To outsource or not to outsource: The key issues you need to consider
By William Hedges, Senior Solicitor and Alex Green, Senior Solicitor, Macfarlanes
Published: 13 April 2017
Outsourcing is a business model that has become increasingly common in the asset management industry. Specialist outsourced service providers operating in the sector offer opportunities for a variety of efficiencies, both in terms of cost savings and service improvements.
However, while appreciating the scope of those opportunities, it is important to acknowledge that the decision to outsource also presents a variety of corresponding risks. Unless properly considered and managed as part of due diligence and in the outsourcing contract itself, these can leave asset managers with significant legal, regulatory and reputational exposure.
Five key issues
The following represent what we consider to be five of the most important considerations in this context. Each outsourcing deal will of course present its own challenges, but in our experience asset managers will often encounter issues similar to those highlighted when outsourcing one or more of their functions.
Issue 1 - ensuring regulatory compliance
In the context of outsourcing in the asset management industry, the single most important consideration when taking the decision to outsource will be how to ensure that the asset manager’s regulatory compliance is not jeopardised.
At the most basic level this will require the asset manager to comply with its obligations under SYSC 8 to conduct proper due diligence on the proposed outsourced service provider. Is it competent to undertake the functions that the asset manager wishes to outsource? Does it have a strong track record of compliance; or have there been instances of service failure or, worse, of being subject to regulatory censure?
Beyond that though, many outsourcings will involve, specifically, a transfer of aspects of an asset manager’s regulated functions (albeit that ultimate regulatory responsibility for the services cannot be delegated). FCA rules explain that the asset manager must retain the necessary expertise to supervise the outsourced functions effectively and to manage the risks associated with the outsourcing, and must supervise those functions and manage those risks.
The question therefore becomes how to ensure the outsourced service provider ensures that the services that it provides are – and will allow the asset manager to remain – fully compliant on an ongoing basis even though the service provider is not ultimately responsible for the service to the end client from a regulatory point of view.
That the outsourced service provider should commit to providing fully compliant services would at first sight seem a very basic proposition. But in fact there is usually significant reluctance by outsourced service providers to accept that their obligations extend beyond providing the services as listed and defined in the contract. Outsourced service providers will agree to meet any regulatory obligations to which they are directly subject by virtue of the services they provide, if any, but take the position that it is not for them to second guess the asset manager’s regulatory duties. Asset managers are therefore left to identify and “plug” the regulatory gaps. In many suppliers’ minds, regulatory compliance and dealing with ongoing regulatory change is fundamentally a customer issue (and indeed, a line of business for the service provider who will often expect to impose additional fees for updating the services over time – on which see issue 4 below).
The asset manager may also not be clear in practice regarding the extent to which it is required to police the outsourced service provider’s services or “step in” if it has concerns. If the service provider is not itself regulated but puts the asset manager into regulatory breach, the need to act promptly will typically be apparent. However, if the service provider is itself subject to, and in breach of, FCA rules and the asset manager knows the service provider is in discussions with the FCA, the extent to which the asset manager needs to intervene may be rather less clear-cut.
Given the rapidly changing regulatory environment (not least MiFID II, and with the lack of clarity surrounding Brexit), if anything we have seen outsourced service providers becoming more reluctant to take on any more than the minimum responsibility for their own regulatory compliance. Yet experience shows that the regulator has high expectations of firms who choose to delegate, and will typically expect them to “ensure” the compliance of the delegated services, especially if they carry key regulatory risks, as is the case for custody and client money services. With that in mind, the importance of agreeing in the outsourcing contract a clear and unambiguous apportionment of duties and appropriate escalation and monitoring/intervention measures for regulatory issues cannot be overstated.
Issue 2 - driving supplier performance
A crucial requirement in any services agreement is the inclusion of mechanisms that will properly incentivise the service provider to perform the services to an acceptable standard. At the most fundamental level, nobody (least of all end clients) will want service standards to deteriorate when an asset manager moves to an outsourced model, or for the transition process to be anything other than seamless. However, it is not uncommon for such issues to arise unless the contract allows the outsourced service provider to be held to task over its level of performance.
With that in mind, asset managers taking the decision to outsource should incorporate some or all of the following mechanisms into the outsourcing contract:
A requirement for the outsourced service provider to pay liquidated damages to the asset manager in the event of delays against the agreed timeline for transition to, and commencement of, the outsourced services.
A requirement for the outsourced service provider to pay specific service ‘credits’ to the asset manager if key aspects of the services fail to meet a contractually agreed standard.
At a minimum, an ability for the asset manager to conduct an audit of the outsourced service provider’s operations. If possible, the asset manager should have the additional right to step in and perform a more substantial oversight and management role where deficiencies are discovered.
A right for the asset manager to terminate the contract if service standards are particularly poor and move to a replacement outsourced service provider.
Critical or important outsourcing contracts will have to address the requirements in SYSC 8.1.8R, in any event, and the mechanisms above will often help the firm to meet those obligations.
We find that the mechanisms above, which seek to drive the outsourced service provider towards good service, are often most effective when combined with performance incentives where the outsourced service provider has performed at or beyond the contractually agreed levels.
Issue 3 - allocating liability
Connected with issue 2, a consideration of particular importance for an asset manager entering into an outsourcing contract will be ensuring that the outsourced service provider has an appropriate level of investment in the project. By this we mean ensuring that the service provider is on the hook for a sufficiently large quantum of damages in the event of any breach of the terms of the outsourcing contract to compensate the asset manager fully for losses it may expect to suffer. Without this, in the event of a breach of contract the asset manager may find itself with no remedy against the outsourced service provider (which evidently offers little incentive for the service provider to keep to the mark in the first place).
The task of allocating liability sensibly between the asset manager and outsourced service provider may seem a simple one in theory. However in practice this will involve the asset manager avoiding the traps of broad liability limitations commonly seen in the market under which outsourced service providers’ liability is either excluded totally or, if not excluded, is capped at a low level. Where such limitations have been agreed, from a contractual liability perspective the outsourced service provider can operate with near impunity.
Assuming such broad liability limitations can be avoided, a further consideration in this context is how certain specific categories of loss should be allocated in the contract as between the asset manager and the outsourced service provider. Having regard to the categories of loss that are most likely to befall if things go wrong in outsourcings in this sector (which in extreme cases may include fines imposed by regulators, data losses or potentially even losses of client assets) will be of material benefit should the situation arise.
Issue 4 - providing for future change
Most asset managers entering into an outsourcing with an outsourced service provider will expect the relationship to continue for a number of years at least. In the context of such a long-term relationship, it will be important for the asset manager to take steps to ensure the outsourced services will continue over time to represent good value for money and, as a priority, to develop in line with best market and regulatory practice.
This issue will need to be considered and dealt with in the outsourcing contract at the outset. The contract should both impose an obligation on the outsourced service provider to keep the services current, and explain which party must pay the costs incurred in making such service improvements over time. Otherwise, if the asset manager wishes for changes to be made to the services, the only way of achieving this will be to request an amendment to the contract. This may mean the outsourced service provider will have no obligation to agree to such an amendment and, even if it does agree, the asset manager will inevitably be required to pick up the cost.
Issue 5 - planning for exit
While most outsourcing contracts are intended at the outset to be long-term partnerships, this aspiration is unfortunately not always successful. For obvious reasons it can be difficult, or even awkward, to consider exit planning when entering into an outsourcing. The reality though is that at some stage the relationship will expire and the asset manager will need to transition to a new service provider.
Regulatory focus on this stage of the arrangement is particularly acute. For this reason asset managers do need both to consider and to properly describe in the outsourcing contract the full exit process that will be followed on termination of the outsourcing contract, and each party’s respective responsibilities at that time. Of particular importance in this regard will be to what obligations the outsourced service provider agrees with respect to transferring client and financial data to the asset manager; as well as more general requirements with respect to providing information on the services such as may be needed to allow a smooth and efficient exit.
To contact the authors:
William Hedges, Senior Solicitor, Macfarlanes: William.Hedges@Macfarlanes.com
Alex Green, Senior Solicitor, Macfarlances: Alexandra.Green@Macfarlanes.com