It Could Be Dangerous to Overlook These Four Provisions in Your RIA Vendor Contracts

RICHARD CHEN • May 6, 2019
5 minute read

Numerous vendors play a pivotal role in helping an investment adviser accomplish its goals and mission. That’s why it’s so imperative for an adviser to carefully negotiate contractors with vendors at the outset to set expectations for the relationship.

It might seem that vendor contracts contain lots of boilerplate language, but they are often carefully crafted agreements that might contain potential unwanted surprises for investment advisers – surprises that must be addressed as part of an adviser’s due diligence of the vendor.

Therefore, whether you’re building a relationship with a third-party manager, custodian, broker-dealer, technology service provider, landlord, or other vendor, it is imperative to carefully read vendor agreements to ensure that your firm’s and your clients’ interests are properly protected.

This article will provide an overview of four commonly overlooked vendor contract issues and provide recommendations on how investment advisers should approach them.

Data Ownership and Management

To perform their services, many vendors require access to a significant amount of your firm’s and your clients’ data and, unsurprisingly, this has garnered significant attention from regulators in the past few years.

The SEC’s Division of Examinations has been, through various sweep examinations, scrutinizing how investment advisers work with vendors to protect confidential information. Among the deficiencies cited by the SEC in its April 16, 2019, risk alert was the failure of certain investment advisers to ensure that their vendor contracts contain provisions requiring the vendor to keep clients’ personally identifiable information confidential in violation of their policies and procedures.

As such, it is strongly advisable to ensure that such a provision is not absent from a contract with a vendor with whom you share client or firm information, particularly where your policies and procedures require such provisions to be in vendor contracts. However, even if vendor contracts contain confidentiality provisions, it is important to carefully read those provisions because they often contain exceptions that allow the vendor to share confidential information with certain parties under certain conditions. These provisions should ideally be negotiated to ensure that the vendor will only share such confidential information to the extent necessary to perform its services or as otherwise required by applicable laws, rules and regulations.

Additionally, vendor contracts should also contain a provision requiring the vendor to promptly notify you should confidential information be improperly disclosed, such as through a cybersecurity breach.

Apart from confidentiality concerns, it is critical to review vendor contracts to determine how your data (including not only data disclosed to your vendor but also any work product resulting from your relationship with the vendor) will be handled upon termination of the contract. Apart from the business imperative, this is critical because, among other things, investment advisers typically must maintain certain books and records. For instance, Rule 204-2 under the Investment Advisers Act of 1940 requires SEC-registered investment advisers to retain a long list of books and records relating to their businesses, generally for at least five years from the last time the document was modified.

It is important to clarify which party owns which documents upon termination of the business relationship so that there is no confusion down the road. If an adviser’s data will not be easily accessible to the adviser once the agreement with the vendor terminates, the vendor contract should ideally contain a provision requiring the vendor to transfer such data to the adviser upon termination of the contract and/or to cooperate in good faith with the adviser to ensure that the adviser has access to its data after termination of the contract.


Some vendor contracts contain provisions allowing a vendor’s affiliates or agents to perform certain services to be provided under the contract. Advisers should carefully review such provisions to determine the scope of services that can be outsourced and to whom such responsibilities can be outsourced to determine if they are comfortable with such arrangements.

If you are contemplating permitting a vendor to outsource some of its responsibilities, it might be advisable to conduct due diligence not only on the vendor, but also on the third parties to whom the vendor can outsource its responsibilities to ensure you adequately protect your firm and your clients.

Liability and Indemnification

These are typically some of the most important sections of a vendor contract to review. Often, first drafts of vendor contracts will contain liability provisions where the vendor disclaims most, if not all, responsibility for any of its acts or omissions under the contract and indemnification provisions where the vendor requires an adviser to be responsible for, and compensate, the vendor with respect to a broad range of issues should something go wrong. Failure to adequately consider and negotiate these provisions could lead to severe consequences for an adviser should a dispute between the adviser, on the one hand, and the vendor or other third party, on the other hand, arise down the road.

Ideally, an adviser should try to narrow its indemnification obligations in the contract and include or expand the vendor’s indemnification obligations. At the very least, an adviser should aim to ensure that both sides have equivalent indemnification obligations for delineated acts or omissions. Even in situations where a vendor has agreed to assume liability and indemnification obligations, they may limit such obligations to circumstances where the vendor has acted egregiously (e.g., with gross negligence, willful misconduct, or bad faith), and an adviser must determine whether it is comfortable with such a limitation.

Separately, where a vendor has agreed to assume certain indemnification obligations, an adviser should aim to require the vendor to defend the adviser should an indemnifiable claim arise because an adviser does not want to come out of pocket for expenses associated with defending a claim.

Termination of Contract

Any provisions dealing with termination of the agreement are important to consider because, where properly negotiated, they can provide a failsafe mechanism for terminating the business relationship with a vendor should something go awry. Ideally, the amount of notice required to terminate the contract should be minimized to allow the adviser to walk away from the relationship, particularly where the vendor has engaged in wrongdoing.

This might not always be a viable alternative, depending on the amount of work that a vendor is required to perform in winding down the services it provides. Properly negotiated termination provisions should also clearly spell out each party’s obligations in the event of a contract termination to ensure a smooth transition.


Ultimately, depending on the bargaining power in the adviser-vendor relationship, it might not be feasible for an investment adviser to get everything it wants from a vendor when negotiating a contract. However, an adviser should carefully consider the issues addressed above (as well as many others) and conclude whether it has the risk appetite to move forward with a business relationship with a vendor given the vendor’s positions on such issues.


The foregoing information is provided for informational purposes only and does not constitute legal advice. Readers should consult an attorney if they require advice regarding their particular circumstances.

Reprinted with permission from the April 23, 2019 edition of ThinkAdvisor. ©2019 ALM Media Properties, LLC. All rights reserved. Further duplication without permission is prohibited, contact 877-257-3382 or

Table of Contents