newsletter
Outsourcing - BAHRAIN
20-Dec-2018

Outsourcing Introduction

The global outsourcing market has undergone a number of significant changes in response to a wide range of technology developments but has continued to perform strongly and has shown a considerable flexibility in responding to these developments.

In part this simply reflects the underlying strength of the core outsourcing model, based on: cost savings; access to specialist supplier expertise; and service transformation. At the same time, outsourcing providers have adapted to the new technology environment to enhance the value they can provide. Outsourcing has become one of the main routes to access and implement a range of disruptive technology changes (including most notably, cloud, AI, blockchain and smart contracts). 

There had been some thought that these disruptive technologies would limit the role of outsourcing to more standardised commodity services or less well developed regional markets but this has not proved to be the case. Of course, companies are adopting a number of different collaboration and commercial models to develop and deploy new disruptive technologies but in significant part they are also adopting the traditional outsourcing model to access capabilities and services in these areas as part of an overall sourcing strategy. 

These developments have also led to a number of significant changes to the traditional outsourcing contracting model. For some time, customers and suppliers have been concerned by the essentially adversarial nature of the traditional outsourcing contractual model but have been reluctant to modify their approach in any significant way. This is now changing as the implementation of new technologies, as part of either IT or business process outsourcing, requires the parties to introduce specific new contract provisions and protections and this has encouraged a shift to a more flexible and balanced incentive based contract model. Ironically, it is precisely this shift which we have been advocating for almost all outsourcing transactions to help manage risk and deliver value but it is only now, perhaps as a result of greater receptiveness to new business models for innovation and transformation, that this new approach is becoming more widely adopted.

1. Outsourcing Market - BAHRAIN

 1.1 IT Outsourcing

The concept of outsourcing is commonly used in the banking sector in Bahrain. Since the issuance of the Operational Risk Management Module in July 2004 by the Central Bank of Bahrain (“CBB”), the arrangement of IT outsourcing contracts has come under the supervision of the CBB in the context of its licensees. CBB licensees are required to incorporate certain conditions into the contract to safeguard the interests of their customers.

 1.2 BP Outsourcing

The concept of outsourcing is commonly used in the banking sector in Bahrain. Since the issuance of the Operational Risk Management Module in July 2004 by the CBB, the arrangement of business process outsourcing contracts (e.g. back offices related works or call centres) has come under the supervision of the CBB in the context of its licensees. CBB licensees are required to incorporate certain conditions into the contract to safeguard the interests of their customers.

 1.3 New Technology

Bahrain's laws allow an outsourcing contract to be electronically entered into.

 1.4 Other Key Market Trends

2. Regulatory and Legal Environment

 2.1 Legal and Regulatory Restrictions on Outsourcing

There is no general outsourcing law in Bahrain. However, the concept of outsourcing in the financial services market is regulated or controlled by the provisions stipulated in the rulebooks issued by CBB. The licensees of the CBB must formally notify the CBB and seek its prior approval before committing to a material outsourcing arrangement. “Material” outsourcing arrangements are arrangements that, if they should fail in any way, would pose significant risks to the ongoing operations of a licensee, its reputation and/or the quality of service provided to its customers. For instance, the outsourcing of all or a substantial part of functions such as customer sales and relationship management, settlements and processing, IT and data processing and financial control, would normally be considered “material”.

 2.2 Industry Specific Restrictions

Financial services in Bahrain are regulated by the CBB. No person may provide financial services within and from Bahrain unless licensed or permitted to do so by the CBB.

Therefore, the provider of an outsourced regulated financial service must be pre-approved by the CBB. In the process of approval, the CBB shall require an underlying agreement between the licensee and the outsourcing service provider and will make sure that the customers of the licensee are safeguarded under such agreement. Once an outsourcing agreement has been entered into, licensees must regularly review the suitability of the outsourcing provider and the ongoing impact of the agreement on their risk profile and systems and control framework. Such reviews must take place at least every year.

 2.3 Legal or Regulatory Restrictions on Data Processing or Data Security

In the case of outsourcing concerning data processing, the service provider must be pre-approved by the CBB and the contract between the licensee and the service provider must contain certain clauses to ensure the protection of data or information exchanged. For instance, licensees must ensure that the outsourcing provider implements adequate safeguards and procedures. Amongst other things, a customer's data should be properly segregated from that belonging to other clients the outsourcing provider may have. Outsourcing providers should give suitable undertakings that the company and its staff will comply with all applicable confidentiality rules. Licensees must have contractual rights to take action against the service provider in the event of a breach of confidentiality.

 2.4 Penalties for Breach of Such Laws

A person who discloses in bad faith any confidential information is liable to imprisonment and a fine not exceeding BHD10,000, or either penalty.

A punishment of imprisonment for a period not exceeding one year or a fine not exceeding BHD100 shall be inflicted on a person who divulges a secret entrusted thereto in his professional capacity, trade, position or art in conditions other than those prescribed by the law or uses it for his personal benefit or for the benefit of another person, unless the person whom the secret concerns allows the divulgence or use thereof.

The punishment shall be imprisonment for a period not exceeding five years if the perpetrator is a public servant or an officer entrusted with a public service to whom the secret has been confided during, because of or by reason of performing his duties or services.

 2.5 Contractual Protections on Data and Security

The below are the relevant clauses in connection with customer data confidentiality that have to be incorporated in the outsourcing agreement:

  • Licensees must ensure that the outsourcing agreement complies with all applicable legal requirements regarding customer confidentiality.
  • Licensees must ensure that the outsourcing provider implements adequate safeguards and procedures. Amongst other things, a customer's data should be properly segregated from that belonging to other clients the outsourcing provider may have. Outsourcing providers should give suitable undertakings that the company and its staff will comply with all applicable confidentiality rules. Licensees must have contractual rights to take action against the service provider in the event of a breach of confidentiality.
  • Licensees must assess the impact of using an overseas-based outsourcing provider on their ability to maintain customer data confidentiality, for instance, because of the powers of local authorities to access such data.

In the event of termination, for whatever reason, the agreement must provide for the return of all customer data – where required by licensees – or destruction of the records.

3. Contract Models

 3.1 Standard Supplier Customer Model

Outsourcing in the financial services market must be pursuant to an approval from the CBB. Moreover, the contract between the licensee and outsourcing service provider must, amongst others, address the following issues:

Control Over Outsourced Activities

  • Adequate mechanisms for monitoring the performance of the outsourcing provider by the board and management of licensees.
  • A service level agreement (“SLA”) – setting out the standards of service to be provided. Where the outsourcing provider interacts directly with a licensee’s customers, the SLA must – where relevant – reflect the licensee’s own standards regarding customer care.
  • Mechanisms for the regular monitoring by licensees of performance against the SLA.
  • Clear reporting and escalation mechanisms must be specified in the agreement.
  • Where an outsourcing provider in turn decides to subcontract to other providers, the CBB’s prior written approval must be obtained.

Customer Data Confidentiality

  • Licensees must ensure that outsourcing agreements comply with all applicable legal requirements regarding customer confidentiality.
  • Licensees must ensure that the outsourcing provider implements adequate safeguards and procedures. Amongst other things, customer data must be properly segregated from those belonging to other clients the outsourcing provider may have. Outsourcing providers must give suitable undertakings that the company and its staff will comply with all applicable confidentiality rules. Licensees must have contractual rights to take action against the service provider in the event of a breach of confidentiality.
  • Licensees must assess the impact of using an overseas-based outsourcing provider on their ability to maintain customer data confidentiality, for instance, because of the powers of local authorities to access such data.

Access to Information

  • Outsourcing agreements must ensure that the licensee’s internal and external auditors have timely access to any relevant information they may require to fulfil their responsibilities.
  • Licensees must also ensure that the CBB's inspectors and appointed experts have timely access to any relevant information they may reasonably require under the law.
  • Where the outsourcing provider is based overseas, the outsourcing provider must confirm in the outsourcing agreement that there are no regulatory or legal impediments to either the licensee’s internal and external auditors, or the CBB's inspectors and appointed experts, having the access described above.
  • The outsourcing provider must commit itself, in the outsourcing agreement, to informing the licensee of any developments that may have a material impact on its ability to meet its obligations.

Business Continuity

  • Licensees must ensure that service providers maintain, regularly review and test plans to ensure continuity in the provision of the outsourced service.
  • Licensees must have an adequate understanding of the outsourcing provider’s arrangements, to understand the implications for its own contingency arrangements.

Termination

  • Licensees must have the right to terminate the agreement should the outsourcing provider undergo a change of ownership (whether direct or indirect) that poses a potential conflict of interest, become insolvent, or go into liquidation or administration.
  • Termination under any other circumstances allowed under the agreement must give licensees a sufficient notice period in which they can effect a smooth transfer of the service to another provider or bring it back in-house.
  • In the event of termination, for whatever reason, the agreement must provide for the return of all customer data – where required by licensees – or destruction of the records.

 3.2 Alternative Contract Models

According to Article 110 of the Bahrain Civil Code, a contract may incorporate any condition which the contracting parties agree to, unless otherwise prohibited by law or unless it contravenes public policy or morality. Article 128 further provides that the contract makes the law of the parties. Therefore, the parties to an outsourcing agreement enjoy a certain degree of autonomy as to what shall be included in the contract so long as such provisions do not conflict with public policy or morality. However, the outsourcing contract concerning a CBB licensee must contain, at the least, the provisions mentioned in 3.1 Standard Supplier Customer Model.

 3.3 Captives and Shared Services Centres

The degree of formality required – in terms of contractual agreements and control mechanisms – for outsourcing within a licensee's group is likely to be less, because of common management and enhanced knowledge of other group companies.

4. Contract Terms

 4.1 Customer Protections

The main method of protection that is widely sought by customers in outsourcing agreements and is likely to be a term of outsourcing agreements is indemnity. That is to say, incorporating an indemnity clause whereby the service provider indemnifies the customer against all claims, loss and damages caused to the customer due to reasons arising from the service provider in the course of conducting the outsourced services.

Another popular method of safeguarding customers in outsourcing agreements, especially where physical goods or other products are involved, is insurance. It is a common practice to incorporate a clause in the outsourcing agreement which imposes an obligation on the outsourcing service provider to maintain at all times insurance to cover the full price of goods/products that are in the custody of the outsourcing service provider.

 4.2 Termination

The parties are free to contractually agree on the termination mechanisms of the contract.

Without prejudice to the above, the Civil Code provides that either party may terminate the contract by operation of law, where the performance of the obligations becomes impossible for an alien reason beyond the control of the party concerned.

In addition, the injured party to a contract is entitled to revoke the contract if one of the parties does not perform its obligations when falling due and after being served a notice in that regard.

 4.3 Liability

The contract makes the law of the parties; therefore the parties may define what losses are recoverable in the contract. Liability may also arise by operation of law, as the law stipulates that every fault makes an obligation upon the person who committed it to pay compensation.

  • Direct loss is described as the loss incurred which is a natural result of the unlawful act such as loss of income, bodily harm and psychological harm. Other forms of indirect loss are not recoverable by operation of law.
  • Loss of profits will be recoverable if it was caused as a natural result of the unlawful act, and upon providing sufficient evidence to satisfy the courts of the loss of profits.

 4.4 Implied terms

The provisions of Part III of Book Two of the Civil Code titled “Contracts for the hire of services” will be implied in outsourcing contracts.

Kindly note that since the customer in an outsourcing contract is licensed by the CBB, the customer will be bound to comply with the provisions relevant to outsourcing under the Operational Risk Management Module of the CBB Rulebook.

5. HR

 5.1 Rules Governing Employee Transfers

There are no specific provisions in the laws of Bahrain which govern employee transfer in the context of outsourcing.

Employment matters are governed by the Labour Law of 2012; generally, however, the aforesaid law focuses on governing the relationship between an employer and its own employees.

 5.2 Trade Union or Workers Council Consultation

Consultation between an establishment’s trade union and the establishment itself may be required if the employees thereof are considering improving their working conditions or the health, economic, professional and occupational standards of the workers or their families.

 5.3 Market Practice on Employee Transfers

Employee transfers shall only be acceptable if it is stated in the terms of the employment contract. Otherwise, the employee shall resign and sign a new employment contract with the new employer. The market practice on employee transfers in Bahrain is to enter into a tripartite agreement between the employer, the employee and the new employer.

6. Asset Transfer

 6.1 Asset Transfer Terms

There is no specific requirement or provision that needs to be included in the outsourcing contract transferring the relevant assets to the service provider, for instance, IT outsourcing coupled with the transfer of the IT equipment to the outsourcing service provider. According to Article 110 of the Bahrain Civil Code, a contract may incorporate any condition which the contracting parties agree to, unless otherwise prohibited by law or unless it contravenes public policy or morality. Therefore, the parties to an outsourcing contact may incorporate any provision in the contract provided that the provision is not contrary to public policy or morality in Bahrain.

AUTHORS: SAIFUDDIN MAHMOOD and HASSAN ALKOOFI

Published in Chambers and Partners

Chambers and Partners Award 2018

December 2018
OUTSOURCING - BAHRAIN
by Newsletter Admin

Notice: For urgent matters during the weekends or the official public holidays, please call +973 39662362 or +973 39034295

Copyright © 2022 Hassan Radhi & Associates. All rights reserved.