A Q&A guide to outsourcing in Ireland.
Other than in the financial services sector, there is no specific regulation of outsourcing transactions. However, depending on the sector and services involved, parts of the outsourcing transaction may be regulated by various elements of national law, such as:
IP rights protection.
Health and safety regulations.
Transfers of employees are regulated under national rules implementing Directive 2001/23/EC on safeguarding employees' rights on transfers of undertakings, businesses or parts of businesses (Transfer of Undertakings Directive).
The Central Bank of Ireland (CBI) regulates the financial services sector in Ireland, and is responsible for supervisory and prudential oversight of, among other things:
Investment services providers.
Insurance, investment and other financial services intermediaries.
Investment funds and service providers to investment funds.
Other financial institutions.
Outsourcing by regulated financial institutions is subject to specific rules. The primary regulatory source remains Directive 2004/39/EC on markets in financial instruments (MiFID), which was implemented into Irish law in November 2007, and which sets out specific rules relating to outsourcing in the context of investment-related financial services. The Committee of European Banking Supervisors (CEBS) Guidelines on Outsourcing (CEBS Guidelines), published in December 2006, and which were deliberately designed to be consistent with MiFID, apply to the full range of services that credit institutions provide, and not just investment-related financial services. Specific requirements relating to outsourcing by payment institutions are also included in the CBI's prudential requirements for payment institutions.
The implementation of Directive 2009/65 EC on undertakings for collective investment in transferable securities (UCITS) (UCITS IV Directive) on 1 July 2011 has resulted in the application of MiFID-like organisational and internal control requirements to UCITS management companies. It is expected to result in an increasing alignment of the contractual requirements for delegated fund services with MiFID outsourcing rules. In conjunction with the introduction of UCITS IV, the CBI has also replaced the previous "minimum activities" regime for both UCITS and non-UCITS fund administration services (which required that certain activities be conducted in Ireland). The new regime:
Closely tracks MiFID requirements.
Identifies ''core administration services'' (that is, those which Irish regulated administration firms must continue to undertake in Ireland).
While the CBI has not itself published general guidelines on outsourcing, it has in the past published an Assistance Paper on Outsourcing (Assistance Paper), which sets out the CBI's views on outsourcing generally in the financial services sector, effectively tracking the MiFID provisions and CEBS Guidelines relating to outsourcing. There is a separate and detailed CBI notice relating to outsourcing by fund administration services.
The CBI can also refer to sector specific guidance, including guidance published by the Joint Forum of the Basel Committee on Banking Supervision, the International Organisation of Securities Commissions and the International Association of Insurance Supervisors.
There are no regulations specific to business process outsourcing. However, additional regulation can arise in industry-specific contexts.
There are no IT regulations specific to outsourcing. However, additional regulation can arise in industry-specific contexts.
There are no telecommunications regulations specific to outsourcing. However, when structuring any outsourcing in the telecommunications sector, the parties must comply with general telecommunications regulatory requirements.
The provision of telecommunications networks and services falls under the electronic communications networks and services regulatory regime. While in general there is no requirement to obtain a licence, to provide such networks and services, the provider of the network or service must:
Notify the Commission for Communication Regulation (ComReg) before providing any networks or services.
Comply with the terms of the general authorisation published by ComReg.
Depending on the services being outsourced, there can be additional requirements for wireless telegraphy licences.
When a public sector body enters into outsourcing activities:
It must comply with public procurement rules (see Question 6, Public sector and utilities).
Its authority to outsource the activity in question must be considered.
Otherwise, there are no outsourcing regulations specific to the public sector. However, additional regulation can arise in specific contexts (such as data protection, or regulations applying to the transfer of employees).
The regulation of outsourcing transactions under Irish law depends less on the nature of the outsourced service (for example, IT or business process) than on the sector in which the outsourcing takes place (for example, financial services or the health sector). In any regulated industry or sector, the proposed outsourcing's scope and structure must be considered in the context of the relevant regulatory regime, to ensure that all licences and authorisations are obtained and other requirements are met.
In the financial services sector, there are specific rules relating to outsourcing which must be observed.
Material outsourcings. Both MiFID and the CEBS Guidelines include specific rules, which are reflected in the Assistance Paper, relating to:
The notification of material outsourcings to the CBI. Any outsourcing of activities is considered a material outsourcing if the failure of those activities could significantly impair the institution's:
ability to meet its regulatory responsibilities;
ability to remain in business;
An obligation to execute a clear written outsourcing contract, which includes:
a clear definition of the services to be provided and the performance standards to be achieved;
provision for ongoing monitoring, assessment and auditing rights for the customer; and
protection of the CBI's ability to continue to properly oversee and regulate the outsourced activity.
Any outsourcing contract must not prejudice the CBI's ability to audit and access information relating to the outsourcing and the premises from which the outsourced services are provided, or require termination of the outsourcing contract where it deems necessary.
Fund administration services. The rules for outsourcing of fund administration services broadly follow the material outsourcings requirements (see above).
Minimum termination notice periods. The CBI can also impose minimum termination notice periods for certain financial services contracts (see Question 30).
Material outsourcings. Material outsourcings of financial services, including those under MiFID, must be notified to the CBI. While there are no formal rules in relation to the form or timing of the notification to the CBI, any notification should be sufficiently detailed and allow sufficient time for the CBI to consider the outsourcing in detail in advance of the outsourcing becoming effective. The required notification period will depend on:
The complexity of the outsourcing.
The confidentiality and security issues that may arise.
Whether the outsourcing is intra-group.
Whether the outsourcing is onshore or offshore.
The identity and regulatory status of the service provider.
Fund administration services. For fund administration firms, all outsourcings must be notified to the CBI, which may request additional information within one month of notification. Where an outsourcing has been cleared by the CBI, but does not proceed within 12 months, the proposal must be re-submitted to the CBI.
A variety of outsourcing structures are used, both in arm's-length relationships and in intra-group arrangements.
Description of structure. The most common outsourcing structure remains the bilateral contract between the customer and supplier.
Advantages and disadvantages. Apart from the complexity of the contract itself, this is in many ways the most straightforward structure to implement from a legal perspective.
However, this structure does have the perceived commercial disadvantage of not properly reflecting the "partnership" characteristics of an outsourcing relationship, which the parties to an outsourcing often emphasise. This perception of partnership is one of the most important practical issues to be addressed in terms of the governance and implementation of an outsourcing, and arises irrespective of the structure used.
Description of structure. Where the customer seeks to outsource a broadly defined service, which in reality consists of a series of interconnected functions and services, the outsourcing usually involves a need to manage a number of suppliers and services. In such cases, the customer generally requires a prime contractor model. The prime contractor takes legal responsibility for the whole outsourced function, including putting in place and managing any necessary subcontractor relationships.
Advantages and disadvantages. This means that the customer only has to deal with a single entity, which reduces its management time. However, in a prime contractor model, the customer does not have a direct contractual relationship with some of the suppliers, which can reduce its control over certain aspects of the services. In addition, it can be harder for the customer to retain and transfer its knowledge in the long term.
Description of structure. Where a customer outsources major interconnected functions, it may choose to enter into contracts with several suppliers, either through individual contracts or in a multi-supplier agreement.
Advantages and disadvantages. This allows the customer to retain greater control over the outsourcing, by establishing a contractual framework that requires the various suppliers to interact and work cohesively. However, it can make governance and management of the outsourcing more challenging for the customer.
Description of structure. Suppliers often bid for outsourcing contracts having organised themselves into joint ventures, whether through a single joint venture vehicle or through contractual arrangements.
Advantages and disadvantages. This means that the customer benefits from the expertise of a number of suppliers who are tied into the joint venture vehicle, while only having to deal with a single legal entity (see above, Prime contractor model).
Joint venture companies are often used as outsourcing suppliers to the joint venture partners (which may or may not be related entities) in circumstances where:
The joint venture partners require the same services.
There are advantages and economies of scale to be achieved by obtaining the services from a single joint venture entity.
As an alternative, a captive subsidiary can be used as a supplier.
Description of structure. Partnerships, in the legal sense, between the customer and supplier remain relatively rare as outsourcing structures, mainly because they can give rise to joint and several liability. An exception to this is where two or more entities, often in a group situation, set up a partnership to provide common services to the partners.
Advantages and disadvantages. Setting up a partnership requires minimal effort and requires no registration. It is common (and advisable) for prospective partners to enter into a partnership agreement which can be tailored to meet the particular needs of the partners. Importantly, the financial details of partnerships can be kept confidential.
The absence of limited liability for partnerships in Ireland is the greatest disadvantage. The general rule is that each and every partner in a partnership is jointly and severally liable for all the debts of the partnership, which may be satisfied from their personal assets (see above, Description of structure). Furthermore, the continuity of a partnership is not as certain as that of a limited company. The death or bankruptcy of any one partner can result in the dissolution of the partnership.
Description of structure. These remain relatively uncommon, other than in the context of public/private partnerships for large infrastructure projects. However, they are becoming more common in offshore outsourcings.
Advantages and disadvantages. This form of outsourcing provides a high level of control to those who adopt it. The set-up, staffing and overall management decisions are made internally, which brings transparency on costs, but risks diverting management focus away from core tasks.
The procurement process used to select a supplier varies depending on:
Whether the outsourcing is public, utility or private sector.
The nature, value and complexity of the services to be outsourced.
In private sector outsourcings, there is generally an RFP process. The customer sends out a proposal to potential suppliers, detailing the outsourcing it wishes to undertake. Based on responses to the RFP, the customer chooses its preferred bidder and negotiates the contract with this bidder or, in some circumstances, may engage in parallel negotiations with two or more bidders.
Other than complying with general competition law rules, the RFP process does not need to equate to a public tender process (see below, Public sector and utilities). However, many customers take guidance from the public procurement structures to ensure that the RFP process is transparent, non-discriminatory and undertaken in good faith.
Potential suppliers may carry out due diligence of the customer's business as part of the RFP process. This can happen after the customer has rejected a number of potential suppliers based on their responses to the RFP, or in parallel with the negotiation of the contract when a preferred supplier has been chosen.
For collaborative business partnering, the British Standard (BS) 11000 may in certain circumstances, for both public and private sector organisations, be an appropriate accreditation to seek in a potential partner.
Public sector bodies and utility entities are subject to public procurement rules when they outsource. These rules arise under both EU and national rules, and require that most contracts be subject to a public tender process.
If the procurement of works, supplies and services is above certain thresholds, it is subject to the EU public procurement regime. Other rules may still apply if the thresholds are not met.
The following formalities are required:
If the land is registered, the transfer of immovable property requires a written deed of transfer, which must then be registered in the Land Registry.
If the land is unregistered, the transfer of immovable property requires a conveyance, which must then be registered in the Registry of Deeds and an application for first registration in the Land Registry must also be made.
Where the property is leasehold property, the transfer of the leasehold interest requires a formal deed of assignment. If the land in question is unregistered land, then depending on the length of the lease, a first registration application in the Land Registry may also be necessary.
There can also be tax issues arising on the transfer of immovable property (see Question 40).
The following formalities are required:
The transfer of an IP right requires a written assignment. In the case of a registered IP, the assignment must be registered on the relevant register to perfect title.
The transfer of an IP licence requires a written assignment or novation agreement. In the case of a registered IP, the assignment or novation of the licence should be recorded on the appropriate register to avoid enforcement issues. Whether consent to the assignment from the other party to the IP licence is required depends on the terms of the IP licence.
Movable property is transferable by delivery, and no formalities need to be considered when effecting such a transfer. A list of movable property to be transferred by delivery usually forms part of the outsourcing contract.
The transfer of key contracts requires a written assignment or novation agreement:
Assignment: whether consent to the assignment from the other party to the key contract is required depends on the terms of the key contract. Where the contract is silent, the general principle is that the benefit, but not the burden, of the contract can be assigned without consent.
Novation: the other party to the key contract must also be a party to the novation agreement.
The following formalities are required:
Leases of immovable property must be recorded in writing. If the lease has a term of more than 21 years, it must be registered with the Land Registry if it relates to registered land. If the land is unregistered land it should be registered in the Registry of Deeds and an application for first registration may also be necessary. Tax issues can also arise on the grant of the lease (see Question 40).
Licences of immovable property are generally licences at will and do not create any rights under landlord and tenant legislation, and do not involve any formalities.
The formalities to lease or license IP rights are as follows:
IP licences should be in written form, as a matter of good practice.
Licences of registered IP should be recorded on the appropriate register to avoid enforcement issues.
There are no strict formalities to be observed when licensing or leasing movable property. It is a matter of contract between the parties as to the rights that attach to the licence or lease.
The Irish export licensing regime applies to military and dual-use goods, that is, goods which can be used for civil and military purposes, including encrypted computer software. Irish law on the export of dual-use goods is founded under Regulation (EC) 1334/2000, which established a community-wide system for the control of exports of dual-use goods. Regulation (EC) 1334/2000 has since been repealed and replaced by Council Regulation (EC) 428/2009, which has been implemented in Ireland by the Control of Exports (Dual-Use Items) Order 2009. The system is managed in Ireland by the Export Licensing Unit of the Department of Jobs, Enterprise and Innovation (DJEI). The most likely scenario relates to encryption software where an assignment or novation of a software licence may amount to an export of a dual-use good provided that the level of encryption merits that outcome under the Irish export licensing regime.
Key contracts are not generally leased or licensed. If the customer wishes to retain the contractual relationship under the key contract, the customer generally appoints the supplier as its agent for the purposes of managing the key contract, rather than assigning or novating it. This approach does not involve any formalities, but as a matter of practicality requires acceptance by the third party.
The European Communities (Protection of Employees on Transfer of Undertakings) Regulations 2003 (Regulations) implement the provisions of the Transfer of Undertakings Directive in Ireland. The Regulations give employees certain rights when the whole or part of an undertaking or business is transferred from one employer (transferor) to another employer (transferee) as a result of a legal transfer or merger (see Question 10, General terms). The Regulations frequently apply when a customer outsources a service and the outsourcing:
Involves a transfer of assets (whether tangible or intangible).
Relates to a labour-intensive part of the business, and involves a transfer of a major part of the workforce (whether in terms of numbers or skills).
Where a customer initially outsources a service or function, the Regulations operate between the customer as transferor and the supplier as transferee.
Where a customer changes its supplier, and the handover constitutes a transfer, the Regulations usually operate so that the incoming contractor is the transferee and the outgoing contractor is the transferor. The Regulations should not therefore affect the customer. However, a change in service provider does not automatically trigger the application of the Regulations (as is generally the case in the UK). The facts of the situation are examined to determine whether or not there is a transfer of an undertaking (or part of one).
The European Court of Justice (ECJ) has held that a change of supplier of itself is not necessarily a transfer, as it may not actually involve the transfer of a stable economic entity. However, either of the following may be considered transfers under the Regulations:
A transfer of a service contract involving the transfer of significant tangible or intangible assets.
A transfer involving a labour intensive activity, where the incoming supplier takes over a major part of the workforce.
Where a customer terminates an outsourcing arrangement and brings back in-house services that were previously outsourced, in circumstances that constitute a transfer, the customer is the transferee, and the Regulations apply to it.
When the whole or part of an undertaking or business is transferred as a result of a legal transfer or merger, the Regulations guarantee that the transferor's employees who are attached to that business retain the right:
To transfer to the transferee, and not to be dismissed for a reason connected to the transfer.
To have the transferee maintain all of the employees' employment rights and obligations that were previously the responsibility of the transferor.
Not to have existing terms and conditions of employment varied because of the transfer.
To information and consultation on the implications of the transfer and on any measures envisaged in relation to the employees, with a view to reaching an agreement.
To have their continuity of service recognised by the transferee.
Therefore, all employees (irrespective of the length of their service) wholly or mainly engaged in the transferring business are entitled to transfer automatically to the transferee, on the same terms and conditions of employment, with their continuity of service intact.
A transfer is defined as the transfer of an economic entity which retains its identity. An economic entity is an organised grouping of resources which has the objective of pursuing an economic activity.
Each case must be looked at on its own merits to assess whether a transfer under the Regulations arises.
The Regulations do not apply to employees' rights to old age, invalidity, or survivor's benefits under company pensions schemes that fall outside the scope of the Social Welfare Acts 2005 to 2006. If these benefits are provided for under a company pension scheme, that is an occupational pension scheme within the meaning of the Pensions Act 1990, their accrued rights are protected under those Acts. However, this is not the responsibility of the transferee under the Regulations.
Subject to the rules on pensions (see above, Pensions), employees are entitled to have any benefits which form part of their terms and conditions of employment continue after the transfer.
Where there are collective agreements in force between the transferor and the employees, and the Regulations apply, the transferee must continue to observe the collective agreements' terms and conditions, on the same terms as were applicable to the transferor, until either:
Its date of termination or expiry.
A new collective agreement comes into force.
The transferee must also preserve the status and function of employee representatives (including trade unions) on the same terms as existed with the transferor.
An employee who is dismissed by reason of redundancy and satisfies the requirements under the Redundancy Payments Acts 1967 to 2011, is entitled to a statutory redundancy payment, calculated as the sum of:
Two weeks' normal remuneration for each year of continuous and reckonable service.
One week's normal weekly remuneration (commonly referred to as the "bonus week").
The weekly wage for the purpose of the calculation of a statutory redundancy payment is currently subject to a ceiling of EUR600 per week. If the total amount of reckonable service is not an exact number of years, the "excess" days must be credited as a proportion of a year. However, in the event of an employee being offered suitable alternative employment, which is unreasonably refused, that employee may be disentitled to a redundancy payment.
In addition to any statutory redundancy payment payable, the employee must also be paid in lieu of notice (if not required to be worked), outstanding holidays, bonuses and commissions, arrears of payments, if any, and so on.
Employers often pay over and above the statutory minimum although there is no legal requirement to do so. The employer can be bound by a written agreement. If there is no written agreement, the employer can find itself bound when:
There is an oral agreement concerning the level of ex gratia payments which the employer will make in the event of redundancies.
It has previously invariably adopted an unwritten policy in relation to ex gratia payments such that the policy has become established through custom and practice.
An employer should, therefore, consider whether or not there is any custom or practice of its making ex gratia payments. An ex gratia payment should only be made to an employee after he has signed an appropriate waiver and release agreement.
The transferee can only harmonise terms and conditions to the extent that they put the transferring employees in the same, or a better, position than their existing terms. If harmonising the transferring employees' terms and conditions with those of the existing employees would result in a situation which is, or becomes, less favourable for the transferring employees than their entitlement under the Regulations, the transferring employees' terms are modified so as not to be less favourable.
In addition, employees cannot agree to limit, exclude or waive benefits or entitlements which they previously enjoyed, even if paid compensation, unless the compensation is of equal or greater value.
The Regulations allow the transferor or transferee to implement dismissals for economic, technical or organisational (ETO) reasons requiring changes in the workforce (defined in relevant case law as redundancy). However, dismissals that occur because of the transfer which are not genuine redundancies, or are not otherwise lawful, give rise to a risk of unfair dismissal and wrongful dismissal claims against the transferor and/or transferee. Generally, post-transfer dismissals on ETO grounds are easier to justify than pre-transfer dismissals (as a court or tribunal may determine that employees were dismissed to make a business look more attractive, and are therefore transfer connected).
Any European Economic Area (EEA) national can work in Ireland without the need to first obtain the approval of the Department of Enterprise, Trade and Innovation (the Department). In respect of non-EEA nationals, there are various means by which the individual can lawfully work in Ireland.
The four main categories of employment permit are:
Green Card Permit.
Intra-Company Transfer Permit.
Spousal and Dependant Work Permit.
An employment permit will not generally be issued where a consequence of granting the permit would be that more than 50% of the employees in a company would be non-EEA nationals.
Each category of application is subject to various rules and regulations set down by the Department. The Employment Permits Acts 2003 and 2006 govern the grant of employment permits in respect of non-nationals and related matters and provide for fines of up to EUR250,000 or ten years' imprisonment for employers who employ non-EEA nationals without employment permits.
In certain asset-intensive services, the parties can structure the employee arrangements as a secondment. If the transferor retains the assets, goodwill, customer lists and other assets of the business, and only seconds its employees, then arguably it can avoid the Regulations.
However, this type of arrangement can be undesirable because there is a risk of the customer and supplier being held to be co-employers of the employees, and because it makes it harder to deal with the employees on a daily basis.
In addition, if assets are transferred there is nothing to stop employees claiming that there has been a transfer of the whole, or part of, a business to which they are assigned, and therefore to which the Regulations automatically apply (see Question 10, General terms). In addition, a provision in any agreement which tries to exclude or limit any provision of the Regulations, or which is inconsistent with any of its provisions, is void. Structuring the arrangement as a secondment might therefore not affect the employees' rights if it is a transfer within the meaning of the Regulations, and is rarely used for that purpose.
Subject to compliance with data protection legislation, the transferor must supply all relevant employment-related information (that is, all current terms and conditions of employment) to the transferee, including information about any outstanding claims that employees have against the transferor. This is so the transferee can comply with its obligations under the Regulations. Where the transferee incurs liability because the transferor failed to provide this information, the transferee may be in a position to offset that liability against the transferor.
The transferee is not specifically required to provide any information to the transferor. However, as the transferor must advise the affected employees of any measures envisaged in relation to them, it can ask the transferee to provide any necessary information, as failure to properly consult with the affected employees can lead to a breach of the Regulations, for which the transferee, as the employer post-transfer, can be liable (see Question 11).
Both the transferor and transferee must inform the representatives of their respective employees affected by the transfer of:
The date, or proposed date, of the transfer.
The reasons for the transfer.
The legal, social and economic implications for the employees of the transfer.
Any measures envisaged in relation to the employees.
This information must be given to the employees' representatives, where reasonably practicable; either:
Not later than 30 days before the transfer is carried out.
In good time before the transfer is carried out.
Consultation must take place in respect of measures envisaged in relation to employees. The time frame for the commencement of the consultation is the same as that for providing information. The Regulations do not specify that an agreement must be reached on all issues, but simply require that the employer consult "with a view to reaching an agreement".
Employees can refuse to transfer. Until recently, employees who refused to transfer under the Regulations generally claimed that they were redundant and received a redundancy payment from the transferor. However, in Symantec Ltd v Leddy and Lyons  1EHC 256, the High Court disagreed with the employees' submission that the Transfer of Undertakings Directive operated to provide employees who refused to transfer with an automatic entitlement to a redundancy payment.
The employees in that case objected to the transfer, even though their terms of employment would have been the same with the transferee. They were informed that a refusal to transfer would be treated as a resignation rather than a redundancy. They brought a claim under redundancy legislation to the Employment Appeals Tribunal (EAT) and were awarded a redundancy payment. However, the transferor appealed this decision to the High Court, which held that a redundancy situation does not automatically arise where an employee refuses to transfer, as the refusal does not of itself negate the transfer (that is, the employee's position continues to exist with the transferee). This decision is currently being appealed to the Supreme Court.
Either an employee or his representative can bring a complaint to a Rights Commissioner that an employer has contravened any of the Regulations. The Rights Commissioner can require the employer to either:
Comply with the Regulations and to take a specified course of action.
Compensate the employee in an amount not exceeding:
four weeks' remuneration (in the case of breach of consultation and notification obligations);
two years' remuneration (in the case of contravention of any of the other provisions of the Regulations).
The decision of the Rights Commissioner can be appealed to the EAT within six weeks. An appeal can be brought from a decision of the EAT, on a point of law only, to the High Court. Where a Rights Commissioner or the EAT requires the employer to take a specified course of action and the employer fails to do so, the employee or his employee representative, or the Minister for Jobs, Enterprise and Innovation, can apply to the Circuit Court. The Circuit Court, without hearing the employer's evidence, can make an order directing the employer to carry out the decision or determination in accordance with its terms.
General requirements. Data protection issues arise in a number of contexts in most outsourcing arrangements:
The transfer of employees inevitably gives rise to data protection issues.
Where the outsourced services involve the processing of personal data, the Irish Data Protection Acts 1988 and 2003 require the customer, as the data controller, to put in place a written contract with the supplier, which includes:
contractual protections around security of and access to data; and
restrictions on processing without the controller's consent.
In cross-jurisdictional deals, different regulatory regimes protecting the use and flow of personal data may have to be observed. Those applicable laws must be examined in the context of the outsourcing to determine their effect on the delivery and structure of the services. For example, where the supplier is located outside the EEA, the transfer of personal data is prohibited unless:
the jurisdiction in which the supplier is located offers an adequate level of protection for personal data (as determined by the European Commission through a Community finding to this effect); or
the transfer can be brought within one of a limited number of exemptions, which include transfers made on the basis of:
the consent of the data subject (however, there are inherent difficulties in relying on consent as a justification for transfers of personal data outside the EEA, particularly where the transfers are done on a systematic basis);
European Commission approved model clauses;
intra-group binding corporate rules.
In contractual terms, data protection issues are usually dealt with through comprehensive contractual obligations, which detail the standards of protection and security to be met, and are often reinforced through indemnity protection if loss arises from a breach.
Mechanisms to ensure compliance. The Data Protection Commissioner is responsible for ensuring compliance with the Data Protection Acts 1988 and 2003 (see above, General requirements).
International standards. There are none which are compulsory.
Sanctions for non-compliance. The data controller of the relevant personal data remains ultimately responsible for compliance with data protection law, including the data protection principles set out in the Data Protection Acts 1988 and 2003 (Acts), even where it has outsourced data processing services to a third party data processor. While a failure to comply with the data protection principles constitutes a breach of the Acts, these breaches are not of themselves automatic "offences" under the Acts. However, even where a data controller is in breach of the Acts but has not committed an offence, it may still be the subject of an investigation by the Office of the Data Protection Commissioner (ODPC). If as a result of this investigation the ODPC decides that a breach of the Acts occurred, he can serve an Information Notice or an Enforcement Notice requiring the data controller to take such steps as the ODPC specifies within a specified time to comply with the provision that was breached. The ODPC may require the data controller to rectify or erase any of the data concerned. Failure to comply with an Information Notice or an Enforcement Notice, without reasonable excuse, is an offence.
Persons guilty of offences under the Acts are liable on summary conviction to a fine not exceeding EUR3,000 or on indictment to a fine not exceeding EUR100,000. The court has the power to order that any data material connected with the commission of the offence be forfeited or destroyed and any relevant data erased. In addition, as the ODPC sometimes "names and shames" offenders in its annual report, adverse publicity may also be generated by the commission of an offence and the facts surrounding the event could damage an organisation's reputation.
General requirements. In addition to compliance with data protection laws, banking secrecy laws may also apply in the context of an outsourcing. However, the implied duty of confidentiality arising between a bank and its customers is not absolute, and is subject to exceptions where:
The customer consents (whether impliedly or expressly).
There is a duty to the public to disclose.
It is in the interests of the bank to disclose.
The bank is compelled by law to disclose.
These exceptions are narrowly construed and are balanced against the customers' countervailing rights.
Mechanisms to ensure compliance. See above, General requirements.
International standards. There are none which are compulsory.
Sanctions for non-compliance. Not applicable.
General requirements. In any outsourcing arrangement, comprehensive confidentiality provisions should be included in the agreement (on a mutual basis) and should include standard carve-outs.
Mechanisms to ensure compliance. See above, General requirements.
International standards. There are none which are compulsory.
Sanctions for non-compliance. Not applicable.
The timing of, and responsibility for, drafting the services specification varies from transaction to transaction, and from sector to sector.
The best time for the customer to consider the services definition is at the very start of the process, as part of the RFP stage. This is because having a comprehensive statement of the required services, and any associated transformation requirements, means that comparable and realistically costed bids can be obtained. However, it is common for the RFP to contain only a high-level description of the customer's requirements, with the detailed drafting of the services description forming part of the contract negotiations. This is often the case where the customer is outsourcing a service for the first time, and where either:
It does not already have clearly defined processes and procedures around the functions to be outsourced and the boundaries between those functions and retained functions.
The outsourcing aims to obtain innovative service solutions from suppliers and an overly prescriptive RFP would be counterproductive.
Where the outsourcing is particularly complex, it is common for the customer to engage specialist third-party advisers to provide the scope, and define the services specification, based on a due diligence of the customer's business and requirements. In some cases, the drafting of the services specification is an interactive process between the customer and the supplier, as the supplier becomes more familiar with the customer's business through its own due diligence. In certain industry sectors, the services specification may be an industry standard offering, with price being the real differential between suppliers.
Service levels, key performance indicators and service credit schemes vary considerably from contract to contract, depending on the industry sector and the importance to the customer's business of the outsourced services. For example, the CBI generally requires clear quantitative and qualitative service levels in any material financial service outsourcing (see Question 2, Financial services).
Generally, where service levels are objectively measurable (for example, availability, or response times), they are set out in detail in the agreement. Where they are not objectively measurable, more general service quality warranties are included. These can be more difficult to enforce, particularly in the context of service credits.
In some cases, specific service levels are combined with continuous improvement obligations. It is also common to see requirements for regular reviews, at which service levels are considered.
Service credit schemes are commonly linked to service levels, and can be approached in a variety of ways, including:
Straightforward percentage or fixed amount credits for any service level failure.
Adoption of different levels of service credit depending on the:
criticality of the service level; and/or
severity or length of the service level breach.
Balanced scorecard mechanisms.
Very complex outsourcings usually give rise to complex service level and service failure regimes.
The flexibility in volumes purchased depends on the type of outsourcing and the basis of charge. In some outsourcing minimum amounts are agreed to be purchased each year below which the supplier may have a right to terminate the agreement or receive compensation or an increase in charges.
The majority but not all outsourcing agreements in the Irish market are subject to some type of exclusivity provisions for the original scope contracted to prevent customers "cherry picking" the higher margin elements of the services and putting those out to tender but this is generally subject to any competition law issues and the change control procedure.
In a unit price arrangement, such as a price per policy for services in a life assurance policy administration outsourcing arrangement (particularly in a closed book arrangement), it is often the case that when the portfolio of policies runs down the unit cost may increase.
The charging methods on outsourcing contracts are as varied as the outsourcings themselves, and include:
Time and materials.
Utility (pay-as-you-go) billing.
Cost plus models (including resource-based charging).
Risk and reward models (these can be particularly complex to define and implement).
A combination of the above.
Because of the nature and length of typical outsourcings, commercial, business process and technological change over the term inevitably impact on cost and cost competitiveness. Therefore, the pricing structure may not remain static for the duration of the arrangement, and cost review mechanisms are generally included. These usually include pre-defined mechanisms to vary costs, which are designed to enable maintenance of price competitiveness over the term. The mechanisms can include:
Using pricing bands to address changes in the outsourcing's scope, combined with a renegotiation of price if the volumes exceed or fall below pre-defined thresholds.
Pre-agreed time and materials rates.
Index-linked increases to cover general increases in the cost of doing business.
Benchmarking the supplier's charges for the services against other suppliers or contracts in the market. However, true comparators, in terms of service definition, standards and risk allocation, are often difficult or impossible to identify, which can make benchmarking difficult.
When the supplier fails to perform its obligations, the remedies available to a customer under general law can include:
An order for specific performance.
A right to terminate the contract.
Outsourcing contracts usually include a variety of additional protections for the customer, designed to identify and help in remedying performance issues before they become significant, or to incentivise good performance. Typical protections include:
Requiring the supplier to implement comprehensive governance structures, including:
regular reporting and meetings;
Retention of appropriate audit rights (both operational and financial). In financial services outsourcings, audit rights must extend to the CBI (see Question 2, Financial services).
Service level and service credit regimes (see Question 20).
Contractual obligations to craft and implement agreed remedial plans where service levels are inadequate.
The more draconian remedy of step-in rights, which enable the customer, or a third party acting on its behalf, to step into the supplier's role at the supplier's cost.
The ultimate sanction of termination (see Question 33).
Reward systems, such as bonus payments, to encourage strong performance by the supplier. However, these must be carefully defined in advance.
A balanced scorecard approach, which nets bonus points against service credit points. This can be a useful mechanism if any form of bonus scheme is being considered.
Disaster recovery and business continuity planning.
In appropriate circumstances, withdrawal of exclusivity or reductions in minimum payment commitments. This can operate as a strong incentive to the supplier to meet its quality commitments.
Parental company guarantees.
Some outsourcing contracts also provide for benchmarking performance against industry standards, with the responsibility and cost of meeting those standards resting with the supplier.
A broad range of general warranties is typically included in outsourcing contracts, covering matters such as:
Authority to enter into the contract.
General performance standards.
Skill and availability of employees.
Compliance with the law.
Specific warranties dealing with systems performance and data protection are included in appropriate contracts.
Under Irish sale of goods and supply of services legislation, certain conditions are also implied into every outsourcing contract, although it is possible to exclude or limit the application of most of these in non-consumer contracts.
Indemnity protection is generally more limited, and more heavily negotiated, and often depends on the specific risks and issues identified during the negotiation process. But there is usually a full indemnity for:
Third-party IP claims.
Employment-related claims (the indemnity often also addresses the costs arising in respect of transfer-related issues).
Actions in relation to assigned contracts.
Breach of confidentiality and data protection obligations.
There has been a recent trend in outsourcing contracts for the customer to seek indemnity protection in respect of a much broader range of issues, including in respect of:
Liabilities that would traditionally not have been capped, but in respect of which indemnity protection would not have been granted (such as fraud).
In some cases, losses arising from a breach or default in respect of specific and identified service obligations (for example, transaction processing errors).
As most customers also require any indemnity to be given on the basis of unlimited liability (see Question 38), this represents a significant expansion of risk for the supplier, if conceded.
Irish law does not impose any limitations on fitness for purpose and quality of service warranties. Certain conditions are implied into every outsourcing contract under sale of goods and supply of services legislation, although it is possible to exclude or limit the application of most of these in non-consumer contracts. Otherwise, it is up to the parties to agree the extent of such warranties.
Provisions and in particular, indemnities, can be included to protect the customer against the cost of dealing with employment-related claims from the supplier's personnel.
As regards the supplier, clearly limitation and exclusion of liability would need to be included in accordance with the supplier's own risk and reward metrics and market practice. Insurance obligations and parental guarantees may also be required.
Types of insurance that are readily available include:
Employer's liability insurance.
Tangible property damage liability insurance.
Public/product(s) liability insurance.
Business protection insurance.
Errors and omissions or professional indemnity insurance.
In general, the parties agree on the term of any outsourcing and can subsequently vary this by agreement. However, where framework agreements are used in public sector outsourcings, they are subject to a maximum term of four years, unless there are duly justified exceptional circumstances warranting a longer term.
In addition, the CBI sets a maximum fixed term in certain financial services agreements (for example, where fund administration or custodian services are outsourced). Material outsourcing contracts must include provision for termination where mandated by the CBI (see Question 2, Financial services).
In general, the parties agree on the length of the termination notice period required. They can subsequently vary this by agreement.
In the case of a contract of indefinite duration, which does not specify any notice period, the contract can be terminated by mutual agreement, or by either party on reasonable notice. Various factors are taken into account in determining what is reasonable in the circumstances, including the length of the relationship and industry norms.
For certain financial services contracts, the CBI requires minimum termination notice periods, and in some situations may not allow termination until an alternative approved supplier has been appointed.
Detailed transition provisions and exit plans are typically included in outsourcing contracts, to assist the customer in moving the services back in-house or to a third-party service provider.
Under Irish contract law, a contract can be terminated where:
The contract provides for right termination (for example, in the event of insolvency or change of control).
The parties to the contract agree to terminate it (see Question 33).
It has been frustrated (that is, it has become incapable of being performed without default of the parties due to an unanticipated event).
There is a repudiatory breach of the contract (that is, a breach of a condition).
In limited circumstances, a contract can be held to have been void from the start in the case of mistake.
The parties can determine the circumstances in which the contract can be terminated:
The parties usually agree termination rights where:
there is a breach (which can be limited to a material breach, and/or persistent breach, and/or linked to breach of specific clauses of the outsourcing contract or failure to meet measurable performance levels); or
one of the parties becomes insolvent or suffers an insolvency-related event.
The parties often agree termination rights where there is a change of control of the supplier (although this can be limited to change of control involving competitors).
The parties are taken to have intended that the contract would not terminate even if certain adverse circumstances occur, unless the parties have specified those circumstances as triggers for termination. However, general rules concerning frustration and mistake override this principle (see Question 32). Where termination for convenience is agreed, associated termination charges are generally provided for in the outsourcing contract.
Termination for near insolvency is very seldom provided for due to it ultimately turning on a rather subjective opinion as against an actual (factual) insolvency.
Step-in by the customer or by a third party supplier designated by the customer may be provided for but generally this is only available for material breach where the customer chooses not to terminate but instead to temporarily step-in to remedy the problem(s) itself.
Partial termination is sometimes provided for but generally is not very practical unless there is a clear means of separating services and service obligations and related charges from the remaining parts of the agreement.
The licensing of IP rights both during and after the outsourcing is a matter of contract. There are no implied rights to continue using licensed IP rights post-termination, other than to a limited extent where an implied right is necessary to benefit from express rights that survive termination. For example, if there is a limited right to retain information post-termination for audit purposes, there will be a limited implied licence to use any embedded licensed IP for those purposes.
Know-how is generally protected as a form of trade secret or confidential information rather than a form of IP. Therefore, it is not protected by statutory and common law rights, but by contractual agreement between the parties. Where the supplier's know-how is retained by employees of the customer, it can be used post-termination. This is subject to:
Any confidentiality or other constraints that have been pre-agreed by the parties in relation to post-termination use of confidential information and know-how.
Any copyright protection that exists in respect of documented know-how.
Where a supplier wishes to protect its know-how post-termination, it must address the issue upfront in the outsourcing contract.
It is not possible to exclude liability for fraud or, in practice, liability for death and personal injury caused by negligence. Liability relating to statutorily implied conditions in non-consumer services contracts can be limited where it is fair and reasonable to do so, but liability for breach of the implied condition as to title cannot be limited or excluded.
Otherwise, the parties can agree on the extent to which they can exclude liability. This includes the types of loss to be excluded, such as:
Indirect or consequential loss.
Categories of loss (such as loss of business or profits), which can be partly direct and partly indirect.
The parties are free to agree a cap on liability, except for the following, which cannot be limited:
Liability for fraud.
Liability for breach of the implied condition as to title.
In practice, liability for death and personal injury caused by negligence is also not limited. Customers generally seek unlimited liability in respect of claims under indemnities, and are increasingly seeking broader indemnity protections (see Question 26). However, it is possible to agree a cap on liability under some or all of the agreed indemnity provisions.
Typically, the supplier seeks to limit its liability by reference to the value of the contract, while the customer focuses on the potential damage it would suffer if the supplier breaches the contract or acts negligently. The parties can agree different limits in respect of different types of loss (for example, damage to tangible property can be subject to a higher cap than other losses) and limits may reflect available insurance cover.
In the majority of cases the Irish Courts are still the preference of most customers. However, increasingly parties agree to Centre for Effective Dispute Resolution (CEDR) mediation and/or arbitration and, in some cases for particular types of disputes, independent expert determination.
On a transfer of assets by an Irish tax resident customer to a supplier, the main Irish tax issues that arise are as follows:
Stamp duty. Irish stamp duty (up to 6%) can arise on:
a transfer of real property by the customer to the supplier;
a transfer of other assets including, for example, goodwill of a business carried on in Ireland (generally, plant and machinery and similar equipment can transfer by delivery and therefore stamp duty is not payable on the transfer of these assets);
assignments of contracts, where the stamp duty is based on the value of buying out the contract.
Capital gains taxation. Any transfer of the assets by the Irish tax resident customer to the supplier is a disposal for Irish capital gains taxation purposes. Therefore, the Irish tax resident customer can be subject to Irish capital gains taxation on any chargeable gain arising on the transfer of assets to the supplier. For the purposes of Irish capital gains taxation, the Irish tax resident customer is treated as having disposed of, and the supplier is deemed to have acquired, transferred assets at their market value on the relevant transfer date. Certain "group reliefs" from Irish capital gains taxation may be available where the Irish tax resident customer and the supplier are associated companies for the purposes of Irish capital gains taxation.
Capital allowances. If transferred assets constitute plant and equipment in respect of which capital allowances have been claimed by the Irish tax resident customer, the transfer of these assets can cause a balancing charge or balancing allowance to arise for the customer. The amount of any such balancing charge or allowance is based on the difference between the proceeds received on disposal of these assets (or in some cases their market value) and the tax written-down value of these assets on the relevant transfer date.
Corporation tax: losses carried forward. If the assets being transferred constitute a trade of the Irish tax resident customer, any losses carried forward in respect of that trade may no longer be available to the customer for tax purposes, as it would no longer carry on that trade.
Transfer pricing. Where the Irish tax resident customer and the supplier are associated companies for Irish tax purposes, Irish transfer pricing rules can require either the Irish tax resident customer or the supplier (or both) to recognise any fee payable or receivable for the provision of outsourcing services as being arm's-length fees for the purpose of calculating taxable profits.
Consideration received on transfer of the assets. If the consideration due on the transfer of the assets is left outstanding and carries a right to interest, interest payments by the supplier can be subject to withholding tax (currently 20%) where the supplier is a company that is tax resident in Ireland. The Irish tax resident customer is likely to be subject to Irish corporation tax on such interest receipts at 25%. Where withholding tax arises, the Irish tax resident customer is entitled to credit against its Irish corporation tax liability on its interest receipt for amounts withheld by the outsourcing party.
The only critical taxation issues in relation to the transfer of employees are to ensure that the:
Supplier is registered for pay-as-you-earn.
Customer issues employees with Form P45s, as appropriate.
Employees are registered as employees of the supplier.
Generally, outsourced services are subject to VAT at the standard rate, currently 21%. Depending on the nature of the business being carried on by the recipient of such services, VAT can be fully recoverable.
Ireland, as with all EU member states, exempts certain categories of services from VAT. The specific VAT exemptions are set out in Article 135 of Directive 2006/112/EC on the common system of value added tax. These exemptions cover certain insurance transactions and financial services, for example the operation of deposit and current accounts, dealing in payments, transfers and debts (but excluding debt collection). Also exempted is the management of special investment funds as defined by member states (activities that are regularly outsourced).
The ECJ has reiterated in the past that exemptions from VAT are to be interpreted narrowly, and has set out in various judgments the broad criteria needed for the exemptions to apply. Therefore, careful attention must be given to the scope of services provided to determine if they should be exempt from VAT or not.
See above, Transfers of assets to the supplier.
See above, Transfers of assets to the supplier.
See above, Transfers of assets to the supplier.
There are no other significant tax issues in relation to an outsourcing arrangement.
Description. The official website of the Office of the Data Protection Commissioner. This website contains relevant legislation (both in its official original form and in unofficial consolidated form), rules, guidance and application forms. The website also provides access to the public register of entities registered with the Commissioner's Office.
Description. The official website of the Central Bank of Ireland, containing up-to-date copies of financial services legislation.
Description. An official government website containing up-to-date copies of all legislation. The website is maintained by the Office of the Attorney General.
Professional qualifications. Ireland, Solicitor, 1996
Areas of practice. Outsourcing; financial services, asset management and investment funds.
Professional qualifications. Ireland, Solicitor, 1999; England and Wales, Solicitor, 2001
Areas of practice. Outsourcing; information technology; commercial contracts; intellectual property.