Negotiating a Software Escrow Agreement: Key Terms and Release Conditions | NCC Group
With third-party technology playing an increasingly critical role in business operations, it’s essential to safeguard your company’s critical software applications from potential disruptions.
A Software Escrow Agreement is a tri-party arrangement with mutually agreed terms between the software customer, software supplier, and an escrow service provider. This agreement involves securely storing the software source code for a business-critical application with the escrow service provider to ensure it’s available in case it’s needed in the future – for example, in the case of bankruptcy or a lack of support. If a pre-determined release condition is met, the escrow deposit is released to the software customer, enabling them to recreate and maintain their software application.
However, when negotiating a Software Escrow Agreement, there are several key terms and release conditions that need to be carefully considered and reviewed. In this article, we’ll explore these and provide guidance on what should be included in the agreement.
1. Deposits
One of the main issues surrounding deposits is deciding on the frequency of which they will be made. To avoid any disputes all parties must consider how frequently changes are likely to be made to the material in escrow and, from this, decide on a suitable frequency that ensures an up-to-date version of the material is always available.
All parties should agree on the following:
- What will be deposited? Will the vendor be depositing just source code or any other associated materials?
- Frequency of deposits? Will these be made daily, weekly, monthly, or yearly?
- How will the material be used on release? Will the licensee maintain the software in-house?
2. Fees
It’s important to establish who will pay which fees upfront. You can discuss any fee queries with your NCC Group Account Manager or appointed NCC Group legal representative prior to or during the negotiation of the escrow agreement.
All parties should agree on the following:
- Who will pay for escrow protection? Will the cost be split 50/50 between the vendor and licensee?
- Who will pay for the ongoing costs of escrow protection? Will one party pay the first-year annual fee and the other party pay ongoing fees, or vice versa?
3. Release Event
An escrow agreement provides you with assurance that, on the occurrence of a pre-agreed release event, you will be able to access the latest source code deposit of your software application. In the negotiation stages, all parties should agree on the release event procedures in advance so that if the situation occurs, the licensee can quickly enact its business continuity plans.
The escrow agreement will include an outline of the release event procedure and details of the application process for all parties’ reference.
All parties should agree on the following:
- What is considered a ‘release event’? NCC Group’s standard agreement includes release events in relation to bankruptcy, administration, and breach of maintenance, but we are able to expand or limit this.
- How will you protect software IPR? The licensee must be able to continue business operations in a release event.
- Time to rectify issues? Agree on a timeframe that the technology partner/software vendor will have to rectify the issue in advance to avoid any conflict further down the line. Learn more about the release process in our guide.
4. Verification
In addition to an escrow agreement, we always recommend additional levels of verification. An escrow arrangement provides the protection and assurance that the source code is accessible. However, it cannot guarantee that the building blocks required to continually maintain and support business-critical applications have been captured.
Software escrow verification assures that should the software application ever need to be recreated from the original source code, the knowledge and guidance to do so will be available.
Licensees are assured that they will be able to take over the maintenance and service of their source code if necessary. Software vendors can reassure their customers by demonstrating their commitment to best practice.
All parties should agree on the following:
- What level of verification is required? NCC Group offers verification services for on-premise and cloud applications, and while the exercises can seem daunting, our years of knowledge and experience make this process simple.
- Who is paying for the verification?
- How many verifications can the licensee request per year?
[View source.]