The second category of IT buyers includes telecommunications service providers, medical device manufacturers, robotics companies and non-IT outsourcing service providers.

The third category above includes all levels of IT vendors, including fintech (ie, IT solutions for financial services), enterprise IT-led transformation, enterprise resource planning solution providers, software developers, and IT cloud and outsourcing service providers.

Since most of my tech practice has been devoted to helping non-technology companies buy IT products and services, I am always pleased when technology companies retain me to help them buy their own IT products and services. But there are reasons for that, which non-tech companies might appreciate.

First, technology vendors who have retained me have seen me on the other side of the contract negotiations for a customer that they are trying to sell to. They tell me that it is my approach to contract negotiations that they want emulated for their own IT purchases.

Second, because of (not in spite of) their own vendor contract “nuances”, they do not trust the contracts of other technology vendors — not at all. As tech vendors themselves, they want experienced counsel to merge a healthy “vendor contract paranoia” with commercial pragmatism.

Third, at the risk of sounding like Donald Rumsfeld, in-house counsel at tech companies tend to know what they do not know. To their credit, since their experience is exclusively devoted to selling technology, they have an informed appreciation about what they don’t know when buying technology.

Non-technology buyers of IT goods or services (eg, the public sector, financial services, hospitality, natural resources, shipping and transportation, etc), often don’t fully appreciate what they don’t know about well-crafted IT vendor contracts and related negotiations.

There are exceptions, of course, such as when the enterprise is large enough to have internal IT expertise and leadership, usually in the form of a chief information officer or chief technology officer, or when an enterprise has already been burnt on large tech procurements or transformation projects and lessons have been learnt.

When procuring IT solutions, from data analytics software development to cloud or outsourcing services, some of the key risk management considerations that technology vendors keep in mind, which non-technology buyers might also consider, include:

  • A sceptical due diligence into the vendor and the solution being offered, including know your vendor customer reference checks and related litigation searches
  • Ensure that you have a contract that is consistent with pervasive industry practices, commercial norms and accepted legal practices — regulators are watching
  • Stipulate detailed and complete operational, functional and technical performance specifications, including data formats, interoperability, service-level agreements and key performance indicators
  • Ensure you have remedies for failed SLAs and KPIs, without vendor earn-back (why pay for a service you did not receive?)
  • Contract precondition for reasonable solution acceptance testing by the customer (not the vendor)
  • Regular and frequent performance monitoring activities, including real-time dashboard and periodic reports
  • Stipulate who owns what intellectual property, since customer specifications often contain original works and methods
  • Ensure you have the clear statutory, privacy law, common law and contractual rights to provide the subject data to third-party vendors
  • Ensure the contract complies with all Bermuda laws and regulations, whether related to cybersecurity, privacy law or otherwise (including all compliance flow-downs)
  • Stipulate standard internal dispute escalation and resolution procedures before disputes are allowed to otherwise be litigated, with some exceptions.

As for the third bullet above, it remains widely accepted by lawyers who specialise in commercial technology transactions that the leading cause of IT project failure and litigation, by far, arises from the failure of the parties to share an agreed understanding of what the performance requirements of the IT goods or services contract are.

It makes excellent sense for non-tech companies to put the same quality of diligence into their IT contracts that technology companies do when they buy IT goods and services.

First Published in The Royal Gazette, Legally Speaking column, November 2024

Locations

Bermuda

Services

Corporate

Sectors

Technology & Innovation

Type

Insight

Share
X.com LinkedIn Email Save as PDF
More Publications
Appleby-Website-Insurance-and-Reinsurance
11 Jun 2025

Bermuda Paves the Way for Captive Insurers with New Stablecoin Policy

The Bermuda Monetary Authority (BMA) has announced a significant new policy framework that allows ca...

Brad Adderley
Ojeda Smith
Brad Adderley, Ojeda Smith
Appleby-Website-Insurance-and-Reinsurance
10 Jun 2025

Bermuda benefits from a strong and capital efficient regulatory regime

Bermuda’s long-term reinsurance sector is experiencing a new phase of complexity and scrutiny but ...

Max Tetlow
Cathryn Minors
Max Tetlow, Cathryn Minors
ICLG Fintech 21 cover
5 Jun 2025

Digital transformation done right (Bermuda)

As any specialised tech lawyer or technology consultant will tell you, digital transformation projec...

Duncan Card
Duncan Card
Appleby-Website-Insurance-and-Reinsurance
2 Jun 2025

2025 Global Financial Crisis Stress Test: Bermuda

The Bermuda Monetary Authority (BMA) has recently published instructions for a significant data coll...

Brad Adderley
Max Tetlow
Brad Adderley, Max Tetlow
050-Insolvency-Restructuring-Grid-Image
30 May 2025

Bankruptcy & Restructuring – To Enforce, or not to Enforce

Bermuda’s flagship restructuring process is the appointment of provisional liquidators, whose powe...

John Wasty
Sam Riihiluoma
Claire van Overdijk KC
James Batten
John Wasty, Sam Riihiluoma, Claire van Overdijk KC, James Batten
Bermuda-1024x576-1
22 May 2025

Corporate real estate acquisition in Bermuda

Corporate real estate acquisitions in Bermuda are a matter of careful balance. That is because, a...

Neil Molyneux
Jane Walker
Milaun Perott
Neil Molyneux, Jane Walker, Milaun Perott
Appleby-Website-Insurance-and-Reinsurance
22 May 2025

Long-term reinsurance and ILS are set for growth

After a record-breaking  2024, Bermuda’s life reinsurance sector is likely to expand further this...

Brad Adderley
Brad Adderley
Appleby-Website-Insurance-and-Reinsurance
15 May 2025

Bermuda: The vital role of the principal representative

Bermuda's regulatory framework requires every insurance company registered under the Insurance Act 1...

Ojeda Smith
Ojeda Smith
Employment-and-Immigration
30 Apr 2025

The End of the Digital Nomad Visa: How Else Can Individuals Reside in Bermuda?

As of 28 February 2025, Bermuda officially discontinued its popular “Work from Bermuda” (WFB) Ce...

Theodora Hand
Theodora Hand
Appleby-Website-Private-Client-and-Trusts-Practice
25 Apr 2025

Compliance with Pipa for trustees

The Personal Information Protection Act 2016, the island’s data protection legislation, applies to...

Nicola Bruce
Nicola Bruce