Risk Management

IACCM Council Representatives
Network Leads

This is the home page for the Risk Management Group.

Network Updates

Contract Economics - risk allocation and acceptance as a source of value creation and leakage in contracts - IACCM Europe Conference 2019

We all know that capturing and retaining value in contracts can be difficult at the best of times, especially where it is so easy for buyers and suppliers to fall into conflict. However, such conflict is often just a symptom of tension created through an inappropriate risk allocation and transfer through the contract. In this presentation, Walter explores the theory of contractual risk transfer and its impact on supplier behaviours and conflict. We discuss how contractual risk transfer can create or destroy value. Commercially fit for purpose contracts should be based on an optimum risk transfer, but how should this be achieved in practice? We look at options that organisations have in structuring contracts to get better value and outcomes from their suppliers. This presentation draws strongly on case study examples to illustrate the benefits of appropriate commercial risk transfer and how this serves as a foundation for collaboration and building better commercial relationships.


Accidental Adversaries - Transforming the hidden causes of conflict in strategic collaborations.

Inside every company, people work across functions to meet their own goals and their firm's priorities. But relationships that start out well often become adversarial over time. Transform the hidden causes of conflict in strategic collaborations.


Better Procurement: Platform vs. Panel

The use of 'supplier panels' is relatively widespread in modern procurement, especially in categories such as professional services. The concept behind them is that they bring greater speed and efficiency to supplier selection and - in theory - reduce costs. In practice, some argue, they undermine value, stifle innovation, threaten integrity and more likely increase costs.


Automating trust with new technologies

How much does trust cost your company? The OECD estimates that US$461 billion worth of counterfeit goods are sold annually. That's 2.5 percent of global trade. In other words, one out of 40 items on the global marketplace is a fake. If you're heading a company, one of your responsibilities is to make sure that none of those fake items ends up as a part in your products or, even worse, in the market with your company's name on it. Prevention typically requires big spending on duplicative testing, manual auditing, reconciliation, legal fees, insurance, and more.


Translated Contracts

Hello IACCM Forum, Does anyone have any information regarding the risks of poorly translated contracts? If so, please provide as much information as you can. Thank you. Kind regards, Isis


Limitation of Liability

I was recently having coffee with four other individuals involved in contracting for IT Professional Services. During the course of conversation one of the participants suggested that rather than having unlimited direct liability for certain aspects (breach of confidentiality, indemnification of third-party claims, gross negligence and willful misconduct) that EVERYTHING be limited to the extent permitted by law -- but then increase the limitation to a number that would cover the majority of potential issues ($5,000,000 USD was a suggestion). When questioned, the participant stated that when it comes to contracting parties where one has "deep pockets" and the other does not, having the unlimited liability may sound nice on paper, but in reality it is a one-way protection that benefits the party that does not have deep pockets. Effectively, if the party that does not have deep pocket had a very large claim against them, they could declare bankruptcy and later reorganize as a different business concern - while the deep pocket party with the same claim would be obligated to pay. Their perspective was in essence: No consequential damages; limit all direct damages to a pre-defined/agreed amount ($5,000,000 or amount that will cover 90%-95% of historic claims in the industry); and include indemnification from third-party claims in the cap. Thoughts?


Vendor financing agreements

Some (small and cash strapped) oil and gas operators are resorting to vendor financing agreements with major hardware suppliers / service providers as a way of raising the funding for their development projects. Is it really possible for the small operator, who may have limited alternatives for raising capital for his project, to negotiate a fair deal out of such arrangements. Does anyone have any experience of a vendor financing arrangement between a small operator and a major vendor which worked out well for the operator in the long run.


Limitation of liability Clause in License Agreement

Our customer is not accepting limitation to direct damages stating that "failure of the Software means we won't be able to fulfill our obligation towards customers and our liability to them. Also any limitation to direct damages is not acceptable." They are demanding 150% CAP for LoL. Can you suggest some argument or some standard guidelines on the same? How can I secure my organisation interest?


AM Contract P1 and P2 assignment based on User category

Hi, I am dealing with a contract wherein Priority 1 and 2 is assigned based on user category who raised it. If user raising Incident is VIP user then it will be raised as P1 or P2 irrespective of severity of Incident. It leads to exposure to liability to my company when any breach of single incident raised by VIP impose liability on me. Also there is no defined process as minimum number of P1 & P2 tickets quota for applicability of penalty on breach. Is there any workaround to come out of this trap ? Can I propose some changes to this arrangement ?


Additional resources

Hello everyone, Following our webinar at the end of October, I am coming back with few recommendations on the available resources on IACCM: - Ask The Expert: Mitigating Cyber Risks with Third Parties - Asia Pacific Ask The Expert: Cyber Resilience - The role of contract in the Fourth Industrial Revolution - Ask The Expert: Data Protection - the global impact of GDPR In addition to presentations above, there are few white papers that can provide more details on what what ransomware is and how it works. See, for example: - Mcafee Understanding Ransomware and Strategies to Defeat it: https://www.mcafee.com/uk/resources/white-papers/wp-understanding-ransomware-strategies-defeat.pdf - The Wannacry Ransomware: http://cert-mu.govmu.org/English/Documents/White%20Papers/White%20Paper%20-%20The%20WannaCry%20Ransomware%20Attack.pdf It would be great to see your own thoughts or resources you find useful. Kind regards, Daniela


Mitigation of Risk - Hive-Up

Company A enters contract with X for £0.5M (Implementation of IT system). No written agreement. Therefore implied terms and possible "fit for purpose" onerous obligation at common law. No liability cap. Very high risk. 18 months later. Co. A is acquired by Co. B who later wishes to hive-up A`s assets but does not wish to take on the contract with X. So Co. A remains a going concern. Staff are TUPE`d over and the work (to try to close out contract) is subcontracted to Co. B who exclude all liability to X (they would not be liable anyway - no privity). Thus Co. A is rendered a shell with the risk of being sued by X. If they did, co A has PI insurance to rely on. If that insurance policy falls over they would enter administration. This is a mitigation of risk strategy. Does anybody see any IA1986 issues or any other issues (Co. A has no creditors and as of now it is solvent and trading).


Scope Creep Issues

How to handle scope issues ?

Network Members