Top 5 Negotiation Points for
Software, SaaS, and Outsourcing Agreements
Brought to you by Winston & Strawn’s
Today’s eLunch Presenters
Glynna Christian Intellectual Property New York [email protected] Becky Troutman Intellectual Property San Francisco [email protected] Brian FergemannAdvertising, Marketing, and Entertainment
Chicago
Top 5 Negotiation Points
Defining your goals and measurable performance
requirements
Conducting due diligence
Determining the pricing model
Identifying key issues and potential resolutions
Exiting the relationship
Sourcing Strategy – Adding Value
Any project must have a clearly articulated value
proposition to the business
Value is measured in more than bottom-line results
Enabling the company to work at peak performance while
respecting its culture and values
Leveraging service providers’ capabilities
Maximizing value for both the company and the service
provider
Defining Your Goals and
Performance Criteria
There should be a business need that can be solved
by sourcing
To understand the scope of that business need, the
company must examine its needs, such as:
Areas within the business that have divergent interests
Technical, implementation, and project management
requirements
Project budget
then
translate those needs into measurable
requirements
Business Case – Why?
Provide background
Explain the business need and potential solution
Common examples – too many legacy applications, will not sustain future business requirements, proprietary software and process not conforming to industry standards, technology-driven rather than process-driven
Quantify the impact of transformation
Obtain approval to move forward
Business Case – What is it?
Documentation of current technology or process “as is”
Review and consideration of the desired “to be” state
Gap analysis between “as is” and “to be”
Cost analysis of getting to “to be” and cost of not changing
the process
Establish a baseline for cost management and future benefit tracking Estimate the costs, benefits, and other financial metrics of the
potential solution
Establish measurable success criteria (
e.g.
, cost, added value
considerations, or both)
Specifying the Business Requirements
Detailed requirements and defined deliverables
Capable of being measured, and The results analyzed and reported
Any process flows to be changed or implemented?
Data issues
Any new data to be collected or converted?
Who will have access to data and how will it be used, stored, and
transmitted?
Implementation planning
Will the services be phased in? Will a pilot test be conducted?
Integration planning – what is the potential impact on other
Performance Requirements
Service Level Agreements (SLAs)
Mechanism for ensuring quality service
Measures the vendor’s performance of certain requirements Objective and measurable
Review SLAs against published standards
Avoid too many SLAs – prioritize by impact if the SLA is not met Service Level Credits
Vendor pays credits for failure to meet performance Should credits be sole and exclusive remedy?
Key Performance Indicators (KPIs)
Measurements that indicate success for the project
Due Diligence – Who is your partner?
Corporate structure
Location – red flag!
Where will services be performed?
Where will data be transferred, processed, or stored?
Key subcontractors
Reputation, lawsuits, investigations
Financial stability
Due Diligence – What is provided?
Intellectual property
patents
trademarks/brands
copyrights
trade secrets, confidential information, data
Software, database, Software as a Service
Other Services
Due Diligence – Intellectual Property
Is the IP registered in the relevant jurisdictions?
Does the vendor own or have the right to sublicense
IP and services in all relevant jurisdictions?
Are there any restrictions on the vendor’s ownership
or license rights in any jurisdiction?
Due Diligence – Other Issues
Policies and procedures for protecting confidential
information
Data security measures, ISO certifications
Disaster recovery plans
Insurance
Pricing Models – SaaS
For software or pay-as-you-go services, you should know:
How you will use the software, system, or services # of users who must access the software or services Transaction volumes for each application
Transaction costs for each application
Growth rates for revenue, costs, volumes, and users
Consumption-based pricing models
Per-user
Per-transaction
Percentage-of-revenue Fixed-fee model
Pricing Models – Outsourcing
Usually a monthly or annual service charge
Incremental fee based on consumption Fee based on the number of users
Fixed price and price caps Time and materials
Cost-plus
Alternative models
Gain-sharing
Incentive-sharing Shared risk-reward Revenue-sharing
Pricing Models – Outsourcing cont’d
Gain-sharing
Based on the value delivered by vendor
Gains are difficult to agree upon and measure Reluctance to fund without guaranteed payback
Incentive-based
Earn-back or bonus payments made to the vendor for achieving
performance levels above SLAs
Pricing Models – Outsourcing cont’d
Shared risk-reward
Jointly funded development of new products, solutions or services Vendor shares in rewards for a period of time
Difficult to measure results or quantify rewards Issues around ownership, investments
Revenue-sharing
Vendor shares in your revenues from activities supported by the
Negotiating the Best Price
Seek competitive bids
“Best practice” is an RFP process focused on accomplishing the value
proposition outlined in the business case
Risks in a sub-standard RFP
Gaps in internal business processes
Increasing costs and partially met expectations due to: Disorganized, non-customized RFP process
Inadequate planning and understanding of solution complexities Poorly structured contract not based on outcomes
Poorly defined metrics and success criteria
Vendor deficiencies in delivering against expectations
Obtain comparative pricing
Key Issues – Intellectual Property
Scope of license/access rights
Who needs to have use rights? What use rights are required?
What restrictions are imposed, and are third-party materials licensed
under additional terms?
Does vendor need license to customer IP?
Ownership of developed IP – red flag!
“Work for hire” Joint ownership
Key Issues – Confidentiality
Scope:
Mutual?
How is “confidential information” defined? Is data privacy and security addressed?
What are the restrictions?
Disclosure, use, reverse engineering Employees, contractors, representatives
Key Issues – Confidentiality
What are the exceptions?
Written authorization
Made public through no fault of recipient Provided by third party without restriction Independently developed
Compelled disclosure
Disclosure to potential investors or buyers under a confidentiality
obligation
Key Issues – Warranties
Ownership
Noninfringement
Performance of software/SaaS
Performance of services
Third-party software
Malware
Open source software
Key Issues – Indemnity Scope
Allocation of risk
What can go wrong that results in a third-party claim? Who should be responsible for the claim?
Scope: Defend, indemnify, and hold harmless
Who is indemnified?
Officers, directors, employees, contractors, agents Affiliates, customers
Key Issues – Indemnity Scope
Requirements
Prompt notice
Sole control over defense and settlement
No acts/omissions that affect defense or settlement All amounts paid
Selection of counsel
Key Issues – Indemnity
Infringement
Exceptions
Self-help remedies
Bad acts
Breach of warranty, breach of agreement Acts, omissions
Violation of law
Fraud, gross negligence, willful misconduct
Key Issues – Indemnity
Sample Vendor-Favorable Indemnity:
X.1 Infringement Claims. If an action is brought against Licensee
claiming that the Software infringes any United States patent, copyright or trade secret rights of a third party, Licensor shall defend Licensee at Licensor’s expense and shall pay the damages and costs finally awarded against Licensee in the action, but only if (a) Licensee notifies Licensor promptly upon learning that the claim might be asserted, (b) Licensor has sole control over the defense of the claim and any negotiation for its settlement or compromise, and (c) Licensee takes no action that, in
Licensor’s judgment, materially impairs Licensor’s defense of the claim. This indemnity 1 will not apply if and to the extent that the infringement claim results from a correction or modification of the Software not
Key Issues – Liability Cap
Does the cap apply to both parties?
What is the cap?
Fees/multiple of fees paid during a certain period Flat cap
Are there exceptions?
Indemnity
Breach of confidentiality/privacy
Key Issues – Disclaimer of Damages
Does the disclaimer apply to both parties?
What is disclaimed?
Consequential & incidental damages Indirect, special, punitive damages All damages/all liability – red flag!
Are there exceptions?
Indemnity
Breach of confidentiality/privacy
Key Issues – Disclaimer of Damages
Sample Vendor-Favorable Damages Disclaimer:
LIMITED LIABILITY. THE MAXIMUM LIABILITY OF LICENSOR AND ITS
AFFILIATED ENTITIES AND ITS AND THEIR LICENSORS AND SUPPLIERS TO LICENSEE FOR DAMAGES ARISING OUT OF THIS AGREEMENT IS LIMITED TO THE AMOUNT PAID TO LICENSOR BY LICENSEE DURING THE THREE (3)
MONTH PERIOD PRIOR TO THE DATE A CLAIM ARISES. UNDER NO
CIRCUMSTANCES SHALL LICENSOR (OR ITS AFFILIATED ENTITIES OR ITS OR THEIR LICENSORS AND SUPPLIERS) BE LIABLE TO LICENSEE OR TO ANY OTHER PARTY FOR ANY CONSEQUENTIAL, INCIDENTAL, INDIRECT, SPECIAL, OR PUNITIVE DAMAGES, HOWEVER CAUSED, INCLUDING,
WITHOUT LIMITATION, LOSS OF PROFITS AND COSTS OF PROCUREMENT OF SUBSTITUTE GOODS.
Key Issues – Assignment
Can each party assign to a third party?
Is a change of control an assignment?
Common limitations on assignment
Prior written consent
Consent not unreasonably withheld
Exceptions for affiliates, merger, asset sale Assignee agrees to be bound
Exiting the Relationship
Termination for convenience
Customer should have the right after a specified period of time for
vendor to recover sunk costs
Customer may have to pay early termination charge Vendor should NOT have right to T for C
Termination for breach
Generally limit vendor’s right to terminate only for material
non-payment of undisputed amounts
Consider termination rights for vendor breaches that may cause
significant impact to the customer
Examples: “Safety and soundness” of financial institutions, data breaches
