Tech & Sourcing @ Morgan Lewis

As the summer 2025 concert season continues to ramp up, we want to take the opportunity to explain why your favorite band or artist might only be performing once in your region this summer: a radius clause.

We are excited to welcome Mathilde Carle as a partner in Morgan Lewis’s Paris office and as a guest contributor to our Tech & Sourcing Spotlight series to discuss intellectual property (IP) protection and other related issues in agreements to design, build, license, host, and support digital solutions, including automation, AI, and software as a service (SaaS) products.

2025 has seen a notable push by companies to establish dedicated capability centers—or global capability centers (GCCs)—in countries with lower-cost resources and access to a strong talent pool. According to S&S Insider, the global GCC market was estimated at about $128.5 billion in 2023 and is expected to increase to more than $300 billion by 2032, growing at a rate of 13.51% CAGR. NASSCOM reports that India leads the GCC market, currently hosting over 1,700 GCCs, employing more than 1.9 million people, and having an 11% CAGR.

The leveraging of outsourcing engagements to implement and support digital transformation solutions is emerging as the foundation for the next generation of outsourcing. Digital transformation is a critical part of many companies’ strategic roadmap, seen as creating key opportunities for cost savings, efficiency, productivity and quality improvements, enhanced customer experience, and competitive advantages, including through state-of-the-art automation and data analytics. Many companies do not have the internal resources or skill sets to implement digital transformation at the required pace. This is leading to companies “leaning in” on their outsourcing providers to identify, design, and enable digital transformation solutions in a secure and compliant manner.

As noted in our recent blog, business process outsourcing (BPO) providers are promising big savings and improved outputs tied to the design and implementation of digital solutions that will monitor, quality check, facilitate, and sometimes perform the applicable business processes.

Artificial intelligence (AI) is reshaping modern society, enabling the automation and modification of routine human activities and, consequently, enhancing efficiency and productivity. Like any technological development, AI presents both benefits and risks. Concerns include potential biases, privacy intrusions, and ethical dilemmas.

European regulators recently published clarifications on the scope of ICT services under the EU Digital Operational Resilience Act (DORA), prepared by the European Commission, which confirms previous guidance and enables financial entities to take out of scope certain services which form part of regulated financial services.

On January 13, 2025, the United Kingdom’s Prime Minister Sir Keir Starmer announced the UK AI Opportunities Action Plan. The AI Opportunities Action Plan outlines the UK’s intentions to become a world leader in artificial intelligence technology for the benefit of private businesses and their customers as well as for all UK residents via AI-enabled public services.

Starting as of Friday, January 17, 2025, financial entities must now be compliant with the EU’s Digital Operational Resilience Act (DORA). Implementation efforts have accelerated in recent months to meet the deadline and in many cases are still ongoing. The European Supervisory Authorities (ESAs) published a joint statement last month emphasizing the importance of financial entities adopting a robust, structured approach in order to meet their obligations in a timely manner.

The Kingdom of Saudi Arabia’s (KSA’s) Personal Data Protection Law (PDPL) marks a significant milestone in protecting personal data in the region. Overseen by the Saudi Data and Artificial Intelligence Authority (SDAIA), the PDPL applies to all entities processing personal data of individuals residing in the KSA regardless of the physical location of the data processing activities, whether within the KSA or not.