What is the extent of outsourcing in your jurisdiction, including the most common sectors for outsourcing activities?
There is a high level of both IT outsourcing and business process outsourcing (BPO) across most business sectors in the UK market. The IT outsourcing activity covers infrastructure, application development and maintenance and network services and the BPO activity covers a range of back and middle office activities – particularly finance, human resources and procurement services.
How would you describe the government’s approach to outsourcing arrangements? Are there any government-sponsored incentives for outsourcing, or restrictions on outsourcing abroad?
The UK government has not taken an active or interventionist approach to outsourcing in the United Kingdom. Historically, there has been some concern about the impact of offshoring on employment, but this is not a major political issue affecting the market. There are also a number of concerns about visas for foreign employees of outsourcing suppliers and the tax status of individual contractors providing services to UK companies.
It should also be noted that the UK government is one of the main users of outsourcing services in the market across the full range of IT and BPO functions.
Is there any overarching domestic legislation governing outsourcing?
There is no overarching legislation specific to outsourcing in the United Kingdom. However, there is a wide range of general legislation governing the services which may be provided under outsourcing contracts (eg, the EU General Data Protection Regulation) and contract terms.
Are there any sector-specific laws or industry guidelines on outsourcing?
In the financial services sector, compliance requirements for material outsourcing arrangements are set out in:
- Articles 30-32 of the Markets in Financial Instruments Directive Organisation Regulation;
- Chapter 8 of the Senior Management Arrangements, Systems and Controls sourcebook (SYSC 8) in the Financial Conduct Authority Handbook; and
- the outsourcing section of the Prudential Regulation Authority Rulebook.
Firms subject to these regulations must comply with their requirements in the negotiation and management of these outsourcing relationships.
The Network and Information Systems Regulation 2018 requires operators of essential services and digital service providers to have security measures and incident management procedures in place, which will cover any outsourcing arrangements.
Licences, permits and approvals
What licences, permits and/or approvals are required for outsourcing activities, if any? What are the penalties for non-compliance with these requirements?
In general terms, licences, permits and approvals are not required for outsourcing. As noted below, the transfer of assets, licences and property may occur at the outset of an outsourcing relationship.
Are any legislative or regulatory reforms envisaged or underway which will affect outsourcing arrangements?
What legal vehicles/structures are available for outsourcing arrangements, and what are the advantages and disadvantages of each?
While there are some cases where the supplier and customer or a number of customers establish a joint venture (JV) entity for the outsourcing services, in most cases the outsourcing arrangement is by way of a commercial contract between the customer and supplier (either a single-sourced or multi-sourced arrangement – see below).
The JV structure can be useful where the parties are establishing a utility to provide services to the market or, more generally, to help inculcate a more transparent and partnership-based model. However, the JV structure is significantly more complex to establish and manage, and many of the benefits of a corporate JV for outsourcing arrangements can be replicated in a commercial contract without the additional complexity.
What are the most common contract forms for outsourcing arrangements, and what are the advantages and disadvantages of each?
The most common contract structures are as follows.
Single-sourced services contract
Its advantage is that it is simpler to negotiate and to manage as there is a single supplier and the contract relates only to the specific services.
Its disadvantages are that:
- there is less leverage with the supplier if something goes wrong; and
- it may be more difficult to use for additional services with the supplier.
Multi-sourced services contracts (with cooperation agreement between suppliers)
Its advantages are that:
- the customer can select the best supplier for each component part of the services; and
- it avoids over-dependency on a single supplier and maintains a competitive environment for future work.
Its disadvantages are that:
- it is complex and more difficult to manage; and
- there is a service integration risk.
Framework agreement with standard contract terms for all services Its advantages are:
- more leverage in negotiations as this is a standardised approach with multiple suppliers; and
- the possibility of calling off services as required over time.
Its disadvantages are that:
- it can be inflexible as all the terms are agreed upfront;
- there is significant cost involved in setting up arrangements.
Framework agreement with modular contract terms for different services
Its advantages are:
- the same as for a general framework agreement; and
- greater flexibility for specific contract terms for each service.
Its disadvantages are that:
- it is potentially more complex, although it will be easier for each service team to manage their particular service; and
- there is significant cost involved in setting up arrangements.
Before entering into an outsourcing contract, what due diligence is advised?
Customer due diligence should focus on the supplier’s:
- operational capability to meet the requirements and performance levels; and
- suitability as a long-term relationship partner.
The supplier’s due diligence is equally important and will focus on:
- understanding the current operational activities;
- any leases and licences which will need to be transferred or made available; and
- the employment and pension arrangements of any transferring employees.
The time and preparation required for this due diligence is often underestimated and is a critical risk factor in many outsourcing transactions.
Duration and renewal
What is the common duration of outsourcing contracts? How does the renewal process commonly play out?
The duration of outsourcing transactions varies. It has traditionally been between five and seven years so that the parties can maximise the financial benefits and investment in the arrangements, although for some more commoditised service the term can be as short as three years.
In the past, customers generally renewed their contract with the incumbent supplier at the end of the initial term – and this is still often the case where the service has been stabilised and is running smoothly. In these circumstances, the renewal will usually involve a price renegotiation and any amendments in scope that the business requires.
However, as the market has matured, customers have grown increasingly confident in their ability to transition to other suppliers (or, in some cases, bring the service back in-house at the end of the term) and there have been more competitive re-procurements involving the incumbent and new suppliers for second-generation transactions.
What procedures and criteria are commonly used to select suppliers?
In most cases, customers run a request for proposal (RFP) process. Bidders are downselected after an initial RFP review, then – depending on the timing and complexity of the service – the customer may:
- downselect to a single preferred bidder;
- have an additional downselection milestone; or
- negotiate with two or more bidders until final contract award.
Alternatively, customers sometimes adopt an auction model in which bidders respond with a pricing proposal to a complete set of requirements and contract terms. This requires more upfront preparation by the customer and a standard solution approach, but improves the customer’s control of the overall process. Some final negotiations will still be required to finalise the contract terms.
The main criteria for supplier selection are:
- contract terms and risk transfer; and
- overall relationship fit.
The relative importance of each of these criteria will depend on the customer’s overall business case for the outsourcing project and the nature of the relevant services.
How are the service specifications agreed and monitored, and what service terms and parameters are commonly applied? Can any flexibility be provided for in these terms?
In most cases, the service specifications will be output-based and reflect the customer’s business objectives and requirements. The specific way in which the service is delivered (ie, the inputs) may be specified in a solution, but the output-based specifications will usually take precedence.
Service performance will be measured through monthly service level requirements – there are a number of service management and reporting tools which are widely used to monitor service performance. Additional remedies will often include:
- enhanced cooperation;
- step-in rights; and
- specific termination rights relating to service level failures.
If the service requirements involve a transformation process, this will usually be set out in a detailed transformation plan with payment milestones and delay credits for non-performance. In many cases where transformation is to reduce costs, the new pricing will apply from the target transformation completion date even if the actual transformation process is not completed by then (unless the delay is caused by the customer).
Due to the long-term nature of outsourcing relationships, it is essential that there is a detailed and practical change process to ensure that the contract is flexible enough to manage changes in requirements. In many cases, the contract will provide for both operational change and contractual change processes, and it is important that there is both price certainty and transparency about the cost of change.
What charging methods are commonly used?
Several different pricing methodologies are used in outsourcing, depending on the services involved. These include:
- unit pricing – pricing based on the volume of a defined unit of services consumed. There will usually be a mechanism to adjust the price if the unit consumption falls outside a specified bandwidth from the target volumes;
- time and materials – based on a pay-as-you-go model for the volume of resource consumed (capped time and materials arrangements are also common);
- cost-plus – based on the cost of the supplier in providing the services and an agreed margin; and
- fixed price – a pre-set price for the provision of certain services.
In many cases, the charges will combine elements of several of these approaches for different parts of the services.
Warranties and indemnities
What warranties and indemnities are commonly stipulated in outsourcing contracts (for both the customer and the supplier)? Are there any mandatory or prohibited provisions in this regard?
The standard execution, legal authority and compliance with law warranties will apply to both parties. In addition, standard supplier warranties will cover:
- performance (eg, good industry practice, personnel, capability, IP rights licences and quality of code);
- RFP proposal contents; and
- due diligence.
Standard indemnities will include:
- IP rights claims (supplier and customer);
- damage to tangible property (supplier and customer);
- breach of confidentiality and data privacy (supplier – although suppliers are increasingly pressing customers to give data processors indemnities); and
- customer liability to third parties arising from supplier breach (supplier – although the supplier often resists this).
Ending the agreement
What are acceptable grounds for terminating an outsourcing contract?
The customer will normally have extensive termination rights, including:
- termination for convenience (this will normally involve paying termination compensation);
- termination for cause, such as:
- material and persistent breach;
- performance-related failure (service level and milestone thresholds);
- regulatory breach, regulatory sanction and breach of ethical codes;
- specific failures (in relation to security, data protection, confidentiality and IP rights); and
- exhaustion of liability cap; and
- non-fault termination, such as:
- change of control;
- force majeure; and
The supplier’s termination rights will normally be limited to non-payment of fees and customer insolvency.
How do contracts commonly address exit from the outsourcing contract?
The contract will normally include a detailed exit schedule setting out how people, assets and licences will transfer or be made available to the customer on exit, and will also set out a detailed knowledge transfer process. The general terms of the exit schedule should be supported by a more detailed exit plan that the supplier should update regularly to support the transition of the services.
In practice, the parties often fail to keep the exit plan up to date, which can cause significant problems on exit.
Is there a common or mandatory notice period for non-renewal of a contract?
There is no mandatory notice period for termination of the contract. The period will be specified in the contract and depends on the nature of the services and the length of the contract. In practice, if a customer does not want to renew a contract, it would usually start planning for the replacement services around 18 months before the end of the contract. As such, it is usual to have a six or 12-month notice period.
What can customers do to make their outsourcing contract more successful?
Outsourcing contracts can deliver significant value through cost savings, service transformation, access to specialist skills and by allowing the customer to focus on their core business. Unfortunately, a significant number of deals fail to deliver these benefits and leave the customer disappointed and facing cost overruns, service issues and delays.
While there are many reasons for this, the following general steps can make a significant difference to outsourcing outcomes:
- Scope – ensure that there is a clear understanding of scope at the outset (at least the existing operating model);
- Negotiations – ensure proper integration across the negotiation work streams (this is crucial to managing risk). The negotiations should also focus on a win-win approach in building a long-term relationship – it is not a zero-sum game;
- Contract – the contract should be simple and flexible so that it can be properly used to manage the relationship and deal with change over the term. The customer should also be looking to achieve a balanced, incentive-based contract model rather than focusing on maximising its protections for when something goes wrong – customers rarely enforce many of these rights and they can easily drive the wrong behaviours; and
- Governance and contract management – the customer should proactively manage the contract and not assume that all responsibility and issues are handed over to the supplier once the contract is signed. This should be built into the customer’s business case and should start on day one of the relationship.
Remedies and protections
What legal remedies are available to the parties to an outsourcing contract in the event of contractual breach or unjust termination?
This is the main financial remedy and is intended to put the claimant in the position in which it would have been if the contract had been performed. The claimant can also claim its wasted expenditure resulting from the breach (but there can be no double counting).
The court can order a defaulting party to perform its contractual obligations. However, this remedy will not be granted in relation to contracts for personal services or where it would require ongoing regular supervision. As such, it is unlikely to be available as a remedy for most outsourcing contracts.
Where the breach deprives the non-defaulting party of substantially all of the contract’s benefits, the non-defaulting may elect to either:
- terminate the contract (ie, accept the repudiation); or
- treat the contract as continuing (ie, affirm the contract).
What other remedies are available (eg, contractual)?
The contract will normally contain the following additional remedies for breach of contract:
- termination rights for material breach, persistent breach and specific service level failures;
- additional governance and reporting rights following breach or anticipated breach;
- additional audit rights following breach; and
- specific rights of enhanced cooperation, management step-in and ultimately service step-in on actual or anticipated breach to ensure operational recovery.
How can the parties to an outsourcing agreement limit or exclude their liability?
Outsourcing agreements will usually contain the following liability provisions and related matters.
Nothing in the agreement limits or excludes liability for:
- death or personal injury caused by negligence;
- breach of obligation under Section 12 of the Sale of Goods Act 1979; or
- abandonment or wilful default.
In addition, the parties will usually agree that the exclusions and caps on liability will not apply to:
- the customer’s obligation to pay the charges;
- indemnities; or
- breach of confidentiality.
Following the EU General Data Protection Regulation, the issue of whether there is unlimited liability for data privacy breach has become a significant commercial issue and in many cases the parties will agree a separate cap for this loss.
Exclusion of liability
Exclusion of liability for:
- indirect and consequential loss; and
- loss of profit, goodwill, revenue and business.
The parties will agree that all losses not subject to the points outlined above will be subject to a liability cap. This can be a per-event, annual or total aggregate cap for the term of the agreement. The cap will usually be set by reference to the charges and in most cases the customer’s cap on liability will be set at a significantly lower figure than the supplier’s cap on liability. As noted above, the parties may also agree separate caps for certain losses – particularly damage to tangible property and data privacy breach.
The parties will also normally agree to specify that certain types of loss are recoverable (eg, wasted expenditure, costs of remedying the breach and workarounds, re-procurement costs and other deal-specific issues).
The agreement will normally specify the types and level of insurance that the supplier must have in place.
The agreement will normally include a process for the supplier to notify the customer if the supplier is unable to perform an obligation because of a dependency on the customer which the customer has not performed. In such circumstances, provided that the supplier follows the procedure, it will not be liable for its non-performance.
Asset transfer and assignment
Movable and immovable property
What rules, standards and procedures govern the transfer and assignment of movable and immovable property in the context of an outsourcing arrangement?
Movable property will usually be transferred by assignment or lease.
Transfer of any land will require compliance with specific requirements for freehold transfer by deed in accordance with Land Registry requirements and leasehold land by way of deed of assignment, which will usually require the landlord’s consent.
What rules, standards and procedures govern the transfer and assignment of intellectual property in the context of an outsourcing arrangement?
At the outset of an outsourcing arrangement, the customer will license to the supplier any intellectual property that it will need in order to deliver the services. The scope of the licence will usually be limited to delivering the service to the customer. In some cases, where the supplier is buying the existing operations to deliver services to third parties as well as the customer, it is possible that such intellectual property will be transferred to the supplier or the scope of the licence will be broader. Notification and registration procedures will be applicable for registered intellectual property.
The supplier will also license to the customer any supplier intellectual property that the customer needs in order to receive and use the service. In addition, if any intellectual property is specifically developed by the supplier in the performance of the services, it will usually be transferred to the customer, together with a licence to any supplier background intellectual property that is necessary to use or modify the specifically developed intellectual property.
How can a customer’s rights and obligations under another contract be transferred/assigned to the supplier?
The transfer or assignment must be in writing and – depending on the contract terms – may require the counterparty’s consent. Transfer of the obligations under the contract will require a novation.
What rules, standards and procedures govern the protection and transfer of data in the context of an outsourcing arrangement? Are there any sector-specific regulations in this regard? What are the penalties for non-compliance?
In the European Union the principal legislation is the EU General Data Protection Regulation 2016/679 (GDPR), which governs the processing of personal data, including security measures and the transfer of personal data out of the European Economic Area (EEA). A supplier under an outsourcing arrangement will typically be a processor (meaning that it processes personal data on behalf of the customer, but without determining the purposes and means of processing); however, there are circumstances in which the supplier has sufficient discretion in the provision of the outsourced services that it also becomes a controller. Penalties for non-compliance vary according to the nature and severity of the contravention and can be imposed both on controllers and processors. The maximum administrative penalty under GDPR is 4% of worldwide annual turnover or €20 million (whichever is the greater).
In addition to GDPR, operators in certain industry sectors may be required to comply with sector-specific rules. Examples include the EU Directive on Security of Network and Information Systems 2016/1148, which imposes security and breach notification obligations on operators of essential services and digital service providers (each as defined in the directive) and rules applicable to firms in the financial services sector (eg, the Prudential Regulation Authority and Financial Conduct Authority handbooks in the United Kingdom).
Employment and labour
What rules, obligations and liabilities apply to the transfer of employees to and from the customer and supplier (including with regard to offshoring arrangements and termination of the outsourcing contract)?
The Transfer of Undertakings (Protection of Employment) Regulations 2006 (TUPE) will apply to any UK outsourcing, insourcing or second-generation transfer (including on the termination of a contract) provided that the services continue in a recognisable form (in whole or in part). This means that the contract of employment of any individual assigned to those services will transfer to the new service provider (which could be the customer if the contract is terminated and the services insourced), along with all obligations – including historic ones, with the exception of defined benefit pension rights (although associated rights in relation to early retirement and redundancy can transfer). Terms and conditions cannot be changed (although in practice, employees will accept an improvement in terms) and dismissals are difficult unless there is a redundancy situation.
TUPE is likely to also apply to offshoring (where there is little case law), although in many cases this means that the employees will transfer to the new provider but will immediately be redundant.
Definition of ‘employer’
How is ‘employer’ defined in the context of an outsourcing arrangement, and how does this affect the parties’ responsibilities and liabilities?
There is no joint employment in the United Kingdom and the employer will be the service provider. It is common to include obligations on the service provider (dealing with issues such as management, supervision, taxation and immigration) and an indemnity in the service provision agreement to ensure that the employees do not transfer to the customer inadvertently by becoming absorbed into the customer workforce.
Organised labour issues
To what extent are labour unions and works councils involved in outsourcing arrangements?
Before any TUPE transfer of employees, the present employer must inform and consult with its representatives. If there are union representatives, they will be consulted – otherwise, representatives must be elected. There is no fixed timescale and agreement need not be reached. There is no power of veto, but there is a financial penalty for non-compliance. Although works councils are uncommon in the United Kingdom, if there is one, it should be informed. If there is a union, it will also need to be consulted over redundancies – otherwise, elected representatives should be consulted (for 20 or more redundancies).
What immigration schemes and rules are pertinent in the context of outsourcing arrangements?
The ordinary UK immigration rules in force from time to time will apply.
What tax liabilities arise in the context of an outsourcing arrangement? Can these be mitigated in any way?
Two principal areas need to be covered:
- Tax on transfer of assets – if corporate assets are to be transferred outside the company’s group to the service provider, gain (or loss) may be triggered, which must be reviewed in terms of cost or mitigation. There may also be transfer taxes associated with such asset transfers, depending on the nature of the asset and the particular jurisdiction; and
- Sales or turnover tax on outsourcing services rendered – the impact of (for example) value added tax or other similar sales taxes must be assessed: will such taxes be a complete or partial transaction cost (if not fully creditable) or simply a cash flow cost?
Common disputes and resolution forms
What are the most common types of dispute arising from an outsourcing agreement and how are they typically resolved? Is alternative dispute resolution (ADR) common and effective?
The most common types of disputes are:
- Scope – what is in scope of the agreement?
- Service levels and delays – who is at fault for the performance issue or delay? Is it a supplier breach or has the customer failed to perform a dependency? and
- Charges – calculation of unit charges and the cost of change.
In many cases, a formal dispute arises only after the parties have worked together to resolve the matter operationally, but in the process the issues have become more intractable and it is often unclear whether the parties have:
- agreed any changes in scope or requirements; or
- waived some of their rights to historic claims.
For these reasons, it is important that when performance issues or a dispute occur, the parties combine looking for a practical solution with careful adherence to the contract governance procedures.
Mediation and alternative dispute resolution are often used as stages in the dispute governance process and can be beneficial in addressing issues from a practical and operational perspective. This can be particularly helpful in relation to multi-party disputes.
Recent case law
Has there been any notable recent case law which may affect the resolution of outsourcing disputes in future?
In addition to the recent case law on general contract interpretation, a number of recent developments in contract law are particularly relevant to outsourcing contracts – especially relating to oral variation, liability and termination.
Most contracts will state that a variation to a contract must be made in writing. However, there has been some uncertainty in these circumstances as to the enforceability of a subsequent oral variation. In Rock Advertising Limited v MWB Business Exchange Centres Limited (2018) the Supreme Court rejected the view that the parties to a licence had agreed to an oral variation to the schedule of rent payments because the licence included the provision: “All variations to this Licence must be agreed, set out in writing and signed on behalf of both parties before they take effect.” However, the Supreme Court acknowledged that there may be limited circumstances in which the party seeking to rely on the oral variation may be able to reply on estoppel if an unequivocal representation has been made and there is detriment to that party.
The negotiation and interpretation of liability clauses remain a central issue in outsourcing transactions. In the recent case Royal Devon and Exeter NHS Foundation Trust v ATOS IT Services UK Ltd (2018) the NHS Trust terminated a contract for a new IT system for breach – including delays – and sued for damages.
The liability cap provided that the ‘aggregate’ liability of ATOS shall not exceed:
for any claim arising in the first 12 months of the Contract, the Total Contract Price; or, for claims arising after the first 12 months of the Contract, the total Charges paid in the 12 months prior to the date of that claim.
The question was whether this constituted a single aggregate cap for the whole term or two separate caps. The Court of Appeal overturned the initial judgment and held that there were two separate caps – with a larger cap in the first 12 months and a smaller cap for subsequent claims – rather than a single aggregate cap, the amount of which depended on when the first claim arose.
In recent years, there have been several cases relating to the exercise of termination rights in services agreements. The most recent of these cases, Phones 4U Limited v EE Limited (2018), related to the consequences of EE terminating on the basis of an express right to terminate in the event of Phone4U’s administration. EE subsequently sought to argue that it had terminated for repudiatory breach and claimed damages for loss of contract. The court found that EE's right to terminate was exercised independently of any alleged breach (the termination letter made no mention of any breach, including repudiatory breach) and therefore rejected its damages claim for loss of the contract.