SOFTWARE SERVICES INDEMNIFICATION

​Credit unions regularly contract with vendors for the provision of various software services offered to members. Recently, a number of credit unions have been contacted by a law firm representing a non-credit union financial institution.  At its core, the law firm’s letter asserts that its client is the holder of software patents used to provide certain member services and that the credit union’s continued use and provision of such member services violates that patent.  What the credit union knows, but the law firm most likely does not, is that the credit union contracted with a third party vendor to provide the software services in question. 
 
So, how should the credit union respond given the third-party provider of the service?
 
Representation and Warranty
 
Once the letter is received, the credit union should promptly review its contract with its software vendor.  It is important to look at the original or master agreement as well as any exhibits, schedules, or work orders, and any amendments. The credit union should look for a clause similar to the following:
 
Software Representation and Warranty.  Vendor represents and warrants that the software does not infringe any copyright, patent or other intellectual property right of any third party; Credit Union’s remedy for breach of this warranty is indemnification pursuant to [the indemnification provision] below.
 
As the heading indicates, this clause is a representation by the vendor to the credit union that the services provided in the software agreement do not violate the patent or other intellectual property rights of any third party.  A representation is a statement of fact made by the vendor that it either owns the software free and clear of anyone else’s claims or that it has a valid license to use that software.  It also a warranty or promise to protect the credit union in the event that the representation is contested by any party outside of the contract.   
 
With this type of representation and warranty protection in a provider agreement, a credit union receiving a demand letter can take some comfort in the knowledge that its vendor not only believes it has the right to provide its software, but also stands ready to defend that claim.
 
Indemnification
 
Next, the credit union should examine the contract further to see if it contains an indemnification clause. Indemnification is defined in Black’s Law Dictionary as the obligation to reimburse another for a loss suffered because of a third party's, or one's own, act or default. The following is an example of such a clause:
 
Indemnification.  If any third party asserts any claim or brings any lawsuit or proceeding against Credit Union based upon a third-party claim involving the software Vendor agrees to indemnify, defend and hold Credit Union harmless against any loss, damage, expense or cost, including reasonable attorney fees, due to such claim, lawsuits or proceedings. The foregoing indemnification obligation will be effective only if Credit Union: (i) has given Vendor prompt, but in no case more than thirty (30) days, notice of any claim or demand in writing; (ii) gives Vendor full opportunity to control the response and the defense, including any settlement; and (iii) provides Vendor with reasonable cooperation, information, and assistance therewith. Vendor will not settle any such claim or action without the prior written consent of Credit Union, which consent shall not be unreasonably withheld or delayed. Credit Union may participate, at its own expense, in its defense in any such suits or proceedings through counsel of its own choosing. To reduce or mitigate damages, Vendor may, at its own expense and at its sole discretion: (i) replace the software with non-infringing, functionally equivalent software; (ii) terminate the rights granted hereunder and refund the fees paid for the infringing software, less a prorated charge for Credit Union’s prior use based on a three (3) year depreciation schedule; or (iii) at no additional cost to Credit Union, secure a license to use the software. 
 
Indemnification is an old common law concept.  While the laws of indemnification are complex, the essence of the clause can be summed up by the phrase: “indemnify, defend, and hold harmless.” This contractual provision means that the vendor has the following obligations:
 

• “Indemnify” means that the vendor will reimburse the credit union for a loss suffered as a result of a third party’s action or, in some cases, even the credit union’s own action.  
• “Defend” means that the vendor will protect the credit union in any sort of litigation or similar legal action.  
• “Hold harmless” means to absolve the credit union from any responsibility for damage arising from the vendor’s agreement.  

 
This trio of concepts covers the range of exposures the credit union could face in a software patent violation claim.
 
Given the nature of the law firm’s claim in the present case, there are a number of other important factors to look for in the indemnification clause. Note whether there is the obligation to notify or “tender the claim” to the Vendor in writing and/or within a specified period of time.  Failure to fulfill these requirements could render the protections moot.  When giving written notice, it is important to always send the written notice with a means to prove that it was in fact delivered, such as by using the U.S. Mail’s “certified mail, return receipt requested” option, or a commercial delivery service, such as FedEx or UPS.  
 
Another factor to note is the credit union’s obligation to be available to participate, typically at the credit union’s own cost, in the vendor’s defense of the claim. In the sample clause above, there is a reasonableness limitation, but that sort of limit also creates an “eye of the beholder” situation where one must determine what exactly is “reasonable” under the circumstances.  Whether the vendor even needs the credit union’s help will be dependent upon the specifics of the actual case.  
 
It is also important to note that the credit union has the right, but not the obligation, to track its vendor’s efforts to defend the credit union. While this cost is not recoverable, it is generally not wise to simply tender a claim and assume all is well.  Your legal counsel should be able to track the matter at relatively low cost, assuming that the vendor is handling the matter properly.  If the vendor is less than diligent in its efforts to resolve the issues, then having your counsel track the matter also helps to ensure that the matter stays on track and the credit union does not get stuck handling the case itself.  
 
The sort of protections presented in this article are not by any means a given; nor is all contractual language going to look exactly like the examples.  Some vendors combine these protections into a single paragraph or give them different labels. There may also be some significant and substantial limitations on a vendor’s indemnification duty, such as when the credit Union alters the software.    In any case, you and your counsel should be working together to make sure that the language your credit union needs to be protected is included in all your software agreements.