The first part of this two-part series provided a general overview of outsourcing, including: what is meant by "outsourcing"; its potential benefits; and the lifecycle of an outsourcing transaction. In this second part, we look at some of the legal and commercial risks involved in negotiating, implementing and managing an outsourcing contract, including:
- the general structure of an outsourcing agreement;
- transferring assets, intellectual property ("IP") rights, and employees; and
- data protection considerations.
General structure of an outsourcing agreement
Outsourcing agreements are, in principle, similar to service agreements, as both involve the provision of services by an external provider. However, unlike a standard service arrangement, outsourcing often involves the transfer of assets, IP rights and/or employees. Therefore, an outsourcing agreement will need to address these issues, including:
- "entry provisions" relating to the initial transfer of services from the customer to the supplier;
- the general, day-to-day provision of services during the term of the agreement; and
- "exit provisions" relating to the termination of the services by the supplier and the subsequent transfer back to the customer (or to a different supplier).
It is sometimes necessary for the customer to transfer specific assets (e.g. specialised equipment) to the supplier as part of an outsourcing agreement. The assets may be sold, leased or loaned to the supplier, depending on several factors, including: the term of the arrangement, tax implications and whether the customer is partially or fully transferring services to the supplier. Regardless of which approach is taken, the outsourcing agreement will need to address:
- what happens to the assets at the start of the agreement;
- how the assets (including new assets which are used by the supplier for the purpose of providing the services) are to be treated during the outsourcing agreement;
- what happens to the assets at the end of the agreement; and
- the treatment of any relevant third party contracts in relation to the assets (e.g. supply or maintenance contracts).
The outsourcing agreement will need to address different types of IP rights, including:
- the customer's existing IP rights: these are typically licensed to the supplier for the sole purpose of providing the services;
- the supplier's existing IP rights: these are usually licensed to the customer for the purpose of receiving the services. The customer should consider whether the licence will need to extend beyond the end of the agreement, and whether it will apply to any replacement suppliers;
- IP created/developed during the agreement: this is usually the most problematic issue as both the supplier and the customer will want to own these IP rights. When drafting the agreement, the parties should carefully consider the ownership and licensing provisions. For example, if the supplier owns the rights, the customer should seek a royalty-free licence lasting beyond the end of the agreement and potentially extending to any replacement suppliers after termination;
- third party IP rights: consideration will also need to be given to any third party software required for performing the services, including which party is responsible for obtaining the appropriate licences or permissions. It is common for the customer to seek an indemnity from the supplier stating that the provision of services does not infringe the IP rights of any third parties.
The outsourcing agreement may allow for the customer to provide the supplier with certain employees to assist in the provision of services (such as where the employees have specialised knowledge about the customer's business which is necessary for the provision of services under the agreement).
Where employees are being transferred, the outsourcing agreement will need to cover, for example: the transfer of the employees at the start of the arrangement; the parties' ongoing obligations in relation to the employees; and the arrangements at the end of the contract term.
It is also important to consider the impact of local labour laws on the outsourcing arrangements. For example, under TUPE,1 in the UK:
- the customer's employees who are involved wholly or mainly in the provision of the transferring services will automatically become the supplier's employees (whether or not they are wanted) on their existing terms of employment (including pay);
- all rights, powers, duties and liabilities under the employment contracts will pass to the supplier; and
- any dismissals or changes to the employees' terms will be deemed unfair or invalid if the primary justification is related to the transfer.
These considerations will also be relevant at the conclusion of the outsourcing agreement, if/when the employees are transferred back to the customer or to a replacement supplier.
If the outsourcing agreement includes the transfer of personal data (e.g. employee details), this can give rise to potentially complex data protection compliance issues. In these situations, the agreement terms must comply with any general obligations or restrictions under applicable data protection laws.
Under EU law, for example, the customer will typically be classified as a "data controller", and the supplier as a "data processor". This means that the agreement needs to specifically address the supplier's obligations to handle the information only in accordance with the customer's directions. Failure to do so may result in penalties or other sanctions being imposed against the customer. EU law also imposes potentially onerous restrictions on transferring personal data to countries outside the EEA. This could be an issue for Japanese companies wanting to act as service providers to other group companies or customers in the EU.2
There may also be compliance issues to consider when dealing with regulated industries, such as financial services and the health sector.
Outsourcing offers many Japanese companies an effective way to reduce their business expenses, in addition to potential benefits such as improved service levels, access to resources and local markets, and the ability to outsource non-essential functions in order to focus on core business. However, it is important to carefully structure the arrangement in order to ensure that the customer complies with regulatory obligations and protects its assets and interests, not only when it enters into the arrangement but also during the course of its term and upon exit.