Ten Things: Minimizing Risk in Commercial Contracts

After “will I go to jail for that?” the most common question asked of in-house counsel typically involves commercial contracts and whether “it’s okay for us to sign this?”  There are multiple parts to this seemingly simple ask, but the core of the question has to do with risk.  More specifically, if we sign this contract are we taking on an unacceptable level of risk?  Risk too is subject to multiple meanings.  Are we talking about commercial risk, legal risk, financial risk, reputational risk, or what?  Regarding the many facets of the question, it’s typically the in-house lawyer’s job to come up with the answer.  Unfair or not, because lawyers are trained issue-spotters, the analysis of risk in commercial agreements and the process of minimizing that risk usually falls in the lap of the in-house legal department.  Unfortunately, the process of spotting and analyzing risk is rarely black and white.  It’s generally highly subjective and it’s not always right.  Over the course of many years, I have learned about – or come up with – a number of ways to minimize risk in commercial agreements.  This edition of “Ten Things” will walk you through some of the best ways to do so:

1.   Contract Management.  A simple way to reduce risk in commercial agreements is to use a contract management tool.  Using technology over a manual process almost always reduces risk.  There are two types of tools here.  The first stores all your contract templates and executed contracts (including amendments) in a central repository where the legal team (or anyone else with access) can locate them through a simple search.  Think about how many contracts sit on someone’s laptop or in multiple databases and then think about the value of contract management.  The importance of simply being able to locate all of the company’s contracts and relevant amendments in one place without significant effort cannot be minimized.  The second type of contract management tool goes far beyond just storage.  Often referred to as a contract lifecycle management tool, a CLM not only provides a central repository but also allows the company to actively manage contracts (tracking such things as renewal dates and price increases for example).  For the legal department, such tools provide a centralized place for contract negotiations, redlines, e-signature process, and storage.  The more sophisticated systems can provide “self-service” modules where the business can prepare their own standard contracts and even makes changes – using approved fallback clauses/language – and avoid involving the legal department at all in their deal.  Deciding to use a contract management tool requires the legal team to conduct a “contract audit” to determine, among many things, the types of contracts the business uses, where they are located, and how they are managed today.  This is all extremely useful information and plugs in nicely with the steps outlined below.

2.  Scoring Contracts for Risk.  Another proven way to reduce risk with commercial agreements is developing a process to score potential contracts based on the risk tolerances of the company.  By doing so, you can quickly determine if a contract meets the company’s parameters for signature or if it fails.  Failing contracts can be abandoned or, more likely, subject to a further review process (as discussed below).  To create a scoring process, you must first determine which issues (legal, commercial, other) make a “good” contract in terms of acceptable risk.  Then select a scoring scale.  It can be anything from letter grades (A-F), to “High Risk-Medium Risk-Low Risk” (H-M-L), to numeric (1-10 scale, where 10 is the highest risk).  For each issue/contract clause create different scenarios and assign a score to each. For example, you might determine that a limitation of liability limited to 1x annual contract revenue is a “1,” one limited to 3x is a “5,” and unlimited is a “10.”  Anything 5 or under is acceptable, but 6 and over is rejected or must go through a separate review process.  If scoring is developed across issues affecting different parts of the business (i.e., not just issues the legal department is interested in) you quickly create a table that scores contract risks across a wide variety of important company-wide issues (e.g., Finance, Sales, Implementation, Customer Support, and so forth).  Scoring also provides you with a high-level view of contract risk across the company overall, e.g., 80% of my contracts are “5’s” (low risk) and 5% of my contracts are “1’s” (high risk) meaning the department’s focus going forward should be on the 5% vs. the 80%.  Here is a sample of what one page of such a chart might look like (and your document can be as short or long as fits your company’s commercial needs):

RIsk Scoring Chart

3.  Contract Review Committee.  A contract review committee is not a new concept.  Most companies have such a committee to review contracts over a certain financial amount, e.g., everything over $500,000.  The problem with such committees (also called a “deal desk” or “deal review committee”) is that its mandate is often limited to financial issues.  While those issues are important, there is so much more that may require review and debate, including legal risk and operational risk.  The solution is to either set up such a committee or broaden the mandate of an existing one.  It’s important for two reasons.  First, while lawyers often understand the many different types of risks a contract presents (business, legal, operational, overall crappiness), it is unfair to place the full burden of “contract risk guardian” on the legal department.  When legal says “no” to a contract they quickly develop the (unfair) reputation of being deal killers.  A contract review committee spreads that decision to several different groups, such a Finance, Sales, Operations, and other in addition to the legal department.  Consequently, if a deal is turned down it’s not because Legal killed the deal, it’s because the contract review committee killed the deal – which is a much better process regardless because it allows multiple points of view to weigh in whether a contract is acceptable or not.  The second reason supporting a contract review committee is that it ties nicely into the risk scoring chart.  The company can decide that deals meeting certain risk scores can be signed without further review.  However, those deals that fall within a certain range on the risk scoring chart automatically go to the review committee.  The company can even decide that for certain issues on the risk chart, the contract doesn’t even get to go to the review committee the answer is just “no.”  This ensures that the issues that present the greatest risk to the company (as decided by a cross-functional team) get reviewed – or denied upfront- and those with minimal risk move automatically to signature.  Here is a sample chart of a page of the contract review committee guidelines.  Across the top are ranges of contract value (but you can use other criteria).  The left side would set out different issues (e.g., legal, financial, etc.) and the key tells you what happens:


4.  Standardized Templates.  There is little worse than scrambling around looking for an “old” contract that you can use as the basis for a “new” contract.  First, it takes way too much of your time trying to locate the right agreement.  Second, it’s a dangerous process as discussed more fully below.  The solution to this risky game of contract hide-and-seek is pretty basic – create templates for all of your company’s core agreements and use those template as the basis for all of your deals (and update them yearly).  Your template will be tailored to your business and to the level of acceptable risk (e.g., limits of liability, indemnity, etc.).  Moreover, deals get done faster using templates.  One of the worst things you can do is negotiate off of the customer’s template which was likely created by their procurement department and in no way reflects your business, nor deals with risk in a balanced way.  Your redlines will make their contact look like Julius Caesar on the Ides of March.  And it will take you substantially longer to negotiate using the customer’s paper, likely pushing out the close of the deal well beyond what the business is anticipating.  Consequently, the decision to use customer paper should be one made by your contract review committee, not the Sales team (just like the decision not to use customer paper should not fall solely to the legal team).  There will be times when not using your standard templates makes business sense – but only if the contract value is large and the customer is flexible in allowing changes to their paper to reflect the products or services you are selling, along with a reasonable sharing of risk.  If not, you’re going to spend a lot of time and legal resources on a dead-end project.

5.  Contract Signature Policy.  Another simple – but effective – way to manage contract risk is a contract signature policy.  This policy sets out who is authorized to sign which contracts entered into by the company.  The policy ensures that contracts of a certain type or certain amount are presented to someone at the appropriate level within the company to enter into such an agreement.  Who signs a contract can depend on such diverse issues as tax planning, maturity and size of the business, or location of the customer.  A well-drafted contract signature policy typically ties into the company’s delegations of authority, a core document related to corporate governance.  Delegations of authority set forth which company officers or employees can take which actions – all flowing down from the Board of Directors.  The signature policy takes the delegations in a more specific direction, i.e., who can sign which contracts?  In addition to who can sign what, a contract signature policy can also set out the process that contracts – or certain contracts – must go through before being presented for signature.  This is another way that the company can reduce contract risk but ensuring important issues are vetted and understood before contracts are signed.  It can tie in the contract review committee or, for some contracts, a small reviewing team such as just the CFO and General Counsel.

6.  Contract Playbooks.  A contract playbook is a document that, in some fashion, breaks down the company’s standard contract terms, sets out an explanation of each term/clause along with fallback clauses (i.e., variations of the standard clauses that the company will accept if the customer wants to negotiate a standard clause), and notes when the company will “walk away” from a contract.  The last part means the customer is insisting on changes to the standard contract that the company cannot accept based on risk-management, economic reasons, or other criteria.  While companies want to sell their products or services to as many customers as possible, they will only do so to the extent the contract makes financial and other sense to the company (e.g., acceptable limitations of liability).  A properly prepared contract playbook allows the legal and Sales teams to stay aligned and close contracts faster (or know when it’s time to walk).  The contract playbook ties into the contract risk scoring document and the contract review committee.  The most valuable feature of a contract playbook is that it explains “why” certain provisions exit and “why” they matter.  This can help the Sales team be a better client of Legal as, hopefully, they will stop negotiating with Legal and start negotiating with the customer.

7.  Version Control.  Version control is key to contract risk management.  The most important element of version control is to ensure that everyone (Sales, lawyers, etc.) starts every deal using the appropriate template.  As mentioned, using old agreements is dangerous, primarily because existing agreements likely contain negotiated terms and the company probably gave on certain issues (maybe even far more than it normally would).  If you use an old agreement, you have already “negotiated” away those terms without ever talking with the other side.  In other words, you’re losing.  Version control also applies to your templates and ensuring that you have the newest version available to your users – and only the newest version.  You can waste hours of time working on a contract only to find there is a newer version you should have used (or a contract with an amendment you were unaware of).  Likewise, if the business sends an outdated template to the customer you will have an unpleasant phone call with them explaining why they need to do their redlines all over again on the newer version.  Version control also maintains a record of how the contract evolved over time (especially if there are embedded comments) which can be a lifesaver if there is a dispute or litigation.  Finally, always run a compare of the contract you are about to sign vs. the version you agreed to.  While rare, there are times when doing this will save the day.

8.  Financial Risk Analysis.  Any company selling goods or services through a contract is keenly concerned with a very important issue – will it get paid?  Unfortunately, for many companies, no one focuses on this concern until it becomes clear that they are about to get stiffed over an invoice.  At that time, it’s usually too late to do anything about it other than prepare for litigation if the amount is substantial enough and if the legal team believes there is money available to satisfy any judgment.  And, if not, they prepare to eat the loss (and it won’t taste good).  A common way to minimize financial risk with your contracts is to spend time up front understanding whether your potential customer is a credit risk or not. This task should fall on the Finance department but should be part of the overall analysis whether to enter in a deal or not.  Typically, the Finance team will rely on Dun & Bradstreet, or another service, to determine credit-worthiness.  Additionally, your contract can require that all payments are due annually before services are provided for that year.  On the other hand, watch out for quarterly payments with 60-day payment dates.  Never a good sign. Finally, at the first sign of trouble, the company should aggressively seek payment and not let the situation drag on.  The longer a customer is in arrears, the more likely it is that you will not get paid (and be sure your contracts include a clause entitling the company to collect its attorney’s fee in the event it must undertake collection efforts to get paid).

9.  Train the Business.  Your legal team has created wonderful contract templates, a kick-ass playbook, and built an awesome contract management system.  But it doesn’t mean jack if your business colleagues don’t have a clue about any of it, especially how the contracts work, why risk scoring is important, and how the contract review committee works.  Consequently, it is worth your time to constantly train the business.  Here are just a few ideas:

  • New hire training – all new Sales hires get a standard 60-minute legal overview.
  • Sales kick-off training – most companies have a yearly sales kick-off.  Legal should be invited to that event and should present several classes on legal issues ranging from basics to specific issues that have often caused problems in getting deals closed.
  • Sales-Person Playbook – it is usually not advisable to share the playbook you prepare for lawyers with the Sales team.  They need a shorter, more concise version.  Prepare one and update it yearly.  Then train the Sale team on how to use it.
  • Super Users – identify several top salespeople and convert them into super users, i.e., salespeople who “get it” and can help spread the word about how best to negotiate contracts and how to use legal services.  Wine and dine them if necessary and always make sure your super users feel special.

10.  Boilerplate Clauses.  Often viewed as boring by most in-house lawyers, the boilerplate clauses are anything but.  This is where the real action is when it comes to reducing contract risk.  This is because limitations of liability, indemnity, choice of law, dispute resolution, collection of attorney’s fees, notice, and a dozen other core contract terms reside in these pages.  Be sure you review your boilerplate language every year (along with your standard templates) to make sure you have the most current and best language possible.  This means following case law/court decisions in all the jurisdictions where you operate and agree that state’s or nation’s laws apply to your agreement.  For example, something as common as whether or not you can collect attorney’s fees for collection efforts depends on local law and having the right wording.  Boilerplate is your first defense to contract risk.  Treat it as such.


Reducing company contract risk is not easy.  It requires focus and constant attention.  Yet, by utilizing some fairly basic practices, in-house lawyers can substantially reduce contract problems and help the business sign-up to consistently good commercial deals.  Start with a contract audit process but keep in mind that it is not an effort solely of the legal department.  It takes a cross-functional team, backed by senior management, to take the steps necessary to truly reduce contract risk.  The legal team, however, can lead the effort and seek alignment across the different interests due to its unique dual-position within the company of “deal maker” and  “risk minimizer.”  The credibility the legal team brings to the table can go a long way to getting contract risk down substantially.

Finally, you can vote now for “Ten Things” as you favorite legal blog.  To do so, simply click here.

Sterling Miller

November 12, 2018

Ten Things You Need to Know as In-House Counsel: Practical Advice and Successful Strategies is described by the American Bar Association as “The one book all in-house counsel need to own!”  Click here for details on how to order.  And volume two is underway for 2019!


Follow me on Twitter @10ThingsLegal and LinkedIn where I post articles and stories of interest to in-house counsel frequently.  

If you find this blog useful, please click “follow” in the top right and you will get all new editions emailed to you directly.  My first book, “The Evolution of Professional Football,” is available for sale on Amazon and at www.SterlingMillerBooks.com.  My first cookbook, “The Slow-Cooker Savant” is at the publishers and should be available for sale in November 2018.

“Ten Things” is not legal advice nor legal opinion and represents my views only.  It is intended to provide practical tips and references to the busy in-house practitioner and other readers.  If you have questions or comments, please contact me at sterling.miller@sbcglobal.net.



  1. I intended to draft you the very little observation to say thank you over again over the striking pointers you have shared on this site. It’s quite particularly open-handed of people like you giving extensively exactly what numerous people could have distributed for an ebook to generate some bucks for their own end, specifically considering the fact that you could have tried it if you ever decided. The smart ideas likewise worked as a easy way to fully grasp that some people have similar zeal the same as my own to grasp more and more concerning this problem. I’m sure there are many more pleasurable moments in the future for individuals who start reading your blog.


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s