Corporate Overlords and Signing Contracts
August 13, 2018 10:40 PM Subscribe
Fellow corporate stooges at large companies: How burdensome is the review process for minor purchase agreements?
I'm at what is now a fairly large company which has been trying to catch up on some of our historically lax policies, like making sure we get legal to review things we sign first. I basically agree we were too lax before, and accept there's a corporate interest in that.
On the other hand, I am currently trying to spend money on what is basically a glorified magazine subscription. It's a couple grand for my group, way under my signing limit, but they gave me a terms-and-conditions sheet to sign. The terms seem reasonable: Don't download our whole library and then cancel your subscription, also don't share accounts.
But it's been in review for four weeks, our quote has expired, legal wanted an editable version of the document so they'll probably change it, we've had two rounds of IT security review with 40+ questions. This was triggered because we are giving them employee names to create account they now have "our data" and GDPR blah, blah, blah. (To make matters more ridiculous, I gave them the names *already* for an evaluation run, but since I didn't sign or pay anything it didn't trigger this particular process.)
This sort of thing has been frustrating for a while. But we recently had a company survey where bureaucracy and efficiency ranked super low so I feel there's a slight chance I can make a real point with this as an example, as long as I don't overplay my hand and share my true feelings. ("How do you feel about the review team's execution?" "I'm all in favor it.")
If you are a large company how burdensome are the processes you deal with? I'm especially interested in this sort of relatively minor expenditure for an off-the-shelf service.
I'm at what is now a fairly large company which has been trying to catch up on some of our historically lax policies, like making sure we get legal to review things we sign first. I basically agree we were too lax before, and accept there's a corporate interest in that.
On the other hand, I am currently trying to spend money on what is basically a glorified magazine subscription. It's a couple grand for my group, way under my signing limit, but they gave me a terms-and-conditions sheet to sign. The terms seem reasonable: Don't download our whole library and then cancel your subscription, also don't share accounts.
But it's been in review for four weeks, our quote has expired, legal wanted an editable version of the document so they'll probably change it, we've had two rounds of IT security review with 40+ questions. This was triggered because we are giving them employee names to create account they now have "our data" and GDPR blah, blah, blah. (To make matters more ridiculous, I gave them the names *already* for an evaluation run, but since I didn't sign or pay anything it didn't trigger this particular process.)
This sort of thing has been frustrating for a while. But we recently had a company survey where bureaucracy and efficiency ranked super low so I feel there's a slight chance I can make a real point with this as an example, as long as I don't overplay my hand and share my true feelings. ("How do you feel about the review team's execution?" "I'm all in favor it.")
If you are a large company how burdensome are the processes you deal with? I'm especially interested in this sort of relatively minor expenditure for an off-the-shelf service.
Once suppliers are in the eco system, purchasing is relatively straight forward at my org. However, getting a supplier/vendor to "preferred supplier" status - meaning the meet all our audit, privacy, legal, tax etc requirements is a freaking nightmare.
And I get, though I hate it. It's very easy to slip dodgy stuff through these avenues. This is especially the case where they are handling company/customer data. They are a raft of legal requirements governing our org about where that data can be housed, how it's handled etc.
It sounds like in the absence of a proper process/workflow, legal etc are taking the most conservative approach. I'd suggest formalising a process, including SLAs, that the relevant depts agree to.
posted by smoke at 10:53 PM on August 13, 2018
And I get, though I hate it. It's very easy to slip dodgy stuff through these avenues. This is especially the case where they are handling company/customer data. They are a raft of legal requirements governing our org about where that data can be housed, how it's handled etc.
It sounds like in the absence of a proper process/workflow, legal etc are taking the most conservative approach. I'd suggest formalising a process, including SLAs, that the relevant depts agree to.
posted by smoke at 10:53 PM on August 13, 2018
Yes, your experience is common. Things you can put on a company card or expense are easy enough but once you get into licensing agreements, data sharing, or server/network access then legal and security become involved and the process is complex and onerous regardless of the sums involved. I'm not sure this is a bad thing though, it reflects the risks and potentially regulations that are involved.
posted by JonB at 2:41 AM on August 14, 2018
posted by JonB at 2:41 AM on August 14, 2018
The level of review you are describing sounds normal to me, but the timeline seems excessive.
To set up a contract with someone we haven't dealt with before, I have to work with a couple of people "to get them in the system," go through legal review on contract terms and conditions, health and safety risk review, and get a variety of sign-offs on the contract itself up the chain of command. If other reviews are triggered (like IT/security-related, or hazardous conditions), that would be a parallel process that would have to be done before getting sign-offs. So, basically similar to what you are dealing with, even for small dollar amounts.
The difference is that typically I can get all of the above completed in a couple of days. Unless something is really weird or dangerous, this should not be taking weeks or months to review.
posted by Dip Flash at 6:31 AM on August 14, 2018
To set up a contract with someone we haven't dealt with before, I have to work with a couple of people "to get them in the system," go through legal review on contract terms and conditions, health and safety risk review, and get a variety of sign-offs on the contract itself up the chain of command. If other reviews are triggered (like IT/security-related, or hazardous conditions), that would be a parallel process that would have to be done before getting sign-offs. So, basically similar to what you are dealing with, even for small dollar amounts.
The difference is that typically I can get all of the above completed in a couple of days. Unless something is really weird or dangerous, this should not be taking weeks or months to review.
posted by Dip Flash at 6:31 AM on August 14, 2018
The terms seem reasonable
The terms seem reasonable to you, because you're not a lawyer and you don't see what's missing and aren't familiar with the risks of signing whatever the current form says.
GDPR blah, blah, blah
This is why it may be taking longer than usual. Also, if your legal team is asking for changes, the other side might not be playing ball or responding quickly.
Once the form is in place, subsequent purchases won't take so long.
Is your legal team understaffed, overburdened, unresponsive, is their workflow opaque? Those are the issues to complain about.
posted by kapers at 8:35 AM on August 14, 2018
The terms seem reasonable to you, because you're not a lawyer and you don't see what's missing and aren't familiar with the risks of signing whatever the current form says.
GDPR blah, blah, blah
This is why it may be taking longer than usual. Also, if your legal team is asking for changes, the other side might not be playing ball or responding quickly.
Once the form is in place, subsequent purchases won't take so long.
Is your legal team understaffed, overburdened, unresponsive, is their workflow opaque? Those are the issues to complain about.
posted by kapers at 8:35 AM on August 14, 2018
« Older What are the definitive music videos of the last... | Trouble getting sound over Bluetooth from phone to... Newer »
This thread is closed to new comments.
As an anecdote, I often find the smallest purchases are the ones that have most onerous licensing terms. My group ended up having to negotiate the terms on a common <$50 software tool because the original proposed terms included an unbounded audit right for the software vendor of any financials associated with the company - at the company's cost (!). At least in my experience, there's good reason for companies to put the same processes in place for a small purchase that involves a legal agreement as with a large purchase that involves a legal agreement.
posted by saeculorum at 10:52 PM on August 13, 2018 [3 favorites]