Presentation is loading. Please wait.

Presentation is loading. Please wait.

HOW TO PROTECT YOUR COMPANY FROM THE UNEXPECTED SUSAN KOHLHAUSEN DIRECTOR, LEGAL AFFAIRS COASTAL FEDERAL CREDIT UNION CONTRACT REVIEWS.

Similar presentations


Presentation on theme: "HOW TO PROTECT YOUR COMPANY FROM THE UNEXPECTED SUSAN KOHLHAUSEN DIRECTOR, LEGAL AFFAIRS COASTAL FEDERAL CREDIT UNION CONTRACT REVIEWS."— Presentation transcript:

1 HOW TO PROTECT YOUR COMPANY FROM THE UNEXPECTED SUSAN KOHLHAUSEN DIRECTOR, LEGAL AFFAIRS COASTAL FEDERAL CREDIT UNION CONTRACT REVIEWS

2 Vendor On-Boarding Process RFP (Request for Proposal) Due Diligence/Risk Assessment Vendor Selection Contract Review Contract Negotiation Contract Execution Followed by: Ongoing Vendor Administration/Oversight

3 Vendor On-Boarding Process RFP (Request for Proposal) Due Diligence/Risk Assessment Vendor Selection Contract Review Contract Negotiation Contract Execution Followed by: Ongoing Vendor Administration/Oversight

4 Vendor On-Boarding Process Does your company have a Vendor Selection Policy? Coastal requires (in part) : Management will obtain at least two competitive bids for each Level 1-Critical and Level 2-Significant publicly held and privately held vendors at the time of initial review and selection to ensure that pricing is competitive and reasonable and commensurate with their demonstrated ability to meet Coastal's needs. While cost is one of many factors evaluated in vendor selection, it is expected that vendors selected offer fair financial value to Coastal.

5 What Is A Contract? “A promise or a set of promises for the breach of which the law gives a remedy, or the performance of which the law in some way recognizes as a duty.” - Restatement (Second) of Contracts = LEGALLY ENFORCEABLE AGREEMENT

6 Purpose Of Written Contracts Performance  Documents expectations and obligations of the parties and products/services to be provided Protection  Provides remedies for the unexpected (i.e. breach)

7

8 Performance Clauses Scope Performance/Service Levels Reports Subcontracting/Third Parties Duration Fees

9 Protection Clauses Assignment Right to Audit Compliance Intellectual Property Rights Confidentiality and Security Business Continuity/Contingency Insurance

10 Protection Clauses (continued) Warranties Liability/Damages Indemnification Dispute Resolution Modification Termination

11 Performance: Scope Detailed description of product/services to be provided. Specific obligations of all parties (including any subcontractors/third parties)

12 Performance: Service Levels (SLAs) Plain language documenting specific minimum service levels, standard maintenance periods, response times for product (usually software) or service issues or failures, additional support (help desk) needs and measurement periods. Usually included as an addendum/attachment to contract

13 Performance: Service Levels (SLAs) Examples include: Product/service will be fully functional not less than 98% per day/month/quarter excluding standard maintenance periods Vendor shall commence review/analysis of all Severity 1 (non-function) issues within 4 hours of company’s written/verbal notification. Vendor will achieve and maintain a customer satisfaction rating of not less than 75% each calendar quarter

14 Performance: Service Levels (SLAs) Recommend use of industry standards to develop service levels Maintenance periods should be narrow and during customer’s off-peak hours Include specific language addressing notification requirements (specific personnel/communication channel ( /telephone) Often requires vendor to self report issues/failures (Audit may be beneficial) Damages for failure to meet SLAs usually in form of a % credit of fees with right to terminate for repeated failures within a certain measurement period or extreme failure to perform. SLA terms are usually an exception/ stand-alone from general breach/right to cure language

15 Performance: Reports Outline all reports needed from vendor. Include type and frequency of reports needed (performance, security, business continuity, etc.) and specific information to be included. Note any custom or external reports and related fees.  Watch for upcharges. Recommend including “pass through cost” language.

16 Performance: Subcontractors Contract should specify whether parties are permitted to use subcontractors and the specific obligations they will perform. Who has right to approve, remove or replace contractor? Who is liable for subcontractor? Minimum qualification/background requirements? Be sure that subcontractor use language does not conflict with the assignment clause.

17 Performance: Duration Length of contract should be commiserate with the type of product/service being provided and within industry standards. Be aware of auto-renewal (evergreen) clauses and termination notification requirements Build in enough time between notice of termination and actual termination to find replacement vendor (if needed). Include minimum notification period for any fee increases to allow time to find and contract with new (less costly) vendor prior to termination notification requirements.  EXAMPLE: Vendor should provide notice of fee increase not less than 6 months prior to end of term where company is required to give 90 days notice of termination.

18 Performance: Fees How calculated? (base payments, recurring services, activity charges, etc.) Cost for product maintenance/upgrades Responsibility for state and federal taxes Right to dispute fees without penalty Late payment penalties should be reasonable

19 Performance: Fees Watch out for language: permitting vendor or party the right to deduct from company accounts without adequate controls. permitting vendor the right to deduct fees/penalties from any income it collects on behalf of company requiring payment while in a force majeure (emergency) situation.

20 Protection: Assignment Which parties (if any) have the right to delegate (in whole or part) its rights and obligations to a third party. Prohibit assignment without consent.  Exception: May see language permitting assignment in case of purchase or merger or to an affiliate.

21 Protection: Right to Audit Allows party (or third party agents) to audit company information/records to test internal controls or prove compliance with contract terms. Watch for:  Overly broad property/information access language. Recommend including language limiting number of audits in a specific period without cause (i.e. not more than once annually), audit schedule (i.e. during company’s normal business hours) and scope of audit.  Who pays for cost of audit? (Under-reporting penalties)

22 Protection: Compliance All parties should agree to comply with applicable laws (federal, state and local) and related guidance. Be sure to include language that vendor will provide assistance/access as needed to company’s government regulators.

23 Protection: Intellectual Property Rights Ownership, rights to and permissible use of company data, equipment, software Property rights should generally remain with the property owner or licensor except in cases where there is work product specifically developed for another party Includes right to name, logos, trademarks, copyrights, domains, etc. Ensure contract grants license to use, sublicense, etc. all products/services as needed

24 Protection: Confidentiality & Security Prohibit parties (and its subcontractors and agents) from disclosing or using certain company information except as necessary to perform pursuant to the contract. Standard confidentiality exceptions:  Previously known/becomes publicly available without breach  Developed independently  Provided by a third party without restriction

25 Protection: Confidentiality & Security WATCH! Disclosure for court order or authorized government request should NOT be a confidentiality exception. To remedy, include language where notification is required except where prohibited by law or court order

26 Protection: Confidentiality & Security Return or destroy confidential information upon termination of contract or other designated time. Adequate security within industry standards and not less than used to protect own confidential information Require prompt notification and full disclosure of security breaches of confidential information or that will affect company or its customers Specify necessary corrective action (Damages: credit monitoring?)

27 Protection: Business Continuity Back-up and protection plan in case of disaster or other extraordinary event that prevents use of primary/standard systems. Vendor should provide copy of plan. Updated and tested regularly. Provide results. Include business recovery time frames and other metrics as needed Consider interdependencies among all service providers Watch! Overly broad “force majeure” clauses  Any actions “beyond reasonable control”

28 Protection: Insurance Consider types and amounts (liability, E&O, crime/fidelity, worker’s compensation). Minimums? Additional insured or other endorsement needed? Include language requiring notification of cancellation or material changes in coverage

29 Protection: Warranties May include legal status of parties, authority to enter into agreement Seek warranty of non-infringement for all intellectual property used or subject to the contract WATCH! Recommend striking any disclaimer of implied warranties (workmanlike quality, merchantability and fitness for a particular purpose, title)

30 Protection: Liability/Damages Generally limited to fixed amount, a service credit or a multiple of total amount paid for services under agreement or other identified term (# of months, quarter, etc.) Lost data: limited to correction/reconstruction Exclusion of indirect/secondary damages (consequential, special, incidental) Assess whether damage limitation is commiserate with amount of loss (current and future) as a result of breach of contract. RECOMMEND: Make any limits reciprocal

31 Protection: Liability/Damages Be ready to negotiate these common exceptions/carve-outs to liability protections:  Gross vs ordinary negligence  Breach of confidentiality/security  Breach of warranties/representations  Violation of law  Death, bodily injury or physical damage to tangible personal property

32 Protection: Indemnification Be sure “hold harmless from liability” language is broad enough. Should include:  arising from breach of contract;  negligence of the other party or its agents; and  intellectual property infringement (if applicable). Include “defend” language? If so, include language for right to hire own attorney. If not, include language that vendor will pay all (reasonable) attorney fees and associated costs. Limit to third party claims

33 Protection: Dispute Resolution Mediation/arbitration clauses  Be aware of who decision makers are and how selected  Jurisdiction and venue are important Ensure continuation of products/services during any dispute period Losing party responsible for costs/fees Reserve right to seek injunctive relief

34 Protection: Modification All contract modifications should be in writing and executed by all parties. Be very cautious of carve-outs giving vendor the unilateral right to increase fees or change terms of services or even terminate agreement.

35 Protection: Termination For convenience: Rare  Usually seen low dollar contracts where there is no minimum/base fees. For cause.  Right to cure?  Time period and measurement?  Does it conflict with SLA measurements and response times?

36 Additional Considerations AVOID or HANDLE WITH EXTREME CAUTION:  multi-party agreements;  “In it’s sole discretion” language CAPITALIZED TERMS should be defined! Include a MERGER CLAUSE. Contract language that states it to be the complete and final agreement between the parties.  Be sure to include language “attaching and incorporating” attachments, exhibits, addendums and amendments (including RFP responses) into agreement MISSING TERMS: Be aware of what ISN’T in the contract.  Use a CHECKLIST ATTORNEYS: Unless they specialize in contracts, be cautious. THROW AWAY TERMS: Be ready to give up some during negotiations

37 SAMPLE CHECKLIST https://chapters.theiia.org/raleigh- durham/Events/Documents/SAMPLE%20Contract %20Review%20Checklist.docxhttps://chapters.theiia.org/raleigh- durham/Events/Documents/SAMPLE%20Contract %20Review%20Checklist.docx

38 THANK YOU! Questions/Comments? Susan Kohlhausen (919)


Download ppt "HOW TO PROTECT YOUR COMPANY FROM THE UNEXPECTED SUSAN KOHLHAUSEN DIRECTOR, LEGAL AFFAIRS COASTAL FEDERAL CREDIT UNION CONTRACT REVIEWS."

Similar presentations


Ads by Google