A recent article in the ABA/BNA Lawyers’ Manual on Professional Conduct highlights the increased interest of corporate clients in setting the contractual terms of their relationships with outside counsel. Historically, if these terms were documented in writing, they could be found in the law firm’s own engagement letter, likely drafted with the firm’s interests in mind. In part because of what many view as a recent shift in the bargaining power between corporate clients and lawyers, as well as an increased scrutiny within companies of the resources spent on outside counsel, the clients have turned the tables and many law firms are struggling to adapt.
As the article notes, some lawyers are suggesting the use of an amendment to the Model Rules of Professional Conduct to prohibit these client-driven terms—often called Outside Counsel Guidelines (OCGs)—from imposing definitions of a conflict of interest that they view as restricting a lawyer’s ability to practice beyond the requirements of existing ethics rules. Any of the provisions included by corporations in their OCGs, including those regarding conflicts of interest, can impose onerous obligations on law firms.
The idea of lawyers negotiating the terms of a contract shouldn’t sound controversial, but when it comes to the terms of their own contracts, lawyers engage in behavior they would never recommend to a client. Other than big-ticket contracts, such as property leases and firm-wide outsourcing contracts, lawyers often agree to terms—such as those in agreements with e-discovery or contract attorney vendors—without any review whatsoever. The same has been true for OCGs, to which attorneys historically have paid little attention, partially, according to James R. Clark, general counsel and partner at Foley & Lardner LLP, “in the interest of not disrupting client relations.”
Firms should avoid the assumption that OCGs are non-negotiable or that open discussion with the client will harm a relationship. Investing time and resources to the negotiation of OCGs will help avoid downstream expense, frustration, and liability. In my experience as a deputy general counsel of a large law firm, clients are open to adjusting OCG terms in response to clearly articulated concerns.
Rebecca W. House, general counsel of Rockwell Automation, agrees: “Our OCGs are critical in that they allow us to clearly set expectations and guidelines for how we will interact with law firms. While standardization of terms is important for efficient, effective, and fair management of relationships, we recognize that there may be times when we need to adjust terms and our approach for certain matters or certain law firms, depending on the nature of the work and our relationship with a specific law firm.”
Let’s look at three of the most problematic types of provisions found in OCGs, and ways to negotiate amendments to satisfy a firm’s business needs and risk management concerns.
Expanded Duties of Loyalty
Every U.S. state has developed its own rules governing what constitutes a conflict of interest, most of which track closely the ABA Model Rules of Professional Conduct. The conflicts rules are grounded in duties of loyalty and confidentiality that lawyers owe to clients, and are imputed among lawyers practicing in a firm. The state rules are specific and the law defining the scope of those underlying duties is robust.
Corporate clients have developed other ideas. Instead of relying on established rules and laws, corporate clients are defining conflicts for themselves and dictating the relationships law firms may have with other clients. A natural outcome of the basic conflict rules is that every matter a lawyer or law firm takes on necessarily restricts future business opportunities. Today’s corporate OCGs are, however, expanding the set of clients and matters foreclosed to law firms beyond the operation of the conflicts rules. And advance waivers are out of the question.
OCGs now often require law firms to agree that the firm will not represent (1) other parties in matters adverse to any affiliate of the client, (2) competitors of the client, or (3) any entities whose interests may simply not be aligned with the interests of the client.
In confronting client OCGs, law firms should carefully consider the conflicts provisions and the impact of those provisions on the firm’s business. Such terms may be perfectly acceptable for some client relationships for some firms with certain practices. If not, the firm should take the time to explain to the client the ways in which the client’s requirements harm the firm’s business, while acknowledging the client’s concerns, and propose a middle ground. Agree on a limited set of competitors, but not all, that are off limits. Allow for adversity to certain types of affiliates or only those affiliates with which the firm has had no relationship or contact. Define a certain type of matter the firm will not handle for clients in a certain industry. Ask for advance permission to handle certain types of routine adverse matters unrelated to the firm’s representation of the client (some clients are affirmatively providing this type of advance waiver simply to avoid the hassle of responding to waiver requests from their lawyers).
Regardless of the outcome of these discussions, the firm will be better positioned to make an informed business decision regarding the restrictions imposed by the terms acceptable to the client. Expansive conflicts terms impact the firm’s future business opportunities, and strategic business decision-making must be utilized accordingly.
Beyond the acceptability of terms for conflicts/future business, another type of common OCG provision more directly targets the firm’s liability to the client. Corporations often include indemnification requirements of varying scope in their OCGs. I’m not aware of a claim against a firm involving the firm’s indemnification obligations. Yet, the consequences of certain types of indemnification provisions could prove disastrous.
The scope of the most routine such provisions tend to track existing law regarding a lawyer’s standard of care and, therefore, do not create law firm or lawyer liability where it otherwise did not already exist. Some OCGs increase the scope of that liability to include any acts or omissions by a lawyer, regardless of a standard of care, and sometimes go a step further to include the acts or omissions of third parties, such as vendors, experts, and consultants. This means law firms may find themselves agreeing to be liable for things that fall outside the scope of their professional liability insurance, and leaves the firm and attorneys financially vulnerable.
Lawyers should educate their clients that such provisions are not in the client’s best interest, potentially leaving the client with uncovered claims, and that existing law already holds lawyers to high standards of liability. Law firms may also point out that OCGs themselves often require the firm to have substantial professional liability insurance.
Promises of Data Security Not Enough
A notable development in OCGs is driven by concerns regarding the security of data. While clients in certain industries—finance, healthcare, and retail, for example—long have required assurances from their outside lawyers regarding adherence to principles of data security, clients no longer accept mere promises. In many OCGs, corporations are laying out specific measures and policies that they expect law firms to have in place or adopt in order to retain the client’s business. In addition, clients are following up on OCG terms with extensive written assessments and on-site, multi-office audits.
The administrative burden placed on lawyers and firms by these assessments and audits can be substantial. For law firms that do not have satisfactory measures and processes already in place, the cost of compliance is steep, both financially and culturally. Failure to meet the client’s requirements can mean being fired.
One of the most onerous aspects of client data security requirements is that companies often insist that the policies and measures be applied firm-wide, to all information and not just to the client’s information in the firm’s possession. This is one area of opportunity for negotiation with the client—limiting certain policies only to the lawyers and staff involved in the client’s work or to those with access to the client’s information (which often can be restricted).
Law firms also can successfully negotiate the application of the client’s data security requirements by reminding the client of the nature and volume of the work handled by the firm. Companies often blindly cast their OCG net, without much prior examination of the nature of the relationship with each law firm. This is partially because of a lack of coordination between the corporate divisions responsible for data security assessment and the legal or business departments that have direct relationships with law firms.
For instance, a client may relieve a firm of the obligation to deploy an expensive, firm-wide mobile device management application if the firm only handles $20,000 worth of its legal work per year, or if the firm’s work for the client does not result in the firm handling sensitive, regulated personal information. Some companies have themselves moved away from the one-size-fits-all application of data security requirements; however, firms must be proactive in informing the client’s assessment team what size applies.
None of this is to say that if a law firm does handle a substantial amount of client or client customer PII or PHI, or if the law firm handles other particularly sensitive client information, the firm will or should be relieved from strict data security standards. Indeed, I’ve written before that law firms that lead on data security measures will have an advantage over their peers in business development and client retention.
Centralize OCG Negotiation
At least as important as what the firm negotiates is who does the negotiation. Mr. Clark notes that one of the most effective ways to negotiate OCG terms—and avoid rocking the boat—is to entrust the task to firm personnel (in-house firm attorneys, if the firm has them, certain partners if it does not) other than client relationship partners. These individuals can ensure consistency in the application of the firm’s positions and, if necessary, play the bad cop role in the negotiation.
OCGs are not non-negotiable. In fact, they represent an opportunity to open a discussion with the client and to build productive relationships.
About the Author
Max Welsh is a consultant with InOutsource, a Philadelphia-based law firm risk management consulting firm, and provides legal ethics and compliance advice as an attorney with HKW Legal, LLC. Max previously served as deputy general counsel of Foley & Lardner LLP.