What can you do to manage the risk of the insolvency of a critical IT supplier?

The recently revealed financial difficulties of Atos (see Secret files reveal fears over future of NHS IT giant Atos – BBC News)  have highlighted a potential risk affecting many customers who rely on the performance of an IT service provider to support an important part of their business. How do you manage a situation where your IT supplier (or a key subcontractor) has become or is about to become insolvent? It is worth noting in this context that insolvency could mean the liquidation of the supplier or it could mean that the supplier continues to exist, but possibly with fewer staff and less budget to perform its planned maintenance roadmap.  It could also mean that the supplier prioritises its customers who pay the most.

UK Government – Model Services Contract

In the case of the UK government, Atos is likely to have contracted with the government based on one of the iterations of the Model Services Contract designed for complex IT projects or those worth in excess of £20 million. Amongst the 500 or so pages of that standard contract, you will find provisions that provide an early warning system for a supplier’s financial difficulties.

There should also be a detailed exit schedule that lists all the component parts used to provide the IT services and provisions designed to deal with an “emergency exit”, broadly an exit from the contract in circumstances where services cease within the notice period.   The Model Services Contract also requires the development of a business continuity plan that will be triggered by an event of insolvency.  But the latter sums up the key difficulties with contracts like this.  While the business continuity plan requires details as to the key contacts at the supplier, mitigation plans and a recovery team to be put in place by the supplier, to be effective these depend on those people still being available at the supplier to implement them.

Depending on the nature of the insolvency procedure, no one knows in advance whether staff referred to within the plan will be made redundant or whether the insolvency practitioner will disclaim the relevant obligations.

Banking agreement – Stressed Exits

Similarly, the Prudential Regulatory Authority now requires that banks and insurance companies have plans in place to deal with a “stressed exit”, that is a situation where the supplier unexpectedly proves unable to provide the services. It requires that “operational resilience” policies and exit provisions on termination or expiry take into account the possibility of a “stressed exit” to ensure that operational disruption is kept to a minimum.

But just like the provisions in the Model Services Contract,  to the extent these obligations rely on contractual mechanisms to be effective, they primarily rely on the supplier being able to continue to fulfill obligations that insolvency has triggered.

How can you mitigate these risks?

Start by identifying those critical services that are dependent upon a third-party supplier. This effectively comes down to a risk assessment of each service supported by a third-party service provider.

Do you have a means to ensure that you keep track of the solvency of that supplier, if not consider whether it is worth addressing this. By way of example, the Model Services Contract requires reporting of credit rating scores.

A potential issue here relates to how up-to-date these scores are. Similarly, with monitoring of a supplier’s statutory accounts, these could be over a year out of date. To manage this, some customers look to review a supplier’s management accounts to get an early warning of an impending financial issue or alternatively to have a warranted summary statement provided to them of key financial statistics.

Having identified that your services are at risk and established a means to monitor the financial stability of the supplier, we would recommend considering a number of options:

• Can you ensure that the service provider is not the exclusive provider of services to you so that you can appoint an additional provider who can take up the slack in the event that the other provider faces financial difficulties? (If you have signed an exclusive contract with your service provider, you will have to change your existing contract and the supplier may be reluctant to agree to a non-exclusive arrangement without some form of commercial compensation).
• In the case of cloud providers, are there others who could be brought in at short notice? What steps would you need to take to implement this at short notice and can those steps be planned and taken now?
• Could you bring the service in-house at short notice?  What would you need to do to facilitate this? How much time and resources would be required?
• Can you host a system in your own cloud tenancy or on-premise with a view to surviving an insolvency event (though managing support and maintenance may continue to be problematic)?
• Using a disaster recovery solution provided by a third-party supplier to host the system and data.

While the above may provide a pragmatic solution to many situations, we still think it is worth considering incorporating a number of contract changes into your agreement:

• A contractual obligation to provide you with financial information which will provide you with an early warning of difficulties.  As discussed above, this could be a provision of management accounts or a summary of financial information.  Either way, this will require an amendment to your agreement with the supplier.
• Negotiating step-in rights into your contract enables you to directly manage the provision of services to you or, in some cases, to step into the supplier’s organisation to take control of service provision.  Step-in provisions can work really well. But they can also be highly negotiated to such an extent that their benefits are substantially eroded.
• As we have seen, inserting contractual obligations relating to contingency planning in the exit schedule and business continuity schedule may be of little or no value.  On the other hand they may still work.  It is worth considering whether the potential benefit outweighs the downside in terms of time and costs.
• Enter into direct contracts with major subcontractors which you can enforce in order to manage the insolvency or failure of a prime contractor.  This way you may be able to resurrect you service or avoid total service failure by relying on a key subcontractor to perform all or part of it.
• An absolute right to recover your data.  This is obviously easier where you are able to control download of data as opposed to being reliant upon the supplier providing you with your data.
• In the case of software as a service, a licence of the software that is not revocable and can survive termination or insolvency. This effectively means that you can (for example) continue to use the software if you chose to host in your own tenancy.

In the case of Saas arrangements in particular, a frequent issue is how to ensure you can re-establish the service and continue to update or maintain the software.  The reality is that, absent any other mechanisms (eg your own hosted tenancy), you are likely to suffer business disruption.  That said, a contractual right to configuration of the software to be deposited annually or following an update or upgrade can (assuming you can access your data) speed up the process of reconstructing your production environment.

If you need to update or correct bugs or errors you will need a right to access the underlying source code of the relevant software applications.  Traditional source code escrow can be cumbersome and release of source code may typically go through a series of notices and counter-notices before you finally obtain access to source code.  This can take weeks.

More recently we have seen a number of solutions that seek to replicate your system online.  Some suppliers have also proposed using the Github software development platform to provide customers with faster access to source code while imposing contractual restrictions on when access may be triggered.  If these are satisfied, eg on insolvency, customers avoid the notice and counter-notice provisions of a standard escrow arrangement and get access to the most up-to-date source code.

if you have any questions regarding anything discussed in this article, don’t hesitate to get in touch with Justin Harrington