Your data is valuable and ERP vendors know this.

  • They are including language in their contracts giving them not only the right to use your data to train their AI models, but the right to extract fees if you want other software products to access the data you input into your ERP system.
  • What is worse is that they will find a way to charge you to access data that you have input into your ERP system.

How can you prevent this?

  • What strategies can you use to mitigate risk and lower costs?

I discuss these issues in this clip from my latest YouTube video.

#erplawyer #erpcommunity #erpfailure #saps4hana #oraclecontracts #softwarelawyer #sapservices #saphanacloudplatform #saas #erpcloud #teamtaft #sapcontracts #oraclelawsuit #oraclefailure #oracletermination #saptermination

With the change in administrations and the rapid evolution of technology, business leaders and their legal advisors now more than ever need information to help them navigate the constantly shifting technology landscape.

In this one-hour presentation, Taft Partners Jackie Benson, Scot Ganow, Zach Heck, and Bill Wagner discuss some key things to know in the first quarter of 2025.

  • Getting Your Arms Around Data Privacy and Protection in 2025. Just. Get. Started.
  • Strategies for Cyber Insurance: Getting (and Staying) Insured.
  • AI Regulation in 2025: National.
  • AI Regulation in 2025: Colorado.

1.00 hour of CLE credit pending for Arizona, Colorado, Indiana, Illinois, Kentucky, Minnesota, and Ohio.

In-Person Registration

Taft Denver: 675 Fifteenth Street Suite 2300, Denver, CO 80202. In-person attendees should kindly RSVP by March 6.

Webinar Registration 

The Google Threat Intelligence Group revealed a chilling reality: nation-states are weaponizing AI tools like Gemini for sophisticated cyberattacks. This new frontier of AI-powered fraud demands immediate attention from business leaders and general counsel, who stand at the confluence of technology, data security, and governance.

Recent Incidents and the Evolving Sophistication of These Attacks

Generative AI, like the tools used by these cybercriminals, can create highly convincing text, images, voice recordings, and even video interactions that are nearly impossible to distinguish from genuine content. In the report Adversarial Misuse of Generative AI, the Google Threat Intelligence Group explains how more than 20 countries have used Google’s generative AI tool named Gemini for nefarious purposes, including cyber espionage, destructive computer network attacks, and attempts to influence online audiences in a deceptive, coordinated manner.

The report explains how cyber criminals, especially in Iran, China, and Russia, are using Gemini to create impeccably real AI-generated content to facilitate advance phishing techniques and fraudulent wire transfer requests. The report states that criminals are using Gemini for research; content generation, including developing personas and messaging; translation and localization; and to find ways to increase their reach.

The criminals are also using Gemini to teach them how to deliver a payload to access a company’s network system, to move laterally within the network, to evade detection and privilege escalation, and to remove data.

AI-enabled social engineering has improved the ability of cybercriminals to create highly personalized and more sophisticated content than historical social engineering attempts. Cybercriminals are increasingly using AI to create realistic and interactive audio, video, and text that allows them to target specific individuals by email, telephone, text, videoconferencing, and online postings. Some recent examples are listed below.

Video

In February 2024, a Hong Kong finance worker was tricked into transferring $25 million to criminals after they set up a video call in which the other five people participating, including the company’s chief financial officer, was a video deepfake.

Voice Recordings

In August 2019, a senior executive at a UK-based energy firm was tricked into wiring approximately $243,000 based on an AI-generated voice deepfake that accurately mimicked the distinct German accent of the chief executive of the firm’s parent company, who requested an urgent wire transfer of funds.

Facial Recognition

In June 2024, criminals used deepfake technology to bypass facial recognition security measures allowing them to steal $11 million from a company’s cryptocurrency account.

Fake Resumes

In May 2024, the U.S. Department of Justice said more than 300 U.S. companies unknowingly hired foreign nationals with ties to North Korea for remote IT work, sending $6.8 million of revenues overseas in a sprawling fraud scheme that helped the country fund its nuclear weapons program.

Immediate Action Steps for Companies

To protect companies from falling victim to AI-generated wire transfer or other payment scams, take the following action steps:

  1. Designated Payment Account: Specify that payments to a vendor will only be made to a single, designated bank account, and any changes to this account must be made in writing and verified through a secure, pre-established process. The vendor must designate the bank account in the vendor’s contract or through a binding vendor payment agreement. Remind vendors of the designated payment account and verification process by disclaimers and statements in purchase orders.
  2. Verification Process: Establish a multi-step verification process for any changes to a vendor’s payment information. The process should include:
    • Written notice from the vendor requesting the change on official letterhead;
    • Verbal confirmation from two designated vendor representatives, whereby the company calls each vendor representative separately using pre-established phone numbers to confirm their authorization of the change;
    • Management review, confirmation, and approval of the payment information change; and
    • A waiting period of at least 48 hours before any changes are implemented.
  3. Regular Account Verification: Establish a schedule for regular verification of vendor’s payment information, such as annual confirmations of the authorized representatives and their phone numbers. Document the verifications. For companies with hundreds or even thousands of vendors, prioritize which are contacted by using the deductible as a cutoff. For instance, for a $50,000 deductible, make it a priority to verify the information of vendors who regularly receive payments in amounts of more than $50,000.
  4. Training Staff: Train employees to presume that any request to change a vendor’s payment information is fraudulent. Conduct regular cybersecurity training to alert employees, management, and IT staff to the threats posed by AI-generated wire transfer or other payment scams. Document the training.
  5. Risk Assessments: Conduct regular AI-focused risk assessments to measure how well employees are following established data security protocols. Consider conducting simulated attacks on the employees and management who have the authority to update a vendor’s payment information. Do those employees notice and act on banner warnings for emails that originate outside of the company or from email addresses from which they normally do not receive emails? Are they performing and documenting the call back requirements?
  6. Update Policies and Procedures: Keep up to date on the new ways in which cybercriminals are attacking their victims. Take those new attack methods into consideration when reviewing and updating payment verification procedures, which should be regularly and no less than annually.
  7. Confidentiality and Security: Require each vendor to represent and warrant that it will maintain strict confidentiality of vendor payment instructions, the identities and contact information of the vendor’s authorized representatives and follow best practices to maintain security measures to protect their email and other communication systems.
  8. Establishing Binding Authority: Clearly state in contracts or vendor payment agreements that only specific, named individuals designated by the vendor have the authority to request changes to the vendor’s payment information and that their actions are binding on the vendor.
  1. Liability Clause: Include a clause that states the vendor releases the company of any liability and agrees to hold it harmless from any losses, damages, and legal actions resulting from fraudulent wire transfer requests originating from the vendor’s compromised systems. Specify that the vendor bears responsibility for any losses resulting from compromised email accounts or false instructions originating from their end. This is especially important because there is case law holding the company remains obligated to pay its vendor if the vendor was unaware of the fraud and the company was in the best position to avoid the loss.
  2. Indemnification Clause: Include a clause that states the vendor agrees to defend and indemnify the company, from any losses, damages, and legal actions resulting from fraudulent payment requests originating from the vendor’s compromised systems and authorizations obtained following the verification process from the vendor’s designated authorized representatives who are contacted using the vendor’s designated phone numbers.
  3. Audit Rights: Include a clause allowing the company to audit the vendor’s security practices related to payment instructions, changes to payment instructions, and email communications. Include the right to review the vendor’s cyber insurance coverage to ensure that the insurance coverage is adequate and will actually protect the company in the event of a loss requiring indemnification. Again, prioritize which vendors to audit based on covering the deductible or the company’s tolerance for how much money it is willing to lose if the insurance coverage turns out to be inadequate.
  4. Dispute Resolution: Specify a clear process for resolving any disputes related to payment instructions, including governing law and jurisdiction.
  5. Termination Rights: Reserve the right to immediately terminate the agreement if there’s evidence of fraudulent activity or repeated suspicious requests from the vendor.

Incorporating these terms and conditions can significantly reduce the risk of falling victim to email scams and protect the company from potential losses due to fraudulent payment scams.

Conclusion

As AI technology rapidly evolves, so do the threats to companies’ financial security. Implementing robust safeguards against AI-generated fraud is no longer optional — it’s critical to businesses. In Taft’s upcoming articles, insurance coverage and legal remedies available to companies victimized by AI-generated fraud will be explored.

Software audits are never random. If you are being targeted, the ERP vendor believes there is a revenue opportunity with your use of the software.

  • ERP vendors take advantage of ambiguous terms in the contract governing the scope of use of the software.
  • They also have no incentive to be accurate in their audit of the software.

If you are facing an audit, you need to have a plan to push back.

  • The audit report they generate to justify the imposition of additional fees is almost always exaggerated, unreasonable and one sided.
  • You can never take it at face value.
  • If you suspect you are going to be audited (or are being audited), it makes sense to conduct a self-audit based on your own reasonable interpretation of the contract.

Having that baseline can be invaluable in pushing back on the software vendor’s allegations and demands for additional fees.

I discuss strategies for dealing with aggressive software audits in my latest YouTube video.

#erplawyer #erpcommunity #erpfailure #saps4hana #oraclecontracts #softwarelawyer #sapservices #saphanacloudplatform #saas #erpcloud #teamtaft #sapcontracts #oraclelawsuit #oraclefailure #oracletermination #saptermination

What Is It

A trademark holder may file a complaint alleging trademark infringement against hundreds of defendants identifying them as the “Individuals, Corporations, Limited Liability Companies, Partnerships and Unincorporated Associations” on Schedule A, which may be filed separately from the complaint or under seal. Infringers often use an alias and as a result, the actual names and locations of many of the defendants are unknown to the plaintiff. In such case, the plaintiff may list the assumed names on Schedule A.

Why File Schedule A Cases

After filing the complaint and Schedule A, the plaintiff may file an ex parte motion for a temporary restraining order (TRO) against the “secretly named” defendants before they can transfer their assets or destroy evidence. As a result, the defendants do not receive notice of the proceedings nor an opportunity to appear. Instead, if the court grants the TRO, the plaintiff presents the TRO to the internet marketplaces demanding that they stop selling infringing or counterfeit products and sends the TRO to the merchants to freeze the defendants’ accounts. This is typically when the defendants first learn of the lawsuit against them.

Additionally, because plaintiffs can bring hundreds of defendants selling their counterfeit or infringing products into one case, plaintiffs can save on attorneys’ fees and costs, rather than litigating numerous cases across the country.

Northern District of Illinois

Schedule A cases are common in the Northern District of Illinois (Northern District). For example, from January 3, 2013, through February 14, 2025, roughly 4,207 Schedule A cases were filed in the Northern District based on a trademark docket search conducted in Westlaw where defendants’ names included “Partnerships and Unincorporated Associations.” One judge in the Northern District went so far as to say “[i]t has become the Northern District of Illinois vs. the Internet.” BRABUS GmbH v. Individuals Identified on Schedule A Hereto, 20-CV-03720, 2022 WL 7501046, at *1 (N.D. Ill. Oct. 13, 2022). This is also due, in part, to the Northern District becoming a popular forum for granting ex parte TROs. However, not all judges in the Northern District are familiar with Schedule A cases.

Best Practices in Filing Schedule A Cases

Due Diligence in Preparing Schedule A

It is imperative that the plaintiff and its counsel conduct due diligence when gathering the list of defendants on Schedule A. Otherwise, the plaintiff may be ordered to pay the attorneys’ fees and costs of the improperly joined defendants like in Opulent Treasures, Inc. v. the Individuals et. al., Case No. 23-cv-14142 (N.D. Ill. April 8, 2024) (ECF No. 94). In Opulent, the plaintiff prevailed on an ex parte TRO against more than 200 defendants, including two affiliates of defendant, Ya Ya Creations, Inc. (Ya Ya), an active defendant in a lawsuit the plaintiff filed in California federal court based on the same set of facts as the Northern District case. Id. at ECF No. 94 at 1-2. It was not until after Ya Ya incurred substantial attorneys’ fees and costs that the plaintiff realized its mistake in including the two affiliates in this case. Id. As a result, the court ordered the plaintiff to pay $98,276.20 to Ya Ya. Id. The court reasoned that a bad faith finding was not required to avoid sanctions. Id. at 3. Rather, fee reimbursements are warranted under Rule 11 of the Federal Rules of Civil Procedure (Rules) when, like here, a “reasonable inquiry” could have prevented the increased litigation costs. Id. at 3-4.

Review the Court’s Standing Order

For example, in the Northern District, many district judges have standing orders addressing various requirements for Schedule A cases. At least one judge has her own standing order for Schedule A cases, which includes citations to pertinent case law covering personal jurisdiction, joinder, service of process via electronic means as well as what must be included in TROs. Additionally, many Northern District judges include templates for submitting proposed orders for TROs, preliminary injunctions, and default judgments and require any deviation from the templates to be redlined and explained to the court. Moreover, some include a schedule of information that must be filed for cases seeking ex parte injunctive relief where Schedule A was filed under seal. Further, some Northern District judges require a $1,000 bond for each defendant named in Schedule A, which can add up quickly if the plaintiff is suing hundreds of defendants.

The Importance of Joinder

In Schedule A cases where the defendants are too numerous or unconnected, plaintiffs may be required to file a memorandum addressing whether joinder is proper under Rule 20(a)(2). At least one judge in the Northern District invites plaintiffs in her standing order to amend Schedule A instead of filing such memorandum. Pursuant to Rule 20(a)(2), defendants may be joined in a single action if: “(A) any right to relief is asserted against them jointly, severally, or in the alternative with respect to or arising out of the same transaction, occurrence, or series of transactions or occurrences; and (B) any question of law or fact common to all defendants will arise in the action.” Fed. R. Civ. P. 20(a)(2).

As the court in Bose Corp. v. Partnerships & Unincorporated Associations Identified on Schedule “A” stated, Rule 20(a)(2) may not be satisfied simply because defendants have identical websites copying plaintiff’s style and each other. See 334 F.R.D. 511, 514 (N.D. Ill. 2020) (“Bose points out similarities among the aliases’ webpage designs and marketing information, arguing that these similarities permit a plausible inference that the aliases are actually all connected in some way. But even if the webpages were all identical, that would not overcome the likelihood that Defendants are just copycats, both of the Bose style—which is precisely the claim here—and of each other.”). Yet, the court in Bose Corp. found joinder was proper due, in part, to practical reasons and “occurrences” of mass harm by defendants, who acted as a swarm of counterfeiters, assisted by their anonymity and the international reach of the internet to violate plaintiff’s trademarks. Id. at 516.

However, other courts in the Northern District have cautioned against some of the reasoning in Bose Corp. See e.g.Zaful (Hong Kong) Ltd. v. Individuals, Corps., Ltd. Liab. Cos., P’ships, & Unincorporated Ass’ns Identified on Schedule A, 24 CV 11111, 2025 WL 71797, at *4 (N.D. Ill. Jan. 10, 2025) (“This Court declines Plaintiff’s invitation to adopt Bose Corp.’s reasoning. There are innumerable bad acts conducted using the internet that have a substantial impact in the aggregate – courts must require more than that to establish joinder.”) (citation omitted); see also Bailie v. P’ships & Unincorporated Ass’ns Identified on Schedule A, 734 F. Supp. 3d 798, 804 (N.D. Ill. 2024) (“Without a limiting principle, adopting the approach taken in Bose would undermine a consistent line of cases in this district holding that ‘Rule 20(a)’s requirement for a common transaction or occurrence is not satisfied where multiple defendants are merely alleged to have infringed the same patent or trademark.’”) (quoting Estee Lauder Cosmetics Ltd. v. P’ships & Unincorporated Ass’ns Identified on Schedule A, 334 F.R.D. 182, 187 (N.D. Ill. 2020)).

Accordingly, joinder is a fact-specific analysis that not only differs across jurisdictions but may differ among judges in each district. Plaintiffs, thus, should pay close attention to how judges in their district apply Rule 20(a)(2) in Schedule A cases.

How Can TROs Affect Infringers’ Online Marketplace and How to Notify the Online Marketplace with the TRO?

TROs in Schedule A cases can require the online marketplaces to provide expedited discovery relating to the identity and location of the defendants, the nature of defendants’ operations, and financial information related to the same. The court can also require such marketplaces to cease any advertisement for the defendants’ counterfeit products. Additionally, the TRO can require the marketplaces to enjoin the accounts, funds, or other assets of the defendants from being transferred or disposed.

The prevailing plaintiff should serve the TRO on the online marketplace by following the procedures of the marketplace. Some of this information may be available on the marketplace’s website or may require the plaintiff’s attorney to call the marketplace and confirm their procedure for court orders. To expedite the process, counsel for the plaintiff should contact the online marketplaces before the TRO is entered so if the court grants such relief, the plaintiff can immediately serve the same on the online marketplaces.

What Actions Can Defendants Take if They Are the Subject of an Improperly Granted Ex Parte TRO?

Assuming a defendant has not incurred substantial fees and costs from the improperly granted TRO, contact plaintiff’s counsel and demand dismissal with prejudice. Otherwise, the defendant can move for an emergency motion for a TRO and, if warranted, seek attorneys’ fees and costs like in Opulent.

Contact one of Taft’s Intellectual Property Litigation attorneys if you find yourself involved in Schedule A trademark litigation.

Artificial Intelligence (AI) is reshaping the insurance industry, prompting regulators to issue guidance for responsible use of AI. As AI transforms the insurance industry, insurers must balance innovation with regulatory compliance and consumer protection. Delaware and New Jersey have recently joined 21 other states and issued guidance on AI in insurance based on the AI Model Bulletin adopted by the National Association of Insurance Commissioners (NAIC) in 2023. Here’s what insurers need to know.

Delaware’s AI Bulletin No. 148

On February 5, 2025, the Delaware Department of Insurance issued Bulletin No. 148, providing regulatory guidance for insurers using Artificial Intelligence (AI). Insurers are expected to comply with all insurance laws and regulations when making decisions or taking actions impacting consumers that are using AI, particularly when those impact consumers, are expected to comply with all insurance laws and regulations when making decisions or taking actions. Key points include:

  • Compliance with Existing Laws and Regulations: The Department’s regulatory expectations require compliance with existing laws and regulations for AI-driven decisions or actions, particularly those that impact consumers, and include the following:
  • Unfair Trade Practice Act (UTPA) 18 Del. C. Ch. 23 and Unfair Claims Settlement Practices Act (UCSPA) 18 Del. C § 2304: AI must not lead to unfair methods of competition, deceptive practices, or unfair claims handling.
  • Corporate Governance Annual Disclosure Act (CGAD) 18 Del. C. Ch. 85: Insurers must disclose governance practices and AI oversight mechanisms.
  • Delaware Rate Making Laws 18 Del. C. Chs. 25 and 26: AI-driven pricing models must avoid producing excessive, inadequate, or unfairly discriminatory rates.
  • AI Systems (AIS) Program: Insurers must establish a formal AIS Program that serves as a governance framework for AI that includes risk management controls and internal audits to oversee AI and ensure transparency as well prevent unfair discrimination. 
  • Third-Party AI Accountability: Insurers using AI from third-parties must ensure AI vendors comply with regulatory requirements.  
  • Regulatory Examination: The Department may request documentation on how AI is used in consumer decision-making during investigations or market conduct examinations.

Delaware joins 21 jurisdictions, preceding New Jersey as the 23rd, in adopting AI guidance similar to the NAIC Bulletin on the Use of Artificial Intelligence (AI) Systems by Insurers.

New Jersey’s AI Bulletin 25-03

Similarly to Delaware, on February 11, 2025, New Jersey’s Department of Banking and Insurance issued Bulletin 25-03 concerning the use of AI systems in insurance, with a focus on the following:

  • Compliance with Existing Laws: Insurers must ensure that AI Systems do not lead to unfair discrimination and that they adhere to state laws, including the following:
    • Unfair Trade Practices Act (UTPA)
    • Unfair Claims Settlement Practices Act (UCSPA)
    • Corporate Governance Annual Disclosure Act N.J.S.A. 17:23-38
    • Property and Casualty Rating Laws: N.J.S.A.17:29A-1 (motor vehicle); N.J.S.A. 17:29AA-1 (commercial lines); N.J.A.C. 11:1-2.1 (property and casualty filings); N.J.A.C. 11:3-16.1 (private passenger auto automobile insurance); N.J.A.C. 11:4-9.1 (personal lines); and N.J.A.C. 11:13-8.1  (commercial lines)
    • Market Conduct Surveillance: N.J.S.A. 17:23-20
  • AI Governance and Risk Management: Insurers must establish AI governance frameworks to document, monitor, and oversee AI use. Governance must include policies for bias detection, risk assessment, and explainability of AI.   
  • Consumer Protection: Consumers must be notified when AI is used in underwriting, rating, or claims decisions. Insurers must provide clear, understandable explanations of AI-driven outcomes upon request.
  • Third-Party AI Oversight: Insurers are responsible for AI used from third-parties and must ensure compliance with New Jersey regulatory requirements. AI risk assessments should extend to external data sources and algorithms used in decision-making.
  • Regulatory Review: The Department may request detailed documentation on AI governance, risk assessments, and model validation during audits.

New Jersey is the 23rd state to adopt AI guidance similar to the NAIC Bulletin on the Use of Artificial Intelligence (AI) Systems by Insurers.

NAIC’s Model Bulletin on AI Systems

The NAIC adopted a Model Bulletin on the Use of Artificial Intelligence (AI) Systems by Insurers in December 2023, serving as a regulatory framework on AI to be adopted by state insurance regulators. The bulletin outlines expectations for insurers using AI, focusing on the following:

  • Legal Compliance: Insurers must ensure that AI-driven decisions align with all applicable federal and state laws, including the Unfair Trade Practices Act (UTPA) and the Unfair Claims Settlement Practices Act (UCSPA).
  • AI Governance Framework: Insurers should establish comprehensive governance structures overseeing the development, acquisition, and deployment of AI. Insurers should implement risk management protocols and internal controls to prevent unfair discrimination and ensure transparency.
  • Risk Mitigation: Insurers should adopt measures to identify and mitigate risk associated with AI. Insurers should implement verification and testing methods to identify and fix potential biases, data vulnerabilities, and issues related to transparency in AI models.
  • Documentation and Oversight: Insurers must maintain detailed records of AI system usage and be prepared to provide the information during investigations or regulatory examinations.

As of February 2025, 23 states have adopted bulletins based on the NAIC AI Model Bulletin.

Software salespeople rarely look out for your best interests.

  • They minimize the complexity of the software’s implementation and mischaracterize it as an out-of-the-box solution designed to include industry best practices.
  • The likelihood that a software developer understands your best practices as well as you do and designed the software to incorporate your best practices into the software is zero.
  • Similarly, if you implement an enterprise software solution without any modification or customization to use it “out-of-the-box,” you are doing it wrong.

Their primary motivation is to sell software. They emphasize the look and feel of the software and technical “innovations” you may never utilize.

  • At the same time, they minimize the complexity of the software and the complexity of implementation, and they misrepresent the time and money it will take to complete the project.
  • In the lawsuits we litigate, we see gross misrepresentations of functionality and the intentional underbidding of implementation projects to win the business—with change order after change order driving up the project’s cost.

The risk this presents is real.

  • Based on these misrepresentations, customers have a legitimate reason to think the implementation project or digital transformation will be easier than expected.
  • However, because of this incorrect understanding, they will devote fewer resources to and budget less money for the project, thereby setting themselves up for failure.

Do not fall victim to high-pressure sales tactics. What can you expect, and what should you look for when dealing with software salespeople? I discuss these issues in my latest video.

#erplawyer #erpcommunity #erpfailure #saps4hana #oraclecontracts #softwarelawyer #sapservices #saphanacloudplatform #saas #erpcloud #teamtaft #sapcontracts #oraclelawsuit #oraclefailure #oracletermination #saptermination

On Feb. 11, 2025, a federal judge granted summary judgment to a copyright holder, determining that a software company’s use of copyrighted content to train an AI legal research tool constituted direct copyright infringement and rejecting the AI tool company’s fair-use defense. Judge Bibas’s opinion departed from the seminal “intermediate copying” cases in Google and Sega and applied the Supreme Court’s “transformative use” analysis from Warhol.

Although we expect the defendant software company to appeal the grant of summary judgment, this opinion is one of the first to evaluate the use of copyrighted content to train and build AI tools. Other courts are likely to look to its reasoning. Interestingly, today’s opinion revised an earlier opinion largely denying the plaintiff copyright holder’s earlier motion for summary judgment in the same case. Emphasizing the quickly changing technological landscape, the court’s opinion explicitly noted that it did not consider whether the result would differ if the AI product were generative AI.

Taft’s Technology, Artificial Intelligence, and Intellectual Property teams continue to advise both copyright holders and users of copyrighted material as they do business at training and building AI tools and otherwise at the cutting edge of technology.

Whether you call it a consulting agreement, a professional services agreement, or a master services agreement, it is the document that has the most significant impact on the success of your digital transformation.

In this YouTube video, I discuss key issues to consider.

#erplawyer #erpcommunity #erpfailure #saps4hana #oraclecontracts #softwarelawyer #sapservices #saphanacloudplatform #saas #erpcloud #teamtaft #sapcontracts #oraclelawsuit #oraclefailure #oracletermination #saptermination

In an ERP software contract, there is a substantive difference between a warranty obligation and maintenance and support.

  • Having one does not negate the need for another.
  • ERP software warranties are for a limited duration. When that warranty period starts is critically important.
  • ERP software warranties are also warranties of reference. A typical warranty will obligate the vendor to provide services in accordance with generally accepted standards or software in accordance with “the documentation.”

What those standards are and what the documentation includes is critically essential.

  • As a customer, you want to ensure that the scope of “documentation” is broad enough to include pre-contract representations of functionality and operability.
  • You also want to ensure you have reviewed the documentation and understand what the vendor means by “generally accepted industry standards.”
  • If you need to enforce a warranty obligation, these terms have less meaning than you might expect.

For every warranty obligation the ERP vendor has, you need to ensure the ERP software vendor has a responsibility to remedy that breach.

 
#erplawyer #erpcommunity #erpfailure #saps4hana #oraclecontracts #softwarelawyer #sapservices #saphanacloudplatform #saas #erpcloud #teamtaft #sapcontracts #oraclelawsuit #oraclefailure #oracletermination #saptermination