS, TLS 1.2, and AES-256 standards. Furthermore, AWS ensures network security within the data centers and on the core network.