With third-party technology playing an increasingly critical role in business operations, it's essential to safeguard your company's critical software applications from potential disruptions.
Understanding Software Escrow Agreements
As a recap, a Software Escrow Agreement is a tri-party arrangement with mutually agreed-terms between the software customer, the software supplier, and an escrow service provider. This agreement involves securely storing the software source code for a business-critical application with the escrow service provider to ensure it's available in case it's needed in the future, for example, in the case of bankruptcy or a lack of support. If a pre-determined release condition is met, the escrow deposit is released to the software customer, enabling them to recreate and maintain their software application.
In this blog, we will walk you through eight steps organisations should follow when escrowing software, from performing a risk assessment to establishing a repeatable process for protecting critical software.
Step 1 | Assess Software Escrow as a Risk Mitigation Strategy
You first need to assess whether you need an Escrow Agreement. A software solution can be revolutionary for your business, but it’s important to plan for the unexpected. You should consider the following:
Step 2 | Determine Your Escrow Deposit
You need to consider both hardware and software, as well as the types of code, items from a third party, and any relevant documentation. One of the main issues surrounding deposits is deciding on the frequency with which they will be made.
To avoid any disputes, all parties must consider how frequently changes are likely to be made to the material in escrow and, from this, decide on a suitable frequency that ensures an up-to-date version of the material is always available.
Step 3 | Budget for Software Escrow
Although Software Escrow isn’t necessarily expensive, you need to budget appropriately for it. Typical expenses may include legal fees, escrow agent fees, which vary based on the type of agreement, and duration of the agreement, and verification costs to confirm the integrity of the deposited source code.
Despite these associated expenses, the advantages of a software escrow agreement often outweigh the costs. By safeguarding your investment, you mitigate the risks associated with relying on third-party software providers. In the event of unforeseen circumstances, such as bankruptcy or discontinuation of services by the software provider, having access to the source code ensures continuity of business operations. This can prevent costly disruptions and downtime.
Step 4 | Select an Escrow Agent
You will need to select a neutral third-party escrow agent to store the escrow deposits and negotiate the terms of the escrow agreement. Software Escrow customers should consider the following factors in choosing a Software Escrow agent and Software Escrow Services: size and longevity, diversification, oversight and management, public financials, and security protocols. You can find out more about what to look for in a Software Escrow Agent in our blog.
Step 5 | Negotiating an Escrow Agreement
The parties involved in contract negotiation are as follows:
You can avoid disputes and save money by specifying upfront what items you want to escrow.
Our best practice advice is to discuss escrow and agree the terms of the escrow agreement in advance of, or during, the negotiation stages of the software license agreement. We would also advise attaching a copy of the escrow agreement to the license agreement so that this can be agreed upfront.
However, Escode, part of NCC Group, can also support those who are looking to consider escrow once the license agreement has already been signed.
Step 6 | Verify the Deposit
Verify the deposit as soon as possible, preferably within 30 days. A Software Escrow Agreement isn’t worth much if you can’t verify that all the essential components have been properly deposited. If you agree that certain items will be placed in escrow but then never follow up to verify that these items are deposited and can be rebuilt into the working application, your Escrow Agreement isn’t really worth much. That’s why you need to verify the deposit.
Software Escrow Verification assures that should the software application ever need to be recreated from the original source code, the knowledge and guidance to do so will be available.
Licensees are assured that they will be able to take over the maintenance and service of their source code if necessary. Software vendors can reassure their customers by demonstrating their commitment to best practice.
Step 7 | Managing the Escrow Agreement
Your work isn’t over just because you and the developer have signed the Escrow Agreement on the dotted line and the agreed-upon items are deposited and verified. Consider appointing a key contact within your organization to oversee the agreement moving forward.
Step 8 | Create a Repeatable Process for Escrowing Future Critical Software
Why reinvent the wheel the next time around? Utilise what you learn from your initial Software Escrow to help guide your organisation through the acquisition of new technology in the future.
In today's dynamic business landscape, third-party technology plays a critical role in the seamless functioning of many businesses' operations. Ensuring the continuity of these applications is not just important, but essential.
Eight crucial steps are outlined: assessing risk, determining deposit content, budgeting, selecting an escrow agent, negotiating contracts, prompt verification, ongoing management, and establishing a repeatable process. These steps ensure preparedness for unforeseen events, providing reassurance for both software customers and vendors. By following these guidelines, businesses can mitigate risks and confidently navigate the complex realm of critical software management.
