The phone call is brief, and unwelcome. A company that supplies software vital to your business has unexpectedly collapsed. The employees have been laid off and the empty premises are in the hands of a letting agent. The timing couldn’t have been worse: with regulatory compliance requiring a software upgrade within the next two months, no one seems to know how that will be achieved. Such scenarios are the reason behind what are termed ‘escrow agreements’.
Escrow, a legal term defined as “money, goods or a written document held by a trusted third party, pending the fulfilment of some condition”, provides an assurance that should a software company go out of business, its customers won’t be left in the lurch. The idea: the application source code, and all relevant documentation, is lodged with an escrow agent, who releases it should certain contractually defined conditions – such as the software company going out of business – occur.
About 10,000 British businesses are protected by escrow agreements operated by Manchester-based NCC Group, an offshoot of the National Computing Centre.
About two-thirds of these agreements, explains operations director Jon Leigh, comprise what are called ‘single-form agreements’, which are typically used when a software house creates some bespoke code for a company. The remainder are ‘multiform agreements’ set up by software applications vendors, to which any number of their customers can subscribe.
Prices vary according to how much protection is required, explains Leigh. There’s a basic setup fee of £795, and a further £295 in the event that the standard agreement requires customising in some way. Most do, he says, so an overall setup cost of about £1,000 is the norm. Then there’s an annual fee of £650 for single-form agreements, or £535 for multiform agreements.
Further fees are payable for additional services, verifying that the lodged source code can be rebuilt into a working application, for example.
At St Austell-based china clay miner Imerys Minerals, IT manager John Hodkin has an escrow agreement with High Wycombe-based financial accounting firm IFS. It is company policy to establish escrow agreements wherever there is heavy reliance on third-party software. “We have a thousand users all over Europe: virtually every part of our business is touched by IFS.
Escrow costs money, certainly, but in the context of the significance of IFS to the business, the cost isn’t significant,” he says.
Despite the intuitive appeal of an escrow arrangement, they are not terribly common: fewer than 5% of the Imerys’ fellow IFS customers choose escrow protection. “It’s a standard clause in our contracts, but few customers elect to take it up,” according to IFS managing director Alastair Sorbie.
There’s a broadly similar picture at Harrogate-based CODA, where approximately 10% of customers go for escrow.
Why are the percentages so low? “There’s a cost to escrow, without any benefits in return,” says CODA company secretary Dave Belmont. Customers see CODA as financially sound, says Belmont, and few customers see much point in protecting themselves from a risk that isn’t there.
In any case, adds Sorbie, major companies such as IFS and CODA don’t vanish overnight. “Companies might not go to the wall, but rather than disappear, they will get acquired by software conglomerates such as GEAC, SSA and Computer Associates,” he says.
Guy Letts, R&D director of Newcastle-based Sage, says: “Most of our customers wouldn’t know what it was, let alone see any value in paying for it.” The real problem, he believes, is that the escrow model itself is built upon an unworkable premise: that access to source code is actually useful.
“If I’m an engineering firm in the West Midlands and I find myself with the source code for a payroll package, what on earth am I going to do with it? The costs of doing anything will be far higher than just buying a replacement,” he says.
Maybe so, but for some companies, escrow buys a valuable window of opportunity.
At Amlin Ltd, a £1bn Lloyd’s insurance company, escrow is standard policy, says Adrian Hughes, head of information systems. “While it’s less of a concern with companies such as CODA, it’s simply part of our policy of managing business risk.” And in the event of needing to use the escrow provision, a standard plan is in place. “We’ll work with other customers of the software company to do any critical fixes to the product until we can move to a new platform,” he says.
But like it or not, more customers are going to demand escrow. London-based networking vendor NDL, in business since 1982, had only done one escrow agreement in 22 years but expects that to change, says operations director Dan Atkinson. “Local authorities are now working to government guidelines, which recommend escrow,” he says.
O2's new CFO Patricia Cobian discusses the joined-up approach required to improve digital connectivity - and its vital role in improving the UK's economic growth prospects
The emergence of the challenger banking sector and fintech in general is creating strong opportunities for accountants with retail banking skills
View our archived webinar, including Oracle and a host of ‘Fast Data’ experts, to discover how financial professionals can help create a Fast Data business
Yahoo’s data breach highlights difficulty in determining whether unauthorised access to data has occurred
Cyber risk is a dynamic threat as criminals seek more creative ways of extracting value from reputable businesses. The new wave of attackers are sophisticated and skilled, and may lie low inside a network for weeks, or months, before taking definitive actions