TECHNOLOGY, OUTSOURCING, AND COMMERCIAL TRANSACTIONS
NEWS FOR LAWYERS AND SOURCING PROFESSIONALS

The audit section in a services agreement contains the provisions that specify a party’s right to access and review another party’s information in order to determine such party’s compliance with the agreement. Depending on the scope of audit rights, the audit section can range from a single paragraph to an entire exhibit to the contract.

Many considerations go into drafting appropriate audit rights, including the types of services that the customer is receiving, and the industry in which the customer’s business operates. In many cases, the customer is the auditing party and the service provider is the audited party, but there are situations where the roles will be reversed. Below is an overview of several key issues to consider when drafting audit rights for services agreements.

Forbes has listed its top outsourcing trends in the Asia-Pacific (APAC) region for 2019. The APAC region has long been the dominant region for outsourcing, although it is facing competition from emerging outsourcing markets in other regions. Trends include the growing presence of outsourcing in Malaysia, shifting resource models, and personnel shortages.

Outsourcing agreements are typically long-term arrangements and the functions outsourced, whether IT or business processes, often key to the continued operation of the customer’s business. It is therefore important that both the customer and the supplier undertake due diligence prior to entering into such arrangements to ensure that, for example, both parties are clear as to the customer’s service requirements and objectives and how these will be met by the supplier.

In this post, we look at due diligence from the perspective of both the customer and the supplier.

In business process outsourcing (BPO) transactions, some of the toughest negotiation points often involve responsibility for compliance with applicable laws and regulations. If you have negotiated BPO transactions, you know that there is not an industry position that can be applied across the board on all deals. We find key determiners as to how responsibility is allocated to include the type and size of the transaction, whether the service is a “utility” or one to many model, the intended scope of the service offering, impact to fees (if any), vendor capabilities, and negotiating leverage.

Customers in outsourcing arrangements are coming to expect (or starting to demand) that their providers have the resources, technology, and know-how to leverage automation software—whether robotics desktop automation (RDA) or robotics process automation (RPA) software—to enhance the capabilities and efficiencies of IT and business processes. While the software promises big benefits, such as higher levels of accuracy, scalability, and cost-savings, as with the implementation of any new technology, there are new challenges to consider.

In this post we take a look at the top five issues to consider when contemplating the use of automation software in your outsourcing transaction.

Towards the end of 2018 we ran a series of Contract Corner blog posts on the GDPR and Data Processing Addendums. (See here and here.) December brought detailed guidance from the UK Information Commission’s Office (ICO) on contracts and GDPR compliance (the New Guidance), which replaces draft guidance previously issued as part of a consultation by the ICO in 2017 (the Draft Guidance).

In Part 1 of this series, we looked at the prevalence of standalone data processing addendums (DPAs) as a means to comply with rules on engaging third-party outsourcers under the EU General Data Protection Regulation (GDPR). In particular, we focused on the risks associated with “one size fits all” precedence clauses. In this Part 2, we take a detailed look at some of the commercial issues arising from DPAs, the GDPR’s mandated contract requirements.

What’s the Issue?

Article 28 of the GDPR includes a set of mandated data processing clauses that are broader in scope than the contract requirements under previous EU data protection laws. In addition, despite the GDPR having been in force for more than six months now, it is still uncertain how regulators will interpret and enforce Article 28.

As a result, parties to outsourcing agreements can find themselves in protracted discussions around which party bears the cost of implementing Article 28. Below are some key areas of focus in the context of outsourcing agreements.

The United Kingdom government’s Cabinet Office (the central procurement department for central government) is requiring major government suppliers to draft “living wills.” These are intended to safeguard the provision of services to the public sector in the event of the collapse of a supplier.

This measure follows the insolvency of outsourcing provider, and major government supplier, Carillion in January 2018. The well-documented Carillion collapse led to significant debate about the role of outsourcing within the UK public sector, with pronouncements about the extent to which outsourcing for the public sector has “fallen out of fashion.”

A significant fine imposed by the UK’s Financial Conduct Authority (FCA) on an established UK insurer is further evidence of the increased scrutiny being placed on outsourcing arrangements by the financial services regulator, and also of the importance the regulator places on issues that directly impact retail customers.

The FCA is the UK’s “conduct” regulator, with a focus primarily on the regular business conduct of financial services businesses, as compared to the “macro” focus (safety and soundness) of the Prudential Regulatory Authority (PRA) – although there is overlap between the stated remits of the FCA and the PRA, and outsourcing arrangements are subject to scrutiny by both bodies.

A shrinking in traditional outsourcing deal volumes since the United Kingdom's EU membership referendum vote on June 23, 2016, is being partially attributed to business caution following the “Brexit” decision.

According to consultants ISG, the traditional sourcing market in the UK pre-Brexit referendum had a deal volume of circa $900 million per quarter. However, the UK outsourcing market has only achieved this level of activity in one quarter since the referendum.