Tech & Sourcing @ Morgan Lewis

Over the last year, companies implemented new digital technology solutions at record levels, looking to implement emerging technologies, improve the user digital experience, leverage cloud solutions to store the massive amounts of data being generated, and test the waters on how to transact using digital assets. And we don’t see things slowing down.

In order to stay competitive, companies are investing in major technology transformations, including the modernization of foundational platforms and the implementation of new customer-facing digital channels, as well as shifting significant workloads from on-premises solutions to the cloud.

We recently highlighted the Morgan Lewis financial services team’s overview of proposed guidance released by the three federal banking agencies with respect to third-party relationships within the fintech industry. The federal banking agencies, though, are not alone when it comes to guidance on third-party vendors.

As further guidance and regulations are proposed and begin to take shape with respect to relationships between banking organizations and third parties, including those in the fintech industry, our multidisciplinary teams here at Morgan Lewis are tracking each development. In July, shortly after the three federal banking agencies (the Federal Reserve Board, the Federal Deposit Insurance Corporation, and the Office of the Comptroller of the Currency) released their proposed risk management guidance regarding third-party relationships, our banking and financial services team provided a general overview highlighting the key takeaways from the proposal. If you have any specific questions, please reach out to your Morgan Lewis team for assistance.

As a reminder, China’s new Data Security Law (DSL), which entails more expansive and restrictive requirements on data localization, mandatory security level certification, and severe penalties for unauthorized foreign transfer of data, will come into effect on September 1, 2021. The DSL will potentially affect all business operators in China, including multinational corporations. Our privacy and cybersecurity team recently published a more detailed analysis of the DSL. If you have any specific questions, don’t hesitate to reach out to your Morgan Lewis contact for assistance.

Read the full LawFlash >>

A recent judgment by the High Court of England and Wales in the case of Jamp Pharma Corp v. Unichem Laboratories Limited has held that agreements reached as part of contract negotiations for contracts governed by English law may be impliedly “subject to contract” without the need to expressly state that the discussions and documents are “subject to contract” prior to a formal executed agreement.

Planning for major service disruptions and disasters, such as prolonged power failures, fires, flooding, and other extreme weather events, is an important element of strategic technology and service agreements.

Changes to complex commercial contracts are inevitable. These contracts, such as large outsourcing agreements, typically include a master services agreement (MSA) and a high number of exhibits and attachments describing the scope, performance standards, financials, and other contractual requirements in detail. Some deals can end up containing over 50–75 documents (or more!) in total. Given their strategic importance, these agreements often require numerous amendments as the relationship evolves over time and changes need to be formally documented.

For UK companies choosing between hiring employees or using independent contractors, there are important legal risks that must be taken into consideration. In addition, agile and remote workforces are a hot topic as companies around the world are considering new ways of working following the COVID-19 pandemic. However, in the post-Brexit United Kingdom, the idea that people can work in any place at any time presents tax, data protection, and employment law challenges.

The European Cloud User Coalition (ECUC) published a paper (the Position Paper) on May 17 recommending, among other matters, the adoption of “model clauses” for the long-term compliant use of cloud technologies.