<< Back to article Print this page Loading page, please wait...

Taking Out a Contract

Beverley Head (CIO)
07 December, 2004 13:16

Open the bottom drawer, blow the dust from those IT contracts and go searching for the demons and the diamonds that lurk within.

The health insurance commission recently renegotiaated a contract; and got access to software running on up to 1200 more Mips for $1.6 million less that it used to pay.

Canon has a team working its way through a 40-page contract, dense with an array of demands from the prospect (a division of one of the big four banks), which even if it wins will net just $200,000 revenues for the printer supplier.

St George Bank has renegotiated its volume licensing contracts for open systems software and brought down its annual charge from $6.5 million to $5 million.

Welcome to the wild world of modern IT contract negotiations.

Time was when an IT contract was drawn up, looked over, signed and put in the bottom drawer. Today IT contracts - whether for software, hardware, peripherals, communications or services - are more lively documents, and in best practice situations perform as an active management tool by clearly defining the outcomes expected from the supply of goods or services.

Best practice contracts also keep the parties out of court if something goes wrong. Dr Gordon Hughes, a partner with Blake Dawson Waldron, says by incorporating performance measures, defining the means of monitoring performance and also nominating performance level rebates, a good contract has "both the offence and penalty pre-prescribed".

It does not always work that way, though. IT litigation is rare in Australia, but according to some lawyers it is on the rise.

One high-profile dispute in negotiation at time of writing is between the building supply company Crane Group and PeopleSoft. In July Crane revealed the extent to which an IT project using JD Edwards software (now owned by PeopleSoft) had blown out. The system was installed after four years, but Crane took a $28.7 million pre-tax write-down on the software in its 2004 annual results.

After disclosing the problem in July, Crane clammed up, refusing to discuss how the dispute negotiations are proceeding. All a spokesperson for the firm would say is that there has been no court action at time of writing.

Another lawsuit, dating back to 1996, was finally put to bed this year. In 2001 Justice Hansen in the Supreme Court of Victoria ruled on a claim by RACV Insurance and RACV Group Services against Unisys Australia regarding a failed IT project for the design, supply and installation of a work flow management system based on the imaging of documents. The judge found in favour of RACV and awarded damages in the order of $4 million for expense wasted on the contract. Unisys appealed the decision but in May, the Full Court of the Supreme Court of Victoria unanimously dismissed the appeal.

Page Break

Court action is costly for all parties, so not surprisingly CIOs are getting smarter about contract management. Sydney Airport Corporation Limited (SACL), for example, has had a database of contract precedents under development for the past two years. Expected to be completed in 2005, the database will steer the organization through all of its IT contract negotiations, ensuring that the correct procedures are followed, and where it makes sense, make use of tried-and-tested contract components. According to SACL CIO David Luong, this will help ensure that nothing is overlooked during negotiations.

Issues such as intellectual property access and ownership are addressed by the precedents, along with the use of escrow to guarantee access to source code, and the precedents ensure commercial liabilities of the parties are properly explored for each contract. "Over the last year or two that library of contracts has been built up and developed in partnership with our in-house lawyers and procurement specialists," says Luong.

Acknowledging that there can be no single contract precedent for IT products and services because of the fast changing nature of the beast, Luong nevertheless believes it is possible to define a precedent-based framework that can be harnessed for any contract negotiation. An important element of that framework, he says, is the technique to identify and quantify risk. "Say it was an implementation project, we would look at the timing risks: What are the likely effects of being late? What are the cost risks of the project? What happens if it's running late - are there any holding costs and who is liable? What are the quality risks - how well does the contract capture the responsibility of our suppliers and ourselves?"

If the risks are not appropriately identified and accounted for in a standard contract, then a team made up of procurement specialists, project managers, technologists and lawyers needs to analyze them and ensure that any newly developed contract does account for them. Again, by following the framework for contract negotiations, the chance that any risks may be overlooked is reduced.

Luong says he has noticed that in the past five years suppliers are a great deal more risk averse, which has tended to make contract negotiations more complex and lengthy. "They are increasingly asking more questions such as: 'Is what we are asking for fair and reasonable?' You can try and offload all the commercial risk onto the supplier, but suppliers are now prepared to walk.

"I remember a time when supply outstripped demand and customers had more clout. Certainly around 2001 - customers had more leverage then."

He says there is still some leverage to be had when doing deals with tier-two suppliers who tend to be more innovative and less risk averse. "Perhaps they are driven by the need to win market share," says Luong. "There have been times when with larger suppliers we have felt we weren't really the customer. We felt we had no leverage. That is something that the larger suppliers need to be aware of."

Larger customers meanwhile enjoy more clout. Michael Jamieson, director of Nike's supply chain in the Pacific, says his company's global brand delivers him a strong bargaining position. "With rapid application and infrastructure development, vendors are very keen to get the latest tools into businesses like ours, therefore providing an increasingly negotiable contract environment."

Management of IT contracts at Nike is quite devolved at present. So, for example, the country manager with responsibility for network support manages the network contracts, the manager with responsibility for application development manages contracts related to that function, and so forth. Shortly this will change, as Nike is about to move all component applications and supporting hardware to the US where they will be managed and supported.

For the moment, however, Jamieson says accountability for contract management, in totality, lies with the relevant senior managers. "Strategic direction and consultative input and final approval is always given by the CIO," he says, "but the autonomous model of contract renewal and renegotiation by senior managers is preferred. Adherence to activity, financial, and support and maintenance-related milestones and KPIs, driven by a regular functional performance management process, provide the visibility the CIO requires from month to month."

Page Break

Those KPIs are also set out in contracts, but Jamieson points out that Nike does not overplay its bargaining hand. "We are as careful as possible to ensure that the scope of developmental works, or infrastructure KPIs, are realistic, which at the end of the day limits risk to both parties and the likelihood of an issue related to underperformance in the first place. Fortunately, we have not experienced any local non-performance contract issues in the IT arena for many years."

Very much a believer that litigation should only ever be a measure of last resort, SACL's Luong says he views all contracts as the blueprint for a partnership between supplier and user where both parties use the contract as a framework to achieve what was intended. Contracts are not something signed and shelved but exist as a living document that should provide the framework for progress, he says.

It is an important point. Organizations that do not review their contracts on a regular basis may lose out.

It is a lesson learned by the Canberra-based Health Insurance Commission (HIC). HIC outsources its hardware requirements to IBM GSA. It retains, however, a significant investment in internally generated software and third-party software. Vipan Nahajan is the manager of capability development and projects for HIC, reporting to Lyn O'Connell, HIC's CIO.

Over the past 18 months Nahajan has been overseeing a software audit - identifying what HIC owns, pulling out of the bottom drawers the contracts associated with the software, and then identifying the liabilities associated with what it owns. What he has uncovered in the jumble of contracts is "a number of hidden horrors".

"For example, there is ambiguity in terms of the annual maintenance costs, and you can fall into the trap," Nahajan says. "Say you are paying a percentage of the list price of the software for your maintenance. Well, 20 years ago it may have had a list price of $1000. But the software vendor can turn around and say: 'Well, the list price today is $50,000.'"

Nahajan may have found himself scared half to death with what he has found in some of the contracts, but he turned the potential horror into an opportunity. He has created a timetable noting when the contracts come up for review, and carefully logged what aspects of the contract need to be negotiated.

"A number of vendors have said that they would never license software according to a logical partition of the mainframe," says Nahajan. "In the past vendors were unwilling to negotiate that." But he says increased IT market competition now means that where there might have been only one supplier able to meet the organization's needs in the past, there is now a flurry of possibilities.

"The leverage we have been using is that there are now a number of equivalent products. We do realize there are risks involved if we did move. But we tell the vendors that if their costings don't improve we might be willing to make the change. We have done that with one of the big vendors."

HIC had been paying $4.6 million for software to run on an 1800 Mips mainframe. When it renegotiated the supply it got the price down to $3 million, and also the flexibility to run the software on 2000-3000 Mips as demand required. That the industry is prepared to negotiate afresh is, according to Nahajan, in part a reflection of its growing maturity and a recognition that users are under greater financial constraints.

Page Break

As well as renegotiating supply contracts, organizations are also revisiting the early rounds of outsourcing contracts - and users are demanding more for less. The Commonwealth Bank renegotiated IT supply contracts recently and, according to one report, its mainframe costs fell $17 million in 2004 and its desktop computing costs dropped $19 million.

When you are under pressure to cut costs, HIC's Nahajan says there are two options: reduce staff or reduce the costs of your suppliers. "My preference is not to touch staffing. The implication for the vendors is that I'm hoping they make a little less money.

"The IT shops are constrained but IT is growing overall, and that's where they [the vendors] are looking for broader market share. With the new generation of contracts, we are looking for more flexibility and lower costs," Nahajan says.

The new generation of contracts that Andrew Newman is going to have to manage was thrust upon him when JP Morgan announced it was abandoning outsourcing and moving 4000 staff out of IBM and back in-house. Part of the deal with the $US5 billion outsourcing deal with IBM was that IBM had managed all the contracts with the subcontractors.

Now Newman, the vice president and regional sourcing manager for JP Morgan in the Asia Pacific, is going to have to start looking after those contracts himself. The way in which JP Morgan is structured means that Newman in his dedicated regional sourcing role is responsible for all contract management - not the individual business managers, and that includes the regional technology managers.

To better serve the needs of the IT division, a specialist technology sourcing group has been established in the strategic sourcing group. When CIOs or business units decide that they need new technology they forward the request to this group, which then manages the request, issues a request for proposals to the market and conducts any negotiations in alliance with JP Morgan's legal team.

The CIOs are given a choice of supplier - but only after strategic sourcing has narrowed the field considerably. "Say for example it's something worth $250,000," explains Newman, "we would go to the market for a competitive bid. Then we would take it back to the business and say: 'Here are four or five of the best bids - which one best meets your needs?' " Once the decision is made, the strategic sourcing team brings in the legal department, which then accesses a range of precedents to draft a contract with the winning bidder.

Starting from scratch won't be easy. There will be a raft of new contracts to manage with the subcontractors that had been supplying products and services to JP Morgan via IBM. It will be a big job, but Newman says he has help in the form of a Web-based program that the strategic sourcing team can use to access its store of documents used in the past for requests for proposals and contracts. "We can go to that precedents store in the US and grab all the RFPs we have done, say on networking. It's the same with contracts."

After a contract is signed off a summary detailing the process is prepared that also documents that the firm has met all its compliance targets and has established an adequate audit trail. The financial sector is big on internal audits and probity checks and Newman says having an electronic database detailing all the current contracts, and the audit trails that preceded them being signed, makes life easier when an internal audit is ordered.

In addition to the contract precedents it stores, JP Morgan keeps track of the background checks it performs on different suppliers around the world. Newman says that given the scale of some of the institution's contracts, it's important to understand how financially viable and reputable a company is, so his employer "performs pretty stringent tests". While he prefers not to describe the list of companies that do not make the grade as a "black list" of suppliers, he does say that the information is made readily available throughout the firm and is checked before contracts are signed.

Although at surface it might appear that there will be a greater opportunity for a raft of IT suppliers to strike new contracts with JP Morgan once it insources its IT, Newman is not so sure. He believes one likely consequence of the unbundling of those contracts "will be a lot of vendor rationalization and we will only deal with the reputable larger firms.

"The best way to get better rates is to get the volume up through a smaller number of contracts. There are also fewer issues with vendor management," Newman says.

Amuch leaner structure is in place at Austral Bricks, where Mark Meredith is group IT manager and in charge of all IT contracts for the organization. He conducts all the negotiations himself and does not generally involve lawyers. He says that vendors are prepared to negotiate in order to keep the business, although he says he rarely negotiates on price alone - preferring a "value"-based approach that takes into account pre- and post-sales service.

However, Meredith is a believer in the "shape up or ship out" approach. "Most contracts are for 12 months," he says. "Upon their anniversary I review the costs, terms, conditions, and so on. If the service level has fallen below expectations or there have been technological improvements, then I actively renegotiate. Otherwise I do not change.

"By communicating with the vendor, most problems can be resolved or measures put in place to stop them happening again. Penalty clauses and non-renewal are my last resort, and I therefore try to include a penalty clause or an easy termination clause in the contract."

Page Break

The penalty clause offers some comfort but, as Meredith acknowledges, "this compensation usually does not cover the cost of the problem or outage; the best defence against non-performance is non-renewal".

In a previous incarnation as head of the logistics arm of manufacturer Nylex, Geraldine Livingstone once suffered the flip side of non-renewal: one of her contracted suppliers simply stopped supplying. "One Friday night the freight company said that they wouldn't be picking up on the Monday. I had to go back to the company we'd let go six months before and ask them to take over the job. I think you call it cap in hand."

Since becoming general manager of shared services, and with responsibility for Nylex's IT systems, Livingstone says: "I've not quite had that happen [again]."

She is, however, somewhat sceptical about the protection that IT contracts really deliver. With sole responsibility for IT contracts she generally takes on most negotiations herself, although does approach the in-house counsel to look over very large contracts such as that with Telstra.

She says that the generally protracted contract negotiations that take place prior to a purchase are a source of frustration, especially as there "is all this information about the penalties and the liabilities. You spend a lot of time negotiating this to no good effect. It's all in legalese and you're in no man's land. In reality there's very little protection."

Some protection, however, can be won if companies review their software contracts or licences with an eye to copyright issues. Although software vendors rarely use the feared Anton Piller orders to raid premises looking for pirated software these days, they do still take legal action when a company is suspected of breaching copyright. To protect themselves many companies perform software audits, which can occasionally deliver savings.

Michael Page, chief manager of open systems at St George Bank, audits the bank's systems to ensure it has licences for all the software it uses, and where it does have licences check that the software is actually being used and not sitting dormant. As a result he has been able to renegotiate contracts, getting the volume licence for the desktops (9500 machines by year's end) down from $6.5 million to $5 million, and also cut the costs of other non-mainframe software used by St George from $1.5 million to $170,000 a year.

As well as saving the bank money he is now more confident that it complies with Australia's copyright laws.

SIDEBAR: Boxed In by Sarbox

Staged payments exit stage right

Just when you thought it was safe to utter the phrase Sarbanes-Oxley, it appears that the US legislation intended to tighten up corporate governance has yet another ramification.

Dr Gordon Hughes, a partner in law firm Blake Dawson Waldron, says the structure of contracts issued by US IT vendors is changing because of the Sarbanes-Oxley legislation. Under Sarbanes-Oxley a company cannot book any revenue until it is free of any contingency. Intended to avoid companies booking rubbery revenues that might bounce right back in shareholders' faces, the provision also means that US-based suppliers that are obliged to comply with the law are increasingly resistant to any form of staged payment.

"They are getting more creative about getting a greater payment upfront and for that to be free of contingencies," says Hughes. IT purchasers need to be aware of this during negotiations.

Another change comes courtesy of the US's Securities and Exchange Commission rules regarding regulated entities. According to Hughes, if one company shares the same auditor with another company it can prove difficult to forge close business relationships or joint ventures.

"In the past you might have had large consulting firms and IT suppliers working together on a contract." That, he says, cannot continue if for example the consulting firm has an audit arm that is working with the IT supplier.

Page Break

SIDEBAR: Risk/Reward Contracts: Laying the Foundations

By Bart Perkins

Under the right circumstances, risk/reward contracts can provide significant benefits to both buyers and sellers. Because these contracts withhold a significant percentage of the fees until the project is successfully completed, they offer a way to share both risks and rewards with your supplier. Risk/reward contracts are more complex to negotiate and manage, however, and require careful consideration. Here are some steps you can take to minimize difficulties.

Determine whether you have a good candidate for a risk/reward contract. Do this before you pursue contract negotiations. Risk/reward contracts work best with:

• High-risk projects with significant business benefits. Use risk/reward only when the potential benefits warrant the additional effort.

• Established suppliers. Because of the complexity of these contracts, you will do better if you select a supplier with an excellent track record, preferably one you already have a strong relationship with.

• Companies with strong internal relationships. Risk/reward contracts require significant internal cooperation and work best in companies where legal, finance and HR departments already have a strong working relationship with IT.

Use clear metrics. The success of your risk/reward contract will depend on it. These measures form the basis for determining whether additional financial payments are warranted. They are particularly necessary in multiyear contracts, where management changes are almost sure to occur. Having clear metrics can help you avoid being at the mercy of widely differing interpretations of whether success has been achieved.

• Choose metrics that reward specific behaviour. For example, metrics for a new application might specify an average response time of two seconds. If you want to eliminate large deviations in response times, add a related metric specifying that 95 percent of the transactions will take place within one to three seconds.

• Develop metrics to eliminate arguments with suppliers regarding whether their incentive payments should be made. Clear metrics remove ambiguity. Imprecise measures are often subject to debate.

• Design metrics carefully. Poorly designed or insufficient measures may result in unintended consequences or give suppliers the ability to play games with the numbers. One company tried to motivate data entry operators by paying a bonus for more than a certain number of keystrokes per hour. The operators soon learned they could "increase productivity" by repeatedly tapping a single key.

Define counterbalancing measures of success. Make sure that your metrics take into account and accurately reflect multiple goals. For example, if the only measure of success is response time, a systems integrator might require faster processors and higher bandwidth, thereby making the ongoing operating costs higher than they should be.

Get interdepartmental support early.

• Finance. Since benefits often accrue over several budget years, the finance staff will need to accept multiyear "at risk" accruals that represent contingent liabilities on the balance sheet (that is, payments you will make only if the vendor performs well). In some cases, it may take several years to construct and install a new system and start reaping the benefits. Finance will need to accrue potential additional payments as soon as the endeavour starts, rather than waiting until the end and being surprised by the total fees.

• Legal. In addition to normal contract terms, you will need to negotiate special situations. For example, if your risk/reward endeavour is cancelled through no fault of the supplier (for example, your company is acquired and the new owner decides to shut down the project), the supplier will want to be paid some portion of the potential additional fees it might have received at normal project completion.

• HR. Some internal incentive programs may need to be adjusted. Suppose, for example, you construct a joint project team in which everyone works hard to deliver the project early. If the systems integrator's staff gets a bonus and your HR policies forbid you to pay a bonus to your staff, that could create resentment.

Risk/reward contracts require more preparation, precision and cooperation. But when they are used appropriately, they motivate suppliers to deliver successfully. This leverage serves as an insurance policy against failure and provides incentives for joint success.

Bart Perkins is the managing partner at US-based Leverage Partners, which helps CIOs manage their IT suppliers. He was CIO at Tricon Global Restaurants and Dole Food

Page Break

SIDEBAR: Prepare for the Worst

If you're hitching your fortune to an IT contract, get yourself a good prenuptial too

Andrew Sorensen, senior associate with law firm Deacons, says good contracts - particularly service contracts - will have a disengagement component as well. This should identify how the contract will end, any transition procedures, how IP will be apportioned and often ensure that source code be made available through an escrow agent.

Even if things come to a sticky end, it can be possible to negotiate liability into the contract. But be prepared for a Dutch auction.

According to Blake Dawson Waldron's Dr Gordon Hughes, the IT supplier seeks to limit the liabilities for damages. "They do this because they say that IT remains volatile and they have no control over how much reliance the customer places on the IT. Therefore they say they want no liability. The customers say: 'We're putting our life in your hands so you should be liable.' Then the parties negotiate a middle route where there is a capped liability."

Since July 2004 this area has become more opaque. Changes to Section 52 of the Trade Practices Act (the section that deals with misleading and deceptive conduct), which apply to claims arising on or after July 26, 2004, will affect liability in IT contracts.

According to Peter Knight, a senior IT lawyer with Clayton Utz, "A supplier will still be liable for its misrepresentations, but if the purchaser was careless in relying on the misrepresentations, the damages it can claim will be reduced by contributory negligence". Knight says the added risk this represents to the purchaser makes it even more important that both the vendor and purchaser "actively consider and agree upon - or agree to reject - mandatory performance requirements" prior to any contract being inked.

SIDEBAR: Public Liability

Big guns tread carefully, smaller ones hardly at all

One of the benefits of being a public service CIO is that government contracts have a default position demanding uncapped liability from their IT suppliers. It has made IT suppliers a bit more careful about what they promise when they are selling to government departments. It has also played into the hands of the larger IT suppliers that are better able to take on the risk of uncapped liability than their indigenous competitors.

According to the Australian Information Industry Association (AIIA), during 2004 the public sector will have invested $6.5 billion on information and communications technologies. In August the AIIA, which has long lobbied the government on this issue of uncapped liability being an impediment to smaller suppliers, released the findings of a survey by law firm Corrs Chambers Westgarth and Lumbers Consulting.

That report found that if the government took a more flexible approach to limiting supplier liability there would be cost savings for government, better participation by indigenous IT suppliers in the public sector market, better contract results, more innovative solutions and a greater focus on project risk management. The study, Better Practice Better Outcomes, also found it would be possible to reduce contract negotiation costs considerably and reduce the amount of money paid to offshore insurers.

All this from allowing more flexible contracts.

In the lead-up to the October federal election, the Coalition and Labor parties said they would review the issue of uncapped liability were they to win the election. Public sector CIOs will have to watch and see whether it was a "core promise".