Audit rights are commonly included in IT contracts in order to allow one party to access information held by the other party in relation to the agreement between them. Although dealing with the construction industry, a recent High Court decision (Transport for Greater Manchester v Thales Transport & Security Ltd) nonetheless provides useful guidance for parties to IT contracts on which information or documents are likely to be disclosable under such a clause and which information or documents may be withheld.
The audit rights clause will sensibly address the following issues:
- who is permitted to access which information;
- the permitted reasons for carrying out an audit;
- the frequency with which audits can occur;
- timescales and notice requirements; and
- allocation of costs incurred by each of the parties in connection with the audit.
In addition, audit rights will usually be supplemented by an obligation to maintain certain records.
Thales contracted with Transport for Greater Manchester (TGM) to supply a new tram operating system for Manchester Metrolink. A dispute arose over additional costs relating to the tram system. TGM requested wide-ranging documents from Thales under the audit rights clause of the contract. When Thales refused to provide the documents under the clause, TGM applied to the court for an order requiring Thales to do so.
The court granted specific performance in respect of the majority of the documents that TGM had requested Thales to provide. The audit rights clause permitted TGM to request documents "relating to… the carrying out of any of the Supplier's obligations" or in order to "audit" any of the information that Thales had provided to TGM.
The court decided that the wording of the clause was broad enough to cover documents relating to contractual non-performance, as well as where the contract had been properly performed. It also held that the term 'audit' in this context simply meant "to check or verify" and was not limited to financial records.
The following documents were found to be within the scope of the rights granted by the audit clause:
- board meeting minutes (including those of other group companies);
- reports produced by external advisers;
- internal reviews of the contract and its issues;
- sensitive commercial information; and
- documents that reviewed the obligations long after the problems occurred.
Specific performance was refused and Thales therefore was not required to disclose documents where:
- the categories of document were too imprecise;
- the documents were covered by legal privilege; or
- the court felt that there was danger of the clause being used to carry out a "fishing expedition".
From the perspective of an IT service purchaser seeking to rely on the audit rights clause, it should be remembered that specific performance (as ordered by the court in this case) is an equitable remedy and, therefore, will not always be available. The court will consider the context of an audit request, not merely the contractual interpretation of the audit rights clause itself. Any specific performance request requires precision and care should be taken to ensure as much clarity as possible in formulating a request for documents.
From the perspective of an IT service provider likely to be on the receiving end of an audit rights request, this case raises a number of key points for consideration:
- It is important to be clear about the purposes for which audit rights may be invoked and to ensure that these are as narrow as possible.
- The clause should specifically restrict access beyond the agreed audit purposes.
- Access should be restricted to specific categories of document.
- Consider audit rights in subcontracts and ensure that they are sufficient to enable a flow-down of audit rights where necessary.
- Include a specific right to redact information provided in the course of an audit.
- Include an explicit carve-out for both legal advice privilege and litigation privilege.
- Consider whether the instruction of experts to examine a problem and their reports should be outside of the audit rights.
- Ensure that confidentiality provisions offer adequate protection for information disclosed under audit rights.
- Ensure that significant costs incurred in complying with an audit request are recoverable and priced fairly.
For further information on this topic please contact Peter Lumley-Savile or Sanjay Pritam at RPC by telephone (+44 20 3060 6000), fax (+44 20 3060 7000) or email (firstname.lastname@example.org or email@example.com)
This article was first published by the International Law Office, a premium online legal update service for major companies and law firms worldwide. Register for a free subscription.