27.5 Contractual provisions for software license agreements

27.5.5 Source code escrow

A source code escrow account is designed to protect a customer in the event the supplier does not or cannot support the software; e.g., supplier is acquired by another company or declares bankruptcy. Typically, a third party specializing in maintaining code and selected by the supplier acts as the escrow agent. The escrow agent will leave the terms of release of the source code to be negotiated between the supplier and agency. The release conditions (i.e., when the source code escrow would be released to the agency by the agent) could include:

  • failure to perform any obligation under the agreement;
  • the discontinuance of support, upgrades, or enhancements;
  • events that endanger the financial stability or indicate instability of the supplier.

The escrow agreement also requires the software supplier to keep the escrowed software updated. The agency should have the opportunity to verify that all current versions of the software and all modifications and enhancements have been delivered to the escrow agent.

Source code escrows provide significant protection for the agency. Agencies can expect software suppliers to challenge the inclusion of this term. Agencies should insist upon clearly defined conditions in the escrow agreement as well as the ability to deliver effective instructions to the escrow agent. In the event of a bankruptcy filing by the supplier, the Bankruptcy Code allows the enforcement of an escrow agreement that is incidental to a license of intellectual property.

It is advisable to require that the escrowed code is verified to ensure the deposited material is complete, correct, and that it works. While your technical team may require other verification activities, here are some basic steps that could be included in an escrow agreement to perform a verification:

  • Have the files catalogued and confirm they are readable
  • Ensure that all documentation needed to compile and run the code and any associated run-time is included in escrow
  • Identify any tools that may be required to maintain the deposit
  • Have the product compiled and build the executable code
  • Test the functionality of the compiled deposit
  • Confirm the usability of the files built when installed

There is a fee associated with an escrow account and additional fees may apply to any escrow verification. If the agency does not want to pay this fee, be sure that the solicitation states clearly that the cost of any escrow account will be paid by the supplier. Suppliers typically will take the position that the escrow fees are an extra cost. Having the agency pay the escrow fee has the potential advantage of expediting release of the software, since a bankrupt supplier may fail to maintain escrow payments.

The approved contract templates used by VITA Supply Chain Management include very complete and comprehensive language. Other agencies, if not using VITA’s language, may also consider the following contract language: 
“Customer reserves the right to request a third party specializing in maintaining code acts as an escrow agent. This agent will be authorized to release source code information in the event the supplier is unable or unwilling to support the software. The terms of release will be included in Exhibit X (Exhibit X is the document that contains the individualized terms of release that are important to the agency.)