In early 2006, California chose a contractor for its 21st Century Project, a massive initiative to replace the state's 1970s vintage payroll system. The deal, among the largest state government IT projects ever attempted, was awarded to the team of BearingPoint and SAP Public Service -- the only bidder remaining at the end of the competition.
Several months prior, San Diego County became the first county government to switch IT outsourcing partners, replacing Computer Sciences Corp. (CSC) to run the county's enormous IT shop. But ultimately just one bidder, Northrop Grumman, would accept the new contract terms.
Vendors who retreated from these deals -- giants like IBM, Accenture and CSC -- contended they couldn't justify the risk. Industry insiders say the small number of bidders reflects a problem occurring throughout state and local government IT.
Some contend that government executives -- stung by high-profile project failures -- are pushing more responsibility onto vendors to avoid future debacles. As onerous terms and conditions make government contracts riskier and less profitable for contractors, vendors are quitting midway through negotiations or sitting out government procurements altogether. Critics argue this will hurt governments by limiting the number of companies competing for government contracting business.
But others counter that current public-sector contract provisions are consistent with those accepted in the private sector, and that there's nothing wrong with a contract being highly risky for a vendor because allocating that risk is a primary reason for outsourcing in the first place. They say there are still plenty of vendors willing to accept the risks attached to today's contract provisions.
But most agree that bidders willing to accept tough contract terms simply price in the added risk, raising the question of whether governments are signing more expensive contracts than necessary.
Time to Change
California CIO J. Clark Kelso couldn't say definitively that he sees less competition for government contracts, but he is concerned about the threat. He said vendors routinely complain to him about the issue.
Relaxing some provisions may be advisable in light of the massive integration projects California plans to roll out in the next four years, Kelso said. Those projects will require vendors to make large investments in addition to accepting risky terms and conditions.
"It does create a concern that our terms and conditions may need to be adjusted in certain cases so that the risk profile of a particular project looks more attractive to the vendor community," said Kelso.
IT officials, he said, must bring lawmakers onboard with contract relaxations before adjusting provisions, however. "Onerous" contract provisions typically stem from legislative reaction to past project failures, said Kelso. Given that legislators view the provisions in that light, government executives are unlikely to soften contract provisions without the legislature endorsing a new philosophy for terms and conditions.
"If every time you have an IT project difficulty, somebody calls hearings, and as part of the hearings [they] take a look at the contract and say, 'Well, where was this term? Why didn't you have this? Where was the performance bond?' you tend to become fairly defensive about keeping your terms strict," Kelso said.
The California Manufacturers and Technology Association (CMTA) hosted workshops in late 2005 and early 2006 that were led by IBM, BearingPoint, EDS and several other companies, arguing for various relaxations in California government contract provisions.
Wanting It All
Accenture was one of three companies that pulled out of negotiations for California's 21st Century Project. The giant IT-services firm bowed out two days before the deadline when the state refused to budge on its warranty requirements, leaving BearingPoint teamed with SAP Public Service as the sole remaining bidder.
Kelso defended the California 21st Century Project, saying the remaining bidder didn't know Accenture had pulled out of the bidding, so Accenture's action didn't influence BearingPoint's bid.
John Maguire, managing director for Accenture's state and local government business, said governments go through cycles where contracts are strict for awhile, then looser for a time before tightening again. He said governments risk reducing their choices of top IT providers when contract terms and conditions confront vendors with too much to lose.
Maguire said he routinely sees provisions requiring vendors to sign over to the government all intellectual property they would use to service a contract -- even materials developed at the vendor's own expense outside the scope of the contract. Vendors are frequently forced into this agreement so that if they get replaced at the end of their contract, the following vendor can use that intellectual material.
This happened to CSC in 2005 when San Diego County replaced the company with Northrop Grumman -- the only vendor in negotiations that completely accepted the county's handful of nonnegotiable terms and conditions.
San Diego County ended its partnership with CSC when the company refused to continue the "no suspension of services" clause in its previous contract with the county. The clause forbade CSC, and now Northrop Grumman, from stopping work under any circumstances, including if the government withheld payment. San Diego County exercised this right during contract responsibility disputes with CSC, inflicting a serious financial strain on the company, according to San Diego County CIO Michael Moore. CSC declined participation in this story.
Moore said the county took pains to ensure a healthy number of vendors would accept the county's "critical" terms and conditions when it rebid its IT outsourcing contract. He presented his six nonnegotiable provisions to all interested vendors before releasing his RFP. All nine vendors remained interested, Moore said. "We didn't scare anybody off on the front end."
But many of the vendors still submitted bids, indicating hope that all parts of the contract were negotiable. Moore said once the county narrowed the bidders down to CSC, IBM and Northrop Grumman, CSC and IBM refused some of the terms and conditions he had warned were nonnegotiable.
Richard Fogel, a partner at TPI, a group that advises governments and private companies on procurement matters, disputes the notion that government contracts are unacceptably stringent for vendors. Fogel said he frequently sees many of the government provisions vendors complain about included in private-sector contracts. Fogel said customers should have the right to withhold payment during disputes over a vendor's performance without the threat of the vendor halting services.
Service providers have significant leverage because they maintain customers' vital IT systems and could strangle customers unfairly if they wished, he said. "Can you imagine the service provider turning off systems, failing to provide service in a government environment where the citizenry would be prevented from obtaining services from its government?"
Governments also request intellectual property rights hoping to get a residual benefit from the vendors using those applications in future contracts with other organizations. They argue that they paid the vendor to develop those materials uniquely for them, which justifies ownership. But those applications are usually recycled versions of code the vendor used for past contracts, causing a dicey argument over who owns what, said Peter Iannone, president of Avanti Advisory, another group that provides procurement advice to the public and private sectors.
Governments should establish in negotiations whether a vendor is reusing previously developed code or building an application from scratch, Iannone said, adding that if the government is truly paying to create an original application, then the high cost of that warrants getting intellectual property rights. But if the vendor recycles previously developed code, government should leverage that for cheaper prices instead of seeking property rights. He said many vendors insist on creating a new application from scratch when a government won't budge on demanding property rights -- creating a needless cost for the government.
Enormous lawsuit liability requirements currently appearing in state and local government contracts are the kiss of death for many bidders, yet nonnegotiable for governments.
San Diego County's outsourcing contract required the winning bidder to back a $100 million limit per incident in most cases. If the lawsuit involved privacy, the limit rose to $130 million. Some cases required unlimited liability.
John Adler, state procurement administrator for the Arizona Department of Administration, said governments routinely demand unlimited liability for problems the vendor creates. "If the contractor creates a situation where the government gets sued for $100 million because of the contractor's actions, why should the government absorb that risk?"
Accenture's Maguire said many firms consider any liability of $100 million or more to be betting the company. "From their perspective, either way that gets triggered, they're going bankrupt anyway. What's the difference if it's a $100 million or 'unlimited?'" he said.
Regardless of how likely a $100 million loss might be, Maguire added, very few reputable firms were willing to bet the company for one deal.
TPI's Fogel disputed the assertion that uncapped liabilities are common in government contracts. He said all of the government procurements he has participated in capped liabilities for the vendor, usually at some number of months of fees.
IBM led a recent CMTA workshop that outlined certain liability requirements in California public-sector contracts that exceeded those in most private-sector contracts and many other public-sector ones, according to the IT Industry's Report on the Proceedings, Discussions and Proposed Recommendations Relating to the State IT Model Terms and Conditions from the CMTA.
Negotiating liability provisions is sticky for government officials and business executives, said Avanti's Iannone. He said private-sector companies dread sharing huge lawsuit damages with outsourcing providers as much as governments do. Companies often accept that risk when the bidding vendor can demonstrate that unlimited liabilities weren't needed to resolve past litigious difficulties the vendor had experienced, said Iannone.
But government executives have a hard time swallowing that rationalization.
"It's difficult to get someone [in government] to sign off on that because it's ultimately paid by the taxpayers," Iannone said. Instead, governments simply accept the higher costs vendors add to make those provisions workable.
Iannone predicted governments will begin to accept lower liability caps in the future as more of them outsource IT. The precedent from those deals would enable vendors to incrementally make liability in government contracts mirror those in the private sector.
Maguire added many onerous contracts prohibit contractors from disclaiming liability for damages beyond their control.
EDS apparently shares that concern. The company led a recent CMTA workshop where it urged California government executives to release vendors from such a liability, according to the CMTA report. The report said the California Department of General Services agreed to consider the recommendation.
Loosening the Bond
A California statute also requires vendors to put up a bond for 50 percent of a contract's value. This guarantees the state funding to finish the project if the vendor doesn't perform. The vendor typically hires an expensive company to insure the bond. Normally the hardware and licensing part of the project and the services part are lumped together in one contract, requiring a huge bond from the vendor.
In addition to that bond, the state retains 10 percent of all progress payments for quality control purposes throughout a project's lifetime.
During a three- to four-year project, if you combine those things, vendors don't see revenue from the contracts for quite some time, said Kelso.
In the future, Kelso said he's considering breaking large projects into two contracts: one for hardware and software, and another for services. The state would require a bond only for the services contract, which would allow the bond amount to be a smaller. A bond isn't necessary for the hardware and software contract because those materials could be used even if a vendor is replaced before the project is complete.
Furthermore, broadly written indemnity requirements frequently appear in state and local government contracts, often requiring the vendor to indemnify the government against third-party companies contracted by the government, but that have no contractual relationship with the vendor.
"We sometimes find extremely broad indemnities that require contractors to reimburse the state for expensive losses that really aren't related in any way directly to the contract or the project," Maguire said. "You could have a situation where a prime contractor's in there, but the state's contracted with, say, a software company or something like that, and the state's requiring the vendor to then indemnify the state against the software company, even though there's no contractual relationship."
Vendors fear this opens the floodgates to countless lawsuits from several different sources, posing a grossly unpredictable financial risk.
Avanti's Iannone said third-party indemnities usually exist to allow the third-party companies, after being sued for a problem ultimately caused by the government's IT department, to bypass suing the government and directly seek damages from the IT contractor. Those third-party companies prefer to sue vendors because it offers a better chance at winning large damages, he said, adding that it saves them the public relations risk of suing the taxpayers.
Vendors think third-party companies should seek damages directly from the government since their contractual relationship is with the government, said Iannone. The vendor would then reimburse the government for the damages the government paid the third-party company, he said. Liability caps would apply where they existed.
Iannone said he understood the vendors' fear that third-party indemnities encourage lawsuits from several directions.
"You can just imagine -- who would you rather sue, the state of Virginia or Northrop Grumman? I'd rather sue Northrop Grumman. I'd have a much better chance, especially in a Virginia court."
Defining the Project
Arizona's Adler said pushing more responsibility onto a vendor doesn't guard against project failure if a contract is written too vaguely. Contracts are typically written by a government administrator who has difficulty reducing his or her vision into writing because of a lack of specification writing experience, he said. Whatever that administrator produces becomes the scope of work for the project.
The only way for government to guard against project failure, Adler continued, is to make certain both parties agree in negotiations on what every provision requires of the other side -- a complicated task for $100 million or more project. Neglecting clarity leads to both sides squabbling over who is responsible for what task midway through the project. The conflicts gobble time, putting the project behind schedule. Arguing over fault for the lateness slows the process even more.
"This is pretty complicated stuff, and it's got to be handled with the respect it deserves," Adler said, adding that when spending $150 million to $200 million of taxpayer money on a system, the terms need to be clear. "You'd damn well better do a good job describing it, and you'd better do a good job of making sure the vendor understands it before you award him a contract."
Drowning in Details
Iannone said many of today's government contracts are riddled with vendor deadlines for virtually every task, which doesn't reflect how projects play out in daily operations. Governments don't manage their own IT that way because unforeseen circumstances require flexibility, he said. Governments having deadline tunnel vision during those circumstances can lead to needless friction with the vendor and halt progress.
"You have to make tradeoffs as you go along," said Iannone. "When you try to prescribe every detail -- everything that has to go on -- it really gets impractical. You're sort of fighting uphill constantly."
Some projects need just a handful of deadlines, or "gates," while others need stricter schedules.
"If I was looking at a large data center move, I think there would be half a dozen really important gates that we'd have to monitor," Iannone said. "If it was a major integration project, where we were converting 10 different agencies' systems into one system, and that system integrated with the federal government and other things, I'd want a lot more gates."
Iannone said using lots of strict deadlines in highly complex aspects of a project is unavoidable, but since a lot of deadlines can also hinder a project during unforeseen circumstances, governments should only use a large number of them in unavoidably complex aspects of a project. Lower-risk, less complex parts of a project should have fewer gates and more flexibility to adjust to the unforeseen, he said, adding that advisory firms are useful for determining that risk, and which areas of a project need more gates versus which need less.
"The lawyers' job is to tighten it as much as possible," Iannone said. "Someone needs to add the balance."
Although Iannone recommends governments use private-sector lawyers, he said their increasing involvement is partially causing an overload of details in contracts.
"If you leave it all up to the lawyers, it would be an incredible amount of detail because lawyers think that way," Iannone said. "Advisers take a look and say, 'OK, what's the state going to need to protect itself, but to get the best out of the vendor?'"
Still, he said government procurements without private-sector lawyers tend to have too few details or a lot of the wrong kind of details.
Business Is Business
TPI's Fogel rejected the notion that a smaller number of vendors bidding on procurements necessarily meant contracts were less competitive for governments, saying price competition has never been fiercer and that it has lowered many vendors' profit margins.
"The service providers will tell you [their] margins are as thin as they've ever been. If the business case for the service provider, given lower margins, is such that they're unwilling to accept the risk of the transactions, that's a different story than saying that the contracts are driving service providers out of competition," Fogel said. "It's not that the contracts have gotten more stringent, it's that the margins have become more competitive, and the business profile for the business may be too lean to accept the risk."
Moore said San Diego County's past requirement of contracting with only one of the few top-tier outsourcing providers hindered competition, reinforcing those companies' penchant for refusing core terms and conditions. He said in its latest outsourcing contract, the county tried to establish that it would consider other options.
"You have to be an integrator. I think there are a lot of integrators out there that are not necessarily in the outsourcing business. Northrop Grumman jumping into this marketplace is an indicator of that," he said, adding that five years ago, Northrop Grumman wasn't on the IT outsourcing map.
IBM is among a few large companies that should rethink how they approach state and local government contracts, Moore said.
"IBM used to take the approach that you either accept their terms and conditions, or you don't get them," he said. "They're finding out that there are other people qualified to do this work."
Kelso described IBM, which runs several large projects for California, as a tough negotiator. But ultimately the company agreed to a contract that was very livable for the state, he said, adding that IBM and state negotiators often trade off on provisions to reach a compromise.
"Our experience has been that like any large, sophisticated vendor, they can be hard bargainers at the table, but we have not gotten into deadlock positions with them," Kelso said. "You have to have your wits about you and your legal counsel with you when you're bargaining to be safe, but we haven't found them to be a difficult contracting partner."
Adler dismissed the idea that a contract's fairness to the vendor should be one of his top priorities.
"I don't want to sound callous and say, 'If you can't compete under those conditions, don't compete,' but that basically is how business works," Adler said, adding that he doesn't worry about fairness to the vendor when drafting a contract any more than a vendor worries about fairness to the government when determining its prices.
"My concern is whether I have a fair process where everybody has an equal chance to compete," he said. "When it comes to doing business with you, I want to make sure that you give the best deal to the government, just like you want to make sure you do the best deal for your company."
He said Arizona occasionally limits liabilities for vendors when state executives want the vendor's services enough.
For instance, IBM runs the state's Web portal and won the contract without relinquishing its intellectual property. The company presented a business case that enabled Arizona to pay IBM with a percentage of the money the state would save through gained efficiencies from the project. If Arizona ever switches vendors and continues using any of IBM's intellectual property, IBM will remain attached to provide maintenance services for those applications.
"That's a sacrifice we made to achieve that contract," Adler said.
Kelso said California has required many of the provisions now troubling vendors for a long time, adding that most large vendors wouldn't have blinked an eye at them in years past. But corporate scandals and the resulting federal Public Company Accounting Reform and Investor Protection Act of 2002 changed corporate governance and willingness to accept risk. Vendors' executive offices and legal counsel review large government integration projects more cautiously, said Kelso.
"There are certain types of risks that they just can't take on anymore. They have revenue recognition issues," Kelso said. "If they're going to make Wall Street targets, they need to worry about certain things."