Skip To Content

Working together while working from home: Key considerations for technology and other commercial services agreements

Author(s): Wendy Gross, Matthew Wanford, Christine Jackson

Apr 23, 2020

For further information on the changes below or other technology matters, please contact one of the authors above or any member of our Technology Group.

Since the beginning of the COVID-19 pandemic, we have watched (and worked with) our clients as they transition to the current reality of physical distancing and working from home (and, of course, made this transition ourselves). The consensus now seems to be that we have reached an equilibrium in this new (though temporary) normal, and while urgent COVID-19-related emergencies continue to arise, the focus is now on returning, to the greatest extent possible, to business as usual.

For customers and suppliers of technology or other products or services, this means getting back to negotiating agreements for the purchase and supply of these products or services. Negotiating in the current circumstances, however, presents challenges and unique issues that should not be overlooked, and that may well not be adequately addressed by an organization’s standard provisions or risk management framework. This is further compounded by the constant change that we are experiencing in many aspects of the business environment which, in large part, is outside of both the customer’s and the supplier’s control. Though we all anticipate an eventual return to business as usual (or perhaps a modified version of the pre-pandemic universe), exactly when this will occur, and what the transition back will look like, are currently unknown. While long-term technology or other services agreements typically include mechanisms to address change over the life of the relationship, it is unlikely that these mechanisms will be sufficient to fully address the unique situations that face businesses right now.

Key themes: What Osler is seeing

Not surprisingly, price is becoming a critical issue. Operating costs have risen, and many suppliers are looking to pass these on to customers. Equally unsurprisingly, most customers do not agree. Current economic impacts and the uncertainty of the path forward are making planning very difficult. In some cases, this may lead to a rethinking of basic economic models as well as the pricing itself.

Timelines for negotiating deals and moving forward with projects have also been affected. In the complex multi-vendor worlds in which our clients operate, this can have material ripple effects on agreements with other service providers that need to be identified and addressed. For example:

  • A customer may have pre-licensed supporting software or software-as-a-service solutions that are to be the subject of delayed implementation services. Fees could be due under such agreements.
  • Suspending an implementation project could mean that software, hardware or systems that are coming to end-of-life or require support need to be assessed, and renegotiation or extension of terms with the existing supplier may need to be considered. It could be time to dust off old agreements to ascertain such impacts.

In addition to addressing the impact of the current pandemic in agreements, the parties should also consider addressing how to transition to the post-pandemic future. Given the multijurisdictional service delivery model that most suppliers have adopted and the international operations of many customers, what this transition will look like is very difficult to predict. Considerations include:

  • Customers and suppliers may have service locations in jurisdictions that remain under lockdown.
  • Governmental restrictions will be relaxed in different locations in different ways and at different times.
  • It will take time for international travel and other related services to recommence, and flight schedules and flight frequencies may take time to scale.
  • Employees may be reluctant to travel to other jurisdictions, particularly if they fear that disease flare-ups could once again inhibit movement and their ability to return home.

Whether you are a customer or a supplier currently negotiating a deal, it is important to take a fresh look at many key deal terms to assess whether and how they should be adjusted. Set out in the table below is a checklist of some of the most important terms that should be reviewed. In our view, it will be important for customers and suppliers to approach current negotiations in a collaborative way to address the novel issues that they are both facing.

Issue

Customer considerations

Supplier considerations

Continuity of personnel; key personnel commitments; knowledge transfer

  • Given the higher risk that key or specialist personnel may become unavailable, should additional requirements be included to mitigate this risk?
  • Given the higher risk that the supplier may become short of qualified resources, should additional terms be considered to ensure that resources are not reassigned or shared, or that the supplier has taken additional steps to shore up its available personnel?
  • If the supplier is relying on personnel from high-risk jurisdictions to perform services, is the customer satisfied that the risk of engaging the supplier can be sufficiently mitigated? Should the customer be considering alternative, lower-risk suppliers or mitigating risk through a multi-vendor strategy?
  • Has the supplier demonstrated that it has robust knowledge transfer processes and documentation that will enable replacement personnel of both the customer and the supplier to support the service if key resources are lost?
  • Are there restrictions on the customer’s ability to access or use such information or provide it to an alternative service provider if the supplier is unable to meet its service commitments that are too restrictive in this context?

 

  • Given the higher risk that key or specialist personnel may become unavailable, is more flexibility required to enable the engagement of alternative qualified personnel on an urgent basis, including through subcontractors or on a staff augmentation basis?
  • Are there exceptions to certain personnel continuity commitments (for example, in situations where the supplier is required to prioritize delivery for emergency or essential service providers) that should be included?
  • Does the supplier require more flexibility in its ability to subcontract than the customer is proposing?

 

Service delivery requirements

  • Do the service descriptions or service scope need to be adjusted to account for the supplier’s current pandemic service delivery model and contingencies? Consider, in particular, the following:
    • Project delivery milestones
    • Customer dependencies
    • Testing processes
    • Service level commitments
    • Incident management processes
    • Training and knowledge transfer commitments
  • How do the service descriptions account for future-state delivery once the pandemic restrictions are lifted?
  • Is it possible to contract for the future state of service delivery and the transition to the future state now?

 

  • Do the service descriptions or service scope need to be adjusted to account for the supplier’s current pandemic service delivery model and contingencies?
  • Are the remedies for late delivery acceptable or overly onerous given current challenges?
  • Are there additional customer dependencies that should be included in light of the current service delivery model?
  • Are the supplier’s remedies for late performance by the customer of customer dependencies sufficient?
  • Is the supplier able to meet its standard service level commitments?
  • Is the supplier willing to commit to its standard service level remedies?
  • How do the service descriptions account for delivery once the pandemic restrictions are lifted?
  • Is it possible to contract for the future state of service delivery and the transition to it now?

Change management

  • Do the change management processes and terms require adjustment to account for the uncertainties inherent in contracting for services in the pandemic environment? Consider, in particular, the following:
    • Is the change process too formal and onerous for the current environment, where flexibility and faster turnaround times may be required?
    • Are the time frames for the response to change requests appropriate?
    • Are the terms regarding each party’s rights to refuse a change request reasonable?
    • Does the customer require a right to require the supplier to make changes pending resolution of a dispute?
    • Are the economic rules regarding the pricing of changes appropriate in circumstances where changes may be required to address the imposition of restrictions that are not in the control of either party?
  • Is the change management process an appropriate mechanism to manage the return from pandemic-state service delivery to future-state service delivery?

 

  • Do the change management processes and terms require adjustment to account for the uncertainties inherent in contracting for services in the pandemic environment? Consider, in particular, the following:
    • Is a broader ability to make changes without the customer’s consent required?
    • Are there circumstances in which the customer should not have the right to refuse a change request made by the supplier?
    • Does the supplier require the right to commence a change that the supplier requested pending a dispute or delay in receiving the customer’s approval for the change?
    • Under what circumstances is it reasonable to pass the cost of a change required by the supplier to the customer?
  • Is the change management process an appropriate mechanism to manage the return from pandemic-state service delivery to future-state service delivery?

 

Governance and reporting

  • Should the governance model for the relationship be modified to account for the current restrictions? How should meetings be held? Should meeting or reporting frequency increase? Are additional reports required?
  • What additional governance provisions should be included to assist in the transition from pandemic-state service delivery to the future state of service delivery?

 

  • These questions are the same for both the customer and the supplier.

Service and data location commitments

  • Do the customer’s standard restrictions on data locations and handling or service locations enable the supplier to provide the services in a WFH environment? Do these restrictions need to be relaxed to enable the supplier to provide the services?
  • Does the customer require additional information regarding the supplier’s approach to WFH and how and where data will be handled or services provided?
  • If services are provided from a high-risk jurisdiction, does the supplier have a country risk plan that will enable it to transition to a new location if required to ensure service continuity?
  • If the supplier will be accessing third-party software licensed by the customer, does the supplier’s WFH delivery model comply with the service restrictions that are included in such third-party agreements?

 

  • Is the supplier able to comply with the restrictions imposed by the customer relating to service and data locations and handling, especially if the supplier has transitioned to a WFH environment? What additional flexibility does the supplier require in order to deliver the service?

 

Security standards

  • Is the supplier able to meet the customer’s physical and information systems security standards given how it is now required to deliver the services in a WFH environment?
  • Should additional or alternative security standards be included to address the way in which services will be delivered, including new security controls or mitigations to address any security vulnerabilities created by the pivot to WFH?
  • Does the way in which services will be delivered by the supplier introduce risks that cannot be appropriately mitigated, and, if so, should the scope of services be revised accordingly?
  • Do security incident management processes need to be revised?

 

  • Is the supplier able to meet the customer’s physical and information systems security standards given how it is now required to deliver the services in a WFH environment? If not, what adjustments should be made to the supplier’s obligations, and what alternative security standards is it able to meet?
  • Given the increased security risk associated with service delivery, should the supplier reconsider the scope of services it provides or the liability framework it would typically agree to?

 

 

Business continuity

  • Is additional due diligence review of the supplier’s business continuity plan appropriate to ensure that the plan is sufficiently robust to account for the current pandemic and for a transition from the pandemic service delivery model?
  • Are the customer’s standard commitments with respect to business continuity and service recovery plan management, maintenance, testing and reporting sufficient for the current environment?

 

  • Has the supplier updated its business continuity plan to enable it to meet the customer’s requirements in light of the current pandemic? If certain locations that are key within the supplier’s plan are now under full lockdown or unable to fully function with supplier personnel operating from home, has the supplier identified other service locations, either temporarily during the pandemic or on a permanent basis?
  • Is the supplier still able to meet the requirements of its standard plan (e.g., RTO and RPO), or should these commitments be adjusted to reflect the current service delivery challenges?

Termination rights

  • Are the customer’s standard termination rights sufficient or are additional termination rights appropriate?
  • Are the customer’s termination rights overly onerous given current challenges? Should the supplier push for more favourable terms (e.g., longer cure periods or different termination triggers)?
  • Does the supplier require any additional termination rights?

Risk allocation

  • Are the customer’s standard representations, warranties, indemnities and limitations of liability appropriate or should they be adjusted given the current risk profile?
  • Is the supplier’s pre-pandemic institutional position regarding risk allocation acceptable in the current risk environment?

Audit rights

  • Will the customer be able to exercise its audit rights in light of the current restrictions? If not, what workarounds, if any, are possible?
  • Is the supplier able to comply with the audit requirements requested by the customer, both in terms of the customer’s ability to exercise audit rights and the audit and certification requirements that the customer is asking the supplier to meet?

Force majeure and change in law

  • How do the customer’s standard definition of force majeure and the related force majeure terms apply in the current circumstances? Would the relief provided to the supplier apply to the current pandemic given it is an existing and known event? Should the terms be adjusted?
  • Are there separate provisions in the agreement to address the consequences and relief provided in the event of a change in law?
  • How do these provisions interact with the force majeure provisions in the current circumstances where the pandemic event led to the implementation of restrictions upon the parties?

 

  • Does the force majeure provision provide the supplier with sufficient protection should it be unable to perform due to the current pandemic?
  • Does the supplier wish to introduce specific relief from liability provisions relating to the pandemic, resulting governmental restrictions imposed on it or circumstances where the restrictions imposed on the customer impair the supplier’s ability to perform?
  • Does the supplier require a termination right if a force majeure event affecting the customer or the supplier continues for a prolonged period?
  • Is the customer’s termination right tied to the continuation of a force majeure event, and, if so, is the time period that gives rise to the termination right appropriate or too short?

Financial viability issues

  • Should the customer perform additional due diligence relating to the financial stability of the supplier at the outset and on an ongoing basis in light of the current pandemic?
  • Are additional protections relating to the financial stability risk of the supplier appropriate? Additional protections may include the following:
    • Additional insurance coverage requirements
    • Parental guarantees
    • Escrow arrangements for software
    • More robust licences to supplier intellectual property
    • Additional financial reporting
  • Should the supplier consider additional insurance or other steps to mitigate its risk exposure to customers?

 

How does COVID-19 impact your business? Stay informed with our COVID-19 Digest.

Subscribe

COVID-19: Navigating legal and business impacts

Stay informed

Let us help you stay up to date. Receive updates by email.

Subscribe now