Outsourcing: Australia overview
A Q&A guide to outsourcing in Australia.
This Q&A guide gives a high level overview of legal and regulatory requirements on different types of outsourcing; commonly used legal structures; procurement processes; formalities required for transferring or leasing assets; data protection issues; customer remedies and protections; contracting parties' remedies; dispute resolution; and the tax issues arising on an outsourcing.
To compare answers across multiple jurisdictions, visit the Outsourcing Country Q&A tool.
This Q&A is part of the multi-jurisdictional guide to outsourcing. For a full list of jurisdictional Q&As, visit www.practicallaw.com/outsourcing-mjg.
For the rules relating to transferring employees, visit Transferring employees on an outsourcing in Australia: overview.
Regulation and requirements
The Australian Prudential Regulation Authority (APRA) has issued three prudential standards on outsourcing covering outsourcings by regulated institutions, that is:
Authorised deposit taking institutions (organisations authorised by APRA).
The prudential standards are essentially the same and apply to the outsourcing of material business activities. These are activities that have the potential, if disrupted, to have a significant impact on the regulated institution's business operations or its ability to manage risk effectively, and typically include investment management functions, professional services, custodial arrangements and various information technology (IT) functions, among others, but are not intended to include contractor relationships or secondments.
The prudential standards provide guidance on the assessment of outsourcing options, arrangements with related parties and arrangements with offshore service providers. Key features of the standards include:
Outsourcing policy. Regulated institutions must have a board-approved outsourcing policy. This must specify that the regulated institution remains responsible for compliance with prudential requirements. The company's risk management framework must include considering outsourcing risk.
Demonstrated assessment of options. Regulated institutions must be able to demonstrate certain matters in their assessment of a proposed outsourcing. This will include preparing a business case, establishing procedures for monitoring performance, and developing contingency plans when outsourcing to a third party.
Outsourcing agreements. Regulated institutions must have legally binding written agreements in place before commencing any outsourcing (that is, oral agreements are not permitted). The prudential standards specify minimum requirements for outsourcing agreements, including service levels, business continuity management and subcontracting.
APRA access. Any outsourcing agreement must also contain a provision allowing APRA access to the documentation relating to the outsourcing arrangement. APRA must also be given the right to conduct on-site visits with the service provider.
Offshoring notification requirements. Regulated institutions must notify APRA after entering into any outsourcing agreement and consult with APRA before entering into an outsourcing agreement with an offshore service provider.
Monitoring. Regulated institutions must have sufficient monitoring processes to manage the outsourcing. In addition, they must advise APRA of any issues that arise that may potentially materially affect the outsourcing arrangement.
Audit. Regulated institutions' internal audit functions must review any proposed outsourcing of a material business activity and must regularly review and report to the company's board or audit committee.
In addition, an outsourcing agreement relating to material business activities concerning superannuation must meet further requirements under the Superannuation Industry (Supervision) Regulations 1994 (Cth). An agreement must, for example:
Provide for dispute resolution.
Contain liability and indemnity provisions.
Provide for confidentiality, privacy and security of information.
There is currently a proposal to include a similar outsourcing standard for private health insurers into Commonwealth health insurance legislation. However, this has not made its way into legislation to date.
See Question 2.
Regulatory notification only occurs in the financial services industry (see Question 2).
All outsourcers in Australia are corporate entities and are structured as companies limited by shares. It would be unusual for an outsourcer to be structured as a trust or a partnership (although this is legally possible).
Outsourcings are usually undertaken by the customer contracting directly with the outsourcer. Previously, particularly with very large outsourcings, there was a tendency for a customer to enter into an outsourcing contract with a joint venture company established by the outsourcer and the customer, with the aim of deriving some benefit from the equity it was creating in the company through the outsourcing. All of these joint venture structures have now been dissolved, as they proved to be inflexible and locked the customer into a relationship with the outsourcer.
It is also rare for a customer to allow the outsourcer to contract through a special purpose vehicle, as they typically want to ensure that they are dealing with an entity which is of substance, and has the resources necessary to perform the outsourcing.
Outsourcings to offshore entities are typically undertaken through a contract with an on-shore subsidiary of the outsourcer, supported by a parent company guarantee from the offshore entity.
Description of structure. A company is a separate legal entity that commonly has limited liability. In Australia, this limitation of liability can take the form of either shares or a guarantee, with a company limited by shares being the most common form. At the most basic level, a company must:
Be registered with the Australian Securities and Investments Commission (ASIC).
Have a constitution.
Have at least one director and one shareholder (who can be the same person).
Advantages and disadvantages. The key advantage of a company is its limited liability. An important disadvantage of the company structure is the increased level of disclosure and regulation required by companies, and the related cost and time implications.
Description of structure. A joint venture or project can be carried on by individuals or companies and can be incorporated (where the joint ventures are shareholders in a special purpose company) or unincorporated. Unincorporated joint ventures are not separate legal entities and are governed by the terms of any formal agreement between the joint ventures, and by common law.
Advantages and disadvantages. Participants in certain unincorporated joint ventures can lodge separate tax returns for their portions of the joint venture project. Therefore, they may adopt differing tax treatments for the income and expenses of the venture. However, for this reason, and to minimise the risk of joint liability, care must be taken to ensure that the joint venture is not a partnership at law.
Another disadvantage of the unincorporated joint venture structure is the fact that it does not benefit from limited liability.
Description of structure. Under a trust, a trustee owns the assets of the business and carries on the trading activities on behalf of the beneficiaries of the trust. The trustee can be an individual or a corporation. Traditionally, trusts have been divided into fixed trusts, unit trusts and discretionary trusts. Most larger trusts are unit trusts (and provide for the beneficiaries to hold units in them), with the entitlements being similar to those attaching to shares in a company (although there are important differences).
Advantages and disadvantages. The key advantages of the trust structure are the tax benefits and increased asset protection the structure offers an outsourcing business. These tax benefits include the ability to optimise income distribution to the trust beneficiaries (timing and size of distributions) and the streaming of incomes. Trusts also provide increased asset protection as the placement of assets in a trust structure can reduce the ability of third parties to access those assets. Additionally, the trust structure confers limited liability if the trustee is a company. The disadvantages of a trust structure include the increased expenses of set up and tax administration, the inability to distribute losses, and the penalty tax payable on retained profits.
Description of structure. A partnership involves two or more individuals or companies carrying on business in common as partners with a view to profit (generally there cannot be more than 20 partners). Unless the partnership is conducted in the name of the partners, the name under which it operates must be registered as a business name.
Partnerships are governed by partnership legislation under each Australian state and territory, the terms of the partnership deed or agreement and the common law. A partnership is not a separate legal entity and the partners are jointly and individually liable for the debts and obligations of the business. In some Australian states legislation permits limited partnerships.
Although a partnership is not taxed as a separate taxpayer, the partners must lodge a tax return for the partnership business as well as their individual tax returns. The requirement for a partnership tax return means the partners are bound by a common approach to the tax treatment of income and expenses of their business.
Advantages and disadvantages. Partnerships provide structural flexibility to the partners and allow even distribution of liability between the partners. However, the joint and several liability of each partner to the actions and debts of the partnership is a disadvantage of the structure. Additionally, termination of a partner's interest in the partnership can require the winding up of the partnership and result in the loss of continuity of the outsourcing business.
Request for proposal
Request for proposals (RFPs) and request for tenders (RFTs) are the most common procurement processes used to select a supplier of outsourced services. The terminology of RFP and RFT is often used interchangeably. Generally, for both RFPs and RFTs, suppliers are asked to provide pricing and a suitable solution in response to the customer's defined requirements.
Competitive procurement processes are undertaken in both the private and public sectors. However, all government tendering is subject to probity requirements and both the Commonwealth and each Australian states and territories have their own procurement guidelines. Some public sector agencies have also established individual procurement policies/guidelines based on these Commonwealth and tate/territory procurement guidelines. As a result, procurement processes in the public sector tend to operate as open tender processes or as a two-stage tender, with a selective tender issued to short-listed suppliers after an initial open tender. In the private sector, a selective tender is often used from the outset.
The type of accreditations and licences usually sought from suppliers are dependent on the types of products and services being procured.
Invitation to tender
See above, Request for proposal.
Due diligence is generally undertaken as part of the procurement process. Due diligence usually focuses on the supplier's financial, technological and operational capabilities. Customer interviews are also often undertaken as part of the due diligence process to ascertain the supplier's ability to meet service levels.
Negotiation is sometimes conducted with multiple short-listed suppliers in parallel. However, it is equally common to short-list a single supplier for negotiations.
Pre-tender processes include expressions of interest (EOI) and requests for information (RFIs). Selective tenders often follow an EOI.
Transferring or leasing assets
Formalities for transfer
The formalities required to transfer assets on an outsourcing depend on the nature of the assets. In a typical IT outsourcing, the only assets transferred will be IT hardware and software licences.
Transfers of land need to be registered. However, it is uncommon to have any transfers of land in a typical outsourcing.
IP rights and licences
Software licences typically cannot be transferred or assigned to an outsourcer except with the consent of the licensor. It is often a time consuming exercise (particularly in a first generation outsourcing) to obtain the necessary consents.
All assignments of copyrights and other IP rights must be in writing signed by both parties. While the assignments of copyright are not registrable, the assignments of patents, designs and trade marks should be registered (although registration is not a precondition to validity).
Generally, IT hardware is categorised as movable property, ownership of which can be transferred by entry into an appropriate sale or transfer agreement. There are no registration requirements for these transfers to be valid.
The only exception to this is particular classes of movable property, such as motor vehicles, which require a transfer to be registered to be valid.
While not a formality of transfer as such, under new Personal Property Securities (PPS) legislation in Australia, any person with a PPS interest in the IT hardware (for example, a bank that has a fixed and floating charge over the customer) can register its interest in the hardware. The effect of this is to give the bank a preferential interest in the hardware (assuming the bank perfected its interest before any other interest holders).
As a general rule, key contracts contain a prohibition on assignment or transfer without the consent of the counterparty. Absent such a prohibition, the general rule at law is that a party can assign its rights under a contract but cannot assign its obligations (although the ability to assign rights depends on the extent to which the rights are seen as personal to that party). A novation of the contract (which would transfer both rights and obligations) requires the consent of all three parties involved.
Formalities for leasing or licensing
There are regulations pertaining to the leasing of certain types of real property. Some types of leases of land should be registered, while licences are generally not registrable.
IP rights and licences
Software licences typically cannot be transferred or assigned to an outsourcer except with the consent of the licensor. It is often a time consuming exercise to obtain the necessary consents (particularly in a first generation outsourcing).
While licences of patents and trade marks can be noted on the relevant registers, registration is not a precondition to validity.
Generally, assets which are moveable property can be leased or licensed by agreement in writing, provided that the lessor or licensor is the owner of the asset. Clearly if that lessor or licensor has in turn leased or licensed the asset from another person, then its ability to sub-lease or license the asset will depend on the terms of its lease or licence agreement.
In addition, if, in substance, a lease secures payment or performance of an obligation, then it will be a security interest subject to the Personal Property Securities Act 2009 (Cth) and the lessor will need to register (or otherwise perfect) the security interest to ensure that the security interest has priority over competing interests.
As a general rule, key contracts contain a prohibition on a party sub-licensing its rights under that contract without the consent of the counterparty. However, a lack of such a prohibition would not necessarily mean that the party would have a right to sub-license as this depends on the extent to which the rights granted are seen as personal to that party.
As a general rule, employees can only be transferred from one employer to another with the individual employee's consent. The only exception to this rule would be where a statute specifically provides for the transfer of employees. This type of statutory provision is not common in Australia.
For more information on transferring employees on an outsourcing, including structuring employee arrangements (including any notice, information and consultation obligations) and calculating redundancy pay, see Transferring employees on an outsourcing in Australia: overview (www.practicallaw.com/4-579-0325).
Data protection and data security
General requirements. The Privacy Act 1988 (Cth) (Privacy Act) requires both Commonwealth entities as well as private sector organisations (except for small business) to protect the privacy of personal information collected by them. The Act sets out a set of Information Privacy Principles (which regulates Commonwealth entities) and a set of National Privacy Principles (which regulates private sector organisations), which deal with collection, use, disclosure and security of personal information (including health information) collected by the relevant entities. Of particular note are the cross-border data flow provisions, which regulate the transfer of personal information outside of Australia.
In addition to the Privacy Act, a number of Australian states and territories have also passed their own Privacy Acts to regulate personal information collected by state or territory authorities.
The Telecommunications Act 1997 (Cth) contains additional rules around how telecommunications carriers and carriage service providers can use information carried over their telecommunications networks. As a general principle, carriers and carriage service providers must not use or disclose the information obtained except in the performance of their duties as permitted by the Act.
In addition, the Telecommunications (Interception and Access) Act 1979 (Cth) deems it a criminal offence to listen to or record any communication without the knowledge of the person making the communication. There are exceptions for certain government agencies and telecommunications carriers where they are required to do so for business purposes, and also in emergency situations.
Mechanisms to ensure compliance. Customers in an outsourcing typically require the outsourcer to:
Only use personal information for the purposes of performing obligations under the outsourcing.
Comply with the customers' privacy policies, as well as with the Privacy Act and any other privacy regulation applicable in the relevant industry.
Agree to allow for appropriate audits of the outsourcer's compliance (and for an APRA regulated entity, allow for audits by APRA).
International standards. Not applicable.
General requirements. There are no banking secrecy laws in Australia. However, the Privacy Act, the Code of Banking Practice and the Credit Reporting Code of Conduct apply generally to the banking industry.
Mechanisms to ensure compliance. Not applicable.
International standards. Not applicable.
Confidentiality of customer data
General requirements. See above, Data protection and data security.
Mechanisms to ensure compliance. See above, Data protection and data security.
International standards. See above, Data protection and data security.
Service specification and levels
Generally, customers and/or their third party consultants draw up the services' specification. Customers typically define in-scope services as broadly as possible and do not attempt to rely solely on the inherently difficult task of developing a comprehensive description of every task, function and responsibility comprising the outsourced functions.
Whilst service level agreements and service credit arrangements are standard outsourcing management tools, in each case they are customised for the particular transaction so there is no typical scheme. However, often there is a capped amount at risk for service level credits and suppliers often request that service level credits are specified as the customer's sole remedy (though this is frequently resisted by customers).
Flexibility in volumes purchased
Charging methods and key terms
Customer remedies and protections
Warranties and indemnities
The following warranties are typically included in the contract documentation:
Ownership/licensing rights in relation to intellectual property.
Non-infringing status of deliverables.
Absence of infringement claims.
Conformity to services specification.
Due care and skill in supply of services.
Fitness for purpose.
Indemnities against the following are typically included in the contract documentation:
Any death or injury to persons.
Any loss or damage to real or personal property.
Breach of confidentiality and privacy provisions.
Negligent acts of omissions of subcontractors.
Breach of contract.
The Australian Consumer Law provides consumers with the benefit of a number of non-excludable guarantees for consumer goods and services (such as goods being fit for purpose, of acceptable quality and services being rendered with due care and skill). Although this is consumer protection legislation, multinational corporations or government entities can take the benefit of this legislation where they are acquiring goods or services of a kind ordinarily acquired for personal, domestic or household use or consumption or where the value of the goods or services is A$40,000 or less (as at 1 February 2012, A$1 was about EUR0.8). These would not ordinarily apply in an outsourcing.
A breach of a consumer guarantee provides certain rights depending on the severity of the breach (for example, if the failure to comply with a consumer guarantee amounts to a major failure, the consumer may obtain a refund or replacement at their (not the supplier's) election). While these rights cannot be excluded, suppliers can limit their liability for the consumer guarantees (except in relation to the right to sell the goods, the undisturbed possession or the undisclosed security guarantees). However, the limitation cannot be unfair or unreasonable.
Term and notice period
National law does not regulate the length of notice period (however, see Question 2 for specific requirements for financial services).
Termination and termination consequences
Events justifying termination
Events that terminate an outsourcing without giving rise to a claim in damages against the terminating party depend on the contractual terms of the outsourcing agreement and the circumstances in which the termination occurs. For example, if a party proposes to terminate for material breach in circumstances where the breach is not material, it may be liable for repudiation. These situations are complex and very much dependent on the particular facts.
IP rights and know-how post-termination
To imply a right to use licensed IP rights post-termination, a supplier would have to satisfy the common law test for the implication of terms into contracts (that is, the test in BP Refinery Western Port v Shire of Hastings (1977) 180 CLR 266). For a term to be implied into a contract under this test, it must:
Be reasonable and equitable.
Be necessary to give business efficacy to the contract.
Be capable of clear expression.
Not contradict any express term of the contract.
Without the ability to imply terms on this basis, there are no implied rights for a supplier to continue to use licensed IP. Such rights must be expressly provided for.
Liability, exclusions and caps
Provided it does not negate the consideration being provided under the contract and it is not unconscionable (for example, in the event of fraud, death or personal injury), liability may be excluded. However, liability cannot be excluded in relation to the Australian Consumer Law statutory guarantees (see Question 19).
It is possible to exclude liability for indirect and consequential loss. However, the law as to the meaning of consequential loss is not entirely settled in Australia. Recent Australian cases have diverged from English case law on this point. As a result, both suppliers and customers usually attempt to define consequential loss within the contract. Suppliers usually seek to exclude liability for the following independently to excluding liability for consequential loss generally:
Loss of profit/revenue.
Loss of business opportunities.
Loss of anticipated savings and damage to goodwill.
Parties are free to cap their liability (however, see Question 29). Liability is usually capped at the contract value or a multiple of contract value.
Transfers of assets to the supplier
Customers who are residents in Australia are taxed on gains made on the transfer of ownership in assets to a supplier. The taxation of these gains does not differ where the supplier is resident outside of Australia for tax purposes.
Stamp duty may also be payable in Australia depending on the nature and location of the assets, customer and supplier.
Transfers of employees to the supplier
The transfer of employees to a supplier may mean that the customer is no longer required to withhold tax from employees' remuneration. The transfer may also reduce the payroll tax payable by the customer.
The taxation consequences arising to the customer as a result of the transfer of employees do not differ if the supplier is not a resident of Australia.
VAT or sales tax
Australia has a broad based goods and services tax (GST) regime under which suppliers are required to remit to the Australian Taxation Office 10% of the value of the supply of goods, services, rights and other things acquired in, or in connection with Australia. This GST cost is usually passed on to the customers under the relevant contracts. In certain circumstances customers may then be entitled to a tax credit for GST purposes in relation to the amount of GST paid, where the relevant acquisition is used by the customer to make further GST taxable supplies.
Suppliers who are not residents in Australia for tax purposes are not required to remit GST to the Australian Taxation Office, unless the relevant supply satisfies certain nexus criteria with Australia.
Australia does not impose a services tax regime (however, see above, VAT or sales tax).
Australia's various states and territories impose duty on the transfer of certain property. The form and extent of the duty imposed depends on the nature and location of the relevant property, the terms of the transaction and the transacting parties.
A non-resident customer and/or supplier may still be required to pay duty where the relevant assets are located in Australia.
Australian corporations pay income tax on their taxable income at a corporate tax rate of 30%.
In an outsourcing context, it is important that a customer be entitled to a deduction for payments made to a supplier. Whether a deduction is available will depend on the nature and purpose of the outsourcing arrangement.
Additional tax issues arise where the relevant supplier is a non-resident of Australia for tax purposes. In those circumstances it is particularly important that the parties deal with each other at arm's length and ensure that a market value price is payable.
Other tax issues
Australian resident customers and suppliers should be particularly conscious of any licensing or IP arrangements that are entered into to support an outsourcing arrangement. Australia imposes royalty withholding tax on royalty payments that are made to non-residents of Australia. Under this regime, the Australian customer and/or supplier must withhold an amount from royalty payments made to a non-resident and remit this amount to the Australian Taxation Office.