Out-Law Analysis | 28 Aug 2020 | 9:32 am | 3 min. read
The EBA guidelines require financial institutions to have a termination right in particular situations. Due to ambiguities in the way some of the termination rights are written, financial institutions may find suppliers seeking to negotiate the terms necessary to meet the compliance requirements due to differences in interpretation.
Written by Jas Cheema of Pinsent Masons, the law firm behind Out-Law.
In one sense, this is nothing new as termination rights are often heavily negotiated. Suppliers generally resist the inclusion of extensive termination rights, particularly where the termination triggers are broad and open-ended.
When negotiating termination rights with suppliers, financial institutions will need to carefully consider each right in the context of the overall outsourcing arrangement in order to ensure compliance with the guidelines.
Financial institutions are required to have a termination right if the supplier is in "breach of applicable law, regulations or contractual provisions".
Suppliers are likely to challenge this ability to terminate for any breach, as the market practice for outsourcing contracts is to allow termination where there is a "material breach" on the part of the service provider. However, this general practice has not as yet been set against the backdrop of the termination right stipulated by the guidelines.
Suppliers generally resist the inclusion of extensive termination rights, particularly where the termination triggers are broad and open-ended.
Bearing in mind that the termination right as expressed in the guidelines does not apply a 'materiality' threshold, careful consideration will need to be given as to whether it would be appropriate to apply such a threshold to a breach of the contract or breach of applicable law. The financial institution should also consider whether the inclusion of remedy periods would be suitable, bearing in mind the nature of the breach and whether a particular breach is in fact capable of being remedied.
The guidelines require a financial institution to have the right to terminate "where impediments capable of altering the performance of the outsourced function are identified".
It may be challenging for suppliers to accept a termination right which is expressed in this way, as it could be interpreted widely. Suppliers are likely to want a greater level of certainty as to what acts or omissions will amount to a breach.
To address this, financial institutions should analyse the underlying outsourcing arrangement to identify the potential impediments which are capable of altering performance of the service, as well as the elements which are key to providing the service. This may include scenarios such as the loss of a licence or consent which is necessary for the supplier to perform the service. This process will enable the financial institution to develop a tailored set of termination rights to address circumstances where a relevant impediment is identified, as a means of achieving compliance through a combination of those rights.
Outsourcing contracts must also allow termination where there are "material changes affecting the outsourcing arrangement or the service provider".
It is not clear from the guidelines what factors could constitute "material changes". The guidelines do, however, provide the example of service providers sub-outsourcing the function, or where there is a change to the subcontractor.
Financial institutions should consider what types of material change have the potential to affect the outsourcing or supplier; the risks posed by such changes; and the impact of such changes to the overall outsourcing arrangement. They should then consider how termination rights may be aligned to these changes. Traditional termination rights, such as termination for supplier insolvency, may form part of the suite of rights to address this requirement.
The guidelines require the right to terminate "where there are weaknesses regarding the management and security of confidential, personal or otherwise sensitive data or information". They are not clear on what constitutions "weakness".
When negotiating the outsourcing agreement, financial institutions should consider whether this right calls for a lower threshold to terminate than if the service provider were to breach, for example, the security, confidentiality or data protection provisions in the outsourcing contract.
Outsourcing contracts must allow termination where instructions are given by the financial institution's competent authority. The EBA guidelines provide an example where the competent authority is no longer in a position to effectively supervise the financial institution as a result of the outsourcing arrangement.
This requirement is relatively more straightforward for financial institutions to incorporate into their outsourcing contracts.
Regulators are looking more closely at operational resilience as an important aspect of risk management. The ability of financial institutions to manage their service supply chain to ensure continuity of service to their customers is an important aspect of this.
The ability to migrate to alternative suppliers if incumbents are unable to perform services in line with the required standards or if customer data is put at risk is a relevant consideration in this context, which goes some way to explaining the EBA's inclusion of these termination rights in the guidelines.
06 Aug 2019
22 Jun 2020