Contract negotiation talk often focuses heavily on pricing, but getting a deal isn’t the only objective when negotiating SaaS.
Equally important is the need to practice contract risk management with advantageous terms and well-constructed legal protections. The best-negotiated contract not only creates opportunity but avoids potential losses.
Contract risk management is a case of being better safe than sorry. Implementing good risk mitigation policies can reduce the chance your company will be one of the more than 50% that suffer a data breach or other risk incident.
Today we’ll share insight on avoiding and mitigating risk when buying SaaS software. You’ll learn the types of legal risk to be aware of, and how to better protect your organization against common contract pitfalls.
A SaaS contract is an agreement between two parties outlining the delivery of software services in return for a subscription commitment. SaaS contracts outline the price and terms of purchasing software and enumerate any rights and responsibilities each party has during the term of the contract.
Software contracts also feature service-level agreements (SLA) that dictate agreements about uptime, minimum performance, and data handling. SLAs outline the rights of the software fire in using the service and the responsibilities of the supplier for the handling, security, deletion, and disaster recovery aspects of the agreement.
Active risk management in your contracts is part of contract lifecycle management (CLM). This practice takes a continuous improvement approach to managing supplier contracts, by evaluating contract performance, avoiding and mitigating breach of contract during the contract term, and performing periodic contract reviews to ensure contract compliance and security.
When negotiating a contract with a new supplier, there are several common issues you’ll want to watch for. While weak contract protections aren’t typically nefarious or intentional, they can cost you time, profitability, and data security in the long run. When a supplier doesn’t meet its contractual obligations, your contract is the only protection from negative outcomes.
In the absence of strong contract clauses, organizations may mess the cancellation window for con tracks or software that is no longer needed. If negotiation during the contract inception didn’t address auto-renewal, companies find themselves paying termination penalties.
This type of thing may also arise If the company exceeds expected usage during the term of the contract. Exceeding stated usage may lead to overage charges for fees for premature contract changes.
Strong negotiation mitigates punitive four ancillary fees for increased usage. You should never pay more for becoming a better customer.
Companies that don’t adequately negotiate service-level agreements may find themselves at a disadvantage during a problem such as a service outage or a data breach.
Inadequate SLA protections in your contract may leave ambiguity about the rights and responsibilities your supplier has for maintaining software uptime or preventing data incidents. It may also reduce your ability to seek a remedy if strong noncompliance language doesn’t appear in the contract.
SLA protections should also extend beyond the term of the agreement in instances where the supplier is responsible for data deletion for maintenance of encrypted files for you. Beyond the contract term.
Much like service-level agreements, negotiating for strong compliance language in your contracts is vital to mitigating financial risk. Clearly defined parameters for compliance and penalties for noncompliance should be a feature of any software supplier contract.
Look for areas where the rights and responsibilities aren’t clear, or where there’s room for interpretation of the required service. Ensure that your contract requires full disclosure of any substitutions, changes in service level, subcontract of services, etc.
Although contract risk can be costly and easily flies under the radar, there are ways to detect and reduce instances of risk-related spending:
Problems with the invoice as compared to the contract terms is a strong indicator of a potential risk situation. For this reason, budgetary controls are equally important for your contract management process. They help ensure third-party supplier compliance and surface potential risks before they spiral. Any discrepancies in your invoice reconciliation should be immediately researched and discussed with your supplier.
Charges or substitutions to the products or services outlined in your SaaS software contract warrant investigation and remediation. Building a strong compliance and supplier evaluation practice can help spot non-compliance issues early and prevent financial losses incurred for remediation.
As the same goes, an ounce of prevention is worth a pound of cure. At the negotiation stage, address any areas of confusion or ambiguity in the contract language.Look for areas where you need more clarity on the intended delivery of services and the consequences and responsibilities when issues arise.
Implementing the following risk management strategies in your contract management can help you avoid third-party risk and establish better relationships with your suppliers:
Having a strong, documented set of table stakes contract requirements can help you negotiate good agreements and practice risk mitigation preemptively. Collaborate with your legal teams, security heads, finance department, and departmental stakeholders to establish cross-functional prerequisites for working with suppliers. This can minimize security risks, and regulatory risks, and reduce your overall risk exposure due to underpowered or ambiguous contract language.
Speed increases risk. When shopping around for new SaaS software tools, commit to a thorough multi-bid process with a standardized due diligence process and risk assessment.
Evaluate at least three vendors for any new contracts, and negotiate with your performed supplier to establish the best terms. Continue this process by implementing supplier lifecycle evaluations to prevent declining contract performance over time.
Building a list of trusted suppliers that meet all of your software needs can greatly reduce third-party risk from unknown suppliers and maverick software purchases. By consolidating your supplier pool into a well-managed, streamlined list, you ensure that every new purchase of software meets the minimum standards set out by your departments.
Contract and supplier management is one-half of the risk reduction equation. The other half is budgetary control. Having guidelines in place for spending, and tracking those expenditures closely will help you quickly identify deviations from approved spending and correct discrepancies with software or contract issues.
Enabling your accounts payable department with modern procurement practices supported by procurement software allows them the best level of visibility through robust reporting and change notifications.
Centralizing and automating with a contract management solution can help avoid issues such as auto contract renewals and missed termination deadlines. It provides total visibility for your contracts and allows for automated tracking, reporting, and evaluation to ensure high performance over time.
Centralizing your contract also gives you access to long-term data and trends to help you evaluate renewals as they come up.
Some contract issues are more impactful than others. Some of the most costly and common third-party risk factors deal with the handling of your service and data. Other times, the billing practices and behaviors of the supplier may warrant caution. Here are three common contract and supplier risks that can cost money if they go undetected:
Poor vendor evaluation and due diligence practices can lead to contractual risk through substandard SaaS security and encryption. What’s more, without strong SLA language, the ability to remediate issues through supplier action may be limited.
Service-level agreements outline the responsibility of your supplier to provide a certain level of service with a guaranteed amount of product uptime. In the absence of strong SLA protections, third-party risks such as outages and integrated systems failures may occur more frequently. Companies should be able to offer a strict level of service uptime and guarantee it in their service agreements.
The most serious risk to your business comes in the form of procurement fraud. While fraud can happen to any business, it’s most likely to occur in businesses that have poor budgetary controls and inadequate purchasing oversight.
You can limit the potential for procurement fraud by closely evaluating and monitoring your third-party vendors, and committing to working only with well-qualified and trusted suppliers.
When negotiating for SaaS software, it’s important to take an informed approach. Vendr helps buyers build better-performing software contracts by outlining many of the protections and practices necessary for a strong, successful contract.
Using Vendr to negotiate SaaS software agreements gives you access to comprehensive data, knowledgeable negotiation experts, and contract templates advice that can improve contract creation, save you money, and mitigate potential risks.
Contract management software can also help you automate many of the processes in your lifecycle management to ease the burden on your Legal, Procurement, and Finance teams. This can save time and avoid problems before they start.
The latest news, technologies, and resources from our team.
Ryan Neu took the stage of the largest technology conference in the world to share a solution for a problem many of us have faced: how we buy software.