Presentation on theme: "CONTRACT REVIEWS How To Protect Your Company From The Unexpected"— Presentation transcript:
1CONTRACT REVIEWS How To Protect Your Company From The Unexpected Susan KohlhausenDirector, Legal AffairsCoastal Federal Credit Union
2Vendor On-Boarding Process RFP (Request for Proposal)Due Diligence/Risk AssessmentVendor SelectionContract ReviewContract NegotiationContract ExecutionFollowed by:Ongoing Vendor Administration/OversightContract Review process is just a fraction of the entire vendor on-boarding process.
3Vendor On-Boarding Process RFP (Request for Proposal)Due Diligence/Risk AssessmentVendor SelectionContract ReviewContract NegotiationContract ExecutionFollowed by:Ongoing Vendor Administration/OversightThe Due Diligence (make the vendor show all their cards)/Risk Assessment (cost/benefit analysis) is critical so that you identify the risks and benefits of each possible vendor to allow you to select the vendor that is best aligned with your company’s mission, goals and policies.EXAMPLE: Coastal spent more than 6 months evaluating various vendor software to replace a major financial system. Unfortunately, Coastal was unable to contract with its first choice because the vendor’s financial health did not meet Coastal’s standards.
4Vendor On-Boarding Process Does your company have a Vendor Selection Policy?Coastal requires (in part) :Management will obtain at least two competitive bids for each Level 1-Critical and Level 2-Significant publicly held and privately held vendors at the time of initial review and selection to ensure that pricing is competitive and reasonable and commensurate with their demonstrated ability to meet Coastal's needs. While cost is one of many factors evaluated in vendor selection, it is expected that vendors selected offer fair financial value to Coastal.The Due Diligence (make the vendor show all their cards)/Risk Assessment (cost/benefit analysis) is critical so that you identify the risks and benefits of each possible vendor to allow you to select the vendor that is best aligned with your company’s mission, goals and policies.EXAMPLE: Coastal spent more than 6 months evaluating various vendor software to replace a major financial system. Unfortunately, Coastal was unable to contract with its first choice because the vendor’s financial health did not meet Coastal’s standards.
5What Is A Contract?“A promise or a set of promises for the breach of which the law gives a remedy, or the performance of which the law in some way recognizes as a duty.” - Restatement (Second) of Contracts = LEGALLY ENFORCEABLE AGREEMENT
6Purpose Of Written Contracts PerformanceDocuments expectations and obligations of the parties and products/services to be providedProtectionProvides remedies for the unexpected (i.e. breach)Why are contracts necessary? (i.e. no more “handshake” deals)A. Act as a formal “roadmap to the relationship”B. Contract survives the individuals negotiating the deal
11Performance: ScopeDetailed description of product/services to be provided.Specific obligations of all parties (including any subcontractors/third parties)
12Performance: Service Levels (SLAs) Plain language documenting specific minimum service levels, standard maintenance periods, response times for product (usually software) or service issues or failures, additional support (help desk) needs and measurement periods.Usually included as an addendum/attachment to contract
13Performance: Service Levels (SLAs) Examples include:Product/service will be fully functional not less than 98% per day/month/quarter excluding standard maintenance periodsVendor shall commence review/analysis of all Severity 1 (non-function) issues within 4 hours of company’s written/verbal notification.Vendor will achieve and maintain a customer satisfaction rating of not less than 75% each calendar quarter
14Performance: Service Levels (SLAs) Recommend use of industry standards to develop service levelsMaintenance periods should be narrow and during customer’s off-peak hoursInclude specific language addressing notification requirements (specific personnel/communication channel ( /telephone)Often requires vendor to self report issues/failures (Audit may be beneficial)Damages for failure to meet SLAs usually in form of a % credit of fees with right to terminate for repeated failures within a certain measurement period or extreme failure to perform.SLA terms are usually an exception/ stand-alone from general breach/right to cure language
15Performance: Reports Outline all reports needed from vendor. Include type and frequency of reports needed (performance, security, business continuity, etc.) and specific information to be included.Note any custom or external reports and related fees.Watch for upcharges. Recommend including “pass through cost” language.
16Performance: Subcontractors Contract should specify whether parties are permitted to use subcontractors and the specific obligations they will perform.Who has right to approve, remove or replace contractor?Who is liable for subcontractor? Minimum qualification/background requirements?Be sure that subcontractor use language does not conflict with the assignment clause.
17Performance: Duration Length of contract should be commiserate with the type of product/service being provided and within industry standards.Be aware of auto-renewal (evergreen) clauses and termination notification requirementsBuild in enough time between notice of termination and actual termination to find replacement vendor (if needed).Include minimum notification period for any fee increases to allow time to find and contract with new (less costly) vendor prior to termination notification requirements.EXAMPLE: Vendor should provide notice of fee increase not less than 6 months prior to end of term where company is required to give 90 days notice of termination.
18Performance: FeesHow calculated? (base payments, recurring services, activity charges, etc.)Cost for product maintenance/upgradesResponsibility for state and federal taxesRight to dispute fees without penaltyLate payment penalties should be reasonable
19Performance: Fees Watch out for language: permitting vendor or party the right to deduct from company accounts without adequate controls.permitting vendor the right to deduct fees/penalties from any income it collects on behalf of companyrequiring payment while in a force majeure (emergency) situation.
20Protection: Assignment Which parties (if any) have the right to delegate (in whole or part) its rights and obligations to a third party.Prohibit assignment without consent.Exception: May see language permitting assignment in case of purchase or merger or to an affiliate.Watch: Without limiting language, possible to assign to a vendor that failed company due diligence!
21Protection: Right to Audit Allows party (or third party agents) to audit company information/records to test internal controls or prove compliance with contract terms.Watch for:Overly broad property/information access language. Recommend including language limiting number of audits in a specific period without cause (i.e. not more than once annually), audit schedule (i.e. during company’s normal business hours) and scope of audit.Who pays for cost of audit? (Under-reporting penalties)
22Protection: Compliance All parties should agree to comply with applicable laws (federal, state and local) and related guidance.Be sure to include language that vendor will provide assistance/access as needed to company’s government regulators.
23Protection: Intellectual Property Rights Ownership, rights to and permissible use of company data, equipment, softwareProperty rights should generally remain with the property owner or licensor except in cases where there is work product specifically developed for another partyIncludes right to name, logos, trademarks, copyrights, domains, etc.Ensure contract grants license to use, sublicense, etc. all products/services as neededPATENT TROLLS!
24Protection: Confidentiality & Security Prohibit parties (and its subcontractors and agents) from disclosing or using certain company information except as necessary to perform pursuant to the contract.Standard confidentiality exceptions:Previously known/becomes publicly available without breachDeveloped independentlyProvided by a third party without restriction
25Protection: Confidentiality & Security WATCH!Disclosure for court order or authorized government request should NOT be a confidentiality exception.To remedy, include language where notification is required except where prohibited by law or court order
26Protection: Confidentiality & Security Return or destroy confidential information upon termination of contract or other designated time.Adequate security within industry standards and not less than used to protect own confidential informationRequire prompt notification and full disclosure of security breaches of confidential information or that will affect company or its customersSpecify necessary corrective action (Damages: credit monitoring?)
27Protection: Business Continuity Back-up and protection plan in case of disaster or other extraordinary event that prevents use of primary/standard systems.Vendor should provide copy of plan. Updated and tested regularly. Provide results.Include business recovery time frames and other metrics as neededConsider interdependencies among all service providersWatch! Overly broad “force majeure” clausesAny actions “beyond reasonable control”
28Protection: Insurance Consider types and amounts (liability, E&O, crime/fidelity, worker’s compensation). Minimums?Additional insured or other endorsement needed?Include language requiring notification of cancellation or material changes in coverage
29Protection: Warranties May include legal status of parties, authority to enter into agreementSeek warranty of non-infringement for all intellectual property used or subject to the contractWATCH! Recommend striking any disclaimer of implied warranties (workmanlike quality, merchantability and fitness for a particular purpose, title)
30Protection: Liability/Damages Generally limited to fixed amount, a service credit or a multiple of total amount paid for services under agreement or other identified term (# of months, quarter, etc.)Lost data: limited to correction/reconstructionExclusion of indirect/secondary damages (consequential, special, incidental)Assess whether damage limitation is commiserate with amount of loss (current and future) as a result of breach of contract.RECOMMEND: Make any limits reciprocal
31Protection: Liability/Damages Be ready to negotiate these common exceptions/carve-outs to liability protections:Gross vs ordinary negligenceBreach of confidentiality/securityBreach of warranties/representationsViolation of lawDeath, bodily injury or physical damage to tangible personal property
32Protection: Indemnification Be sure “hold harmless from liability” language is broad enough. Should include:arising from breach of contract;negligence of the other party or its agents; andintellectual property infringement (if applicable).Include “defend” language? If so, include language for right to hire own attorney. If not, include language that vendor will pay all (reasonable) attorney fees and associated costs.Limit to third party claims
33Protection: Dispute Resolution Mediation/arbitration clausesBe aware of who decision makers are and how selectedJurisdiction and venue are importantEnsure continuation of products/services during any dispute periodLosing party responsible for costs/feesReserve right to seek injunctive relief
34Protection: Modification All contract modifications should be in writing and executed by all parties.Be very cautious of carve-outs giving vendor the unilateral right to increase fees or change terms of services or even terminate agreement.
35Protection: Termination For convenience: RareUsually seen low dollar contracts where there is no minimum/base fees.For cause.Right to cure?Time period and measurement?Does it conflict with SLA measurements and response times?
36Additional Considerations AVOID or HANDLE WITH EXTREME CAUTION:multi-party agreements;“In it’s sole discretion” language CAPITALIZED TERMS should be defined!Include a MERGER CLAUSE. Contract language that states it to be the complete and final agreement between the parties.Be sure to include language “attaching and incorporating” attachments, exhibits, addendums and amendments (including RFP responses) into agreement MISSING TERMS: Be aware of what ISN’T in the contract.Use a CHECKLISTATTORNEYS: Unless they specialize in contracts, be cautious. THROW AWAY TERMS: Be ready to give up some during negotiations