Guidance

Model Services Contract – Guidance for Buyers (HTML)

Published 1 August 2023

Introduction to this document

This guidance accompanies the Model Services Contract v2.1 (2023) which has been developed by the Cabinet Office and the Government Legal Department (GLD). This document gives context to the clauses, schedules and the important areas for consideration. It incorporates the latest government policy and changes in law.

This guidance document is structured in a way which reflects the issues that are relevant at each stage of the procurement and contract management cycle. It is useful to look at this guidance document alongside the Model Services Contract when choosing a model form of contract. Where more detail is required because the subject matter is complex, more detail can be found in the Annex to this guidance or elsewhere on Gov.Uk.

If you have any comments about this document please email the Model Services Contract team at modelservicescontract@cabinetoffice.gov.uk

Foreword by Parliamentary Secretary, Alex Burghart MP

The Cabinet Office and Governmental Legal Department produce template contracts for use by government bodies during their procurements. These are designed to simplify the procurement process, and support both government and businesses by aiding assurance and reducing administration, legal costs and negotiation time.

The Model Services Contract is recommended for use for complex and high-risk services contracts with a total contract value over £20 million, where purchases cannot be facilitated by a suitable government framework. It is intended for use by commercial and legal specialists, who should carefully assess that the provisions contained in it are appropriate for the project requirements and tailor the Model Services Contract appropriately where required.

The Model Services Contract has been updated and this version replaces versions 2.0. This new version (version 2.1) contains provisions reflecting current government priorities, legislation, procurement policy and best practice.

Key changes in this version include:

• A tidier, easier to navigate, more accessible, and consistently numbered contract;
• Updates to the intellectual property rights provisions to align further with the approach to COTS software set out in the DDaT Playbook, and the drafting options set out in the Guidance Note on Intellectual Property Rights;
• Updates to the TUPE (Staff Transfer) Schedule;
• Updates to the indexation provisions, including simplified clauses and the use of relevant and appropriate indexes; and
• The inclusion of new supplier indemnities and authority termination rights, aligning the approach across the Cabinet Office Standard Contract suite.

I am pleased to support version 2.1 of the Model Services Contract and its use as the standard for suitable services contracts.

Parliamentary Secretary, Alex Burghart MP

Contract Selection Guide

This table is intended as an aid to commercial professionals in the public sector in determining the most appropriate form of standard contract for use by the public sector. Authorities should ensure the contract chosen matches the contractual requirements for their procurement. The Government Legal Department can help you decide which contract is most appropriate.

Factors to consider when choosing the right contract

Model Services Contract

A set of standard terms that may act as a starting point for negotiation on complex and/or high value services

Yes

• Where the Supplier is capable of carrying out the significant obligations contained within it
• Acquisition of services
• Where total contract charges exceed £20m
• Where contract poses a high financial risk to the Authority
• Where failed delivery of the contract poses a reputational risk to the Authority such as critical or public facing requirements
• Use of a framework is inappropriate due to high level of financial or supply risks or where modifications to the contract could be substantial or a framework does not exist
• Where what is being delivered is highly complex, bespoke or other than business as usual
• Where there is a significant transfer of resources (people, assets, etc) from the Authority or an incumbent Supplier to a new Supplier
• Where there is a significant business service or technology transformation
• The requirement justifies the use of professional, commercial, legal or negotiating resources

No

• For construction contracts
• Acquisition of commodities and goods (other than where these are ancillary to a service)
• Where a suitable Crown Commercial Service framework exists to facilitate the procurement.
• For grants

Mid-Tier Contract

A set of fixed core terms with modular, optional schedules for non-complex services or high value goods

Yes

• Where contract charges exceed the relevant procurement thresholds
• Use of a framework is inappropriate due to high level of financial or supply risks or where modifications to the contract could be substantial or a framework does not exist
• Where what is being delivered is bespoke or other than business as usual
• Where there is a non-complex transfer of resources (people, assets, etc) from the Authority or an incumbent Supplier to a new Supplier

No

• For construction contracts
• Where total contract charges exceed £20m
• Where a suitable CCS framework exists to facilitate the procurement.
• For grants

Short Form Contract

A set of fixed terms for less complex, lower value goods or services

Yes

• For the provision of non-complex goods or services.
• Total contract value is below the relevant procurement thresholds.
• Where a framework does not exist for what you want to buy

No

• For construction contracts
• For complex contracts
• When you need to transfer assets or people
• Where a suitable Crown Commercial Service framework exists to facilitate the procurement
• Where contract charges exceed the relevant procurement thresholds
• For grants

Public Sector Contract or existing Framework Contract (provided by Crown Commercial Service)

A framework contract of fixed core terms with modular, optional schedules for common goods and services

Yes

• When you would prefer to use a framework contract as your route to market
• For the procurement of goods or services which are common across the public sector
• Where a suitable framework has been set up by the Crown Commercial Service to procure those goods or services
• When the appropriate contractual provisions are already drafted for you to include
• Where you are an Authority listed in the framework contract notice

No

• For highly bespoke requirements
• When you need to make modifications to the call-off contract that could be considered substantial.
• For grants

Other considerations

Contract Tiering Tool

There is a Contract Tiering Tool which can help classify the contract (gold / silver / bronze) by assessing three criteria: value, complexity and level of risk. This tool can also help determine the criticality and level of contract management required. Not all “gold-tier” contracts will necessarily require the use of the Model Services Contract, but any contracts using the Model Services Contract are likely to be “gold-tier”.

Resolution Planning

A consideration to be made when using any form of contract is whether the preferred Supplier is heavily dependent upon the public sector or the contract is specified as being a Critical Service Contract. If so, please consider measures that will be required for Resolution Planning. For more, please refer to the ‘Resolution Planning Guidance Note’ and any other guidance published with the Sourcing Playbook on GOV.UK.

Overview of the Model Services Contract

The Contract Selection Guide outlines the factors that would lead an Authority to use the Model Services Contract. Users should also ensure that their commercial and legal advisors are consulted in the final choice.

As indicated in the Contract Selection Guide, the Model Services Contract is intended for the complex and high-risk requirements where the scope might include business transformation, operational services, outsourcing and technology development services. It is expected that this contract will be used where the total contract value is £20m or more, but its use should be determined by reference to many factors such as: the capability of the market to accept the contractual obligations, the acquisition of complex services, high levels of commercial or reputational risk and where the use of other contracting forms is inappropriate.

This Model Services Contract is intended to be used by the public sector in conjunction with their professional legal advisors. By using the Model Services Contract, users could benefit from faster completion of complex agreements as well as savings on legal costs, administration and negotiation time.

The Model Services Contract is comprised of a document set of core terms (referred to in this guidance document as the “Model Services Contract”) and a document set of Combined Schedules (referred to in this guidance document as “Schedules to the Model Services Contract”). Together these two document sets make up the entire contract. In version 2.1, the Combined Schedules are now also available as separate documents. If you would like a zip file containing these, please email modelservicescontract@cabinetoffice.gov.uk.

References in this guidance document to numbered “Clauses” means the obligations described in the Model Services Contract (i.e. the core terms document set) and references to numbered “Paragraphs” and their schedule numbers means the obligations described in the Schedules to the Model Services Contract (i.e. the Combined Schedules document set).

The Cabinet Office undertakes regular reviews of the document sets that make up the Model Services Contract to ensure that it reflects changes in regulation, law and policy. These updates are intended to be issued at least annually. If you have any feedback on the contract, please email modelservicescontract@cabinetoffice.gov.uk.

You must notify your use of the Model Services Contract by emailing: modelservicescontract@cabinetoffice.gov.uk, providing the following details: name of Authority, Authority contract manager details, Supplier and Key Sub-contractor details (if known), contract title and reference number, total value, Critical Service Contract and Public Sector Dependent Supplier status, CPV codes, summary description of services (broken down per Key Sub-contractor with approximate % and value of services being undertaken), start date and term (including extension options).

1. Before the contract is signed

1.1 Introduction

A number of topics should be addressed as early as possible in the commissioning process and ideally before the start of any procurement. Early market engagement is advised to assess potential bidders’ appetite towards any unusual or demanding requirements sought by an Authority.

Therefore, there are some sections of the Model Services Contract that Authorities need to consider as part of the procurement process, in particular:

Model Services Contract

Section A

• Clause 2 (Due Diligence)

Section B

• Clause 4 (Term)
• Clause 5 (Services)

Section G

• Clause 23 (Limitations on Liability)
• Clause 24 (Insurance)

Section E

• Clause 14.9 (Staff Transfer)
• Schedules to the Model Services Contract
• Schedule 2 (Services Description)
• Schedule 3 (Performance Levels)
• Schedule 6 (Insurance Requirements)
• Schedule 8 (Supplier Solution)
• Schedule 15 (Charges and Invoicing)
• Schedule 28 (Staff Transfer)

1.2 The Term and Contract Extensions

It is common for Authorities to use one or more contract extension periods because it gives the Authority certain rights to end the contract after the Initial Term, for example if the contract is not performing as expected or if the Authority wants to exit the contract for any other reason. The Model Services Contract contains useful provisions in Clause 4 (Term) to allow Authorities to do this. However, Authorities should carefully consider whether the use of extensions will affect whether the Authority obtains value for money. This is because using provisions to extend contracts to the next period may result in higher bids from bidders as bidders have no certainty that the contract will be extended beyond the Initial Term. If bidders have certainty regarding the term of the contract, they will be able to plan more effectively which is likely to reduce its costs and in turn reduce bids.

Authorities should decide from the outset whether it could be more cost effective to offer, for example, a 7-year contract as the Term of the contract rather than a 5-year contract as the Initial Term with a 2-year extension period.

Clause 4 (Term) of the Model Services Contract sets out the Term of the contract and provides drafting if an Authority wants the option to extend the contract beyond the Initial Term, provided such extension periods have been described in the contract notice.

1.3 Disaggregation

When procuring a service, an Authority may consider splitting the service into different service lines (for example, IT, governance, security systems) or integrating several service lines into one procurement. The nature of the services will be a key factor in deciding how easily the services can be disaggregated.

The Authority must recognise the operational and cost consequences of deciding whether to integrate services lines or not. In theory, a highly integrated solution may cost less to build and operate, but will offer more challenges (and costs) to later disaggregate. This is because the Authority will be unable to terminate and replace each service line as and when it chooses, but will have to re-procure the entire suites of services. To disaggregate services, the Authority will need to consider the following:

• For new services, the design architecture of the services and the technology that underpins the services.
• For existing integrated services or services running on existing or legacy technology solutions, what changes (if any) need to be procured during the term of the contract, or to continue with the existing solution for the full term. See the Digital, Data, and Technology Playbook for further information in relation to legacy technology, including the need to avoid future legacy IT and remediate what already exists.

Considerations:

• Ensure that the procurement strategy, upon which any course of action is based, provides evidence of alignment with long term operational strategy and technology roadmaps (at both a departmental level and market level);
• Ensure alignment with government standards where applicable; and
• Maintain the flexibility of the architecture of technical services provided.

The Authority must ensure, during the procurement process and during the term of the contract that the Supplier does not create and implement services which have the effect of lock-in, either through technical or operational means, or by creating a commercial barrier to switching Supplier. To mitigate this risk, the following obligations are put on Suppliers:

• Use standard and compatible technology and service components in the provision of the services unless approved by the Authority’s service design Authority;
• Provide a compatibility mechanism for service components to communicate with other services (such as application programme interfaces or APIs); and
• Provide a migration plan, which facilitates switching to a new Supplier.

The way the services are delivered should avoid lock-in both at individual service level, but also at any level of integration above this. This is essential if the Authority is to realise the flexibility it has designed in to allow for disaggregation. Both Authority and Supplier should remain alert to the fact that not only technical or operational mechanisms can be used to create “lock-in”, commercial mechanisms can equally create a barrier to switching to a new Supplier. See the Digital, Data, and Technology Playbook for further information in relation to open and interoperable data and software.

Where the Authority opts to have different suppliers providing disaggregated services, it can be important to ensure suppliers work together. Version 2.0 of the Model Services Contract introduced Collaborative Working Principles in Clause 5.5 of the Core Terms. This requires the Supplier to cooperate and work with other suppliers that the Authority notifies the Supplier of throughout the contract. Note that where an Authority notifies the Supplier of more suppliers it needs to cooperate with, which it did not price into its bid, this could result in additional costs for the Supplier, which may be passed on to the Authority. If an Authority has more detailed requirements for cooperation and alignment, these should be included in Schedule 2 (Services Description).

1.4 Social Value

Social Value is defined in the Model Services Contract as the “additional social benefits that can be achieved in the delivery of the Contract, set out in the Authority’s Requirements”. This means the Authority’s Social Value requirements should be considered from the outset and set out in the Authority’s specification. The relevant sections of the Model Services Contract that are covered by Social Value are:

Model Services Contract

Section B

• Clause 5 (Services)

Schedules to the Model Services Contract

• Schedule 2 (Services Description)
• Schedule 3 (Performance Levels)
• Schedule 4 (Standards)
• Schedule 8 (Supplier Solution)

The Public Services (Social Value) Act 2012 came into force on 31 January 2013, requiring Authorities who commission public services to consider how they can secure wider social, economic and environmental benefits in the area where the Authority exercises its functions. This includes Central Government Bodies and Local Authorities.

Social Value should be explicitly evaluated in all relevant Central Government procurements using the social value model set out in PPN 06/20 - Taking Account of Social Value in the Award of Central Government Contracts. The social value priorities selected and the establishment of Social Value targets (see below), must be related to the subject-matter of the contract and comply with the general principles of equal treatment, non-discrimination and proportionality.

Schedule 2 (Services Description) provides a space where the social value priorities to be delivered can be set out by the Authority. Schedule 8 (Supplier Solution) should also include how the Supplier will deliver these priorities.

The Authority should use the Model Award Criteria and Reporting Metrics set out in the procurement documentation and in the tenderer’s proposals to establish social value targets (Social Value KPIs and/or Social Value PIs). Where the successful bidder proposes specific commitments in its tender proposal which are in addition to the above, then such commitments will also be used to establish Social Value targets. All such Social Value targets, being specific, measurable and time-bound commitments, will always comprise a combination of a deliverable and a numeric element, by which performance of that deliverable is to be measured.

Authorities should discuss with participants during pre-market engagement whether the market in question has a mature Social Value offering. Where appropriate to do so for markets which have a mature Social Value offering, Social Value targets should be designated as Social Value KPIs in the procurement documentation, meaning they will be treated the same as other KPIs that apply to the Operational Services, and should be set out as key performance indicators in Table 1 of Part A of Annex 1 of Schedule 3 (Performance Levels)), with appropriate Severity Levels and Service Points applied. When determining what are such appropriate levels, the Authority should consider what is proportionate in the context of the subject matter of the contract and its value, what is feasible in the circumstances, whether they provide sufficient incentive without driving up cost. The Authority should also consider whether Social Value goals are better served in each instance by tying Service Points to the input cost of meeting the Social Value KPI or to the output benefit which meeting the Social Value KPI is expected to bring.

For other, less mature, markets, Social Value targets should be designated as Social Value PIs, meaning they will be treated the same as the other subsidiary performance indicators set out in Table 2 of Part A of Annex 1 of Schedule 3 (Performance Levels), with appropriate Target Performance Levels and Service Thresholds. Social Value KPIs and/or Social Value PIs will also need to be reported on as part of the Performance Monitoring Report. See sections 3.2 and 3.4 below for further information about how KPIs and PIs operate in practice. For the avoidance of doubt, if a Social Value target has been designated as a Social Value PI then Service Points will not be an appropriate remedy for Authorities.

Suppliers should also report a summary of their performance in relation to any Social Value KPIs or Social Value PIs through the Balanced Scorecard Report. The provisions are found in Schedule 4 (Performance Levels) Part B, paragraph 1.3. A record of the Supplier’s Social Value bid should also be included in Schedule 8 (Supplier Solution).

Note: To improve the transparency of contract performance, it is the Government’s intention to publish the top KPIs on the vast majority of contracts. In order to achieve this, there is an additional requirement to choose the most important Social Value KPI or Social Value PI which can then be published. Authorities can indicate to Suppliers which Social KPI or Social Value PI will be published using the table the key performance indicators set out in Table 1 or Table 2 of Part A of Annex 2 of Schedule 3 (Performance Levels). For further information on this requirement, please consult Section 4 of the Guide to using the Social Value Model (PDF, 279 KB).

Social Value can include environmental benefits and in January 2018, through the Government’s 25 Year Environment Plan, the Government committed to removing single use plastics from the government estate by 2020.

In 2019, the Government amended the Climate Change Act 2008 by introducing a target of at least a 100% reduction in the net UK carbon account (i.e. reduction of greenhouse gas emissions, compared to 1990 levels) by 2050. This is otherwise known as the ‘Net Zero’ target.  Suppliers of major Government contracts (i.e. goods, services or works contracts with an anticipated value of £5m or more per annum) are required to set out their plans to achieve the 2050 target when bidding for Government contracts.  This is set out in PPN 06/21 – Taking account of Carbon Reduction Plans in the procurement of major government contracts.

The Sustainability Annex to Schedule 4 (Standards) is designed to provide a starting point for environmental and sustainability requirements in any procurement. Authorities are expected to tailor the annex to their specific procurements. Version 2.0 of the Model Services Contract streamlined some of these existing environmental and sustainability requirements as well as introducing some new sustainability requirements, for example around the Public Sector Equality Duty, in line with PPN 01/13 – Public sector equality duty, PPN 06/21 mentioned above, and the Government Buying Standards. Version 2.0 also introduced some optional sustainability requirements that Authorities may find helpful to include in their procurements, depending on how appropriate, relevant, and proportionate these are to the subject matter of the procurement. If a reduction in waste or emission is required, Authorities should consider linking the reduction to key performance indicators, addressing this through Social Value, or including reduction requirements as a project specific sustainability clause. Authorities should always ensure that requirements are relevant, proportionate or achievable in the procurement.

1.5 Risk, Liabilities and Insurance

The relevant sections of the Model Services Contract that are covered by risk, liability and insurance are:

Model Services Contract

Section A

• Clause 3.8 (Wilful Misconduct Indemnity)
• Clause 5.3 (Breaches of Applicable Law Indemnity)

Part B

• Clause 9.7 (Optional Goods-related Indemnities – Recall of Goods; Loss or injury occurring in the course of delivery or installation of Goods)

Section C

• Clause 10.5 (VAT Indemnity)

Section E

• Clause 14.7 (Employment Indemnities) – for Supplier and Authority
• Clause 14.8 (Income Tax and National Insurance Contributions Indemnity)

Section F

• Clause 17 (IPRs Indemnity)
• Clause 21.1 (Data Protection Legislation / Clause 21 provisions Indemnity)

Section G

• Clause 23 (Limitations on Liability)
• Clause 24 (Insurance)

Schedules to the Model Services Contract

• Schedule 6 (Insurance Requirements)
• Schedule 27 (Conduct of Claims)
• Schedule 28 (Staff Transfer) (Staff Transfer Indemnities) – for Supplier and Authority
• Schedule 31 (Processing Personal Data) – Joint Controller Agreement – Clause 7 – liability for data protection breaches

1.5.1 Introduction

From April 2019 the approach to the management of risk in the Model Services Contract changed. There is a clear policy detailed in the Sourcing Playbook that suppliers should not be expected to take on unlimited liabilities other than the small number of incidences where this would not be lawful or where a commercial cross-government policy has been agreed. These unlimited liabilities are explained fully in Annex 1. The Model Services Contract reflects this position.

Annex 1 provides a more detailed overview on risk, liabilities and insurance as it works in the Model Services Contract. Other guidance such as the Sourcing Playbook and the ‘Risk Allocation and Pricing Approaches’ (PDF, 1,020 KB) guidance note supplement the information in this document.

1.5.2 Assessment of Risks in the Contract

Both parties should be clear as to the risks each party is required to bear so that they can make provision for mitigating and managing these risks at the most economical level for all parties.

In conducting the risk assessment exercise during the pre-procurement, procurement and contract formation stages, it is important to keep in mind the following principles, based on good commercial practice:

• Risk to reside with party best able to manage;
• Ultimately, all risk resides with the Authority;
• Reduction of risk vs transfer of risk;
• Management and mitigation of risk is rarely possible within the bounds of the contractual levers alone;
• Measured and manageable levels of risk balance between the parties;
• Good risk assessment methodology; and
• Areas of the contract to give attention to, given specific project risks and external factors.

Authorities are advised to adopt a structured approach to the identification and assessment of the risks in the contract. There is a recommended approach to use below and this is explained in more detail in Annex 1 of this guidance.

• Risk identification: Identifying Supplier and Authority risks to the delivery of the service and in any foreseeable phases such as transition, partial termination and exit.
• Risk assessment: Assessing the identified risks in a systematic way, qualitative and quantitative, to allow all parties to fully understand and manage individual and aggregate risks.
• Risk allocation: Determining which party carries or is best placed to carry each risk and manage it appropriately.
• Insured risk: Mitigation of some identified risks that may be coverable by commercially available insurances.
• Specific liability limits: Setting justifiable limits of liability for each risk holder after a risk has been assessed and its impacts have been quantified.
• Residual risk and liability limits: Setting the limit of liability for a set of unmitigated risks by reason and negotiation.

The approach outlined above is aimed at developing a methodical identification of key risks, such that provision for managing those risks is at a realistic and appropriate level. The level at which a residual “catch-all” liability has to be carried by the parties should then be reduced, thereby moderating or ideally eliminating the commercial challenges to both parties of the overall limit of liability, referred to as the residual risk above.

See also, the documents published by UKGI, and HMT, in respect of contingent liabilities.

1.5.3 Insurance

Having identified a risk associated with the services that will be provided by the supplier, a decision is needed as to who will meet the financial consequences of that risk should it crystallise. There are three main options for consideration:

• Commercial insurance: The Supplier pays a commercial insurer to take on the risk on their behalf.
• Supplier self-insures: The supplier must meet the financial consequences itself from its wider funds, provided the Supplier has wider funds.
• Authority self-indemnifies: The risk is transferred back to the Authority and the losses are met from public funds.

Depending on the risk profile of the services, one option above may be used or a mixture of all three.

Some insurance is required by law, for example Employer’s Liability insurance and some insurance is required by regulation, such as Professional Indemnity Insurance for certain professions.

Note: Not all contract risks can be covered by commercially available insurance.

The Authority (supported by a professional insurance adviser as necessary) should analyse and evaluate the relevant insurance requirements as part of the bidding process.

1.5.4 Key Negotiation Issues on Liability, Indemnity and Insurance

The historical approach for many contracts has been to use the overall liability limit to cover all risks. Authorities and Suppliers have in some cases found themselves negotiating a limit of liability which does not necessarily reflect the real risks in the contract. While it remains commercially reasonable to relate the total limit of Supplier liability to the earnings it gains from the contract, for some contracts this has proven to be inadequate compared to the real losses incurred when certain risks materialise. For other contracts, such a limit may be prohibitive for some Suppliers.

Note: Unlimited indemnity cannot be insured for. However, the contract only requires this in very limited circumstances where it is absolutely necessary to protect the Authority (e.g. for third party intellectual property rights claims where it is impossible to estimate the potential resultant costs and the responsibility lies properly entirely with the owner and licensor of the intellectual property rights.)

Self-insurance. Some suppliers offer this as standard and it should be considered by the Authority because properly-sized self-insurance could improve the overall value-for-money of the contract. Authorities should consider carefully the risk attached to a self-insurance arrangement and take a decision based on the contract’s circumstances (for example the Supplier’s financial robustness in relation to the size and probability of risk and the need for continuity of service in case of a major incident). Self-insurance requires significant financial strength and such a requirement could limit the number of prospective bidders.

Negotiations around limits of liability often include Suppliers wanting to limit their liability to the contract value or Authorities wanting to raise the limits or insist on unlimited liability for default. Unlimited liability is generally disproportionate and can have the effect of deterring bidders and raising prices due to the inclusion of large risk premiums. It is unreasonable to argue for unlimited liability for general default, and runs contrary to government policy on growth and supporting business.

1.6 Due Diligence

The relevant sections of the Model Services Contract that are covered by due diligence are:

The Model Services Contract

Section A

• Clause 2 (Due Diligence)

Schedules to the Model Services Contract

• Schedule 15 (Charges and Invoicing)
• Schedule 22 (Change Control Procedure)

Due Diligence refers to reasonable discovery activities which are undertaken by the Supplier before the contract is signed. When the Authority awards a new contract, it should want Suppliers to understand everything about the services that are requested, what constraints other contracts or the environment places on the Supplier and what people or equipment are currently available to perform those services. Having a good understanding of the Authority’s needs and the way that the service is intended to work allows the Supplier to bid a price for the services that significantly reduces risk pricing for these components.

The Authority must fully support bidders to carry out Due Diligence activity by:

• collating comprehensive, accurate and relevant information and data in good time before a procurement commences
• allowing sufficient time to review the data
• providing access to the data (e.g. to sites, data, personnel, etc.)
• providing information and reasonable assistance to bidders in undertaking their reviews.

It is incumbent upon Authorities to decide what constitutes sufficient time. This will be determined by the complexity of the requirement and should, where possible, the views of bidders should be considered.

It is recommended in line with procurement policy that Authorities engage with the marketplace ahead of commencement of the formal procurement in order to fully understand what information potential Suppliers would need in order to provide fully costed bids, capable of acceptance. Sometimes this information may need to come from an incumbent Supplier. Authorities may also consider commissioning an independent discovery exercise in order to be able to provide bidders with a robust set of relevant information. Special consideration should be given to employment information regarding staff that may be eligible to transfer to the new Supplier under the TUPE regulations. This subject is dealt with at greater length in section 1.7 of this guidance.

Clause 2 (Due Diligence) explains to bidders that the Authority is unable to give any warranties (promises as to the state or condition of something) or assurances with respect to information supplied or the Operating Environment. The Authority should expressly avoid giving any such warranties. If the Supplier has any concerns about the information provided or the Operating Environment, the Authority can make use of the Allowable Assumptions provisions in Schedule 15 (Charges and Invoicing). The Allowable Assumptions provisions allow the Supplier to set out any identifiable risks and ensures that the contract price changes only if those risks materialise.

During the procurement process, Due Diligence information is often collated in a data room (this can be held within any e-sourcing portal in use by Government departments) to which all bidders are given equal access. Typical Due Diligence requests relate to details of third-party contracts, asset registers, building rental or lease agreements, service demand information and comprehensive staff information. The Authority will place relevant information that bidders will need in the data room. Bidders can review the information in the data room and ask clarification questions about the data during the procurement process. Some information about the existing services will be necessary, in particular if the contract requires these to be run by the incoming Supplier. Often obligations are placed on current Suppliers to provide such information during the contract exit. The Authority should check the exit provisions on the current contract if data needs to be obtained from an incumbent Supplier.

If bidders have not had the opportunity to complete their Due Diligence process it may take longer to negotiate the contract, or produce cost escalation and lead to commercial disputes post contract signing. Authorities should always try to provide the required information before using the Allowable Assumptions mechanisms. The Allowable Assumptions should only be used in exceptional circumstances, for example, when the information is not available at the requisite time.

Where it becomes clear that:

• The Authority is unable to provide access to reasonably requested sites or information;
• Due Diligence information is critical to the solution design or delivery costs and it is unreasonable to expect the bidders to carry the risk that the information is accurate (e.g. because the information may have been produced by a third party); or
• The bidder has advised the Authority that it cannot acknowledge it has all the required information

then the Authority may include, as part of the tender, a range of detailed cost implications and agree Allowable Assumptions to cover these gaps in the due diligence information. To avoid using the Allowable Assumptions provisions, Authorities should make every effort to ensure that bidders have sufficient time to complete their due diligence and, where necessary, consider extending deadlines to ensure sufficient time is afforded.

1.6.1 Allowable Assumptions

Clause 2 (Due Diligence) seeks to remove the need for bidders to price risk invisibly within their bids due to incomplete information, by requiring the bidder to price risk transparently as “Allowable Assumptions”. This ensures that the contract price will only change if the risk materialises and that the potential increase in price is made clear from the outset.

Schedule 15 (Charges and Invoicing) Part C, covers the procedures for agreeing these Allowable Assumptions and dealing with instances where the assumptions are wrong. Schedule 15 Part E adds the requirement to price with sufficient granularity to understand the cost components of each service line.

The provisions in Schedule 15 (Charges and Invoicing) Part C, paragraph 6 allow Authorities to set out what data bidders have concerns about (if any). Bidders can then set out how different factual scenarios will affect the costs associated with delivering the contract.  The data is set out using the table in Annex 5 of Schedule 15. This Allowable Assumptions table and the associated provisions gives Authorities some certainty about the cost implications of different scenarios so Authorities can fairly evaluate different bids.

If any of the Allowable Assumptions crystallise once the contract has been awarded, the Model Services Contract ‘Change Control Procedure’ allows Suppliers to request a change to the contract (including changes to the contract charges). Any change will need to be carefully considered by the Authority because it may affect the legitimacy of the procurement process and any contract modification will need to be lawful under the Public Contracts Regulations 2015.

1.6.2 Key Negotiation Issues for Due Diligence Information

Once the Authority has decided which Allowable Assumptions are in scope, bidders should be asked to identify the specific Allowable Assumptions in the format provided. If the Authority does not include an Allowable Assumption against which a bidder can set out their range of prices, then the bidder will have to price the risk in its bid. The price-variation mechanism for Allowable Assumptions should include a time-limited resolution period. For some data this may be a few weeks. For more complex issues, during which any required price adjustment must be made in accordance with the provisions of Schedule 15 (Charges and Invoicing), this period should be agreed between the bidders and the Authority. All Allowable Assumptions are negotiable, so the Authority should only accept them when they can be justified; there is also the option of providing further information to remove or mitigate the impact of an Allowable Assumption.

1.7 Staff Transfer

The Supplier’s staff who perform the services are an ‘asset’ and will inherit rights under UK legislation. The Model Services Contract contains a range of Staff Transfer obligations to cover most scenarios. These are found here:

Model Services Contract

Section E

• Clause 14.9 (Staff Transfer)

Schedules to the Model Services Contract

• Schedule 28 (Staff Transfer)

For situations when the Authority is transferring an existing service to a new Supplier, or the Authority is replacing an existing Supplier to whom the Authority had outsourced the Services previously, then the Employment Regulations (‘TUPE’) will apply on commencement. Clause 14.9 (Staff Transfer) and Schedule 28 (Staff Transfer) should be modified accordingly. The Schedule will then need to set out the respective obligations of the parties to any transferring employees and will need to ensure that the Authority complies with the Cabinet Office Statement of Practice on Staff Transfers in the Public Sector.

In Version 2.1 of the Model Services Contract, there is new and updated guidance on Staff Transfer at the start of Schedule 28 (Staff Transfer), including when Parts A-D should be used. Part E (Staff Transfer on Exit) applies to every contract, regardless of whether TUPE applies at the outset. Please read this carefully.

In respect of data protection and collecting and sharing any information about transferring employees, Authorities may like to refer to the ICO’s Disclosure of employee information under TUPE guidance document (PDF, 230 KB).

Note: In all cases, the Authority should seek appropriate legal advice on the matter as there may be revisions to reflect the staff transfer law prevailing at the time of issuance.

1.7.1 Pensions

The pensions provisions cater for scenarios where the transferring staff are current or former civil servants and also contains provisions to cover staff participating in (or eligible to participate in) the NHS Pension Scheme or the Local Government Pension Scheme. This means that different provisions will be required if transferring staff belong in different public sector schemes, so Authorities will need to select these from Schedule 28 (Staff Transfer). If the Contract involves staff eligible for other public service pension schemes then legal advice should be taken on additional drafting.

1.7.2 Stranded Redundancy

In a situation where it is known at the start of the contract that the termination of the Services (or a part of the Services) may lead to TUPE not applying, this may leave employees of the Supplier (or Sub-contractor) “stranded” and the employer facing redundancy costs. In this case, Authorities may wish to seek legal advice as to the appropriate provisions. Authorities will need to decide on a case-by-case basis whether it is necessary or appropriate to include such wording at the commencement of the services or whether it would be more appropriate to withhold the provision of any indemnity until the termination of the contract as part of the exit management and negotiation. It is anticipated that it will be more appropriate for the wording to be used in the latter scenario. Legal advice should be sought from the TUPE Hub.

1.7.3 Transfer of the Civil Service Compensation Scheme

In Part A (Staff Transfer At Start Date – Outsourcing From the Authority), a new clause has been added to deal with the transfer of those transferring Authority employees who are eligible for compensation under the terms of the Civil Service Compensation Scheme (‘CSCS’), immediately prior to transfer.

The right to compensation remains, where the employee was eligible under or in accordance with the rules of the CSCS, in accordance with the rules of the CSCS applicable at the time at which the employee becomes entitled to such compensation (including voluntary or compulsory redundancy).

However, Suppliers are still able, where it is lawful to do so, to agree a contract change in the future e.g. as part of a package, if the Supplier is looking to change employment terms and conditions which removes the right to the enhanced CSCS terms, but this is a matter for the new Supplier. Authorities should be aware that there may be times when the Scheme Administrators are unable to assist in CSCS comparable calculations, but the Authority should endeavour to assist Suppliers.

Suppliers are advised to check the Civil Service Pensions website for the current CSCS terms: Civil Service Compensation Scheme (CSCS) - Civil Service Pension Scheme.

The CSCS is not a collective agreement but is a statutory scheme in respect of which a dynamic application is appropriate. Suppliers should not put anything in their staff handbooks which undermines the dynamic interpretation.

2. Building the Services

The relevant sections of the Model Services Contract that deal with building the services are:

Model Services Contract

Section B

• Clause 6 (Implementation)

Section F

• Clause 16 (Intellectual Property Rights)
• Clause 21 (Protection of Personal Data)

Section H

• Clause 25 (Rectification Plan Process)
• Clause 26 (Delay Payments)

Section J

• Clause 43 (Disputes)

Schedules to the Model Services Contract

• Schedule 12 (Software)
• Schedule 13 (Implementation Plan)
• Schedule 14 (Testing Procedures)
• Schedule 15 (Charges and Invoicing)
• Schedule 22 (Change Control Procedure)
• Schedule 23 (Dispute Resolution Procedure)
• Schedule 24 (Reports and Records Provisions)
• Schedule 31 (Processing Personal Data)
• Schedule 32 (Intellectual Property Rights)

2.1 Introduction

All contracts with a new Supplier will require that the services and solutions are either built from scratch or as an adaptation of existing services. The controls for implementing the services are described in this section of the guidance. The controls for managing performance during the contract are described in Section 3 of this guidance.

The Model Services Contract sets out the process and controls for building (or adapting) and then implementing the services through the:

• Outline Implementation Plan
• Virtual Library
• Detailed Implementation Pan
• Testing
• Intellectual Property Rights

Detailed implementation plans, including test and acceptance criteria, can be developed after contract signature.

2.2 Outline Implementation Plan

An Outline Implementation Plan (‘OIP’) is developed and agreed prior to contract signature; it will then be inserted into Schedule 13 (Implementation Plan) at the Annex. While the Supplier may choose to develop the plan using a recognised Project Management tool or spreadsheet, it is important to capture the key milestones in the format described in the Annex of the schedule. This is because more detail should mitigate the risk of disputes later. In particular, the Authority should agree what dependencies the Supplier has on the Authority and the list of deliverables that will be incorporated within the milestones.

Some milestones will trigger payment, or the movement of services from the implementation phase into the operational phase, known as ‘Authority to Proceed’ (‘ATP’) milestones. Other milestones may be checkpoints that allow for continuing payments for services or rebates on payments if performance is not of the desired level. These are known as ‘Contract Performance Points’ (‘CPP’) and these will be identified in the OIP. When setting out the OIP milestones both the Authority and the Supplier should understand that a milestone will not be deemed to be completed until all deliverables, including acceptable test results, are produced.

2.2.1 Piloting Services

The Sourcing Playbook and guidance on piloting services (PDF, 1,028 KB) explains that there is a presumption that any change in the delivery model relating to a complex service should be piloted first. For example, this might happen when an Authority chooses to outsource something for the first time. Equally some service contracts can be complex and could introduce too much risk for all parties if all the services were to be implemented simultaneously. In both of these scenarios, the implementation plans may be broken down into service lines with each having their own milestones, Authority To Proceed and Contract Performance Points.

The standard implementation provisions in the Model Services Contract use contractual milestones to ensure that the Supplier meets set standards during the implementation period. These provisions could be used to run a Pilot phase before a scaled-up delivery of services is rolled out if the milestones are met and if the Authority provides a milestone achievement certificate after the Pilot phase.

When running a Pilot phase, the Authority may want to reserve the right not to proceed after the Pilot, even if the implementation milestones are met.  The Model Services Contract should therefore be amended to allow the Authority to terminate the contract at its own discretion and at no cost after the Pilot has finished.

See chapter 6 of the Digital, Data, and Technology Playbook for further information about piloting solutions for digital, data and technology projects and programmes.

Note: Authorities should take legal advice to ensure that such an amendment does not affect any other provisions in its contract. There may be other amendments across the Model Services Contract to consider. Authorities should also take legal advice to ensure that any Pilot is compliant with the Public Contracts Regulations 2015.

2.3 Virtual Library

The Virtual Library is described in more detail in Section 3 of this guidance. No later than 8 weeks prior to Operational Service Commencement Date, Suppliers must establish a Virtual Library (also known as a data room) to serve as an online repository for all service information related to the contract. The Virtual Library is subject to KPIs and milestone payments at the initiation of the contract. Schedule 24 (Reports and Records Provisions) sets out the obligations on Suppliers and includes a table in Annex 3 of that schedule of the records and documents that need to be uploaded to the Virtual Library and maintained as complete.

2.4 Detailed Implementation Plan

Within 20 days of the contract being signed, the Supplier must produce a Detailed Implementation Plan (DIP) and submit it in draft form to the Authority. The content and process for approving the DIP is described in Schedule 13 (Implementation Plan) at paragraph 3. Any key element (e.g. dates or deliverables) described in the OIP may not be changed without the Supplier submitting it through the Change Control Procedure, unless it is due to an Authority Cause. The DIP may be an expansion of the OIP but it should be set out using a recognised Project Management tool agreed by the Authority. While the Authority has the ability to disagree with the DIP and reject it, the Authority should act reasonably in exercising this right because if there is a disagreement between the parties, they will need to follow the Dispute Resolution Process, which can prove to be onerous and time consuming.

The DIP will be an important working document throughout the implementation of the services. The milestone deliverables, including test deliverables, must all be completed before a milestone is given achieved status. Authorities should set up a process for the monitoring of deliverables against each milestone. Achievement of a milestone will be marked by a ‘Milestone Achievement Certificate’, as described in Schedule 14 (Testing Procedures) paragraph 13. Where milestones have been designated as Authority To Proceed or Contract Performance Points (see above), the Authority will agree the success criteria and any pre-conditions with the Supplier and list these in Schedule 14 (Testing Procedures) in the table in Annex 4.

2.5 Testing

Testing is a subset of the implementation plan, but nevertheless an extremely important aspect especially where system, technology or process development is concerned. See chapter 6 of the Digital, Data, and Technology Playbook for further information about testing solutions for digital, data and technology projects and programmes. The Model Services Contract is designed to progressively specify the testing and reporting of testing, in increasing levels of detail as the need to test a particular system/service nears.

• Test Strategy: Within 20 days of contract signature, the Supplier is obliged to produce the Test Strategy document that will provide the high-level process for how testing is to be done, who will represent the Supplier, what will be required to conduct the tests and how they will be reported. This strategy document may have been requested as part of the bidding process, so it would be finalised and agreed soon after the contract is signed. The requirements for the Test Strategy are in Schedule 14 (Testing Procedures) paragraph 4.
• Test Plans: At least 20 days before any specific test is due to be conducted (dates specified in the DIP), the Supplier must submit a Test Plan for approval. The Test Plan will have more detail with the minimum requirements as set out in Schedule 14 (Testing Procedures) paragraph 5. The Authority has the right to reject the Test Plan however, any disagreement will need to be resolved via the Dispute Resolution Process.
• Test Specifications: Test specifications are the lowest level of detail that a test should include; this includes test scripts, test data requirements and resources for the tests. These specifications must be provided to the Authority for acceptance at least 10 days prior to the test date. The requirements for the Test Specifications are set out in Schedule 14 (Testing Procedures) paragraph 7.
• Testing and Reporting: The Supplier will normally carry out the testing exercise, although the Authority may participate in certain parts, this will be agreed in the plans. Prior to submitting any deliverables from the testing, which will be part of a milestone, the Supplier should check the deliverables using its own quality assurance processes. Schedule 14 (Testing Procedures) paragraph 8 specifies each party’s obligations for testing and the minimum content of a Test Report while paragraph 9 deals with how issues should be logged and reported.

Note: Authority representatives have the right to witness any of the tests and review test documentation without having to participate in the test itself. The Authority also has the right to perform a Test Quality Audit subject to what was agreed in the Quality Plan (see Schedule 14 (Testing Procedures) paragraphs 10 & 11). When testing has been completed satisfactorily, a Test Certificate will be issued; if the successful testing completes the deliverables for a milestone, a Milestone Achievement Certificate may also be issued.

Note: there is a subtle difference between ‘acceptance of’ a service and Authority to Proceed (ATP); the ATP ensures that the Supplier retains the risk of failing to meet the agreed specification (see Schedule 14 (Testing Procedures) paragraph 2), so the Authority should never ‘accept’ a service.

2.6 Key Negotiation Issues for the Outline Implementation Plan

One of the most important documents to get right before contract signature will be the Outline Implementation Plan. The Authority should seek to obtain an Outline Implementation Plan that is as detailed as possible at the relevant stage of the procurement process and should ensure that it works with bidders to understand the information they need to support the development of a sufficiently clear plan. Key outline plans should be submitted and evaluated as part of the tender. The Authority should obtain as much commitment from the Supplier as it can, ensuring that it is satisfied there is sufficient detail to hold the Supplier to account once the contract is in place. This should also include agreeing details of the acceptance criteria and pre-conditions for Authority To Proceed and Contract Performance Points.

Negotiating the Test Strategy and, possibly, some elements of the Test Plans as part of the bid process will both help to evaluate the Supplier’s credibility and will provide a sound base for finalising these documents once the contract has been signed.

2.7 Intellectual Property Rights

In every contract relating to the provision of goods or services where intellectual property rights (‘IPR’) exist, the Parties should look carefully at the issue of ownership and licensing of IPR in the items that are to be delivered under the contract. The provisions around the disposition of IPR have been carefully drafted to represent a fair commercial position. However, as referenced in chapter 8 of the Digital, Data, and Technology Playbook, and the Intellectual Property Rights Guidance Note (PDF, 268 KB), IP ownership should be considered on a case-by-case basis, weighing commercial benefits and risks to maximise long-term value. Authorities may like to consider alternative ownership and licensing options, taking into account factors such as cost and incentivising Supplier innovation, as well as any desire or requirement to use the IPR beyond the current contract. For example, publishing software on an Open Source basis or other knowledge assets under the Open Government Licence under public sector information legislation. See also section 5.9 onwards of The Rose Book: Guidance on Knowledge Assets in Government.

Where a Supplier owns and can exploit any newly developed IPR, it is able to realise a benefit over and beyond the current contract, which would be expected to result in a lower bid or contract price. Similarly, being able to retain IPR ownership may encourage Suppliers to provide Authorities with their best ideas and solutions.

On the other hand, if an Authority does not own the IPR developed under the contract it may be limited in its use of that IPR, including for future contracts or for publishing on an Open Source basis. Authorities should also consider the need to avoid being placed in an ongoing single supplier position, and the intellectual value of data about or for all UK citizens, and the need to protect the intellectual value of this data as an asset used for the benefit of the UK overall. Suitable specialist legal advice should be taken where required. In some cases, it may be preferable to retain the IPR where the public sector is best to manage and where appropriate commercialise the knowledge asset for the benefit of the taxpayer (see Managing Public Money (PDF, 1,549 KB) 7.15).

The Rose Book: Guidance on Knowledge Assets in Government (Annex D) includes advice on managing IPR in procurement contracts, taking into account the potential social, economic, and financial benefits of public sector or third-party ownership. Where the Authority retains the IPR, this should be recorded on a fixed asset register as an intangible asset.

If Authorities need to purchase standard SAAS only, a CCS Framework may be the most appropriate contract to use.  If a system developed and managed under the Model Services Contract contains SAAS elements, Authorities will need to ensure that they are able to continue to buy that SAAS on VFM commercial terms. SAAS tends to be provided based on Supplier-furnished terms, and the IPR position will need to reflect this.

Note also that the contract makes a distinction between Commercial Off The Shelf (‘COTS’) software and other IPR. COTS software (both Supplier and third party-owned) is dealt with differently to non-COTS IPR in the IPR provisions, in line with chapter 8 of the DDaT Playbook, which states that the expectation is that the standard OEM licence terms for COTS products / services will apply. This is reflected in the deemed Buyer approval process, the licence the Buyer gets for COTS IPR, and the unlimited indemnity given by the Supplier to the Buyer. If the OEM licence terms or the standard EULA is not acceptable to an Authority, consider negotiating different terms or using bespoke software.

Unless otherwise stated in the contract, the IPR will remain the property of its recognised owner. In the Model Services Contract there is a distinction between existing IPR brought to the contract (referred to as ‘Background IPR’), and IPR generated under the contract (often referred to as ‘Foreground IPR’). The Foreground IPR in the contract is the Specially Written Software and the Project Specific IPR (see the definitions in the list below).

As per the Intellectual Property Rights Guidance Note (PDF, 268 KB), the Model Services Contract includes different models for the ownership and exploitation of IP rights. This IPR Guidance Note sets out the importance of taking an IPR approach tailored to your procurement.

Option 1 (Authority ownership of Foreground IPR, with limited rights granted to the Supplier in order to deliver the contract):

• Authorities may wish to consider this option for use where they want to own the Foreground IPR and they also want to limit the Supplier’s use of that Foreground IPR. This is more restrictive for Suppliers and where the Authority is a Crown body, Authorities should consider that this Foreground IPR will be owned by and therefore can be used by any emanation of the Crown. This may make this option unsuitable for use in circumstances where it could lead to uneconomic pricing by Suppliers. Authorities are only able to publish the New IPR under Open Licence under this option, so as to avoid undermining the commercial exploitation rights of the Supplier.
• Reasons why Authorities may want to retain the New IPR include: for example, if the Foreground IPR is likely to be high risk or business critical, or if the Authority wants to retain the IPR for use across multiple contracts or for some wider benefit, or where the Crown provides a lot of the IP which will be further developed by the Supplier (leading to mixed-ownership), or if controlling the IPR is in the public interest, for example, where an Authority is best placed to manage or commercialise an asset.

Option 2 (Authority ownership of Foreground IPR, with non-exclusive rights granted to the Supplier to enable the Supplier to commercially exploit the Foreground IPR (subject to Authority approval))

• Authorities may wish to consider this option where they want to retain the Foreground IPR for the reasons listed above, but they are also happy for the Supplier to use or commercially exploit that Foreground IPR. This ought to generally result in some benefit for the Authority, such as lower costs, or incentivising innovation in Supplier solutions. Authorities may also choose to include optional wording providing that the Supplier would need written approval before commercially exploiting the Foreground IPR. Where the Authority is a Crown body, Authorities should consider that this Foreground IPR will be owned by and therefore can be used by any emanation of the Crown. This will mean that the Supplier will likely not be able to commercially benefit under this option simply by sub-licensing this IPR to Crown entities (as it is already owned by the Crown) - however, the Supplier will be able to commercially exploit this IPR elsewhere.
• As the Authority is owner of this Foreground IPR, approval is required prior to the Supplier using this outside the contract. However, The Authority may only reject this if the Supplier’s proposed use would harm its reputation or interests, and if the Authority does not approve within a set time, this is deemed to have been approved.

Option 3 (Supplier ownership of Foreground IPR, enabling the Supplier to control and commercially exploit the Foreground IPR, with limited rights granted to the Authority to utilise the Foreground IPR for the current contract only)

• Authorities may wish to consider this option where there is no clear benefit in the Authority owning the Foreground IPR, or where any Foreground IPR created cannot easily be separated from the Supplier’s Background IPR (e.g. where the Supplier is providing SAAS). Authorities should consider this option where they are confident they will only need to use the Foreground IPR for the current contract. Where the Authority is a Crown body, Authorities should consider this option where they are confident that no other Crown body will need to use the Foreground IPR outside of the scope of the contract and/or where leaving the option open for other public bodies to use the Foreground IPR outside of the scope of the contract (as is allowed under Option 4) is likely to lead to uneconomic pricing by Suppliers.
• In assessing whether to use this option, Authorities should be aware of the potential for there to be unexpected costs and difficulties further through the acquisition lifecycle, should additional licences to use the Foreground IPR (which has already been Authority funded) need to be sought. This option is also ill-suited for use on phased procurements, where there will be consecutive contracts/stages for the development of technologies which will mean that the Authority will require rights to the Foreground IPR across all of those contracts/stages.
• All Supplier ownership options should also generally result in some benefit for the Authority, such as lower costs, gain/profit shares, or incentivising innovating Supplier solutions.

Option 4 (Supplier ownership of Foreground IPR, enabling the Supplier to control and commercially exploit the Foreground IPR, with rights granted to the Authority to utilise the Foreground IPR for the current contract, as well as other contracts and use for broader public sector functions)

• Authorities may wish to consider this option where there is no clear benefit in the Authority owning the Foreground IPR, or where any Foreground IPR created cannot easily be separated from the Supplier’s Background IPR, but where the Authority wishes to be able to use, and for other Authorities to be able to use, the Foreground IPR beyond the current contract (e.g. in the future replacement of the Service, as well as contracts and services not yet awarded, and broader public sector functions). Where the Authority is a Crown body, Authorities should consider that the licence to the Foreground IPR will be granted to the Crown as a whole and therefore can be used by any emanation of the Crown. This will mean that the Supplier will likely not be able to commercially benefit under this option simply by licensing this IPR to Crown entities (as it is already licensed to the Crown). However, as owner, the Supplier will be able to commercially exploit and otherwise use this IPR elsewhere.

Option 5 (Options 2, 3, or 4, plus Authority rights to royalties from the Supplier’s commercial exploitation of the Foreground IPR – ‘bolt on’).

• Authorities may wish to consider this option where they have invested significant resource or funding in the development of the project and intend to seek a return on that investment, or where they want to maximise innovation or exploitation potential.
• Commercial exploitation of IPR means the charging for and the collection of licensing fees, in the form of associated ‘royalty’ payments or other agreed arrangements. This requires commercial expertise and resources which Authorities may not have, nor is the commercial exploitation of IPR usually part of the Authorities’ core business. However, Authorities may like to consider this royalties arrangement if they would like to directly benefit from Supplier commercial exploitation of Foreground IPR.

Ownership of IPR carries responsibility for its protection and the potential liabilities, e.g. should there be a claim from a third party that the IPR infringes a third party’s IPR.

As the Crown is indivisible, Authorities which are Crown bodies should be aware that, firstly, they can only contract as part of the Crown, and secondly, that any IPR which they take ownership of or is licensed to them can be capable of use by any emanation of the Crown. Authorities which are Crown bodies should consider this fact when deciding which model of ownership and licensing of IPR to use.

Clause 16 (Intellectual Property Rights) and Schedule 32 (Intellectual Property Rights) specifically covers IPR. The different categories of IPR are:

• Supplier Software: This is owned by the Supplier and defined as software which is proprietary to the Supplier (or an Affiliate of the Supplier), including software which is or will be used by the Supplier for the purposes of providing the Services, including the software specified as such in Schedule 12 (Software)
• Supplier’s Background IPR: owned by the Supplier and defined as IPR owned by the Supplier before the contract Effective Date. For example, those subsisting in the Supplier’s standard development tools, program components, or standard code used in computer programming, or in physical or electronic media containing the Supplier’s know- how, or generic business methodologies, and/or IPR created by the Supplier independently of the contract, but excluding IPR owned by the Supplier subsisting in the Supplier Software
• Third Party Software: owned by the relevant third party and defined as Software which is proprietary to any third party (other than an Affiliate of the Supplier) or any Open Source Software which is or will be used by the Supplier for the purpose of providing the Services, including the software specified as such in Schedule 12 (Software)
• Third Party IPR: owned by the relevant third party and defined as IPR owned by a third party but excluding IPR owned by the third party subsisting in any Third Party Software
• Specially Written Software: in the Option 1 IPR drafting, and Option 2, this is owned by the Authority. In Options 3-4 it is owned by the Supplier. It is any software (including database software, linking instructions, test scripts, compilation instructions and test instructions) created by the Supplier (or by a third party on behalf of the Supplier) specifically for the purposes of the contract
• Project Specific IPR: in Option 1 and Option 2, this is owned by the Authority. In Options 3-4 it is owned by the Supplier. It is defined as IPR in items created by the Supplier (or by a third party on behalf of the Supplier) specifically for the purposes of the contract and updates and amendments of these items including, but not limited to, database schema and/or IPR arising as a result of the performance of the Supplier’s obligations under the contract, but which shall not include the Supplier’s Background IPR or the Specially Written Software
• Authority Software: owned by the Authority and defined as Software which is owned by or licensed to the Authority, other than under the contract, and which is or will be used by the Supplier for the purposes of providing the Services
• Authority Background IPR: owned by the Authority and defined as IPR owned by the Authority before the Effective Date, including IPR contained in the Authority’s know-how, documentation, processes and procedures; or IPR created by the Authority independently of the contract; or Crown Copyright which is not available to the Supplier otherwise than under this contract, but in all cases excluding IPR owned by the Authority subsisting in the Authority Software.
• Authority Data: owned by the Authority and defined as the data, text, drawings, diagrams, images or sounds (together with any database made up of any of these) which are embodied in any electronic, magnetic, optical or tangible media, and which are supplied to the Supplier by or on behalf of the Authority which the Supplier is required to generate, process, store or transmit pursuant to this contract, or any Personal Data for which the Authority is the Data Controller.

Table 3 below shows how the Model Services Contract provides for each type of IPR:

| Type of IPR | Treatment | Other Comments | |—|—|—| | COTS: Supplier Software & Supplier’s Background IPR; Third Party Software and Third Party IPRs | Supplier (or Third Party) licences to the Authority on usual licence/EULA (normal commercial IPR terms). | This starting point (that the Authority gets the usual licence/EULA when the Supplier uses COTS, rather than extra rights to sublicense and assign and novate COTS) aligns the contract with the approach to COTS set out in the DDAT Playbook (PDF, 4.2 MB).

The Authority has a set period of time to reject a Supplier’s use of COTS software (its own, or a Third Party’s), and if an Authority does not reject in the timeframe, they will have been deemed to approve this use.

Where it is Third Party COTS, the Supplier must procure a direct licence to the COTS IPR from the Third Party to the Authority.

The Supplier indemnity to the Authority for Third Party IPR claims excludes any claims in respect of COTS. | | Supplier Software & Supplier’s Background IPR (non-COTS) | Supplier licences to the Authority on a non-exclusive, perpetual, royalty-free, irrevocable, transferable, sub-licensable, and worldwide licence to the Supplier Background IPR.

except for ‘option 3’ where this is not perpetual.

Where this is (a) embedded in a Deliverable; (b) is necessary for the Authority to use the Deliverable, or (c) the Deliverable is a customisation or adaptation of Supplier Background IPR - the Authority gets different rights to this.

Where this IPR is embedded in a Deliverable -  Authority’s / transferees / sub-licensees can use, adapt and copy this Supplier Background IPR for particular purposes. There are no restrictions on the identity of any transferee or sub-licensee in this case.

Where this is necessary for the use of a Deliverable or the Deliverable is a customisation or adaptation of Supplier Background IPR - Authority’s / transferees / sub-licensees can use, copy, but not adapt, disassemble or reverse engineer this Supplier Background IPR for particular purposes. It is transferable to a Central Government Body, or any body that takes over the Authority’s functions, or any body that is not a direct competitor of the Supplier (subject to, in this case, confidentiality undertakings). It is also sub-licensable to a replacement supplier, subject to confidentiality undertakings.

The purposes this can be used for are:

a) In ‘option 1’ and ‘option 2’  - (a) to allow the Authority or any End User to receive and use the Deliverables; (b) to allow the Authority to commercially exploit the foreground IPR and foreground IPR Items;  (c) for any purpose relating to the exercise of the Authority’s (or, if the Authority is a Public Sector Body, any other Public Sector Body’s) business or function.

b) In ‘option 3’ - to allow the Authority or any End User to receive and use the Deliverables.

c) In ‘option 4’ -  (a) to allow the Authority or any End User to receive and use the Deliverables; (b) for any purpose relating to the exercise of the Authority’s (or, if the Authority is a Public Sector Body, any other Public Sector Body’s) business or function. | These licence terms are aimed at ensuring that the Authority’s licence to Supplier (non-COTS) Background IPR is wide enough to allow sufficient use by the Authority (and as permitted, sub-licensees and transferees, subject to confidentiality restrictions) and in line with each option, but not so wide as to be unpalatable to Suppliers.

In ‘option 3’ and ‘option 4’ the IPR licences the Supplier grants to the Authority for Foreground IPR and Supplier Background IPR are effectively the same. | |
Specially Written Software and Project Specific IPR

|
Under drafting ‘option 1’ and ‘option 2’, ownership of the IPR resides with the Authority, except for those pre-existing components where IPR resides elsewhere.

Supplier required to deliver the source and object code and to provide updates and new releases.

Project Specific IPR is effectively treated in the same way as Specially Written Software.

Under drafting ‘options 3-4’ ownership of the IPR resides with the Supplier except for those pre-existing components where IPR resides elsewhere. The Supplier grants a licence to the Authority to use this IPR (either for the specific contract, or for wider use, depending which option is chosen).

Supplier required to license updates and new releases. |
Where the Authority owns this IPR (Option 1), part of the intention is to publish these as open licence or under Open Government Licence in order to encourage the widest possible scope for innovation and further development. However, in some instances, such as for security reasons, Authorities may not wish to publish as open source.

Where the Supplier owns this IPR, or where the Authority owns this IPR (Options 3 and 4) but the Supplier has a licence to commercially exploit the IPR (Option 2), the Authority will not publish these as open licence. | |
Third Party Software and Third Party IPRs (non-COTS)

|
Either (a) the owner of the Third Party IPR grants a licence to the Authority equivalent to the licence the Authority gets from the Supplier for Supplier Background IPR (see above for the terms of this licence); or - if the Supplier cannot, after commercially reasonable endeavours get that licence - (b) the Supplier tells the Authority what alternative licence terms are available from the Third Party/other third parties and the Authority accepts this and gets a direct licence from that Third Party; or (c) the Authority gives authorisation to use Third Party IPR without a licence (legal advice should be taken if you Authorities are considering approving use without acceptable licence terms (option (c) here). |
The Authority will need to be realistic about the terms on which it will be able to obtain (non-COTS) Third Party Software. However, as this is effectively the same as Supplier Background IPR from an Authority point of view, it is expected that Suppliers take commercially reasonable endeavours to procure an equivalent licence. | |
Licences Granted by the Authority

|
Under drafting ‘option 1’, the Authority grants licences to the Supplier to use Authority Software, Authority Background IPRs, Specially Written Software, Project Specific IPRs and the Authority Data for the Supplier to fulfil its obligations under the contract, for the Term & any Termination Assistance Period, and this can be sublicensed for this purpose.

Under drafting Option 2, the Authority grants licences to the Supplier to use Authority Software, Authority Background IPRs, Specially Written Software, Project Specific IPRs and the Authority Data for the Supplier to fulfil its obligations under the contract, and to enable commercial exploitation of the Foreground IPR outside the contract. These can be sublicensed for the former purpose and termination/expiry of the contract does not terminate these licences.

Under drafting Options 3-4 the Authority does not own the Specially Written Software and Project Specific IPRs, enabling the Supplier to use these for delivering the contract, and for commercial exploitation. This means the Authority does not grant any licences in respect of Specially Written Software and Project Specific IPRs. The Authority does grant licences to the Supplier to use Authority Software, Authority Background IPRs, and the Authority Data for the Supplier to fulfil its obligations under the contract, and to enable commercial exploitation of the Foreground IPR outside the contract. These can be sublicensed for the former purpose and termination/expiry of the contract does not terminate these licences. |
In ‘option 1’ and ‘option 2’ the IPR licences the Authority grants to the Authority for Foreground IPR and Authority Background IPR are effectively the same.

In all options, the Authority needs to approve the use of the Authority Background IPR outside the contract. - Deemed approval applies after a set period of time, and the Authority can only refuse this for harm to reputation / interests.



. |

2.7.1 Open Source Software / Open Licence

Open Source Software is computer software with its source code made available subject to an open-source licence under which the copyright holder or IPR owner provides free of charge the rights to use, study, change and distribute the software to anyone and for any purpose. See chapter 8 of the Digital, Data, and Technology Playbook for further information on Open Source, and The Rose Book: Guidance on Knowledge Assets in Government on the Open Government Licence.

Where the Government owns and controls Foreground IPR, it may wish to publish this on an Open Licence basis (the definition of Open Licence includes Open Source). Under Option 1 of the IPR provisions in Schedule 32 of the Model Services Contract, IPR ownership in the Foreground will reside in the Crown, and the software and other IPR can be published as open licence.

Authorities should also be mindful of the Technology Code of Practice and the requirement to publish code and use open source to improve transparency, flexibility and accountability. When publishing as open source, Authorities should be mindful that the terms of any input licence (that is the open source licence for any open source software which has been used to create the Specially Written Software) aligns with the ‘output licence’ (that is, the licence under which the Authority will publish the Software as open licence). In some cases, such as for specific exploitation or security reasons, the Foreground IPR will not be published as open licence.

Where the Supplier owns the Foreground IPR, or where the Authority owns this IPR but the Supplier has a licence to commercially exploit the IPR (Option 2), the Authority will not publish this as open licence, since this would hinder the Supplier’s ability to commercially exploit the Foreground IPR, and the Authority should have received other benefits in exchange for allowing this commercial exploitation.

2.7.2 Transfer of IPR

The Authority has the right under Schedule 32 to transfer the Authority licences in any of the Software or IPR (except COTS software, for which the vendor’s standard terms relating to assignment and novation will apply). This right is designed to cover situations such as those where the Authority has a change of legal status, or where the Authority’s functions are transferred to or taken over by another department or by a private sector body (for example following a privatisation or outsourcing). Where the Authority owns the IPR, it also will have the right to transfer this.

2.7.3 Software Escrow Arrangements

Although the Model Services Contract does not specifically contemplate Software Escrow, it does not preclude Escrow Services either. Indeed, there may be certain scenarios where placing Source or Object Code into Escrow is highly desirable, such as proprietary software procured by a third party that is under financial stress with a significant risk of failure. In this scenario ensuring access to the source code and associated materials is essential to ensure the ability to support, modify or upgrade software in the event that the licensor (most commonly the Supplier) is no longer in a position to provide these services.

Understandably though, Suppliers are extremely reluctant to release source code except where it has been agreed that IPR in Specially Written Software is to be assigned to the Authority (Options 1-2). In this case the Authority should ensure that the Supplier delivers the source code of that software directly to the Authority, as set out in the contract.

Other scenarios where Escrow may be appropriate could include:

• Non-COTS Source code, scripts or add-ins developed by a third party that operate as a plug-in to a proprietary product e.g. an Excel macro developed for specific portfolio management functions;
• Bespoke applications written and/or developed at government direction to a defined specification; or
• Specially Written Software written under Authority direction where the Authority is the best positioned party to gain value from the IPR

If IPR in Specially Written Software is to be retained by the Supplier (or a sub-contractor) (Options 3-4), the Authority should consider providing for the source code to such software to be placed with an independent third-party Escrow Agent, to be released only on certain trigger events (Release Events). Examples of Release Events are: the insolvency of the owner of the software, or the owner’s failure to meet contractual obligations to develop or maintain the software.

Any Escrow Agreement should state how frequently the Supplier should place updated copies of source code with the Escrow Agent to ensure that an up-to-date version is available where on-going development occurs. The Escrow Agreement should also set out the level of validation services that the Escrow Agent shall undertake to verify the quality and integrity of the deposited code, and which party should pay the costs of the Escrow Agent’s services. The Escrow Agreement should define version control and provide a framework for the Supplier to adhere to with regards to version release and end of life.

Scenarios where escrow is not appropriate will include:

• Proprietary End User operating systems e.g. Microsoft Windows, OSX
• Commercial Off The Shelf (COTS) applications that are substantially non- customisable e.g. Microsoft Word
• Customisations to Open Source code written by a third party to government specification.
• Supplier Software
• Third Party Software

2.8 Protecting Personal Data

The wording in the Core Terms relating to the situation where one Party is a Controller and the other Party is a Processor largely aligns with PPN 03/22 - Updated guidance on data protection legislation, although some of the language has been changed to account for any transfers of data from the EU under the EU GDPR, as well as the potential involvement of overseas equivalents to the UK ICO, where data covered by the EU GDPR is processed under the Contract.

The Core Terms also include wording covering the situation where the Parties are Independent Controllers. Schedule 31 includes a Joint Controllers Agreement, if the Parties are Joint Controllers. The drafting in the Model Services Contract goes beyond the example drafting in PPN 03/22 - Updated guidance on data protection legislation, which assumes the Authority is the Controller and the Supplier is the Processor. The additional options continue to be included in the Model Services Contract so that this Contract can be used for a wider range of procurements without drafting needing to be created from scratch. However, in the vast majority of cases the Authority will be the Controller, and the Supplier the Processor. If you have any questions about data protection, or believe another data processing scenario applies, such as the Parties being Joint or Independent Controllers, you must speak to your data protection team or DPO. Making the Supplier a Controller over Authority information can create risks for Authority data and information.

The question of whether the Supplier will be a Processor or Controller will affect their responsibilities and potentially the cost of providing the Services. You should provide this information to the Supplier as early as possible.

At the start of a contract and if the issue arises subsequently, you should consider whether any sub-contractor which undertakes data processing in connection with a contract should be designated as a Key Sub-contractor. This is especially relevant in cases when a Supplier is not handling any personal data itself but has entirely sub-contracted such processing. Being a sub-processor of data will often be a critical role in the provision of Services and it is important in such cases that Authorities have appropriate recourse to the party which actually holds personal data for which the Authority is Controller.

The UK GDPR contains restrictions on transfers of personal data outside the UK. One way to comply with UK GDPR rules on these restricted transfers is to put in place an Article 46 transfer mechanism. These are the “appropriate safeguards” listed in Article 46 such as the ICO’s International Data Transfer Agreement (‘IDTA’), and the Addendum to the EU SCCs (the ‘Addendum’). These are referred to in the Model Services Contract, along with the EU equivalent, for transfers outside the EEA - the EU SCCs.

However, where a Party is relying on one of these Article 46 transfer mechanisms they must carry out a Transfer Risk Assessment (‘TRA’), to make sure the personal data is still protected while overseas. TRAs help ensure that, in the specific circumstances of a restricted transfer, the Article 46 transfer mechanism will provide appropriate safeguards, and effective and enforceable rights for people - looking at risks to people’s rights arising in the destination country from third parties accessing the information that are not bound by the Article 46 transfer mechanism, in particular government and public bodies and risks to people’s rights arising from difficulties enforcing the Article 46 transfer mechanism.

If you are a Controller, and your Processor is making the restricted transfer, only the Processor must complete the TRA.

Annexes 2 and 3 to Schedule 31 include copies of the IDTA and the Addendum to the European Commission’s SCCs as published by the Information Commissioner’s Office, and the Standard Contractual Clauses in the European Commission’s decision 2021/914/EU, in case of data transfers outside of the UK and EU. If Authorities wish to shorten the MSC, they may consider removing these examples, and referring out to these instead of incorporating them into the Contract. If the Authority wishes to incorporate them, the second set of square brackets in Clause 21 of the Core Terms and Schedule 31 should be used. If the Authority would prefer to refer out to the IDTA or Addendum, the first set of square brackets in Clause 21 of the Core Terms and Schedule 31 should be retained. Whichever option is not chosen by the Authority should be deleted from those provisions.

3. Service Operation

The relevant sections of the Model Services Contract that deal with service operation are:

Model Services Contract

Section B

• Clause 5 (Services)
• Clauses 6.1 to 6.3 (Quality Plans)
• Clause 7 (Performance Indicators)
• Clause 8 (Services Improvement)

Section D

• Clause 11 (Governance)

Section E

• Clause 14 (Supplier Personnel)
• Clause 15 (Supply Chain Rights and Protection)

Section H

• Clause 25 (Rectification Plan Process)
• Clause 26 (Delay Payments)

Schedules to the Model Services Contract

• Schedule 2 (Services Description)
• Schedule 3 (Performance Levels)
• Schedule 4 (Standards)
• Schedule 5 (Security Management)
• Schedule 6(Insurance Requirements)
• Schedule 8 (Supplier Solution)
• Schedule 10 (Notified Key Sub-contractors)
• Schedule 15 (Charges and Invoicing)
• Schedule 21 (Governance)
• Schedule 22 (Change Control Procedure)
• Schedule 24 (Reports and Records Provisions)
• Schedule 29 (Key Personnel)

3.1 Introduction

All of the elements of service operation are defined in the Model Services Contract before it is signed, but this needs to be managed carefully through the governance structures and contract management processes to ensure that the services meet the original expectations.

Good service operation requires five important elements:

• Clear and unambiguous service requirement definitions;
• Understanding Supplier Personnel and Sub-contractors;
• Robust mechanisms and controls for managing performance, including Delay;
• A mechanism for changing or modifying the services over time;
• Governance; and
• Collecting contract and Corporate Data

3.2 Clear & Unambiguous Service Requirement Definitions

Note: All public sector bodies procuring digital, data and technology products and services (excluding devolved administrations) should follow the Digital, Data, and Technology Playbook on a ‘comply or explain’ basis.

Digital services from the government must meet the Digital by Default Service Standard, which is available on Gov.UK. The standard describes the key process to go through in order to mitigate unknowns and baseline the service and sets out the performance levels and accompanying performance indicators, explaining what remedies are available if performance failures occur.

Supplier’s misinterpretation of the Authority’s requirement is sometimes a contributing factor to problems developing, resulting in poorly performing contracts. Occasionally the Supplier is forced to offer a service based on scant information because the Authority cannot accurately and comprehensively articulate the requirement for a variety of reasons.

The initial procurement process sets the baseline for the resulting contractual relationship. During the procurement the Authority should ensure that a draft Services Description, which sets out the Authority’s detailed description of the requirements, is made available to all bidders. The Services Description should describe the different types of Services the Authority may require (e.g. Implementation Services, Operational Services, Interface requirements, Security Requirements, Social Value Requirements, Other Authority Requirements and any Optional Services). This is populated in Schedule 2 (Services Description) and may consist of several documents detailing each requirement.

The Authority should also set out its expectations on performance indicators. Schedule 3 (Performance Levels) Part A explains how performance indicators will be used to calculate Service Points, which are subsequently used to generate the financial remedies for inadequate performance through the use of Service Credits; worked examples are provided in Part A of Schedule 3.

Schedule 3 (Performance Levels) Part B describes the Supplier’s obligations to monitor and report on performance. The tables set out in Annex 1, Part A of Schedule 3 should be completed with all the relevant performance indicators (PIs) (including Social Value KPIs and/or PIs) and operating levels for each service requirement, taking note of the definitions in Part B of the Annex. The KPIs and Subsidiary PIs set out in this Annex have been based on Industry Standards, which ensures that the reporting mechanism applied by Suppliers is not outside their normal practice. When agreeing KPIs, the Authority should:

• Obtain accurate and realistic information regarding the actual needs of the users of the Service and the underlying business, as overly onerous KPIs will drive costs upwards;
• Consider any available historic information regarding the Authority’s requirements for the Service;
• Consider any available projections for the use of the Service to ensure that it is both scalable and that the KPIs and associated Service Points and Service Credits can be adjusted in a pre-agreed manner to reflect anticipated changes in the usage of the Service. For example, different KPIs can be set to reflect different service complexities during a phased implementation or different demand profiles. Pre-agreed Service Credits should not be set at punitive levels;
• Understand the impact of volume and workloads on service quality. Volume requirements may vary during any particular month or, between months. It is necessary to consider average and peak volumes for e.g. data storage and processing;
• Consider whether or not there should be any initial period during which KPIs are only monitored for information purposes. This may be appropriate in exceptional circumstances. The decision should take account of the transfer of risk and how much post acceptance ‘bedding in’ is acceptable. In any event, it is recommended that recording and reporting of KPIs commences immediately following service commencement;
• Consider how many KPIs are set, how readily KPIs can be measured and the degree to which this can be automated. Consideration should also be given to the balance between selecting KPIs that are representative of the performance across several aspects of the Service and the need for measures and incentives to apply to specific individual aspects of the Service. In addition, the contract allows the Authority to review the KPIs if there is a change in its business requirements. The Authority can do this by reclassifying the KPIs (using Clause 7 (Performance Indicators)), but must remain aware that such a change comes at no charge only if it does not exceed the limit on the number of changes to the KPIs.

In line with the government’s commitment to improve the transparency of contract performance, there is a requirement to publish the top KPIs on the vast majority of contracts. In order to achieve this, there is a requirement to choose at least three KPIs that link directly to the service objectives that can be published. Authorities can indicate to Suppliers which KPIs will be published using the table in Annex 1 of schedule 3 (Performance Levels). For further information on this requirement, please consult the KPIs section of the Sourcing Playbook.

Note: Also see section 1.4 above on Social Value, in relation to the additional requirement to choose the single most important Social Value KPI that can be published, and how this is reflected in the Model Services Contract.

Note: The Digital, Data, and Technology Playbook sets out four mandatory KPIs (namely: cost per transaction, user satisfaction, completion rate, and digital take-up) on the performance of digital, data and technology services, which are required to be published. These KPIs may overlap with the top three KPIs detailed above.

Bidders should produce a description of the solution that sets out how the Services will be provided. This must be sufficiently detailed so that evaluators can be sure that Authority requirements have been understood and can evaluate the bidders against the evaluation criteria. This suite of documents will form the basis of the technical relationship between the parties to the contract and allow bidders to bid from a position of knowledge.

The Supplier’s solution is incorporated into the Model Services Contract in Schedule 8 (Supplier Solution). Where any part of the Supplier Solution offers a better commercial position for the Authority (as decided by the Authority), that part of the Supplier Solution will take precedence over the other aspects of the contract.

Following contract signature, the Supplier should produce a Quality Plan within the number of days specified by the Authority. It is advisable that this plan is produced before the Detailed Implementation Plan (DIP), as all deliverables should be designed to comply with it. Within 20 days of contract signature, the Supplier will also need to provide a Security Management Plan in the level of detail set out in Schedule 5 (Security Management) paragraph 4, and will need to produce a tested Information Security Management System as set out in paragraph 3 by the date agreed in the DIP.

3.3 Supplier Personnel and Sub-contractors

Following contract award the Supplier will start establishing contractual relationships with its sub-contractors. Suppliers are required to formally advertise sub-contracting opportunities and report on those sub-contracted to SMEs and VCSEs.

The Supplier has the obligation to ensure that appropriate companies and individuals are responsible for delivery of the services procured. The Authority also needs the right to veto the appointment of those that the Authority reasonably believes are inappropriate for the delivery of the services. Additionally, those whom the Supplier sub-contracts to execute or deliver elements of the goods or services must have similar obligations to the ones imposed upon the Supplier.

For the sake of clarity, key personnel on both sides must be identified. Schedule 29 (Key Personnel) lists the key roles, names with relevant responsibilities and anticipated durations set out in tabular form. Key Personnel will be those employees of the Supplier who are important or valuable to the contract because they hold a pivotal role. Changes to such personnel, particularly at certain critical points in the contract, will have a disproportionate effect on its success, so any changes to individuals listed should be reflected in an updated table. Both parties must be notified if any names on the list need to change. However, the Supplier shall only be able to make these changes if:

• Requested to do so by the Authority;
• The person’s employment or contractual arrangement with the Supplier or a Sub-contractor is terminated for material breach of contract by the employee;
• The person concerned resigns, retires, dies or is on maternity/paternity or long-term sick leave; or
• The Supplier obtains the Authority’s prior written consent (such consent not to be unreasonably withheld or delayed); or

Clauses 14.3 to 14.6 (Supplier Personnel) set out the requirements on the Supplier to inform the Authority of changes, ensure that key posts are not vacant for any significant period, and any leave of absence is covered appropriately.

3.3.1 Employment Indemnity

Where Supplier personnel will work alongside the Authority’s employees, whether at the Supplier’s or the Authority’s premises, there is a possibility that any acts or omissions of the Supplier or its employees could give rise to claims against the Authority and vice versa. Clause 14.7 (Employment Indemnity) is intended to ensure that responsibility for resolving such claims remains with the party who has responsibility for the staff who caused the claim. It is not intended to cover issues arising out of a transfer under the TUPE regulations, as these are dealt with in Clause 14.9 (Staff Transfer) and Schedule 28 (Staff Transfer).

3.3.2 Sub-Contractors

Clauses 15.1 to 15.4 (Supply Chain Rights and Protection) set out:

• the Supplier’s obligations in relation to the sub-contracts;
• requirements to advertise Sub-contracting opportunities on Contracts Finder;
• requirements to inform the Authority of the arrangements;
• and provide a copy of any sub-contract if requested.

The Authority has ten working days in which to reasonably object to any of the proposed sub-contractors. If any reasonable objections are raised, then the Supplier will have to find an alternative. The Authority may only object on the grounds listed in Clause 15.8 (Appointment of Sub-contractors).

The obligations in relation to Key Sub-contractors (who should be listed in Schedule 10 (Notified Key Sub-contractors)) are set out in Clauses 15.10 to 15.13 (Appointment of Key Sub-contractors). Requirements of, and obligations on, the Key Sub-contractors are the same as those requirements and obligations on the Supplier, due to the fact that Key Sub-contractors are delivering critical services for the Authority. Therefore, unless the Supplier has written consent from the Authority, key sub-contracts will include:

• a provision enabling the Authority to enforce the Key Sub-contract as if the Authority were the Supplier;
• a provision enabling the Supplier to assign, novate or otherwise transfer any of its rights and/or obligations under the Key Sub-contract to the Authority;
• obligations regarding:
  • Data protection;
  • Freedom of Information;
  • Not embarrassing the Authority or otherwise bringing the Authority into disrepute;
  • Keeping records for services provided – including Open Book Data; and
  • Complying with audit requirements;
• provisions on termination that are no less severe than those imposed on the Supplier by the Authority;
• a provision that Clause 27 (Remedial Advisor) and Clause 28 (Step-in Rights) apply;
• a requirement that any Key Sub-Contractor must also seek the written consent from the Authority if it wishes to sub-contract all or any part of the services it has been contracted to supply; and
• an obligation to co-operate with the Supplier and the Authority in order to give full effect to the provisions of Schedule 18 (Financial Distress);

It is also advisable to request an audit of the Key Sub-contractors at the start of the contract and to request a further audit 18-24 months into the contract term.

At the start of a contract and if the issue arises subsequently, Authorities should consider whether any sub-contractor which undertakes data processing in connection with a contract should be designated as a Key Sub-contractor. This is especially relevant in cases when a Supplier is not handling any personal data itself but has entirely sub-contracted such processing. Being a sub-processor of personal data will often be a critical role in the provision of services and it is important in such cases that Authorities have appropriate recourse to the party which actually holds personal data for which the Authority is the Data Controller.

3.3.3 Prompt Payment

Clauses 15.14 to 15.15 (Supply Chain Protection) require the Supplier to flow down prompt payment terms to all sub-contracts and pay any undisputed sub-contractor invoices within 30 days of receipt. There is a requirement to report Supplier performance on prompt payment within Schedule 3 (Performance Levels) Part B paragraph 1.3.

In line with government policy on prompt payment (see PPN 08/21 - Taking account of a bidder’s approach to payment in the procurement of major government contracts), there are provisions in the Model Services Contract at Clause 15.16 for Suppliers to report on the prompt payment of Unconnected Subcontractor invoices. This means that the Balanced Scorecard Report produced by the Supplier should include a report on their record of paying Unconnected Subcontractor invoices within 60 days (as well as their record of paying invoices connected with the contract within 30 days). Where Suppliers have breached this condition, the Authority has the right to publish the details of the late or missed payments (on government websites and in the press) and the Supplier must produce an action plan.

3.3.4 Supply Chain Visibility

It is the responsibility of the Authority to have adequate visibility of the Supplier’s supply chain. It is therefore critical that the Authority has sufficient visibility and, if necessary, scrutiny of the Supplier’s means of delivery through its supply chain. Individual points that should be covered include, but are not limited to:

• Flow down of terms to be transparent;
• Information on the financial status and stability of significant subcontractors; and
• Reporting supply chain spend with SMEs and VCSEs.

3.4 Managing Performance

The controls for managing performance during the contract are described here. The controls for implementing the services are described in Section 2 of this document.

During operation, the performance of the services is controlled via the obligations set out in Clause 7 (Performance Indicators) together with Schedule 3 (Performance Levels).

The required performance levels will have been established prior to contract signature. Note that these performance levels may be changed to reflect new priorities during operation but this may be done only once per year and the Supplier must be given 3 months’ notice; this is set out in Clauses 7.7 & 7.8 (Changes to Performance Indicators and Service Credits). The Model Services Contract has a single rectification process that applies in the event of:

• Delay (actual or anticipated);
• Material Default;
• Material Failure of Key Performance Indicators (KPIs) (including Social Value KPIs if used); or
• Material Failure of Performance Indicators (PIs) (including Social Value PIs if used).

Figure 1 below illustrates that process. The process and the obligations on the Supplier to produce a Rectification Plan are set out in Clause 25 (Rectification Plan Process).

Service points and credits are accrued when the Supplier’s performance in the service period is below the Target Performance Level and result in a reduction of the Service Charges payable. Service Credits are capped at the commencement of the Operational Service and are the sole financial remedy for a KPI failure.

However, there are exceptions when a KPI failure breaches the relevant KPI Service Threshold (see Clause 7 (Performance Indicators)) and other remedies become available.

Figure 2 below, illustrates the rights that the Authority has in case of performance failures:

Table 1 describes the available remedies and their respective triggers:

Trigger	Authority’s remedy	Supplier relief if caused by the Authority
Delay in implementation period	-  Milestone payment not payable until Milestone ‘Achieved’ -  May incur Delay Payments -  Rectification Plan -  Possible termination (if the Delay continues for 100+ days) -  Supplier bears costs of re-testing -  Ability to appoint Remedial Adviser	-  Extension of time -  No breach -  No Delay payments -  Compensation for losses -  Additional costs -  Treated as if met Performance Indicators -  No breach -  No Service Credits -  Full payment of Service Charges
Default in operational period	-  May incur Service Credits or compensation for Unacceptable KPI failure -  Rectification Plan if material -  Possible termination -  Possible damages -  Ability to appoint Remedial Adviser	-  Treated as if met Performance Indicators -  No breach -  No Service Credits -  Full payment of Service Charges
Failure to achieve the Service Threshold for 50% of the KPIs in any month	- Compensation for unacceptable KPI failure in that the Authority is entitled to keep 100% of the Service Charges due for that month	-
A Default that would give rise to a termination event (other than insolvency)	- Authority may require the appointment of an independent Remedial Adviser to monitor the Supplier and report to it on recommendations to tackle service issues - Costs of Remedial Adviser to be borne by the Supplier - Suspends Authority’s right to terminate for three months	-
A Default that is materially preventing / delaying the performance of the Services / a material part of the Services	- Authority may require the appointment of an independent Remedial Adviser to monitor the Supplier and report to it on recommendations to tackle service issues - Costs of Remedial Adviser to be borne by the Supplier - Suspends Authority’s right to terminate for three months	-
A Default amounting to 75% of the ‘Critical Performance Failure’ trigger	- Authority may require the appointment of an independent Remedial Adviser to monitor the Supplier and report to it on recommendations to tackle service issues - Costs of Remedial Adviser to be borne by the Supplier - Suspends Authority’s right to terminate for three months	-

3.4.1 Delay Payments

Should the Supplier fail to meet a key milestone by the agreed date, the Authority remedy will be a Delay Payment, which is covered by Clause 6.6 (Implementation Plan and Delays) and Clause 26 (Delay Payments). The details of the delay payment are set out in Schedule 15 (Charges and Invoicing) Part C, paragraph 1. The Supplier is entitled to claim that the Authority caused the delay but must be able to prove it. If the Authority is entirely or partially at fault, then Clause 29 (Authority Cause) will apply, resulting in either the Authority receiving no Delay Payment or a reduced payment.

Where disagreements associated with obligations to ‘sign off’ certain documents cannot be settled without escalation, the Dispute Resolution Process will need to be engaged. In such circumstances Schedule 23 (Dispute Resolution Procedure) would then be followed. For more detailed information on the Dispute Resolution Procedure, see Section 6 of this guidance.

3.6 Service Continuity

A variety of events may lead to the degradation, partial or total loss of service. The Model Services Contract has provisions for business continuity and disaster recovery, and the principles of these mitigation and recovery practices are well known to service operators and Suppliers. Business continuity and disaster recovery actions are triggered under specific circumstances and are not invoked where a Supplier may be under financial distress. Insolvency continuity is a discrete section in the Service Continuity Plan in Schedule 26 (Service Continuity Plan and Corporate Resolution Planning) at paragraph 6. The insolvency continuity provisions ensure that if an Insolvency Event occurs, which could adversely impact on the Services, there are plans in place to ensure continuity of the Services.

3.6.1 Financial Distress Events and Financial Stability

The Supplier must fulfil its obligation to provide positive affirmation that no Financial Distress Event (‘FDE’) has occurred or is foreseen at the commencement of the contract and annually thereafter. Version 2.0 of the Model Services Contract introduced some new FDEs. The financial distress provisions also include monitoring of financial ratios initially tested at the procurement qualification stage. For more information, please refer to the ‘Assessing and Monitoring the Economic and Financial Standing of Bidders and Suppliers’ (PDF, 603 KB) guidance note published with the Sourcing Playbook on Gov.Uk.

Authorities are advised to consider using a range of measures of financial stability beyond credit ratings both in the qualification stage of procurement and for on-going contractual reporting requirements. Schedule 18 (Financial Distress) outlines the obligations on the Supplier to report changes in the financial status of various entities. This reporting is designed to give the Authority as much early warning as possible so that the parties may act in good time to avoid a threat to the degradation or continuation of the Services.

3.7 Governance

Governance is the process by which the Authority and the Supplier oversee and regulate their relationship. Schedule 21 (Governance) outlines the framework for how governance will work, including different types of Governance Boards. Clause 11 (Governance) signposts to the provisions in Schedule 21 and sets out each party’s obligations.

For the majority of projects, all aspects of the governance framework will have been fully developed and set out before the contract is signed. The type of governance provisions required and the level of detail, will depend upon:

• The level of co-operation required between the Authority and the Supplier;
• The term of the contract;
• The level of innovation in the Services;
• The financial size and level of risk of the contract - the more that the Authority is paying for the project the more likely it is to require a close working relationship with the Supplier;
• The business criticality of the services being provided; and
• The degree to which the governance arrangements need to be compatible with existing Authority governance structures and processes.

Good governance will include records and reporting requirements. Schedule 24 (Reports and Records Provisions) details the reports to be kept and their contents. These will need to be agreed between the parties but should include records setting out the history of the performance of the Contract (such as Milestone Achievement Certificates) and periodic reports that indicate the Supplier’s performance (such as Management Information). The principles underlying this schedule should be to facilitate:

• Public accountability;
• transparency of Service provision;
• Compliance by the Authority with its legal informational and reporting obligations including those under the Data Protection Act 2018 and the Freedom of Information Act 2000 and the requirements of the Public Records Office; and
• Compliance with the Authority’s policies (including, in particular, security policies).

Membership of the Boards should be such that different stakeholder viewpoints are adequately represented. For example, the main Programme Board should be chaired by the SRO and include senior User and Technical representatives. Supplier representatives should have appropriate seniority and expertise to enable effective decision-making.

Figure 5 below illustrates a schematic of how the Governance Boards interrelate:

3.8 Collecting Contract and Corporate Data

The Supplier is required to create a Virtual Library (see Schedule 24 (Reports and records Provision) paragraph 4) for all the data required to operate the Services, and to transfer at the end of the contract to another Supplier (or back to the Authority). This data will include the data that the Supplier is using to deliver services day-to-day. A full list of records to upload to the Virtual Library is found in Schedule 24 Annex 3, but comprises of the following:

• Core service data;
• Details of commercial arrangements which the Supplier has put in place in order to deliver the services. It is understood that some of this data may be commercially confidential to the Supplier, so this data must be kept current at all times, and its existence as such must be assured to the Authority, but the data itself will only be visible for audit scrutiny or similar requirement;
• Personal information concerning the staff required to deliver the services. This must be kept current at all times, and will be passed only to the next employer of the staff on service transfer of the data;
• Data relating to the manner in which services are organised such as an organisation definition of the delivery organisation, showing what elements are dedicated and discrete to this contract and what elements are shared across multiple contracts or catalogues of all the premises required to deliver services, including lease / title information;
• The individual role definitions of all roles required to deliver services;
• Actual staff lists mapped against the above roles, and current skill types and levels;
• ELI (employee liability information) data on all staff deployed to deliver services;
• Assets required to deliver the Services such as furniture and fittings inventory (if applicable), hardware and software assets and configuration (CMDB), licence agreements for dedicated software, corporate licences;
• All sub-contracts and service agreements;
• Comprehensive cost data;
• The Authority’s service requirements;
• Service Model / Operating Model definitions;
• Operating Procedures, down to SOPs and LWPs;
• Operational and technical policies and standards; and
• Services dependent upon the provider or Supplier’s IPR.

In addition, the Supplier will maintain a set of corporate data showing how, if relevant, different entities within the Supplier’s wider corporate structure are involved in delivering the contracted services. The Supplier will also be required to declare and keep current a statement of all the public sector contracts it holds. It will also be required to inform the Authority and the Cabinet Office Markets & Supplier team as and when it has an annual revenue in excess of £50m of which over 50% is derived from the UK public sector. See the ‘Resolution planning’ (PDF, 832 KB) guidance note published with the Sourcing Playbook on Gov.Uk for more information about the corporate resolution planning information Suppliers are required to provide.

4. Changing or Modifying the Services over Time

The sections of the Model Services Contract that are relevant to this section are:

Model Services Contract

Section B

• Clauses 5.10 to 5.12 (Optional Services)
• Clauses 6.1 to 6.3 (Quality Plans)
• Clause 8 (Services Improvement)

Section D

• Clauses 13.2 to 13.3 (Change in Law)

Section H

• Clause 29 (Authority Cause)

Section I

• Clauses 31.4 to 31.5 (Partial Termination)

Schedules to the Model Services Contract

• Schedule 15 (Charges and Invoicing)
• Schedule 21 (Governance)
• Schedule 22 (Change Control Procedure)

4.1 Introduction

Contract Change can take place for a number of reasons and the Authority must monitor change as it may impact on cost and time. Under normal circumstances contract or operational change should be agreed at senior levels within the project or programme to ensure that any impact as a result of the change is understood; a requirement for a Change Management Board is articulated in Schedule 21 (Governance).

The Supplier also has an on-going obligation to identify new or potential improvements to the Services (see Clause 8 (Service Improvement)). Any agreed improvements will be managed under a Change Request as per the Change Control Procedure in Schedule 22 (Change Control Procedure).

4.2 Contract Changes

Contract Changes are changes that affect the baseline agreed by the parties at the date of signing the contract. They will have an impact on the costs or the risk profile of either party. As such, the parties will need the right to approve, reject and request amendments to proposed Contract Changes, subject to the qualifications set out below.

Changes to most public contracts are governed by regulation 72 of the Public Contracts Regulations 2015. Authorities must seek legal advice before proposing or accepting any Contract Change to check whether the Public Contracts Regulations 2015 apply to the contract and, if so, whether the proposed change is permitted or not.

Schedule 22 (Change Control Procedure) includes provisions and processes for dealing with changes to the contract. A Contract Change proposed by the Authority can only be rejected by the Supplier if the Supplier can show that:

• The proposed change would materially and adversely affect the health and safety of any person;
• The proposed change would cause the Services to infringe the law; or
• It is technically impossible to perform the change.

In contrast, the Authority should always have the right to reject a Contract Change, unless the proposed change is as a result of a Change in Law.

Either party has the right to request a change, and there is a template form in Schedule 22 (Change Control Procedure) in Annex 1 that can be used. The party requesting the change must send the other party a ‘Change Request’ setting out the following information:

• A full description of the proposed Contract Change with a brief analysis of the perceived advantages (and, if appropriate, disadvantages) of the Contract Change;
• The likely costs of the Contract Change and
• The target date for implementing it.

Paragraph 4 (Change Request) of Schedule 22 (Change Control Procedure) explains that at the time of issuing the Change Request (or within 10 working days following such issue), the Supplier will research and produce an ‘Impact Assessment’. The Impact Assessment is described in Paragraph 5 and must set out full details of the proposed change including:

• Technical specifications of the change;
• Reasons for the change and the projected impact on the Authority, its business and IT systems;
• The impact on the Supplier’s level of performance and achievement of the Service Levels;
• Impact on other systems or processes which are outside the Supplier’s responsibility, but which interact with or are reliant on the infrastructure or processes governed by the contract;
• Details of any increase (or reduction) to the Charges using the existing pricing mechanisms;
• Identification of the level of on-going resources which will be required if the change is executed;
• Impact on the Authority and the Services if the change is not executed; and
• A plan, which sets out how, the Supplier will implement the change including, if appropriate, a timetable or milestones.

The cost of the Impact Assessment will be borne by the party requesting the change; however, there will be no charge if the impact assessors are already employed on the account and their time is charged through other mechanisms (e.g. service charges or milestones) and there will be no charge for Impact Assessments less than a threshold (e.g. £5,000).

Where the Supplier issues the Change Request, following receipt of the Supplier’s Impact Assessment, the Authority can either accept the proposed change, request amendments, request further information or reject it. The Change Control Procedure only permits the Supplier to implement a Contract Change once it has been authorised by the Authority. Paragraph 6 (Authority’s Right of Approval) and Paragraph 2.6 (General Principles of Change Control Procedure) states that, unless the Authority directs otherwise the Supplier will draft the Change Authorisation Note and update the Contract.

Depending on the complexity and the Term of the contract, the Authority may wish to use the Governance Boards described in Schedule 21 (Governance) to authorise changes according to a hierarchy of delegated authority (the Authority representative should have written delegated authority originating from the Department’s Permanent Secretary as without such written delegation any decisions accepting or rejecting change requests may be invalid). This would allow the Change Control Procedure to provide for certain Contract Changes to be authorised by more senior signatories within the Authority.

4.3 Operational Changes

There are likely to be a number of technological and business changes required during the Term of the Contract in order that the Services continue to be provided effectively and efficiently. Provided that this does not impact the cost or risk of delivering the Services or the provisions contained in the contract, this will be managed through an Operational Change process, which is described in Schedule 22 (Change Control Procedure) in paragraph 9.

Either party may raise a Request for Operational Change (RFOC), which will be completed by the Supplier and submitted to the Authority’s Change Manager for approval. Where the Change will impact the Charges, or if either party believes that the Change set out in the RFOC does not comply with the definition of Operational Change (above), the Change Control Procedure must be used.

The Operational Change process is closely tied to other relevant management processes (depending on the Service) such as Capacity Management, Configuration Management and Release Management as well as Incident and Problem Management. For reference, these IT Service Management (ITSM) processes are defined in the set of practices called ITIL, published by AXELOS Ltd.

4.4 Changes in Law and Indexation

Most contracts contain “change in law” provisions. These exist to allow a contract to remain effective when a change in the law either renders some aspects of the contract unlawful or makes performance of some obligations of either party impossible. In the latter case, these provisions are sometimes used to facilitate relief from performance obligations so that the party with the obligations does not fall into breach as a result. The Model Services Contract distinguishes between General Changes in Law and Specific Changes in Law.

The Specific Changes in Law provisions help structure relief mechanisms where a change in the law impacts the particular subject matter of the contract, provided these changes do not apply to the population in general or could have been reasonably anticipated prior to contract signature. The most common mechanism for structured relief is indexation. See the ‘Risk allocation and pricing approaches’ (PDF, 1,020 KB) guidance note published with the Sourcing Playbook for further information on this topic.

Different indexes can be obtained from the Office for National Statistics or other published and reputable sources. An index should only be selected if it is independently compiled (as all ONS indexes are) using sampling and estimation methodologies based on international best practices. This should be correctly devised and applied to allow Suppliers to be recompensed for changes in their cost base caused by aggregate cost increases in their supply marketplace only, where this is outside the Supplier’s control. For example, where the supply marketplace is dominated by labour factors, an index linked to an appropriate labour market should be used. Authorities may also like to consider including additional contractual obligations on the Supplier to demonstrate that it has implemented alternative solutions to manage its cost base and deliver efficiencies before indexation will apply e.g. productivity improvements, automation, supply chain review or assessing staffing ratios.

For the initial stages of a contract, the Allowable Assumptions provisions allow for the baseline costs to be set by agreement between the parties, against which future indexation could be calculated. Where there are a variety of cost bases connected with one contract, the indexation provisions can be amended to allow different cost bases to be linked to different indexes.

Figure 3 below illustrates the decision tree to follow in order to determine the charging outcome for a Change in Law.

4.5 Optional Services Changes

Optional Services are provided for under Clauses 5.10 to 5.12 (Optional Services) and should be included in Schedule 2 (Services Description) and Schedule 3 (Performance Levels) and prices set out in Schedule 15 (Charges and Invoicing). In effect, Clauses 5.10 to 5.12 (Optional Services) allow the Authority to request optional services using Schedule 22 (Change Control Procedure) which are additional to the core Services.

Note: Optional Services must have been expressly included in the original Contract Notice, and described and priced in the contract schedules.

Figure 4 below illustrates how the change control process works in general. Note that the Authority can now decide to draft the Change Authorisation Note(s) (rather than the Supplier), and the following update to the Contract.

5. Paying for the Services and Securing Value for Money (VfM)

The following sections within the Model Services Contract and Schedules set out the elements that support this requirement:

Model Services Contract

Section C

• Clause 10 (Financial and Taxation Matters)

Schedules to the Model Services Contract

• Schedule 15 (Charges and Invoicing)
• Schedule 16 (Payments on Termination)
• Schedule 17 (Benchmarking)
• Schedule 18 (Financial Distress)
• Schedule 19 (Financial Reports and Audit Rights)
• Schedule 20 (Anticipated Savings)

5.1 Introduction

Government lets contracts under the laws that govern public contracting, with competitions designed to ensure that best value is obtained at the time the contract is let. This section explains the toolkit of pricing mechanisms that are available for use and supports Government’s drive to ensure that maximum value is extracted from every commercial relationship.

5.2 Pricing

A simplified set of pricing mechanisms is included within Schedule 15 (Charges and Invoicing). These are applicable for all costs incurred, Milestone and Delay Payments and Service Charges. When pricing the new requirement, the Authority should consider which of the following mechanisms is most relevant for the requirement, choosing the most appropriate pricing mechanism linked to the various stages of the contract:

• Time and Materials;
• Fixed or Firm;
• Volume based; or
• Guaranteed Maximum Price with Target Cost (GMPTC).

There are also other potential pricing mechanisms, see the ‘Risk allocation and pricing approaches’ (PDF, 1,020 KB) Guidance Note published with the Sourcing Playbook.

5.2.1 Time and Materials

The Time and Materials (T&M) pricing mechanism is where the Supplier charges for all of the hours of work performed and materials purchased. This pricing mechanism is used where the full scope of the project is not fully understood. T&M should always be linked to milestones for payment. It is best practice to move away from T&M pricing when the project is fully defined or when moving to Operational or Service delivery. It is normally acceptable to be charged different rates for the varying levels of experience of the team being provided, so the Authority must be able to track and manage progress accurately.

The Authority should involve its contract finance team who will be able to provide the correct set of models for Suppliers to use. Material costs are normally agreed as the Supplier’s actual cost plus an agreed fee for the Supplier’s overhead cost associated with supplying the materials i.e. ordering, handling and holding the material in stock.

T&M day rates & capped ADR will be subject to indexation, but maximum T&M (or the T&M cap) will not be (see Schedule 15 (Charges and Invoicing) paragraph 5 of Part C).

5.2.2 Fixed or Firm

This is a price mechanism normally used at the design and development stage of a contract, the Fixed pricing mechanism means that charges will be subject to indexation (a rise in cost in line with the rate of inflation). For contracts of long-term duration Authorities should specify, or request and agree, the elements of the contract that will be subject to indexation during the tendering exercise to ensure transparency from the outset. Indexation should be based on appropriate indices (see Schedule 15 (Charges and Invoicing) Part C paragraph 5) found on the Office for National Statistics website or other reputable sources. Where service charges are calculated and pro-rated depending upon when the service commences within a given month, see Schedule 15 Part A.

Using the ‘Firm’ pricing mechanism means that charges will not be the subject of increase due to indexation. Firm prices should be agreed during the tender process for those specific areas of non-variability from Implementation through to Service Delivery.

5.2.3 Volume Based

The Volume based pricing mechanism is where the price of goods or services varies according to the volume of units purchased. This pricing mechanism is used for calculating service charges against a volume banding structure. For example, where the IT being implemented supports a public service for call handling, it is normal to agree volume bands with a reducing unit cost as the volume increases.

The unit cost is subject to indexation (see Schedule 15 (Charges and Invoicing) paragraph 5 of Part C).

5.2.4 Guaranteed Maximum Price with Target Cost (GMPTC)

The GMPTC pricing mechanism allows the Authority to incentivise the Supplier to remain within the budget, and incentivises the Authority to keep the Supplier’s costs down. This type of pricing mechanism is typically introduced at the design and development phase of the contract, where the desired output is known, but the journey to achievement is not clearly defined. This pricing mechanism allows for sharing of savings between the Supplier and the Authority, where the incurred costs are lower than the target cost for that milestone.

Note: in instances where the incurred costs are greater than the target cost, these overspends are also shared between the Supplier and the Authority.

When pricing the contract, the Authority should ensure that costs for each relevant milestone activity are assessed to ensure they are realistic and accurate. These costs are agreed during the tender phase. The use of Open Book Contract Management drives greater transparency of costs (see Schedule 19 (Financial Reports and Audit Rights) Part A, paragraph 2) by stating at the outset the provisions to be included. It can also be a helpful compliment to indexation.

GMPTC includes the payment of a percentage fee, over and above the standard 100% payable in order to cover areas such as profit and risk. This payment is expressed as a percentage (see the definition within Schedule 15 (Charges and Invoicing)).

GMPTC day costs will be subject to indexation, but target cost, target price & guaranteed maximum price will not be (see Schedule 15 (Charges and Invoicing) paragraph 5 of Part C).

The Guaranteed Maximum Price with Target Costing is described in Figure 7 below.

5.3 Pricing Granularity

Authorities may wish to exercise a partial termination of a service for a number of reasons, such as technology change, business requirement change or to achieve better value for money from a changing market. Granularity in pricing allows visibility of the cost components, including costs such as overhead allocation and stranded costs. Schedule 15 (Charges and Invoicing), Part E, includes the requirement upon Suppliers to break down pricing elements by service line.

The Supplier should provide a pricing model that allows the Authority to see what it can save by terminating services. This would include:

• Transparency of overhead allocation;
• Transparency of stranded costs (e.g. software licences, TUPE); and
• Transparency of costs for individual elements, milestones and phases of delivery.

5.4 Value for Money

Value for money is defined in the Treasury guidance ‘Managing Public Money’ as securing the best mix of quality and effectiveness for the least outlay over the period of use of the goods or services bought.

To achieve value for money, it is important to ensure the best performance of the contract. It is not about minimising price to the detriment of the Supplier as this has the potential to lead to a failed service, which may add much more cost to the Authority. Instead it is about establishing a whole life cost which is fair and reasonable. Value for money and whole life costing includes social value considerations which may be realised through the procurement.

5.5 Supplier Profit

The Model Services Contract includes a Maximum Permitted Profit Margin which limits the profit the Supplier may make over the course of the contract. This is described in Schedule 15 (Charges and Invoicing) in Part D and The Maximum Permitted Profit Margin is defined as the Anticipated Contract Life Profit Margin plus 5%.

Schedule 19 (Financial Reports and Audit Rights) Part B requires the Supplier’s Forecast Profit Margin to be set out in the Contract Inception Report, which is the initial Financial Model provided by the Supplier and the baseline from which the Maximum Profit is calculated. At the end of each contract year, and for any contract amendment, the Supplier is also required to issue an Annual Contract Report. This report will contain the Supplier’s Achieved Profit Margin and Schedule 19 (Financial Reports and Audit Rights) Part B paragraph 2 describes the process for approving or rejecting this report.

Where the Annual Contract Report identifies that the Supplier has exceeded the Maximum Permitted Profit, there is a mechanism for the Supplier to undertake an adjustment to the charges. This will result in a reduction in fees for the following year ensuring that over the life of the Contract the Supplier will not exceed the Maximum Permitted Profit (this is detailed in Schedule 15 (Charges and Invoicing) Part D). Within Schedule 19 (Financial Reports and Audit Rights), the Authority sets out its objectives for Financial Transparency. This includes the need for the Supplier to cooperate with the Authority to understand the payment breakdown, which will include an analysis of the costs, overhead recoveries (where applicable), the resources allocated to provide the service and the agreed profit margin.

Figure 8 below illustrates the process:

5.6 Payment

The payment model, including accompanying milestone payments, should be agreed so as to minimise the cost to the Supplier of financing the project. If this is left unchecked the financing costs are likely to be passed on to the Authority. Where finance charges have been included by the Supplier, the Authority should ensure that the Supplier submits the detail within their Financial Model, for approval when agreeing milestone payments.

Milestone payments should only be made when the Authority is in receipt of something of demonstrable business value and following the successful completion of relevant pre-agreed tests. In this context, ‘business value’ means something that the Authority would be able to gain benefit from in the event of the contract being terminated the day following the milestone. As far as possible, milestone payments should be defined to recognise progress towards the delivery of services.

Any single milestone payment should be, at a maximum, equivalent to the input costs as set out in the Financial Model. The most significant payment milestone is likely to be that associated with the Authority to Proceed – authorisation given by the Authority that the tests demonstrating readiness for service delivery have been successfully completed. There may be a separate Authority to Proceed for each discrete element of service, especially if individually these elements have distinct implementation programmes or provide meaningful service value or capability to the Authority. Further information on the acceptance procedure associated with milestone achievements and payments is available in Section 2 (Building the Services) of this guidance.

5.7 Electronic Invoicing

All central contracting authorities and all sub-central authorities are required to process any electronic invoices compliant to the electronic invoicing standard. Use of the standard is voluntary for Suppliers. Standardisation aims to generate cost savings, reduce environmental impact and improve efficiency.

5.8 Termination Payments for Termination Without Cause

Schedule 16 (Payments on Termination) sets out the standard, robust position on breakage costs for voluntary termination (termination for convenience) of the contract (however this does not cover any partial termination of the Services), namely:

• Payments will be determined using open book and the financial reports;
• The Authority may request an estimate of these costs prior to exercising the Authority’s right to terminate; and
• Where appropriate, costs are capped at the higher of an amount agreed at contract signature or 120% of the Supplier’s pre-termination estimate.

The provisions set out a list of allowable costs within each category

5.9 Financial Modelling and Reporting

The objective of financial modelling is to provide the Authority with full transparency of the costs associated with the required service. Financial modelling commences at the tender stage and continues through to the end of the contract. Inputs to the model are derived from the Supplier’s bid and this sets the baseline for the Contract Inception Report. The Authority and the preferred Supplier will work towards the final iteration on or before the Effective Date of the contract. This initial report will feed the financial report for Business Case approval and becomes the baseline for all further amendments.

Figure 9 below shows the evolution process for the Financial Model.

Schedule 19 (Financial Reports and Audit Rights) Part B paragraph 1.2 describes the requirement for Suppliers to provide Financial Reports using the software package, layout and format of the blank templates issued by the Authority prior to contract signature. The Authority’s finance team will provide an appropriate set for its requirements. It is preferable for the Authority to manage the creation of the reports so that tender returns are consistent and capable of being fairly evaluated. The Authority should also ensure that the model is supported by instructions to complete and an explanation of its workings.

5.10 Cost Transparency

5.10.1 Open Book

Cost transparency throughout the delivery of the contract can be achieved via contract management using the Open Book provisions. The need for open book on the Supplier’s costs is especially important when using the GMPTC pricing mechanism. An Open Book Contract management approach will also provide the necessary detail to facilitate discussions on potential efficiency savings between the Authority and the Supplier to maximise value for money. In supporting the Authority’s aim to be better informed on the build-up of the Supplier’s costs there is a strict requirement for Suppliers to provide a complete and accurate report of their financial and non-financial information. This should be sufficiently clear to enable the Authority to verify the charges paid or payable and the charges forecast to be paid during the life of the contract. A comprehensive definition of Open Book Data can be found within Schedule 19 (Financial Reports and Audit Rights) paragraph 1.

Guidance on the Open Book Contract Management process is available on Gov.uk.

5.10.2 Audit Rights

An audit can be undertaken by or on behalf of the Authority for any reason (Schedule 19 (Financial Reports and Audit Rights) Part C paragraph 1). When assessing the financial health of the project an open book audit enables the Authority to verify the integrity and content of any Financial Report and to verify the project costs.

6. Disputes

The following sections within the Model Services Contract and Schedules set out the elements that support this requirement:

Model Services Contract

Section J

• Clause 43 (Disputes)

Schedules to the Model Services Contract

• Schedule 23 (Disputes Resolution Procedure)

6.1 The Disputes Resolution Procedure

The Dispute Resolution Procedure in Schedule 23 (Dispute Resolution Procedure) is illustrated below. It provides for an escalation of measures to handle a disagreement, including commercial negotiations through a number of executive levels, mediation and then either arbitration or litigation.

The parties are required to first seek to resolve the dispute through commercial negotiations at an executive level. If the dispute cannot be resolved through commercial negotiations, either party can choose to refer the dispute to mediation. Any decision to refer to mediation has to be notified to the other party within 30 working days of serving a Dispute Notice. After mediation, either party may refer the dispute to the courts. In some contracts, it may be more appropriate to refer the dispute to arbitration rather than to the courts. This may be the case if:

• The subject matter is sensitive (arbitration takes place in private);
• The subject matter is complex and would benefit from being heard by an expert in a particular field; or
• The Supplier is located in a different jurisdiction, as it can be easier to enforce arbitration awards overseas.

In all circumstances, Authorities conducting a dispute should seek legal advice. If the dispute involves a Strategic Supplier the Authority should also consult the Crown Representative in the Cabinet Office.

Points to note:

• Legal advice should always be sought before serving a Dispute Notice
• Legal advice should be sought if the Authority receives a Dispute Notice from the Supplier
• If the Authority thinks that there has been a Default, legal advice should be sought to ensure that the Authority preserves all of its contractual rights.
• Remember that correspondence, communications and other documents may have to be disclosed to the other party and this should be borne in mind when dealing with the matter. Legal advice should be sought to ensure that the matter is dealt with in an appropriate way.
• Consideration will need to be given as to whether to refer the dispute to mediation if commercial negotiations are unsuccessful. Appropriate legal advice should be sought beforehand.
• If a quick dispute resolution is necessary, both parties can agree to adopt an Expedited Dispute Timetable. If the parties disagree on the need for an accelerated timetable, the Authority will have full discretion on whether to use the Expedited Dispute Timetable or not. This decision-making approach is intended to reduce delay in case of emergency.
• It may be that, if the services are to be delivered within Scotland, and the Supplier is based in Scotland, that the Authority considers altering the provisions of Schedule 23 paragraph 7 (Arbitration) to allow for arbitration in Scotland. Where this is being contemplated, the Authority should make sure to consult with appropriate legal advisers, including the Cabinet Office legal team.

7. Ending the Contract

The following sections within the Model Services Contract and Schedules set out the elements that support this requirement:

Model Services Contract

Section I

• Clause 31 (Termination Rights)
• Clause 32 (Consequences of Expiry or Termination)

Schedules to the Model Services Contract

• Schedule 25 (Exit Management)
• Schedule 28 (Staff Transfer)

7.1 Introduction

Towards the end of the term of the contract the Authority will typically consider whether to do one, or a combination of, the following:

• Choose a replacement Supplier (re-procurement)
• Bring the provision of the services back in-house
• Cease to require the Services (e.g. due to organisational or political change)
• Continue to source the Services from the incumbent Supplier on the same or renegotiated terms

Note: contract extensions are permitted where the original contract notice has allowed for the extension and with Cabinet Office Controls approval. If a contract extension is required and no provision was made within the original contract notice, the Authority should seek legal advice as to whether the contract can be lawfully modified under the Public Contracts Regulations 2015.

A key objective of any contract should be to ensure that the provision of all or part of the Services moves from the incumbent Supplier either back to the Authority, or to one or more replacement service providers with the minimum disruption possible.

Consideration should also be given to how the exit is to be undertaken when the total requirement has not been satisfied. A range of different events can lead to early termination of part or all of the contract. When designing the Authority exit provisions, the following termination events need to be borne in mind:

• Pre-contract award
• Following a Value for Money review
• Unacceptably poor service or performance
• Breach of a fundamental contract condition such as security, or corrupt practices
• Frustration
• Insolvency
• Change of Requirement
• Change of Contractor’s Core Business
• Expiry of the contract period
• Disaggregation
• Partial Termination

It is essential that an Exit Plan is created within 3 months of the Effective Date. The Exit Plan should be as comprehensive as is reasonably possible at that particular stage of the contract. It should be updated at least annually, or where there has been a material change in the design or delivery of the services by the Supplier (see Schedule 25 (Exit Management) paragraph 5). Where a Financial Distress Event occurs, the Supplier must prepare or update the Exit Plan within 14 days of the Authority’s request. The Exit Plan and its subsequent revisions, should be approved by the Authority and provide for circumstances of Ordinary and Emergency Exit.

Within 20 working days of serving a Termination Notice, or six months prior to the expiry of the contract, or following a Financial Distress Event at the request of the Authority a revision of the Exit Plan must take place. This revision of the Exit Plan must be agreed before it can be implemented (i.e. in the event of actual termination or expiry of the contract). The Supplier must provide the Termination Services (see below) as specified by the Authority in the Termination Assistance Notice.

In addition to an Exit Plan, the Authority should have in place its own exit strategy that documents the ways in which alternative support could be invoked in the event that a contract is terminated early for any reason. It will contain procurement options and set out the safeguards required within a contract to allow an alternative solution to be found if necessary. Typically, it will review and select relevant tools and contract conditions that can be used to ensure continuity of support. The exit strategy should be initiated in parallel with, and be incorporated within, the procurement strategy. It will evolve as the procurement process progresses.

The exit strategy should consider a range of issues including but not limited to the following high-level issues:

• Identifying assets - how will the parties determine what assets are to be transferred on exit (staff may be assets in this scenario)?
• Managing assets - how will assets (whether staff, contracts, physical assets or intangibles such as IPR) be managed during the life of the contract?
• Valuation - how will the parties determine the price to be paid for any assets on exit and the price to be paid for any transitional services?
• Allocation of risk - what exposure each party should accept on the transfer of assets (e.g. through warranties about the condition of assets transferred)?
• Transfer - how will the assets be transferred or otherwise made available to the Authority or the replacement Supplier on exit?
• Support - what extra transitional arrangements does the Authority require to ensure a smooth hand-over?

7.2 Transfer of Assets

There may be a variety of assets that need to be transferred to, or accessed by, the Authority or a replacement Supplier, on exit. These could include: hardware, software, intellectual property, third party supply contracts and licences, other physical items of equipment, Government or similar licences or authorisations and data. It is often difficult to identify these in detail at the time when the contract is being negotiated. The key is to establish a process for identifying the assets at the relevant time, anticipating how they will need to be transferred, any likely constraints on doing so and determining how they are to be valued.

To ensure that this works smoothly in practice, Schedule 25 (Exit Management) requires the Supplier to create and maintain a register of all Assets that are required to deliver the services, including details of their ownership and status as either Exclusive or Non-Exclusive Assets. Additionally, the Supplier must create and maintain a register of all sub-contracts required for the performance of the services. The Authority should review these registers with the Supplier on a regular basis to ensure that they contain all the necessary information.

Schedule 25 (Exit Management) also deals with the right for any sub-contracts or other agreements with third parties to be assigned or novated to the Authority or a replacement Supplier, and the appointment by each party of an Exit Manager. The third party contracts that may be transferred will normally only be those that relate exclusively to the Authority rather than shared contracts.

Once notified of termination, the Supplier cannot vary or cancel any contracts, nor dispose of any of the Assets and must provide up-to-date asset and sub-contract registers. Within 20 working days from receipt of the registers, the Authority must notify the Supplier of the Assets and contracts the Authority requires (defined as Transferring Assets and Transferring Contracts).

The Authority has to purchase the Transferring Assets from the Supplier, except where the cost of them is included in a Termination Payment, or has been paid either in full or in part through the Charges. In practice it will often be the case that the Authority will have paid for the assets through the Milestone Payments and the on-going Charges. Transferring Assets are defined only to include Exclusive Assets. For Non-Exclusive Assets the Authority should not expect to receive title on expiry of the contract. However, it may be appropriate to negotiate a requirement that the Supplier provides interim services using Non-Exclusive Assets until such time as the Authority or an alternative Supplier can replace the functionality provided by the Non-Exclusive Assets.

The Authority should consider whether the Assets will have any significant economic value, either at the expiry of the contract or when they are replaced through a technology refreshment programme. The relevant questions are:

• Is it likely that the equipment will be obsolete by the end of the contract (e.g. IT equipment is likely to be obsolete before it wears out physically)?
• If not, do the assets have any economic value to a party other than the Authority? In most cases IT assets do not have significant residual value and this supports the approach that, in the absence of special circumstances, assets should be fully paid for through the Charges (with the bulk of the cost being paid through Milestone Payments) and then owned by the Authority at the end of the contract.

The Supplier must provide an on-going perpetual licence for both the Authority and the replacement Supplier to use any Assets requested or, if this is not possible, it must procure a suitable alternative. This latter option is more likely to apply for any Non-Exclusive Assets that the Authority requires. The Authority, or the Authority’s replacement Supplier, must bear the costs of procuring the suitable alternative. In some cases, it may be better value to seek new alternatives as part of the re- competition.

7.3 Payment for Retained Deliverables on Early Termination

Where an early termination occurs for a Supplier Termination Event, and one or more Contract Performance Points Milestones have not been achieved, and the Authority wishes to retain deliverables which do not or will not meet their original specification, the Supplier will be required to repay the Authority part of the Milestones Payments which it received. This refund is called the Milestone Adjustment Payment Amount.

Figure 10 below summarises how the Milestone Adjustment Payment Amount is calculated (please note that the clause references in the following figure should be to clause 32, rather than clause 33):

7.4 Supplier Personnel

The Supplier’s staff who perform the services are also an asset and will inherit rights under UK legislation.

Schedule 25 (Exit Management) paragraph 6.7 sets out some general obligations for the Supplier once an Exit Notice has been served. Authorities also need to refer to the more detailed obligations in Schedule 28 (Staff Transfer) which relates to the application of Transfer of Undertakings (Protection of Employment) Regulations 2006 (‘TUPE’) and provide for all of the relevant indemnities or assurances. In general, the Supplier must not do anything (either expressly or implicitly) which dissuades or discourages its employees from transferring their employment and is not allowed, for a period of 12 months, to re-employ or entice back any staff that have transferred.

7.4 Supplier Personnel

The Supplier’s staff who perform the services are also an asset and will inherit rights under UK legislation.

Schedule 25 (Exit Management) paragraph 6.7 sets out some general obligations for the Supplier once an Exit Notice has been served. Authorities also need to refer to the more detailed obligations in Schedule 28 (Staff Transfer) which relates to the application of Transfer of Undertakings (Protection of Employment) Regulations 2006 (‘TUPE’) and provide for all of the relevant indemnities or assurances. In general, the Supplier must not do anything (either expressly or implicitly) which dissuades or discourages its employees from transferring their employment and is not allowed, for a period of 12 months, to re-employ or entice back any staff that have transferred.

7.6 Support for Transition

The Supplier must provide full support for the transition of some or all of the Services to another party or to the Authority. The Supplier will provide resources for a dedicated joint Transition Team comprising operations, legal, HR, financial, service design, technology, facilities, commercial and project management expertise. The Authority will have the right to employ independent assessor(s) of the Supplier’s compliance. The incumbent Supplier will be obligated to cooperate with any new Supplier) to whom the Services may be transferring on termination.

7.7 Termination Services

Schedule 25 (Exit Management) paragraph 6 deals with the Authority notifying the Supplier of which of the Termination Services it requires, when it wants the Termination Services and for how long the Termination Assistance Period will last. The list of Termination Services is set out in Schedule 25 (Exit Management), Annex 1. Version 2.0 of the Model Services Contract introduced some additional Termination Service options. Key Points are as follows:

• The Authority must give notice to the Supplier of its requirements through a Termination Assistance Notice at least four months prior to the date of termination or expiry and not later than one month following a Termination Notice being served by either party.
• The Termination Services cannot continue for longer than 24 months after the Supplier ceases to provide the Services.
• During the Termination Assistance Period, the Supplier must continue to provide the Services where required by the Authority (as well as the Termination Services if requested).
• The Supplier must provide reasonable assistance as requested to allow the orderly transfer of the services and to avoid disruption to service continuity following termination.
• The Supplier’s termination obligations include the return of the Authority’s data and deletion of data from storage and media devices, vacation of its premises, return of copies of Authority Software and other materials containing IPR owned by the Authority.

When determining which, if any, Termination Services may be applicable to the particular Contract, the Authority’s options in Annex 1 of the Exit Management Schedule should be chosen only where they are relevant to the service or solution which is the subject of the Contract.

7.8 Exit Charges & Apportionment

To avoid a dispute, it is essential to be clear about which party pays the costs of exit. Schedule 25 (Exit Management) paragraph 9 makes it clear that Charges are payable to the Supplier for the provision of the Termination Services as set out in the Exit Plan. Unless otherwise agreed, no Charges are payable for the preparation and implementation of the Exit Plan, or for other mutually agreed activities which continue beyond the Termination Assistance Period. Schedule 25 (Exit Management) Paragraph 10 provides for any costs and expenses (e.g. rents, periodic payments) for Transferring Assets to be apportioned between the parties in line with the date that the transfer has taken place. Effectively, the annual cost is divided by 365 and a daily cost used to calculate the amounts due, if any.

7.9 Partial Termination

The Model Services Contract makes it clear at Schedule 25 (Exit Management) that the Supplier must provide Exit Plans and support services in respect of Partial Termination, for default, force majeure or otherwise on agreement by the parties. This capability is essential for facilitating disaggregation.

Note: The Authority cannot force the Supplier to partially terminate the services for convenience, the only way that the Authority can do this is by mutual agreement with the Supplier. The right to partially terminate only exists in respect of Supplier default and force majeure.

There will clearly be commercial consequences to the Authority attempting to partially terminate for convenience which will need to be the subject of commercial discussions between the Parties. There may be an incentive to exit part of a large services contract early in order to access technology or efficiency benefits. This is known as disaggregating the contract. The Authority has no express right to partially terminate the contract at its discretion and so the costs associated with doing so will have to be agreed between the Parties on a case-by-case basis. However, in a situation where the Parties do agree a partial termination of the services the Supplier will be expected to comply with the Exit Plan and Termination Assistance Notice in respect of any agreed Partial Termination.

7.9 Disaggregation

In the last few years, a number of large legacy contracts have come to an end. Departments have, to varying degrees, taken the opportunity to move from large scale integrated service provision to a more disaggregated model of service provision.

This allows departments to take advantage of services which the market has commoditised, making them easier to consume at a lower cost. This is particularly true for technology services, which the public sector has access to through vehicles such as CCS frameworks.

The Model Services Contract seeks to address transition, exit management and disaggregation based upon the lessons learnt in practice with legacy contracts and public sector outsourcing, and detailed in the Sourcing Playbook.

The disaggregation of large, expiring contracts is often undertaken with the primary purpose of securing additional cost savings or increasing value for money. If not managed properly, disaggregation can be onerous, resource-intensive, and time-consuming. In order to minimise any commercial or legal risks, all parties to a contract need to contribute to the formulation of a comprehensive, well-planned, and well-executed set of disaggregation provisions.

Life-cycle (or whole-life) cost evaluations on all appropriate options should be undertaken when a disaggregation strategy is followed. These should include the life-cycle costs for the following:

• A fully integrated service (archetypal monolithic contract);
• A fully integrated service that provides for future disaggregation (including the cost of provisioning for and implementing disaggregation); and
• A fully integrated service, or service element, that is being disaggregated and replaced with a new service.

The Supplier should (on request) agree to consent to and facilitate the novation of some or all of its sub-contracts or agreements to another Supplier or to the Authority on termination or transfer of the services. This applies specifically in the event of disaggregation where a subset of the services may be subject to separate treatment. The Authority should consider asking for a flow-down of non-dedicated licence agreements to the new Supplier.

Annex 1 - Risk, Liabilities and Insurance

The following sections within the Model Services Contract and Schedules set out the elements that support this requirement:

Model Services Contract

Section A

• Clause 3.8 (Wilful Misconduct Indemnity)
• Clause 5.3 (Breaches of Applicable Law Indemnity)

Part B

• Clause 9.7 (Optional Goods-related Indemnities – Recall of Goods; Loss or injury occurring in the course of delivery or installation of Goods)

Section C

• Clause 10.5 (VAT Indemnity)

Section E

• Clause 14.7 (Employment Indemnities) – for Supplier and Authority
• Clause 14.8 (Income Tax and National Insurance Contributions Indemnity)

Section F

• Clause 17 (IPRs Indemnity)
• Clause 21.1 (Data Protection Legislation / Clause 21 provisions Indemnity)

Section G

• Clause 23 (Limitations on Liability)
• Clause 24 (Insurance)

Schedules to the Model Services Contract

• Schedule 6 (Insurance Requirements)
• Schedule 27 (Conduct of Claims)
• Schedule 28 (Staff Transfer) (Staff Transfer Indemnities) – for Supplier and Authority
• Schedule 31 (Processing Personal Data) – Joint Controller Agreement – Clause 7 – liability for data protection breaches

1. Introduction

The optimum allocation of risk and liability between the Authority and the Supplier is fundamental to any procurement and contracting process, so that risks and liabilities are placed where they can be most effectively understood, managed and controlled. Historically, the agreement of these limits can be difficult and time-consuming.

Commercial organisations should only be expected to take on levels of liability that are reasonable and proportionate to the risks and potential financial returns of the contract. Setting liabilities that are disproportionate to the relevant risks and rewards of the contract could lead to unintentional and excessive risk-taking, overly favour bidders with larger balance sheets and eventually reduce value for money. However, even with liability proportionate to the contract returns, the potential claims might cause financial failure for the Supplier.

Using insurance mitigates the issue of claims causing financial failure and provides the Authority certainty that at least the insurable risks have been transferred to, and are covered by, the Supplier’s insurer. The Model Services Contract therefore enforces this risk transfer by stipulating required insurances against claims which may be incurred by the Supplier and prescribing how, during the term of the contract, the insurance policy mechanism will operate.

The Model Services Contract also establishes a standard position on exclusions and limitation of liability which the Authority should use in most circumstances. The following approach to assessment of the risk in the contract can be used to verify the applicability of the standard position, or alternatively to justify if any special circumstances apply.

Note: If special circumstances apply, the Authority should seek legal advice before making changes.

2. Risk in the Contract

There is a template included in this section of the guidance for identifying risks. This template is designed to provoke conversation about the risks specific to the Authority’s requirement.

The populated Risk Identification Template should be used to outline the key risk exposure for the Authority and Supplier.

The Authority may then choose to respond to each risk by:

• Mitigating the risk itself;
• Placing an obligation on the Supplier to mitigate the risk of occurrence (i.e. to comply with certain practices or not do certain things);
• Requiring the Supplier to take out insurance to cover a specific type of risk so as to transfer the cost of the occurrence of a risk to an insurer. This provides the Authority some assurance that the Supplier will be able to afford to compensate or continue operating in the event that a risk occurs;
• Requiring that the Supplier indemnify the Authority for the occurrence of the risk. These means that the party will hold it harmless against any costs that arise as a result of the occurrence of the risk, regardless of whether they caused it.
• Taking on part of the risk by indicating in the contract that it is the Authority’s responsibility rather than the Supplier’s responsibility to ensure that the liability for a particular risk, or part of the risk, does not materialise, and by excluding or capping the liability of the Supplier.

There is other guidance available from HM Treasury in the “Orange Book” and in the “Management of Risk in Government” document which describes various techniques for calculating the potential impact of the identified risks. These are based on separating out the likelihood of a risk event crystallising and the impact given the risk event has occurred. A record of identified risks should be kept and the record revisited and refreshed on a periodic basis. There is also guidance on risk in the Sourcing Playbook and the ‘Risk Allocation and Pricing Approaches’ (PDF, 1,020 KB) guidance note.

Authorities are advised to adopt a structured approach to the assessment of the risks in the contract early in the procurement lifecycle, so that both parties are clear as to the risks each is being required to bear. An initial risk identification (using the Risk Identification Template) followed by an assessment of the identified risks should be completed before the procurement process starts. A structured approach such as the following is recommended:

• Risk Identification. Firstly, Authorities need to identify the key risks that could impact delivery of the Services or impact users of the Services (particularly where these users are the public). Risks within the broader supply chain should be included. Similarly risks associated with service transfer on termination or partial termination should be considered. It is important to identify the potential timing of each risk in relation to the delivery of the contracted services, as the impact of the risk materialising may differ across the term of the contract.
• Risk Assessment. The identified risks should then be assessed to determine the maximum possible impact on the party carrying the risk, and the probability of each risk materialising. A widely-used methodology is project or programme risk assessment which can form the basis for the contract risk assessment exercise. This work should result in a financial expression of the probability-weighted impact of each risk. For smaller projects a reasonable commercial assessment should be made.
• Risk Allocation. Next, each risk should be considered to determine which party carries the risk during the performance of the contract (and afterwards where applicable). It is clear that some risks cannot be carried by commercial companies when contracting with public bodies; and equally some risks are more manageably carried by commercial entities. Where Suppliers are third sector bodies (e.g. voluntary, charity, community groups, social enterprises), the Authority must recognise the greater limitations such Suppliers are bound by in assuming commercial risk. It may be that some risks are shared between the parties, and this may be necessary for those aspects of the contract which are dependent on facts unknown or indeterminable at the outset of the contract, in which situation it would be inappropriate for either party to carry all the risk.
• Insured risk. Some of the risks identified may be covered by commercially available insurances which the Supplier or Authority already hold, or should acquire for the purposes of the contract. The treatment of insurance is covered in the provisions found in Schedule 6 (Insurance Requirements).
• Specific liability limits. Having established what identifiable risks may materialise in the course of the contract, and arrived at a financial scale of such occurrence, limits of liability should be set for each risk, whether or not covered by insurance. The limit for each risk should be arrived at through some rationale and explicable relationship to the assessed risk level. For example, if a particular risk event can occur in year 1 and year 3 of the contract Term, then it may be logical to set the limit of liability for that risk at twice the assessed impact level.
• Residual liability limits. Once the main risks in the contract have been dealt with using these steps, then any residual risk, comprising of lesser or undefinable areas of risk, can be considered. It may then be appropriate to establish a limit of liability for these residual risks. The aggregate liability limits established by undertaking the risk assessment exercise should be compared to the standard liability position summarised in Table 5 below. Significant variance may be considered justification to depart from the standard but legal advice should be taken in such cases.

The acquired information should then be used to inform the Authority’s tender documentation. A review of the identified risks and the assessment should be carried out periodically as the process evolves, new information emerges and circumstances change. In conducting the above exercise during the pre-procurement, procurement and contract formation stages, it is important to keep in mind the following principles, based on good commercial practice:

• Recognition that ultimately all service risk resides with the Authority, and where the services are being provided under a statutory or regulatory duty, the Authority’s responsibilities must be given due weight;
• Risk reduction is more effective than risk transfer - the parties should give risk reduction priority over transfer of risk;
• Risk should be allocated to the party best able to manage it;
• Management or mitigation of risk is rarely possible within the bounds of the contractual levers alone, and both parties may have to reach into their wider organisations or supply chains for effective risk management

Material and identifiable risks which cannot be addressed through the above process or which cannot be covered economically through required insurances may then become contingent liabilities. The Authority will deal with these according to the rules set by HM Treasury, while normally constituted commercial suppliers will treat contingent liabilities in accordance with the relevant accounting standards. See also, the documents published by UKGI, and HMT, in respect of contingent liabilities.

3. Risk Identification Template

Risk category	Risk	Loss Size Day-to-day or “attritional” losses Relatively small but common losses	Loss Size Less common losses Larger impact losses which may only occur every few years and where it would be unusual to see a higher amount	Loss Size Once in a lifetime losses The largest loss you would expect to see over a lifetime, potentially with devastating consequences	Loss Size Applicable Insurance Product
Bodily Injury	Injury to staff	Indicative scenario: Response:	Indicative scenario: Response:	Indicative scenario: Likely costs range: Response:	Employers Liability Insurance To indemnify the insured for all sums the insured shall become legally liable to pay as damages including claimants’ costs and expenses in respect of accidental death or bodily injury to or sickness or disease contracted by any employee of the insured happening during the period of insurance arising out of or in the course of their employment. Limit of indemnity [£XXX] in respect of any one occurrence the number of occurrences being unlimited in any annual policy period.
Bodily Injury	<Injury to third parties (non-motor)	Indicative scenario: Response:	Indicative scenario: Response:	Indicative scenario: Response:	Third Party Public & Products Liability Insurance To indemnify the insured for all sums the insured shall become legally liable to pay as damages including claimants costs and expenses in respect of accidental death or bodily injury to or sickness or disease contracted by any person (other than employees of the insured) and/or loss of or damage to third party property happening during the period of insurance. Limit of indemnity [£XXX] in respect of any one occurrence the number of occurrences being unlimited in any annual period of insurance but [£XXX] in respect of any one occurrence and in the aggregate per annum in respect of liability arising out of products liability or pollution liability (to the extent insured by the relevant party).
Bodily Injury	Injury to third parties (motor)	Indicative scenario: Response:	Indicative scenario: Response:	Indicative scenario: Response:	Motor Vehicle Third Party Liability Insurance To indemnify the insured for all sums the insured shall become legally liable to pay as damages including claimants costs and expenses happening during the period of insurance in respect of accidental death or bodily injury to or sickness or disease and/or damage to third party property arising out of the use of mechanically propelled vehicles. Limit of indemnity unlimited in respect of death/bodily injury and [£XXX] in respect of any one occurrence of third party property damage the number of occurrences being unlimited in any annual policy period.
Property Damage	Damage to own property	Indicative scenario: Response:	Indicative scenario: Response:	Indicative scenario: Response:	Property Damage “All Risks” Insurance First party insurance perils (being “All Risks” from any cause not excluded) of physical loss, damage or destruction to the insured property (being Authority physical property). The sum insured to represent the reinstatement or replacement cost of the relevant insured property. Contractors “All Risks” Insurance First party insurance perils (being “All Risks” from any cause not excluded) of physical loss, damage or destruction to the insured property (being the works, materials, plant and equipment). The sum insured to represent the reinstatement or replacement cost of the relevant insured property. Goods in Transit Insurance First party insurance perils (being “All Risks” from any cause not excluded) of physical loss, damage or destruction to the insured property whilst in transit. The sum insured to represent the reinstatement or replacement cost of the relevant insured property.
Property Damage	Damage to third party property	Indicative scenario: Response:	Indicative scenario: Response:	Indicative scenario: Response:	Third Party Public & Products Liability Insurance To indemnify the insured for all sums the insured shall become legally liable to pay as damages including claimants costs and expenses in respect of accidental death or bodily injury to or sickness or disease contracted by any person (other than employees of the insured) and/or loss of or damage to third party property happening during the period of insurance. Limit of indemnity [£XXX] in respect of any one occurrence the number of occurrences being unlimited in any annual period of insurance but [£XXX] in respect of any one occurrence and in the aggregate per annum in respect of liability arising out of products liability or pollution liability (to the extent insured by the relevant party).
Other Liability	Professional negligence	Indicative scenario: Response:	Indicative scenario: Response:	Indicative scenario: Response:	Professional Indemnity Insurance To indemnify the insured for all sums which the insured shall become legally liable to pay (including claimants costs and expenses) as a result of claims first made against the insured during the period of insurance by reason of a negligent act, error and omission arising out of or in connection with the provision of professional services/advice in connection with the contract. Limit of indemnity [£XXX] in respect of any one claim and in the annual aggregate. [NB: Other limit of indemnity structures may be available (e.g. Limit of indemnity [£XXX] in respect of any one claim without limit to the number of claims in any annual policy period, but [(£XX)] any one claim and in the aggregate per annum for liability arising out of pollution or contamination (to the extent insured by the relevant party)).]
Other Liability	Business interruption	Indicative scenario: Response:	Indicative scenario: Response:	Indicative scenario: Response:	Business Interruption Insurance or Delay in Start Up Insurance To be determined depending on the type and/or scope of insurable risk transfer being sought.
Other Liability	Environmental pollution	Indicative scenario: Response:	Indicative scenario: Response:	Indicative scenario: Response:	Environmental Impairment Liability Insurance or Contractors Pollution Liability Insurance To be determined depending on the type and/or scope of insurable risk transfer being sought.
Other Liability	Cyber liability	Indicative scenario: Response:	Indicative scenario: Response:	Indicative scenario: Response:	Cyber Liability Insurance To be determined depending on the type and/or scope of insurable risk transfer being sought.
Other Liability	Product liability	Indicative scenario: Response:	Indicative scenario: Response:	Indicative scenario: Response:	Third Party Public & Products Liability Insurance To indemnify the insured for all sums the insured shall become legally liable to pay as damages including claimants costs and expenses in respect of accidental death or bodily injury to or sickness or disease contracted by any person (other than employees of the insured) and/or loss of or damage to third party property happening during the period of insurance. Limit of indemnity [£XXX] in respect of any one occurrence the number of occurrences being unlimited in any annual period of insurance but [£XXX] in respect of any one occurrence and in the aggregate per annum in respect of liability arising out of products liability or pollution liability (to the extent insured by the relevant party).
Bespoke project risks	Bespoke risk 1	Indicative scenario: Response:	Indicative scenario: Response:	Indicative scenario: Response:	Additional Applicable Insurance Products to be determined depending on the type and / or scope on insurance risk transfer being sought. Examples include, but are not limited to: Marine Insurances Aviation Insurances Rail Insurances Credit/Surety/Bonds Insurance Keyman Insurance

4. Liabilities Provisions

The Model Services Contract establishes a standard position on exclusions and limitation of liability which the Authority should use in most circumstances. If special circumstances apply, the Authority should seek legal advice before making changes.

4.1 Unlimited Liability

There is a clear policy detailed in the Sourcing Playbook that suppliers should not be expected to take on unlimited liabilities other than the small number of incidences where this would not be lawful or where a commercial cross-government policy has been agreed. This is because it can be disproportionate, and can have the effect of deterring bidders, raising prices due to the inclusion of large risk premiums and it runs contrary to government policy on growth and supporting business.

The general principle in the Model Services Contract is that unlimited liability is not permitted, subject to some exceptions below.

Clause 23.1 (Unlimited Liability) sets out the circumstances in which the parties are not able to limit their liability by law. These are:

• death or personal injury caused by a party’s negligence, or that of its employees, agents or Sub-contractors (as applicable);
• fraud or fraudulent misrepresentation by it or its employees;
• breach of any obligation as to title implied by section 12 of the Sale of Goods Act 1979 or section 2 of the Supply of Goods and Services Act 1982 (i.e. the seller must have full title to the goods which should be sold free of encumbrance); and
• any liability to the extent it cannot be limited or excluded by Law

A commercial cross-government policy has been agreed in respect of the following exceptions, and the Model Services Contract includes the following unlimited liabilities. These are:

• VAT, income tax and national insurance payable by the Supplier;
• Supplier employee claims against the Authority;
• Third party intellectual property right claims against the Authority; and
• TUPE transfer liabilities.

There are two reasons behind each of these policy and commercial exceptions. The first is about who controls the risks, in these exceptions, the Supplier is wholly in control of managing the risk and the authority has no control of that risk. The second is about being able to identify a reasonable cap. As the Authority has no control of the risk, in most of these cases, it would be an impossible task for the Authority to estimate what a reasonable cap is at the start or even during the contract.

It should be noted that the Authority also takes on reciprocal unlimited liabilities in respect of:

• Authority employee claims against the Supplier; and
• TUPE transfer liabilities.

4.2 Limits to Liability

The maximum financial limit on liability is known as a liability cap. These caps are often used to put a ceiling on the maximum financial amount that can be claimed for certain types of liability (e.g. property damage), or general caps for any type of liability under the contract.

Clauses 23.4 to 23.6 (Financial and Other Limits) cover the caps described below. The Model Services Contract uses a hybrid approach, incorporating different types of the following caps depending on the loss.

4.2.1 Caps based on a specific value

This will be most appropriate for a contract where a certain static risk position is known throughout the Term. For example:

“The Party’s maximum liability shall be of £2 million”

4.2.2 Caps linked to a percentage of contract value

A static figure may be inappropriate where the liability risk is likely to increase if the number of orders under the contract increases over the life of the contract. This is when a cap linked to a percentage of the contract value might be used. For example:

“The Party’s maximum liability shall be of 100% of the amounts payable during the Term”

4.2.3 Caps linked to a percentage of amounts paid

This is preferred where a contract value is not fixed for each year. For example:

“The Party’s maximum liability shall be no greater than the amount paid under the contract in the previous 12 months”

4.2.4 Minimum Caps

This might be used when in the early stages of the delivery, charges have not yet been paid and may be combined with another type of cap which begins after the first year. For example:

“The Party’s maximum liability shall be the greater of:

£2 million; and the amount paid under the contract in the previous 12 months” (emphasis added)

4.2 5 Caps linked to a time period or phase of the contract

This might be used when the risk position in a contract changes over the life of the contract. As such it is possible to assign different liability caps for different contract periods. For example:

“The aggregate cap in the first contract year following shall be £5 million, and shall be £1 million in each remaining year during the Term”

4.2.6 Caps linked to an estimate of yearly charges in the first Contract Year

This might be used if there is no actual figure for the first contract year for a liability to be based on and an estimate is used instead. For example:

“The Party’s maximum liability for claims made in the first contract year shall be the estimated yearly charges”

4.2.7 Caps for claims made after termination of the agreement.

A legal claim may be made after the expiry or termination of a contract for events that happened during the Term of the contract. If caps are calculated and reference when the claim is made you may wish to consider what caps to set in the years after termination or expiry. For example:

“The Party’s maximum liability for claims made after the expiry or termination of this agreement shall be the estimated amounts paid or payable in the 12 months prior to termination or expiry”

4.2.8 Aggregate caps in a specified period.

Caps can be linked to a maximum amount in a period of time (generally a year) in order to align with typical insurance policy terms. For example:

“The aggregate liability of the party in each contract year shall be £2 million”

4.2.9 Caps linked to each incident

The opposite of a cap based on an aggregate cap is one that is set by a claim or in some cases series of connected claims. This means that the liability refreshes after a claim has been made and the actual maximum liability will be ‘capped’ as a multiple of the occurring claims and the per claim cap. However, there is an argument that this means there is no maximum cap at all and could be considered “unlimited”. For example:

“The Party’s maximum liability shall be the maximum of £2 million in any claim”

4.3 Exclusions

There are some liabilities that a party will not wish to take on under any circumstances, these are known as “excluded liabilities”. Typically, these are excluded when a party has less capacity to understand or control the risk or its consequences. Clause 23.7 (Consequential Losses) deals with general exclusions for indirect, special or consequential loss and certain specified types of loss, usually seen as consequential losses that the Authority may recover.

Deductions (e.g. Service Credits, Delay Deductions) are excluded from the calculation of the limits applicable to the Supplier’s liability. This means the Supplier cannot claim a reduced financial limit because it has paid or is due to pay Deductions under the contract.

Note: All parties are required to use reasonable endeavours to mitigate their losses against any liability claim.

Table 6 below sets out the Supplier’s liability caps in the Model Services Contract. This does not include unlimited liabilities, unless otherwise stated (see paragraph 4.1, above, for these).

Event/Indemnity/Compensation	Period	Year
Loss of / damage to the Authority Premises or other property or assets of the Authority (excluding any loss or damage to the Authority’s Data or any other data) caused by Supplier Default	Per Contract Year	(£10m)
Loss or damage to Authority Data caused by Supplier Default or Losses incurred by the Authority due to breach by the Supplier of Data Protection Legislation or the ‘Protection of Personal Data’ clauses	Per Contract Year	(insert appropriate number in the suggested range of £10m - £20m). Choice of figure should be in accordance with the sensitivity and volume of data concerned, as well as the likelihood and extent of any potential breach. The range given is a suggestion only and depending on the individual circumstances of the contract, a cap outside of this range may be appropriate. This liability cap applies to the Supplier’s liability to the Authority under the contract only – it does not act as a cap on any data protection liability that a Supplier may incur to any third party (e.g. Supplier being fined by the Information Commissioner). But if a Supplier default leads to the Authority breaching data protection legislation, the amount which an Authority will be able to recover from the Supplier will be subject to this liability cap. See also paragraph 4.4 below.
Service Credits and Compensation for Unacceptable KPI Failure (in aggregate)	Per rolling 12 month period	Service Credit Cap (a pre-agreed percentage of the estimated or actual Service Charges)
Supplier Defaults occurring in the first Contract Year, including: Costs resulting from any breach by the Supplier of any applicable Law relating to the contract; (optional) costs of any Recall of the Goods and give notice of actual or anticipated action about the Recall of the Goods; and (optional) losses, charges, costs or expenses which arise as a result of or in connection with any Loss or injury (whether fatal or otherwise)* occurring in the course of Delivery or installation *note however, that death or personal injury caused by a party’s negligence, or that of its employees, agents or Sub-contractors (as applicable) cannot be limited (see paragraph 4.1 above).	First Contract Year	150% of the Estimated Year 1 Charges (calculated before Deductions are considered) – unless the Authority Losses are incurred as a result of the Supplier’s abandonment of the contract or the Supplier’s wilful default, wilful breach of a fundamental term of the contract or wilful repudiatory breach of the Contract, in which case, it is 200%
Supplier Defaults occurring during any subsequent Contract Year, including: Costs resulting from any breach by the Supplier of any applicable Law relating to the contract; (optional) costs of any Recall of the Goods and give notice of actual or anticipated action about the Recall of the Goods; and (optional) losses, charges, costs or expenses which arise as a result of or in connection with any Loss or injury (whether fatal or otherwise)* occurring in the course of Delivery or installation *note however, that death or personal injury caused by a party’s negligence, or that of its employees, agents or Sub-contractors (as applicable) cannot be limited (see paragraph 4.1 above).	Per Contract Year	150% of the preceding year’s Charges (calculated before Deductions are considered) - unless the Authority Losses are incurred as a result of the Supplier’s abandonment of the contract or the Supplier’s wilful default, wilful breach of a fundamental term of the contract or wilful repudiatory breach of the Contract, in which case, it is 200%
Supplier Defaults occurring after the end of the contract Term, including: Costs resulting from any breach by the Supplier of any applicable Law relating to the contract; (optional) costs of any Recall of the Goods and give notice of actual or anticipated action about the Recall of the Goods; and (optional) losses, charges, costs or expenses which arise as a result of or in connection with any Loss or injury (whether fatal or otherwise)* occurring in the course of Delivery or installation *note however, that death or personal injury caused by a party’s negligence, or that of its employees, agents or Sub-contractors (as applicable) cannot be limited (see paragraph 4.1 above).	Any time after the end of the contract	150% of the Charges (calculated before Deductions are considered) for the 12 month period just prior to the end of the Term - unless the Authority Losses are incurred as a result of the Supplier’s abandonment of the contract or the Supplier’s wilful default, wilful breach of a fundamental term of the contract or wilful repudiatory breach of the Contract, in which case, it is 200%
Supplier / Subcontractor/ Supplier Personnel wilful misconduct that impacts the contract	First Contract Year / Per Contract Year / Any time after the end of the contract	200% of the Estimated Year 1 Charges (calculated before Deductions are considered) / 200% of the preceding year’s Charges (calculated before Deductions are considered) / 200% of the Charges (calculated before Deductions are considered) for the 12 month period just prior to the end of the Term.
Joint Controller liabilities [optional – applies if you are Joint Controllers and enter into the Joint Controller Agreement (Annex 1, Schedule 31)]: a) Joint Controller Agreement – Financial Penalties from the ICO – where in the view of the ICO, the Supplier is responsible for a Data Loss Event - payment by the Supplier to the ICO; b) Joint Controller Agreement – Financial Penalties from the ICO – where no view as to responsibility is expressed by the ICO - the Authority and the Supplier shall allocate responsibility for any Financial Penalties, or by agreement to split any Financial Penalties equally if no responsibility for the Personal Data Breach can be apportioned. c) Joint Controller Agreement – Court-ordered costs as result of a legal claim brought before a court of competent jurisdiction by a third party in respect of a Data Loss Event – where in the final decision of the court, the Supplier is held responsible for all or part of the Data Loss Event. Where both Parties are liable, the liability will be apportioned between the Parties in accordance with the decision of the Court. d) Joint Controller Agreement - losses, cost claims or expenses incurred by either Party as a result of a Data Loss Event – where the Supplier is responsible. e) Joint Controller Agreement - losses, cost claims or expenses incurred by either Party as a result of a Data Loss Event – where responsibility is unclear.	N/A	a) Amount ordered by the ICO [Note, this is not capped or limited by the contract, but is effectively capped by the ICO limits on financial penalties. It is not subject to the [£10m - £20m] cap mentioned above]; b) Amount agreed with Authority [Note, this is not capped or limited by the contract, but is effectively capped by the ICO limits on financial penalties. It is not subject to the [£10m - £20m] cap mentioned above]; c) Amount apportioned by the Court (unless otherwise agreed by the Parties) [Note, this is not capped or limited by the contract as it relates to a liability arising from a third party. It is not subject to the [£10m - £20m] cap mentioned above. d) Amount of those losses where the Authority is claiming against the Supplier, then it is subject to[£10m - £20m] cap mentioned above. e) Half of those losses (equal responsibility with Authority) where the Authority is claiming against the Supplier, then it is subject to the [£10m - £20m] cap mentioned above. Note: These liability limits relate to losses incurred by either Party, and any separate liability arising directly from a third party would not be capped by the contract, as this would fall outside the contract.

Table 7 below sets out the Authority’s capped liabilities. This does not include unlimited liabilities, unless otherwise stated (see paragraph 4.1, above, for these).

Event/Indemnity/Compensation	Period	Limit
Payment for early Termination – Breakage Costs Payment	N/A	Lower of: 1. 120% of the Breakage Cost element in the Termination Estimate provided by the Supplier; and 2. an absolute limit pre-agreed prior to contract signature
Payment for early Termination – Unrecovered Payment	N/A	Lowest of: 1. 120% of the Unrecovered Payment element in the Termination Estimate provided by the Supplier; 2. an absolute limit pre- agreed prior to contract signature; and 3. the Charges payable by the Authority if the contract was not terminated early
Payment for early Termination – Compensation Payment	N/A	Lower of: - 120% of the Compensation Payment element in the Termination Estimate provided by the Supplier; and - an absolute limit pre-agreed prior to contract signature
Authority Defaults occurring in the first Contract Year	First Contract Year	Estimated Year 1 Charges
Authority Defaults occurring during any subsequent Contract Year	Per Contract Year	Preceding year’s Charges
Authority Defaults occurring after the end of the contract Term	Any time after the expiry of the contract Term	The Charges for the 12 month period just prior to the end of the Term
Joint Controller liabilities [optional – applies if you are Joint Controllers and enter into the Joint Controller Agreement (Annex 1, Schedule 31)]: a) Joint Controller Agreement – Financial Penalties from the ICO – where in the view of the ICO, the Authority is responsible for a Data Loss Event - payment by the Authority to the ICO; b) Joint Controller Agreement – Financial Penalties from the ICO – where no view as to responsibility is expressed by the ICO - the Authority and the Supplier shall allocate responsibility for any Financial Penalties, or by agreement to split any Financial Penalties equally if no responsibility for the Personal Data Breach can be apportioned. c) Joint Controller Agreement – Court-ordered costs as result of a legal claim brought before a court of competent jurisdiction by a third party in respect of a Data Loss Event – where in the final decision of the court, the Authority is held responsible for all or part of the Data Loss Event. Where both Parties are liable, the liability will be apportioned between the Parties in accordance with the decision of the Court. d) Joint Controller Agreement - losses, cost claims or expenses incurred by either Party as a result of a Data Loss Event – where the Authority is responsible. e) Joint Controller Agreement - losses, cost claims or expenses incurred by either Party as a result of a Data Loss Event – where responsibility is unclear.	N/A	a) Amount ordered by the ICO [Note, this is not capped or limited by the contract, but is effectively capped by the ICO limits on financial penalties. It is not subject to caps mentioned above]; b) Amount agreed with Supplier [Note, this is not capped or limited by the contract, but is effectively capped by the ICO limits on financial penalties. It is not subject to caps mentioned above]; c) Amount apportioned by the Court (unless otherwise agreed by the Parties) [Note, this is not capped or limited by the contract as it relates to a liability arising from a third party. It is not subject to the caps mentioned above. d) Amount of those losses where the Supplier is claiming against the Authority, then it is subject to the Authority Default caps listed above. e) Half of those losses (equal responsibility with Supplier) where the Supplier is claiming against the Authority, then it is subject to the Authority Default caps listed above. Note: These liability limits relate to losses incurred by either Party, and any separate liability arising directly from a third party would not be capped by the contract, as this would fall outside the contract.

4.4 Data Protection Liability Cap

When determining where within the range of £10-20 million the Data Protection Liability Cap should be set, Buyers should consider all of the circumstances of the particular contract which may, among other things, include:

• The volume of data to be processed under the contract;
• The sensitivity of the data to be processed;
• Any additional protective measures which are required to be put in place;
• Any risks that have been identified in relation to the processing;
• Will the processing have a material impact on the individual if something goes wrong?
• Where is the personal data held?
• Are single or multiple data sets held by the processor?
• Are multiple processors involved in the processing?
• What is the impact if the personal data becomes inaccurate, is not kept up to date or is disclosed to an unauthorised person?
• What is the impact if the processor breaches the contract or data protection law, or fails to comply with your instructions?
• Is the processor reliable?
• What reputation does the Supplier have in the market?
• Where is the Supplier based?
• What is the Supplier’s proximity to individuals?
• What financial resources does the Supplier have and are they financially solvent?

The relationship between the parties should also be considered, for example, are there joint controllers, or independent controllers, or is one party the Controller and the other Processor? If the parties are joint controllers, then Paragraph 7.1 of the Joint Controller Agreement in Schedule 31 (Processing Personal Data) sets out how liability for fines will be apportioned. This may be taken into account in setting the Data Protection Liability Cap.

5. Insurance

The level of insurance protection is an important feature. If the levels of insurance are set too high relative to the potential risk, this may import unnecessary cost. However, if the insurance levels are set too low the Authority could be in danger of not adequately transferring insurable risk to the Supplier. If, for example, the Supplier does not have the necessary financial strength to manage claims, the levels of the required insurance will need to be reviewed by the Authority in light of these circumstances.

Insurable risks will arise out of the Supplier’s legal duties as an employer and as a provider of services or goods. By specifying the required insurances for the desired insurable risks the Authority achieves:

• Protection of the Authority’s separate interests;
• A higher level of confidence in the continuity of service by the Supplier;
• Clear Supplier responsibility for premiums and excesses or deductibles
• Assurance that the appropriate scope and level of insurance is held, maintained and controlled correctly by the Supplier; and
• Assurance that relevant insurance proceeds will be available to cover resultant losses or claims.

The scope and level of required insurances is to be set out by the Authority in Schedule 6 (Insurance Requirements) in Annex 1. These must balance any current policy guidance, prevailing insurance market conditions and reflect the type and degree of risk transfer sought by the Authority to get best value for money.

To ensure a viable required insurances regime for any requirement, the Authority must undertake an insurance review in the procurement phase (supported by a professional insurance adviser as necessary) as part of defining its service needs. The review should require the Supplier to take out and maintain or procure the maintenance of specified insurances as a means of managing particular risks in connection with the Authority requirement in question.

The Authority’s insurance review should incorporate the following:

• Insurable risk identification or appraisal to determine the types of required insurances needed and their scope relative to the Authority requirement;
• Setting of appropriate levels of each required insurance relative to an assessment of potential frequency and severity of relevant losses and claims;
• Availability of each proposed required insurance in prevailing insurance market conditions; and
• Authority insured party status in connection with each required insurance relative to the Authority’s separate insurable interest.

Schedule 6 (Insurance Requirements) Annex 1 will need to contain relevant insurance provisions drafting where the insurance market does not provide a single proposition (e.g. limits of indemnity structures, policy wording forms, territorial limits).

The cost of commercial insurance can vary considerably depending on the availability of cover and competitiveness of a particular insurance market. Bespoke products can be created to cover specific risks but are likely to be more expensive.

Consideration will also need to be given to the time period of insurance and when the relevant insurable risk commences and ceases (including appropriate run off cover periods for insurances such as professional indemnity insurance provided by the insurance market on claims made policy wordings).

The optimum position is for the required insurance levels to be agreed commensurate with the potential losses that could occur in relation to the relevant insured risk. To work this out, the Authority will need use the information on risk identification and assessment in order to assess the potential frequency and severity of any loss that could be caused by a Supplier for which it would be liable under the contract. Analysis (supported by a professional insurance adviser as necessary) should take into account the potential that a Supplier‘s actions may cause:

• Death or bodily injury;
• Loss, damage or destruction to physical property; or
• Pecuniary or financial loss.

This analysis should also include an assessment of the probability of the risk materialising.

In addition to external insurance, the Authority can also consider self-indemnifying. Self-indemnities benefit from the government’s financial robustness and ability to raise funds, but might lead to ‘moral hazard’ if the Supplier is not financially incentivised to manage risk.

6. Indemnity & Liability Interface

Indemnity means the compensation to be paid by one party to another. By agreeing with the Supplier the levels of required insurances, the Authority can be assured that a good proportion of the identified risks (and therefore the associated liability) are covered by insurance. The Supplier can then decide whether the remaining risks (and associated liability) should also be covered by insurance or whether that risk can be tolerated within its organisation, as in the Supplier needs to have the financial means to cover the indemnity if it chooses not to insure the risk.

In respect of insurable risks, there are two circumstances in which the Supplier may attempt changes to the insurance limit of indemnity for those specific risks. In these circumstances the Authority needs to consider value for money and affordability as against the allocation of risk between the Authority and the Supplier, and insurance cover levels:

• Scope reduction: A Supplier may seek to limit its liability for an insurable risk in the contract to match the scope of the cover provided by a required insurance. In this case the Authority needs to ensure the required insurance policy scope and insurance provisions drafting does accurately reflect the risk allocation between parties.
• Value reduction: A Supplier may seek to adjust the insurance limit of indemnity for an insurable risk in the contract. In this case the Authority needs to ensure that any basis of settlement, whether sum insured or limit of indemnity, is adequate to cover relevant losses, so as not to expose the Authority to unacceptable risk above the contract insured limits, as well as being adequate to cover the relevant risks throughout the term

7. Insurance Deductibles and Excesses

Insurance policies will contain deductibles and excesses where the Supplier pays the first amount of any claim before the insurer pays the remainder. The Model Services Contract makes sure that Supplier must remain liable for deductible related losses and shall not be able to recover any such deductible payments (see Schedule 6 (Insurance Requirements) paragraph 7.4). Suppliers may have appropriate levels of financial tolerance (i.e. balance sheet strength) that would allow some prudent self-funding of part of the insurance risk. In Schedule 6 (Insurance Requirements) at Annex 1 the Authority only defines a maximum deductible threshold, rather than specifying the actual deductible amount, leaving the Supplier to propose relevant maximum deductible thresholds that match their own risk tolerances and financial reserves.

The Authority should be confident that the financial strength of the Supplier is sufficient to deal with the payment of any policy deductibles. Similarly, it should be comfortable with the financial strength and reputation of any proposed insurer, which will need to be able to pay any claims that arise.

Note: The adequacy of the insurance solution and maximum deductible threshold proposed by the Supplier will need to be assessed during the Supplier selection process (supported by a professional insurance adviser as necessary).

8. Negotiation Issues for Insurance

Unlimited indemnity cannot be insured for. However, the Model Services Contract only requires this in very limited circumstances where it is absolutely necessary to protect the Authority. For example, this is seen in the Model Services Contract at Clause 17 (IPRs Indemnity) for third party IPR claims where it is impossible to estimate the potential resultant costs.

Self-insurance is undertaken as standard by some Suppliers and should be considered by the Authority. Sometimes properly-sized self-insurance can improve the overall value-for-money of the contract. The Authority should consider carefully the risk attached to a self-insurance arrangement and take a decision based on the circumstances. For example, the Supplier’s financial robustness in relation to the size and probability of risk and the need for continuity of service in case of a major incident. Self-insurance requires significant financial strength and such a requirement could limit the number of prospective bidders.

Variations to limits of liability includes situations when Suppliers want to limit their liability to the contract value or Authorities want to raise the limits or insist on unlimited liability. Extensive variations to limits of liability are usually not optimal. For example, unlimited liability is disproportionate and can have the effect of deterring bidders and raising prices due to the inclusion of large risk premiums. It is unreasonable to argue for unlimited liability for general default, and runs contrary to government policy on growth and supporting business.

9. Monitoring Supplier Insurances & Claims

For the duration of the contract the Authority should ensure that insurance has been placed in accordance with the requirements and should inspect the insurance documentation or evidence of coverage provided by the Supplier. It will remain an ongoing obligation for the Supplier to provide evidence of renewal of policies as well. The Authority should carry out appropriate insurance reviews with the Supplier before the relevant renewal date in each case. Evidence can include insurance certificates, policy documents, endorsements and cover notes.

Schedule 6 (Insurance Requirements) of the contract sets out the obligation on the Supplier in relation to claims notification and Schedule 27 (Conduct of Claims) sets out the provisions for making a claim.