Pitfalls to Keep in Mind When Negotiating Professional Services Agreements

In a fast-paced corporate environment, where every deal can make or break the bottom line—especially if it’s technology-related—the inherent risks of professional services agreements are frequently overlooked. In the rush to close contracts quickly, key business stakeholders may even skip legal review to just get the deal done.

It’s a dangerous move. While it may seem like just another contract, a professional services agreement often covers large, complex engagements—think multimillion-dollar technology consulting services, management and operational consulting projects, or marketing campaigns—where even small oversights can lead to massive financial consequences. As a result, professional services agreements come with an array of complicated provisions governing liability, indemnification, intellectual property, fees and compensation, confidentiality, data security, and the nuances of contract termination, just to name a few. Increasingly, the use of generative artificial intelligence tools (GenAI) must also be addressed.

A professional services agreement (PSA) is, as one SaaS platform has it, “a critical contract used in industries like tech, consulting, and engineering, where businesses engage experts for specialized, project-based work.” Routinely referred to as a master services agreement or client services agreement, a professional services agreement can cover a single project or serve as a blanket agreement between service provider and client. If the contract is broader, statements of work (SOWs) are often used to detail the services delivered, as well as the scope, duration, and pricing of individual projects.

Professional Services Agreements and Their Kin

How a professional services agreement is structured can vary depending on the industry or type of work being performed. For example, a business and technology consulting firm would use a professional services agreement.

A Software as a Service (SaaS) platform, like a CRM or a project management tool, that offers built-in customizations for enterprise companies such as drag-and-drop interfaces, customizable templates, and scripting options would need a Software as a Service Agreement in addition to the professional services agreement. Ideally they should be separate agreements. A SaaS covers a subscription or license to a piece of software or a software platform, and there is often a consulting and development piece for customization and implementation. If the provider is also performing consulting services related to the platform, that is when professional services agreement will be necessary since key provisions and service levels will be different.

Data processing agreements (DPAs) spell out privacy obligations if a third-party service provider is hired to help collect or process data. Such an agreement may be required depending on the jurisdiction. The European Union, with its General Data Protection Regulation (GDPR), and five states—California, Connecticut, Utah, Nevada, and Virginia—have instituted contracting requirements around the collection, sharing and processing of personal information. More states are expected to follow suit in the years to come.

If a service provider is working with clients covered by the Health Insurance Portability and Accountability Act (HIPAA), they may need to sign a business associates agreement (BAA). BAAs are designed to protect personal health information and ensure that a service provider follows certain standards required by law.

Statements of Work and Other Addenda

Ancillary agreements like Statements of Work (SOWs), DPAs, and BAAs that are often addenda to a professional services contract should be carefully reviewed by counsel. A stray provision in an addendum could trigger an unforeseen chain reaction that compromises an overall contract.

For example, your lawyers may have negotiated a services agreement that meticulously lays out the parties’ rights and responsibilities. After the agreement is signed, however, team members working on the project find they need to adjust the scope of the work.

To them, this is a relatively minor alteration in a multi-million dollar contract. The change order is one page. And it hardly seems worth spending the time to send it to counsel for review. In the team’s view, it’s best just sign the document and keep the project moving. After all, how much damage could a one-page change order do?

Unfortunately, the answer can be, “extensive damage.” Something as seemingly simple as a Change Order might contain completely different terms around indemnification, for example. Signing that without legal review negates the carefully crafted and negotiated indemnification language of the overall master services contract. Now, one of the parties has inadvertently given up many of the critical indemnification rights it had negotiated and has substantially increased its legal risk if there is IP infringement or a breach or some representation in the agreement—a mistake that would not have occurred had the change order been properly reviewed.

Indemnification Issues in Services Agreements

Indemnification clauses like those in our hypothetical above can be a particular point of contention in contract negotiations. They oblige one party to pay for the losses or expenses suffered by another. And as one court decision noted, their purpose “is to pre-determine how potential losses incurred during the course of a contractual relationship will be distributed between the potentially liable parties.”

On one hand, clients might seek broad indemnity clauses to shift financial liability and legal risk to the service provider. But service providers limited may push back if they see indemnification as too one-sided, and push for the indemnification clause to be limited to third-party claims. And, unless they were contractually obligated to do so, a provider would not usually pay a client’s costs to litigate or settle third-party claims. Their insurance coverage may not cover liabilities assumed solely because of a contract.

State laws create another complication. Most states have statutes governing indemnity clauses and their enforcement, and some regulate indemnification in specific industries. Lawsuits over indemnity clauses in service agreements are relatively common in New York, for example, where indemnities may cover negligence so long as the contract language is explicit and clear. But attempts to raise the stakes will likely fail. Indemnities for gross negligence or willful misconduct are generally unenforceable under public policy in the state.

California takes a more restrictive approach, driven by a public policy stance against indemnifying parties for their own negligence or willful misconduct. As in New York, gross negligence and willful misconduct are usually unenforceable. But California courts are more likely to reject indemnities for negligence as well.

Allocating Risk in Service Agreements

Indemnification is just one of the ways risk is allocated in a professional services agreement. Negotiations may also center on warranties and representations and limitation of liability provisions.

A warranty guarantees that a fact is true during negotiations and will be strictly complied with during the life of an agreement. For example, a provider may guarantee that its services do not infringe on a third party’s intellectual property rights. Representations are express or implied statements one party makes to another, such as a provider representing that it has the licenses and certifications necessary to perform a service.

As with indemnity clauses, clients may use warranties and representations to seek more expansive protections from liability and risk. Conversely, service providers may hope to narrow the scope and duration of representations and warranties to limit their exposure. For instance, a provider may be concerned they cannot guarantee a project’s outcome. They may wish to limit a warranty that could spark litigation if a specific result cannot be achieved.

A limitation of liability clause caps potential damages a party might incur as the result of a claim. Liability limits can spur significant back and forth over the size of caps and types of claims that might be excluded from liability limits. These might include issues such as gross negligence, data breaches, and IP infringement. One 2021 article for the American Society of Civil Engineers described limitation of liability provisions as “kryptonite” in a professional services agreement negotiation.

(You can learn more about limitation of liability clauses here. Click here for a deeper dive on allocating risk in service agreements.)

Protecting IP

Intellectual property issues play a key role in many of the discussions around allocating risk. Parties are often focused on protecting preexisting IP rights and limiting their exposure to infringement claims through clearly defined warranties and carve-outs. Recent history is rife with examples of knowledge theft involving companies that have partnered on projects. While these cases often involve a large competitor who hijack the smaller company’s innovations, a professional services provider bringing its own technology to the table or a client with proprietary data should be on guard as well.

To safeguard against these issues, a professional services agreement should contain clear provisions around questions of ownership. In most cases, service providers will want to retain and protect their ownership rights over existing technology, content, or processes. Clients should establish who owns and can use their existing data. And both sides will need to clarify who has the rights to any new material created during an agreement. A client will likely want to ensure they are not paying to create something a service provider will eventually own. And in some cases, the service provider may have a legitimate interest in obtaining a license to the material produced.

During negotiations, questions may arise over “feedback” and “residuals” provisions. Feedback provisions deal with suggestions, requirements, test results, error data, and any other information generated during the life of a professional services agreement. The provision will determine who owns this feedback and any IP rights associated with it.

Residual provisions are designed to clarify who owns the knowledge gained from working with a party’s confidential information. This includes intangibles like the memories of those who worked on a project or general concepts and ideas. The provision may contain language stating that residual knowledge does not grant the parties a license to each other’s IP. Or it may state that the people involved will not be restricted or limited in future assignments or owe royalties for using the experience they have gained.

As we noted, clients and providers may seek to limit their liability over infringement of a third party’s IP rights. Providers must ask whether they should provide an IP warranty, and if so, what carve-outs should be included. Their goal is to phrase the warranty’s language in such a way that it does not expose them to substantial future claims. They will also want to carefully negotiate the duration of indemnities to avoid being forever on the hook for infringement.

The Impact of AI

IP issues are becoming even more complex as artificial intelligence is more firmly integrated into service offerings and products. How AI-generated tools are being used should be carefully considered in professional services agreements and attendant statements of work. AI technology and the law surrounding it are evolving quickly. Clients, providers, and their counsel must ensure they are making the right assumptions about the scope of services being offered and the technology involved in providing them. (We recently covered AI and IP-related provisions of service agreements in greater depth in this post.)

Thus far, U.S. courts have ruled against extending copyright or patent protection to AI-generated works. Therefore, if AI tools are being used, parties must grapple with fundamental questions, like: What constitutes work product?; who is liable for infringement of third-party IP by an AI tool?; and who can claim ownership of the work product produced?

How often AI is used may also play a role in a negotiation. Consider: An IT service provider uses a third-party AI tool to help generate software code. If the vendor always uses these tools when providing its services, then language covering their use may be included in a master service agreement.

What happens when those tools are used only for certain projects? Should the issue be addressed in a master-level agreement? Or should language appear only in SOWs for projects where the tools are being used? In this case, clients may be looking for a global provision on AI. The service provider, however, may seek to limit liability with terms that apply only to the individual project.

Other Key Issues

Along with risk and IP issues, negotiations over professional services agreements often focus on:

• Fee Structure and Compensation. Will the service provider receive a fixed fee? Will they be paid based upon the time they spend on a project? When will payment occur? The agreement should outline fee structures, invoicing, and schedules, and should also specify what happens if a dispute arises.

• Confidentiality and Data Security. Artificial intelligence has an impact here as well. When data is plugged into an AI tool it may no longer be confidential. Contract terms, often in the strongest possible language, will highlight this fact. Often, these terms are designed to create awareness among clients about the confidentiality dangers that AI tools can pose.

• Termination. Termination for convenience clauses allow parties to pull out of an agreement for any reason after a notice period. In a professional services agreement, clients and providers may seek to broaden or limit these provisions based upon their needs. A client may want the flexibility to pull out if, say, costs become an issue. Or they may wish to limit termination to prevent a vendor from disrupting their operations by exiting the agreement early. On the provider side, a broader termination clause provides flexibility to depart without needing to prove a client has breached a contract. On the other hand, providers may want to disincentivize clients from terminating to avoid losing income and any time and capital they have invested in a project.

Reviewing Your Service Agreement

Service providers and clients alike can take proactive steps to protect themselves when negotiating professional services agreements. Among other things, they should be sure their agreements:

• clearly define responsibilities, scope of work, and each party’s rights and obligations.
• pay close attention to indemnification and liability issues to ensure they are not assuming unnecessary and potentially costly legal risk.
• outline intellectual property ownership rights, confidentiality risks, and liability for third-party infringement claims.
• address concerns over artificial intelligence, including specific terms about the use of AI tools and who retains the rights to work product.

And crucially, providers and clients should be sure they are communicating with their in-house and outside counsel about every aspect of a service agreement—including ancillary agreements like DPAs, BBAs, SOWs, and change orders. The earlier legal counsel are involved in the process, the likelier they will be able to help you negotiate the most favorable terms.

Gouchev Law is a boutique commercial transactions firm with decades of experience negotiating professional services agreements. With our expertise, you can confidently enter into agreements knowing your legal and business interests are safeguarded. Visit our Corporate Law & Commercial Contracts practice page, or book a call to learn more about how we can help.

About the Author

More Resources For You