An IT services provider approached SLB Legal to conduct a review of its Master Services Agreement (MSA). The MSA had evolved over several years by adding and changing clauses from various contracts and customer negotiations.

Although the supplier was using this MSA as its standard IT services agreement, the terms were heavily weighted in favour of customers.

The supplier believed the MSA contract was “industry standard” because customers had accepted it over the years. However, the MSA exposed the supplier to significant and unnecessary risk.

How we helped identify the legal and commercial risks

SLB first completed a thorough review of the MSA. This MSA review identified multiple high-risk issues, including:

• All risk and responsibility allocated to the supplier: The supplier effectively accepted responsibility for every outcome, including matters outside its control.
• Uncapped and overly broad indemnities: The MSA required the supplier to provide broad indemnities (or promises to pay the customer) for any breach of the contract or any loss connected to the suppliers' activities, without a financial liability cap or liability limits.
• No customer obligations: Despite the supplier requiring customer input for onboarding, configuration, access, and rollout, the contract did not contain any customer responsibilities or obligations.
• Security and backup risk was misallocated: The supplier accepted full responsibility for data security and backups, with promises of 100% protection, even though:
  • Cyber security and backup services were an optional add-on product and not included for every customer; and
  • a 100% no-cyber attack or breach guarantee is not usually possible in practice.
• Mismatch between the contract and actual service delivery: The legal obligations and requirements on the supplier did not reflect how services were actually being delivered by the supplier, exposing the supplier to breach of contract or scope creep, even when the supplier was acting reasonably and with the best intentions.

Why was this a problem?

If the terms and conditions were left as they were, the IT services agreement exposed the supplier to:

• some wide-reaching and uncapped financial liability;
• customer claims arising from the customer's own system or third-party failures;
• delays due to customer failures or lack of customer cooperation;
• disputes about service delivery and scope; and
• potentially business-ending exposure from a cybersecurity incident due to the promise of 100% protection.

How SLB Legal helped to reduce risk and improve the IT service providers' position

We provided advice and discussed our review in depth with the supplier.

As part of this, we also conducted an in-depth interview to understand the supplier's unique service offering and delivery.

We then amended the terms and conditions to improve contract protections and based them specifically on the IT service supplier's product and service delivery.

This included the following:

• Rebalancing the risk and liability: Indemnities and legal liability were limited to matters within the supplier's control and aligned with accepted commercial positions in the IT service provider industry.
• Introduction of clear customer requirements: Inputs needed from the customers were included in the terms and conditions. This included requirements to provide information, access and cooperation, without unnecessary delay. Fair consequences for failure to provide customer inputs were also inserted.
• Clarified security and backup responsibilities: The agreement now clearly distinguishes between included services and optional add-ons, with realistic cybersecurity commitments and qualifications based on the service options.
• Aligned the MSA with actual delivery: We updated the IT services agreement to reflect how services are actually delivered by the supplier, reducing risk of breach and disputes about scope.

The Result

The supplier now operates with a commercially balanced IT services agreement, which reduces its potential liability and is aligned with its service delivery and scope.

The customised conditions help to minimise customer disputes and misunderstandings.

Most importantly, the supplier moved from unknowingly carrying all the risk to a balanced MSA and customer contract that legitimately helps protect the business.

If you need assistance to review and update your MSA, IT services or technology supply contracts, get in contact with SLB Legal today.