Ensuring Governance Oversight of Shared Services and Management Services Agreements Among Affiliated Companies

Part I of this two-part update alerts directors, corporate officers, and corporate counsel to the need to ensure that management (shared) service agreements between affiliated companies are negotiated on a defensible basis, are priced fairly and contain adequate compliance oversight, supervision and remedial provisions. Part II will examine the legal and regulatory requirements for publicly-traded companies to disclose shared services agreements that are material to their business.

The last two decades have seen the dramatic consolidation of operational and administrative back-office operations by merging those functions into a single shared service operation. By combining back-office centralization with the benefits of enterprise software (ERP) solutions (such as SAP or Oracle), a group of affiliated companies can drive cost efficiencies and business process improvements. Through an intercompany management service agreement, each affiliated company becomes the customer of their affiliated service provider for such common business processes and business management functions as financial management, pension administration, customer relations management, brand management, marketing and advertising, supply chain and procurement management, human resource (including labour relations) administration, in-house legal services, and information systems management activities.

The Legal Context

In implementing shared service arrangements, there are two sources of governance duties that directors and officers (including the compliance managers and lawyers who advise them) must take into account. The first derives from a director's or officer's general corporate governance obligations and related duties of care. The second arises out of the very specific laws, regulations, accounting practices, and other obligations that distinctively affect the ongoing obligations (and potential liabilities) of the particular corporation.

It is a fundamental principle of corporate governance in Canada that directors and officers must act in the best interests of their respective companies and ensure that their company is managed, operated and administered prudently, diligently and in full compliance with the company's business, financial, legal, regulatory and administrative duties and obligations. Even in a situation of common control among affiliated companies, the directors and officers of each affiliate have a duty to ensure that intercompany management service arrangements will be negotiated carefully, priced fairly, and performed in a manner, and to an extent, that is in the best interests of each company respectively. The Supreme Court of Canada has made it clear, on several occasions, that these governance duties are owed to a potentially wide group of possible stakeholders, including shareholders, lenders, employees, customers and even the community in which the company operates.

With regard to specific and distinctive governance obligations, each outsourcing affiliate must identify and assess the contractual (third party), financial, tax (including service transfer pricing, records compliance, etc.), legal, regulatory and other obligations to which that affiliate is subject.

Highly regulated industries may be subject to a broad array of legal and regulatory compliance obligations, which may require varying degrees of ongoing oversight. Consider, for instance:

• companies that are publicly traded, especially in more than one jurisdiction;
• highly regulated businesses, such as pharmaceutical, broadcasting and telecommunications, transportation, health care and all related professional services, food preparation and/or packaging, all types of utilities, financial services, retail businesses that must adhere to consumer protection and safety requirements (including licensing compliance, anti-spam, consumer protection, product liability, personal information protection); and
• businesses that may be subject to a broad range of workplace compliance concerns (immigration compliance, health and safety, environmental concerns, and human rights).

A Graduated Approach

A practical and graduated approach to ensuring governance compliance is both reasonable and legally supportable. The complexity, detail and scope of any particular intercompany management service agreement should be a direct, proportional and rational function of the unique circumstances of the companies and the intercompany transaction involved. There may be companies whose proportionally reasonable and adequate governance conduct would require fairly straightforward and simple agreements with minimal governance oversight tools. At the other end of the continuum, there may be companies whose proportionally reasonable and adequate governance conduct would require very detailed and comprehensive arm's length style agreements to assure the governance oversight that is required in that circumstance.

At the de minimis end of the continuum are, for example, domestic private companies that do not carry on regulated businesses, have little third party risk, and that propose to outsource to an affiliated private company only a few non-material business processes. At the other end are, for example, international companies that are publicly traded, that carry on highly regulated businesses, that have material third-party risk, and that propose to outsource to an affiliated public company operations and business processes that are material (or vital) to its business.

Contract's Governance Requirements

Ordinarily, governance oversight and supervision of all company business and management operations are exercised internally – through the company's internal management (and board) chain of corporate command. However, when any part of a company's business operation is provided by third parties operating externally to that chain of corporate command (whether by outsourcing, shared service, SaaS, cloud computing or other managed services), governance oversight and supervision must be achieved through the service contract. The outsourcing or relegation of the day-to-day operational duties of any business operation or business process to a third party does not discharge the executive officers or the board from their continuing governance duties of oversight and supervision. The only change in governance duties that is realized by an intercompany management services transaction is the mechanism by which those governance duties are discharged. All of the corporate governance obligations that existed before an outsourcing transaction must continue to be adequately overseen through the contract that implemented the service transaction.

Contractual Governance Tools: Best Practice Principles

Assuming that a transaction does not fall within the de minimis contract threshold noted above, the following are examples of contractual terms and conditions that may be relevant and appropriate to permit and facilitate (and therefore, discharge) the continued governance of the company's outsourced administration, operations or business activities:

• Management service specifications – as the cornerstone of the contract, include detailed service performance specifications, service levels, and timelines against which service failures can be empirically measured;
• Management service quality standards – to perform the services with reasonable standard and quality of professional care, skill and diligence;
• Compliance with applicable laws – to comply with all laws, regulations, and judgments and orders that are issued by any court, regulatory body, or tribunal of competent jurisdiction, which are applicable to the services;
• Compliance with customer's policies – to comply with all business practice policies, workplace guidelines and management directives that are a material part of the customer's business;
• Service performance information flow – in order to effectively govern and supervise the performance of the services, the customer reasonably requires adequate information concerning that performance, which may be scaled in scope to include:

1. Complete, accurate and current records associated with service performance and contract compliance. Often, those records are referred to as the Service Manual, and used to: (a) monitor, verify and remedy any service failure; and to, (b) enable the customer to transition the agreement to an alternate service vendor;
2. Periodically reporting on the discharge of all service obligations, including the duty to report any material breach of service performance;
3. Service performance oversight may require the direct inspection by a third party;
4. Service audit rights, especially with respect to service fee calculation and the accuracy of performance reports;
5. Entrenching a Joint Management Committee that will (at first instance) operationally and administratively oversee the performance of the services;

• Canadian GAAP/FRIS – there may be numerous reasons why it is important to ensure the services comply with Canadian GAAP and FRIS (including financial records);
• Disaster recovery & contingency planning – it is a pervasively accepted risk management practice to require the service provider to maintain, and ensure access to, reasonable disaster recovery, back-up, and contingency arrangements (facilities and/or services). Those provisions often require periodic testing of those resources;
• Confidential dispute resolution – many agreements include mediation or arbitration provisions to keep intercompany disputes strictly private and confidential. In any situation where the parties are unable to internally resolve any material dispute amicably, it is especially important that a fair resolution of such dispute is conducted by an independent third party;
• Reasonable risk management – there is far more accepted risk management leeway in the context of service contracts between affiliated parties, depending upon the fair market value nature of the remuneration that is being paid;
• Reasonable remedies – it is unusual for affiliated companies to sue each other for damages or to seek relief through formal compensation proceedings. Therefore, such agreements typically include practical, uncomplicated and summary remedial provisions that are financially fair to both parties and that will promote service performance;
• Termination transition services – reasonable service wind-down and transition (transfer) assistance provisions that will allow the customer to gradually and prudently transfer the performance of the services from the incumbent vendor to a new service provider;
• Change management protocol – to avoid the tempting ability of affiliated companies (who may even have overlapping officers) to simply materially change the service arrangements as a matter of management discretion outside of the contract, such agreements usually include a format contract amendment protocol to bring evidentiary discipline to any such amendments within the so-called four walls of the contract.

Affiliated companies engaged in intercompany management service arrangements should re-examine their existing agreements to ensure that they provide reasonable and adequate compliance mechanisms to allow the officers and directors of service customers to discharge all of their, possibly extensive, governance oversight and supervisory duties.

And, as companies settle the substantive terms of the service contract, including pricing, it may be important for the companies involved to be represented by independent legal counsel and for the negotiation process to clearly record that the distinctive interests of the parties were advanced and that a reasonable contract resulted from that process. Key failings in the notable Hollinger case included that the fees charged by the service provider may not have been commensurate with the benefits delivered to the client affiliate, and that it was not clear that the client was being represented by unconflicted parties seeking to act solely in the best interest of the supplier.