Commercial Law

 

As a (relatively) new lawyer in a (relatively) new legal department, it’s often difficult to figure out where to start. You’re often tasked with handling everything from taking board minutes to preparing the company for its upcoming information security audit to handling a contentious employee termination. The goal of this article is to help you get your arms around commercial contracting.

Form Development and Maintenance

The first thing to do is figure out what forms your company has and what they’re currently doing with them: Does the company actually have any form agreements? What do they cover? Did outside counsel prepare them? Do they look reasonable?

Depending on the answers to the above questions, there may be more or less work to do. Most companies with the resources to hire lawyers will likely have some existing standard documentation. Depending on what the company’s business is, the company will likely have nondisclosure agreements for various situations (e.g., for investors, customers, technology partners, etc.), customer agreements for various situations (e.g., maybe a design partner or beta agreement for pre-production product offerings and terms of service, customer agreements, or other terms applicable to the company’s product offerings, etc.), channel partner agreements for various situations (e.g., referral, reseller, or distributor agreements) and possibly some ancillary documents (e.g., data processing agreements, a privacy policy, etc.).

Figure out what you’ve got and start to triage. For example:

• Ask the business team where the existing documents came from. If competent outside counsel recently prepared the forms, they’re likely (though not guaranteed) to be in reasonably good shape. If the business team pulled the documents from the internet, copied them from a competitor, or they’re very old, they’ll likely need to be replaced or substantially improved.
• Think about whether the forms make sense for the company’s business. Even if outside counsel prepared the forms, they may not be 100% on-point for how the company plans to use them (e.g., business team asked for “a reseller agreement” so outside counsel sent a form, but what the business team actually needed was a referral agreement). Make sure they’re fit for purpose.
• Think about what’s not there. Does your company collect or process a lot of personal data without having a privacy policy in place or without a standard company-favorable data processing agreement? Does your company always negotiate from counterparty forms because it’s ‘faster and easier’?

Once you know what forms you’ve got, whether they’re any good, and what’s missing but needed, you can start to prioritize. Work with your business team to set your prioritization. Preparing a form agreement to use with the company’s vendors is valuable over time, but unlikely to be more valuable to the company in the short-term than an updated customer agreement and process that helps reduce the number of customer contract review cycles.

Once you have the forms you need, you also need to maintain them. Laws and use cases change, new products are released, old products are sunsetted, and you’ll learn a lot over time from the company’s counterparties about how to improve your forms to reduce review and negotiation cycles. Identify a team of internal stakeholders to work with you periodically (e.g., annually) to review the company’s current forms to determine whether anything new is needed and whether anything currently existing needs to be changed.

Customer Contracts: Process Development and Contract Negotiation

Again, the first step is to triage the current process. Who currently runs the customer contracting process? Is there one person (or a small number of people) who’s responsible for working with outside counsel and running customer negotiations? Are individual salespeople regularly reaching out to outside counsel separately? Is there a process?

Once you have your arms around what the current process (if any) looks like, you can either scrap it entirely and start fresh or start to tweak the existing process.

Speaking generally, at a high-growth company with at least one in-house attorney, legal should at least be copied on all correspondence with outside counsel. Being in the loop ensures that you can identify and extinguish bonfires before they become infernos while also getting a bird’s-eye view of the customer contracting pipeline. If your sales team is particularly seasoned, they may be able to run individual negotiations with outside counsel’s assistance without your heavy involvement. That being said, you, the in-house attorney, should usually be making that call.

There is no one-size-fits-all customer contracting process because every company and every product is different, different products may have different go-to-market strategies, and different customer bases have different expectations about what they need in a customer agreement. However, for most companies, you will generally want to gather at least the following information in a centralized place:

• Current Deal Information: What are the material business details of the deal (e.g., term, price, special terms, etc.)? Salespeople are highly motivated to close deals, but you can’t evaluate risk appropriately if you don’t know the deal terms. A form-based submission process can be a helpful way to gather all relevant deal information in a single source of truth.
• Past Deal Information and Best Practices: What has the company agreed-to in the past when it comes to certain terms? Has the company made a reasoned decision to take certain positions (e.g., with respect to IP infringement indemnification or data breach responsibility) or has the company been purely reactive and risk-tolerant? If the company has decided on certain positions, it’s important for those decisions to be documented—often companies will do this by developing a customer contracting playbook that describes the company’s ideal and fallback positions on various contentious agreement terms. These are usually informed by discussions with the company’s outside counsel, who will typically have the most up-to-date information on market standards. If the company has been purely reactive, understanding past deal terms can be helpful to understand what’s potentially acceptable at the business level but generally should not be used to dictate what the company’s positions should be.
• Insurance Information: What policies does the company have in place, who’s the insurer, and do you have a good internal contact to whom you can ask questions, get quick answers, and who will follow through on administrative matters? Larger customers expect vendors to procure and maintain common policies (e.g., commercial general liability and cyber insurance) in common amounts, and may require vendors to adhere to various administrative requirements (e.g., adding the customer as an additional insured on certain policies).
• Infosec Information: What sort of information security and disaster recovery policies does the company have in place and who’s the right person (or who are the right people) at the company to answer detailed technical questions about the company’s security posture? Larger customers expect vendors to undergo detailed information security evaluation processes and will usually require vendors to commit to some sort of contractual obligations around what those processes look like.

When involved in a contract negotiation, you can’t operate in a vacuum—you need support from the sales team, the product team, and the executive team to ensure that your deals move efficiently through your queue. Having the necessary individuals at the ready to support your negotiation (whether via internal chat or actually sitting in on the call) is crucial to avoiding wasted cycles.

The above being said, not all customer agreements should be treated equally – a multimillion dollar engagement deserves more attention than a free or low-cost proof-of-concept engagement. More generally, the more valuable the agreement is to the company’s business—whether in terms of revenues or strategic value—the more attention it should receive and vice versa.

Companies use a variety of process-based strategies to drive decision making on prioritization. For example, a B2B SaaS company may require customers spending less than a certain threshold dollar amount (e.g., $25,000-50,000 annual contract value) to use an online click-through onboarding process that does not allow for any deviations from the company’s standard forms. Beyond that threshold, the company may scale its negotiations up or down depending on customer identity or annual contract value – for example, pushing lower ACV contracts or lower-value customers onto a negotiable order form with non-negotiable terms and conditions and higher ACV contracts and higher-value customers onto a fully negotiable paper agreement. As should be obvious, the higher the ACV and the more sophisticated the customer, the more terms will be negotiated and (usually) the longer the negotiation will take.

Vendor Contracts: Process Development and Contract Negotiation

Vendor contracts are essentially the opposite of customer contracts – they’re the agreements under which your company buys and consumes various products and services. Everything that applies to customer contracts applies in reverse to vendor contracts. The more you’re spending and the harder it is to get out of the contract, the more resources you should be spending to make sure the contract allocates risks to the vendor when and where appropriate. Often, vendor contracts are very one-sided and operate more or less on a “take it or leave it” / “as is” basis. That can be fine for the low-value purchase order for paper towels, but it should be self-evidently less acceptable for a mission-critical technology contract.

As with customer contracts, the first step is to figure out what processes are already in place. Odds are if you’re coming in as the first lawyer at a relatively early-stage company, either no process exists or the process is something akin to “we send them to outside counsel sometimes, but only the really high-value ones”. The problem, of course, is that sometimes low-value contracts involve significant amounts of business risk (e.g., if they involve the processing of significant amounts of personal data or the creation of material company intellectual property).

Assuming that the existing process is either haphazard or non-existent, you should try to develop a reasonable and collaborative process for working through vendor contracts. At a minimum, that process should involve the following:

• Identify a contract owner for each vendor contract that comes through the door. That means an individual invested in this product or service making it through procurement has read the contract, understands it, and agrees that the contract correctly describes the bargain they’re making. Legal should be responsible for making sure there are no lurking time bombs; the contract owner for ensuring the terms are accurate.
  • Relatedly, the contract owner needs to provide legal with enough information to competently review the contract. What’s the product or service? How much does it cost? When does the product go live? Develop a good form-based intake process that asks all the questions to which you need the answers in order to do your job. Tell the contract owner that the contract can’t be reviewed until the form is completed in its entirety and get buy-in from the executive team for your process.
  • Often, it’s best to designate a single individual within each department to be the designated contract owner for all vendor contracts coming from that particular department. You can train that individual on what you need and they’ll learn from experience what you need for a proper and speedy review.
• Work with your finance leadership to determine the company’s risk tolerance on various types of contracts. As noted above, while you probably want to give significant time to mission-critical technology contracts, you probably don’t need to spend too much time reviewing nondisclosure agreements in non-risky departments or proverbial paper towel purchase agreements. Often you can train a non-lawyer employee to review these lower-value contracts for red flags based on a risk rubric you provide them.
• Relatedly, work with your executive leadership to determine what the company actually cares about in the contracts it cares to negotiate. The best contract review is the one that’s fit for purpose and addresses the company’s key points of risk with minimum internal effort. It’s impossible to eliminate all risks, and it’s often inappropriate or at least unhelpful to force unreasonable terms on vendors that can’t stand behind them. Spending weeks grinding out the most company-favorable indemnity possible doesn’t do the company any favors if the vendor will never be able to stand behind it. Sometimes, you can get where you’re looking to go by just negotiating in the right to cut your losses and terminate for convenience if the relationship goes sideways.

Conclusion

Commercial contracting is nuanced and difficult. Priorities differ from company to company and they change over time. If you need help determining what to focus on, or coming up with an execution strategy, please reach out to your member of the Gunderson Dettmer Strategic Transactions & Licensing team.

---

Legal Disclaimer: Gunderson Dettmer Stough Villeneuve Franklin & Hachigian, LLP (“Gunderson”) has provided these materials for general informational purposes only and not as legal advice. Our provision and your use of these materials do not create an attorney-client relationship between Gunderson and you.  These materials may not reflect the most current legal developments and knowledge, and accordingly, you should seek legal counsel before using or relying on these materials or the information contained herein. Gunderson assumes no responsibility for any consequences of your use or reliance on these materials.