Source Code Escrow: Securing an Optimal Agreement to Suit Your Budget

In today’s rapidly evolving landscape, the uptake of software development and technology has surged to extraordinary levels. With this increased uptake, there also comes an increased pressure on these organisations to mitigate against risks involved when adopting new software services.

Source code escrow is now becoming a common practice for companies to protect themselves from potential software vendor failure and refers to the depositing of a software application’s source code with a trusted third-party source code escrow vendor. This ensures that in the event of certain unpredicted events, such as the software vendor going bust or failure to meet its contractual obligations, the source code can be released to the software user (beneficiary) ensuring business continuity.

However, while the benefits to source code escrow are clear, one question that Escrow London often comes across is: How much does source code escrow cost? Although setting up a source code escrow agreement and the costs associated with this differs depending on requirements, our article explores the key considerations to think about to enable your company to secure the best source code escrow agreement as well as offering advice on whether source code escrow is worth it for your company.

Ensuring a favourable source code escrow agreement at the right cost

When a company is seeking the best agreement for their source code escrow needs, there are several important factors to consider. By carefully evaluating these aspects, a company can make an informed decision and secure a favourable source code escrow arrangement for their budget. Here are some key considerations to look at:

1: Reputation and Expertise of the Source Code Escrow Vendor: Choosing a reputable and experienced source code escrow vendor is crucial. Look for a source code escrow vendor with a solid track record in the industry and positive client references. Assess their expertise in handling source code escrow specifically, as this ensures they have the necessary knowledge and capabilities to meet your company’s unique requirements.

2. Source Code Escrow Agreement Terms and Conditions: Carefully review the terms and conditions of the source code escrow agreement. A reputable source code escrow vendor will be able to offer an array of source code verification services to mitigate risks with source code escrow arrangements as well as offering post release support. Flexibility of the source code escrow vendor to amendments within the escrow agreement is important to ensure that all eventualities most commonly towards release events are covered.

3. Consolidation of Agreements: There may be a requirement for multiple agreements, this can sometimes add to costings with some source code escrow vendors. Find a source code escrow vendor that can provide creative solutions to consolidate multiple agreements under a master framework agreement (Multi Beneficiary Software Escrow Agreement) to save money. 

4. Long Term Contracts: Often source code escrow vendors will provide additional discounts for longer term agreements. For example, if a software licence agreement has a 3-year term, it is worth placing the source code escrow agreement under the same time frame to receive an additional discount.

5. Cost Structure and Fees: Compare the cost structures and fees of different source code escrow vendors – it is surprising how much can be saved for a comparable service to what is being received today. Evaluate the upfront fees, recurring fees, and any additional charges for services such as code inspections, updates or release fees. Look for a source code escrow vendor who includes these fees within their standard package to avoid hidden costs. 

6. Security and Confidentiality Measures: Security is vital when it comes to source code escrow. Enquire about the source code escrow vendor’s security measures for storing and protecting the deposited source code. Look for industry-standard certifications such as ISO27001 and ISO27017 for information storing and cloud security. Additionally, ensure that the source code escrow vendor can provide automated, safe and regular deposit updates and back-ups.

7: Active Software Agreement Assessment: Work closely with the IT department team to identify if all the software agreements in place are still relevant. Often source code escrow agreements are put into place and forgotten about resulting in paying for an agreement on software that has reached end of life and is no longer being used.

By thoroughly assessing these factors, conducting due diligence, and seeking expert advice, a company can make an informed decision and secure the best deal for their source code escrow needs. Remember that the right source code escrow arrangement can provide peace of mind, avoid costly disputes and ensure the continuity of critical software applications.

Escrow London publishes fees on our website which includes source code escrow fees from £1,695 ($2,190) per year, SaaS Access Continuity from £2,995 ($3,870) and our newly launched Express Escrow self service solution from £889 ($1,150). Escrow London also provides an Enterprise SaaS Continuity plan which includes 90 days live continuity for AWS, Azure or Google hosted software.

Is Source Code Escrow worth it?

Determining whether source code escrow is worth it depends on factors to a company and its needs.

It is worth evaluating the significance of the software to your business operations and whether it is crucial for day-to-day activities – if the software provider were to cease operations, would the company be able to continue its operations?

Companies today have become heavily reliant on the cloud and SaaS hosted applications. To further enhance business operations, more are handing over significant control of their critical applications without any vision of the financial stability of the SaaS vendor. With more companies across all markets shifting this responsibility to their SaaS and service providers, there has been an increasing need for source code escrow to assure access continuity for these SaaS applications in the event of software vendor failure.

In certain industries, companies are subject to regulatory requirements that mandate access and control over critical software assets, opening up more requirements for source code escrow. For example, The Digital Operational Resilience Act (DORA) entered into force in January 2023 by the European Union to improve the cybersecurity and operational resiliency of the financial services sector. For these companies who operate in highly regulated industries, source code escrow can help mitigate risks and ensure compliance.

Ultimately, the decision to invest in source code escrow depends on the risks the company is willing to take, how critical the software is and the potential impact of your business if the software or SaaS applications are compromised. By following the key considerations above, companies can ensure they can get the best deal for their source code escrow needs.

To understand more about source code escrow and how Escrow London can help, please visit here.

##

About Escrow London

Escrow London is a global software and SaaS escrow company with offices in London, UK, Atlanta, USA, and Sydney, Australia.

We have invested considerable resources into innovation to reinvent software escrow for a SaaS world. Escrow London provides a range of SaaS Continuity escrow solutions suitable for AWS, Microsoft Azure and Google Cloud hosted SaaS applications. We support a wide range of clients includes major law firms, banks, central banks, insurance companies, technology companies and government organisations.

To find out more about Software Escrow and SaaS Escrow, visit our YouTube channel.