Definitive global law guides offering comparative analysis from top-ranked lawyers
CHAMBERS GLOBAL PRACTICE GUIDES
Technology & Outsourcing 2025
Definitive global law guides offering comparative analysis from top-ranked lawyers
Contributing Editors Jeffrey L. Harvey and Randall S. Parks Hunton Andrews Kurth
Global Practice Guides
Technology & Outsourcing Contributing Editors Jeffrey Harvey, Randall Parks Hunton Andrews Kurth LLP
2025
Chambers Global Practice Guides For more than 20 years, Chambers Global Guides have ranked lawyers and law firms across the world. Chambers now offer clients a new series of Global Practice Guides, which contain practical guidance on doing legal business in key jurisdictions. We use our knowledge of the world’s best lawyers to select leading law firms in each jurisdiction to write the ‘Law & Practice’ sections. In addition, the ‘Trends & Developments’ sections analyse trends and developments in local legal markets. Disclaimer: The information in this guide is provided for general reference only, not as specific legal advice. Views expressed by the authors are not necessarily the views of the law firms in which they practise. For specific legal advice, a lawyer should be consulted. Content Management Director Claire Oxborrow Content Manager Jonathan Mendelowitz Senior Content Reviewers Sally McGonigal, Ethne Withers, Deborah Sinclair and Stephen Dinkeldein Content Reviewers Vivienne Button, Lawrence Garrett, Sean Marshall, Marianne Page, Heather Palomino and Adrian Ciechacki Content Coordination Manager Nancy Laidler Senior Content Coordinators Carla Cagnina and Delicia Tasinda Content Coordinator Joanna Chivers Head of Production Jasper John Production Coordinator Genevieve Sibayan
Published by Chambers and Partners 165 Fleet Street London EC4A 2AE Tel +44 20 7606 8844 Fax +44 20 7831 5662 Web www.chambers.com
Copyright © 2025 Chambers and Partners
Contents
INTRODUCTION Contributed by Jeffrey Harvey, Randall Parks, Andrew Geyer and Cecilia Oh, Hunton Andrews Kurth LLP p.4
ARMENIA Law and Practice p.8 Contributed by Concern Dialog ITALY Trends and Developments p.18 Contributed by DWF NEW ZEALAND Law and Practice p.22 Contributed by Russell McVeagh
PHILIPPINES Law and Practice p.38 Contributed by Tan Hassani and Counsels
SAUDI ARABIA Trends and Developments p.53 Contributed by Baker McKenzie
TAIWAN Trends and Developments p.56 Contributed by Lee and Li Attorneys-at-Law
UK Law and Practice p.63
Contributed by Travers Smith LLP Trends and Developments p.82 Contributed by Gibson, Dunn & Crutcher LLP USA Law and Practice p.89 Contributed by Hunton Andrews Kurth LLP Trends and Developments p.103 Contributed by Hunton Andrews Kurth LLP
USA – GEORGIA Trends and Developments p.110 Contributed by Holland & Knight LLP
3 CHAMBERS.COM
INTRODUCTION
Contributed by: Jeffrey Harvey, Randall Parks, Andrew Geyer and Cecilia Oh, Hunton Andrews Kurth LLP
Hunton Andrews Kurth LLP has more than 15 law- yers working in the outsourcing, technology and commercial contracting practice group and another 30 in its closely related privacy and cybersecurity practice. The practice has a global reach, with key office locations in Richmond, Washington, DC, New York, London and Brussels. Related practice areas include enterprise IT, contract life cycle manage - ment, digital commerce, AI and emerging technolo - gies, blockchain/crypto, and corporate transition and integration services, supported by outsourcing-savvy
subject matter experts in employment, intellectual property, and tax. The firm's lawyers are deeply ex - perienced in negotiating outsourcing transactions, have negotiated extensively with all the major service providers, and have built strong relationships with all the major sourcing consultancies. The team has significant experience with IT outsourcing and busi - ness process outsourcing transactions of all types, including IT infrastructure and applications support, HR outsourcing, finance and accounting outsourcing, R&D, and facilities management.
Contributing Editors
Co-Authors
Jeffrey Harvey is a partner and chair of the global technology and
Andrew Geyer is a partner at Hunton. Highly regarded in the outsourcing space, he handles complex domestic and international business process and technology-related transactions for clients in a variety of industries.
outsourcing practice group at Hunton. His practice focuses on complex IT transactions, including business process and infrastructure outsourcing arrangements, AI transactions (including robotics, LLMs, generative AI and agentic AI), as-a-service and cloud transactions, e-commerce transactions, and global capability centres/build- operate-transfer arrangements. Jeffrey has negotiated several individual global transactions with a TCV of several billion dollars each. In addition, he routinely advises on procure-to-pay/ procurement optimisation.
Andy offers clients innovative, value-driven solutions to challenging IT outsourcing, business process outsourcing, procurement, licensing, commercial contracting and general corporate matters. He is highly regarded for his strength in IT outsourcing and overall IT contract negotiation. His extensive knowledge of the field and industry also enables Andy to counsel clients successfully on software audits and licensing, IP and data management issues.
Randall Parks is a partner and chairman of Hunton’s executive committee. With more than 20 years of experience, he has negotiated and documented dozens of large-scale, complex commercial and technology
Cecilia Oh is a partner at Hunton with extensive experience of IT outsourcing/business process outsourcing and complex technology transactions, including those involving technology licensing, software-as-a-
transactions worth billions of dollars for multinational companies. Randy has consistently been recognised for his work in IT and corporate law. His practice focuses on complex commercial transactions, particularly business process and IT outsourcing, e-commerce, licensing, systems acquisition, development and integration agreements, manufacturing, supply, distribution, and complex services agreements and multi-country joint ventures.
service, fintech, application development, systems integration and e-commerce. She represents a wide spectrum of clients, including in the financial services, retail, healthcare, hospitality and transportation industries, ranging from industry leaders to start-ups. In addition, Cecilia advises clients on the use of electronic signatures, payment processing, private label and co-branded card programmes, and banking platforms. She has been recognised for her practical and tailored approach to advising clients and for her depth of market understanding.
4 CHAMBERS.COM
INTRODUCTION Contributed by: Jeffrey Harvey, Randall Parks, Andrew Geyer and Cecilia Oh, Hunton Andrews Kurth LLP
Hunton Andrews Kurth LLP 200 Park Avenue
New York NY 10166 USA
Tel: +1 212 309 1000 Fax: +1 212 309 1100 Email: info@hunton.com Web: www.hunton.com
Cryptocurrency Despite the challenges of 2024, the cryptocurrency market has survived and, in many cases, thrived. Valu - ations have increased since the most recent crash in 2024, with Bitcoin nearly doubling its value from its 2024 low; 2025 may be looked back upon as the year that the fittest of the cryptocurrencies survived. Giv - en this renewed strength of the crypto market, there could be a resurgence of blockchain and cryptocur - rency software application developers, advisers and managed service providers. Non-fungible tokens Non-fungible tokens (NFTs) are essentially digital cer - tificates of asset ownership and are primarily repre - sented by digital images that were bought and sold as if they were more tangible assets. At the height of the NFT craze, a single NFT sold for more than USD20 million at Sotheby’s. In 2024, the NFT market was operating essentially on life support, with very few analysts expecting a resurgence. However, mira - cles do happen and, due to a shift in the usage of NFTs from art to utility, there has been somewhat of a surprising resurgence. NFTs are now more prevalent in the form of digital diplomas, event tickets, loyalty credentials and supply chain tokens. The total market is expected to grow to USD34 billion in 2025 accord - ing to some estimates. Metaverse The metaverse promised to become a new digital world hosted somewhere in the ether, which ana - lysts predicted would ultimately comprise a market worth several billions of dollars. Service providers immediately formed metaverse working groups and
The rate of change in the technology and outsourc - ing industry continues to increase after a period of relative stability. New and disruptive technologies have come and gone (or gone somewhat dormant) within the past 12 months, while others have demon - strated more staying power. The global outsourcing industry continues to remain strong in light of these new and somewhat disruptive technologies, and out - sourcing providers have incorporated many of these technologies into their service offerings. This ability to constantly evolve along with the broader technology market demonstrates the flexibility and resilience of the outsourcing industry as a whole. New Technologies Artificial intelligence Artificial intelligence (AI) seems to have finally taken hold in the IT services industry. ChatGPT, GitHub, Bard and other generative AI solutions are end user- friendly and widely available, which seems to have led to greater adoption of AI technologies in the broader market. Moving from a mere buzzword tossed around by service providers who had not yet integrated the technology into their solutions to potentially a driver of new solutions geared towards increased efficiency, it seems as if AI in the IT services space is here to stay. Time will tell whether these AI-integrated solutions are “real”, in terms of tangible benefits to custom - ers, but the pitches seem to have substance behind them (something that was lacking 12 months ago) and certain of the individual and somewhat isolated use cases have been fairly remarkable.
5 CHAMBERS.COM
INTRODUCTION Contributed by: Jeffrey Harvey, Randall Parks, Andrew Geyer and Cecilia Oh, Hunton Andrews Kurth LLP
marketed managed services for customers’ needs in the metaverse. Meanwhile, metaverse consulting groups began advertising their services and social media management services evolved to encompass management of one’s social media presence in the metaverse. Aside from a handful of applications, the metaverse, as a digital version of the current world, simply never took off and very few customers engaged service providers for these purposes. However, similar to NFTs, the metaverse repurposed itself in a manner that appears to be geared more towards utility than simply providing a duplicate digital world. For exam - ple, teachers may train for active shooters or simi - lar threats in the metaverse, and police may train for interactions involving those with mental health issues or with fentanyl users requiring immediate emergency care. Implementation and adoption of these new technolo - gies require practitioners to remain current on famil - iar concepts of the law (eg, IP, data protection and privacy, and employment law) yet also be prepared to apply these concepts in a very new way. Unfortu - nately, some level of patience is also required by prac - titioners, given that many of these issues are currently subject to litigation, including litigation that could pro - hibit (or materially limit) the use of these technologies as currently contemplated. Stability of Cloud and As-a-Service Solutions Unlike many of these more disruptive technologies, cloud and as-a-service solutions have been widely adopted. Customers across the globe have purchased some mix of these solutions with varying levels of complexity and, for the most part, have managed to appropriately navigate the data privacy, cybersecu - rity, export and tax issues initially presented by these technologies without borders. Agreements governing these products have also seemingly stabilised. The largest providers (ie, the original providers of the actual cloud infrastructure behind most cloud and as-a-service offerings) contin - ue to command the most deference to their terms and conditions, while mid-to-small providers often view their agreements as far more negotiable. Key stick - ing points have not changed throughout the years, as companies and providers alike continue to focus on
limits of liability, indemnification, termination, compli - ance audits, data security and privacy, and permitted uses. Outsourcing and New Technologies While service providers continue to offer all of the more traditional outsourcing services (eg, data cen - tre, application development and maintenance, call centres, support desk), these offerings are increas - ingly complemented by certain of the newer tech - nologies described earlier. Service provider solutions in the outsourcing space, in particular, more often include some combination of AI and RPA. In many instances, the two go hand-in-hand, as traditional AI and automation depend in large part upon repetition in order to increase efficiency. Additionally, providers are introducing generative AI products and solutions that are specific to the service being offered and/or the customer receiving the service. As of the date of publication of this guide, however, providers mostly use AI as a back-office service in an effort to improve their own offerings, while customer-facing solutions are still relatively rare as part of a larger outsourcing deal. As a result, many outsourcing providers who were tra - ditionally more focused on towers or full-time equiva - lents are now on the frontline introducing their custom - ers to newer technologies. This shift is also evident in the introduction by providers of “bundled offerings”. Bundled offerings are generally comprised of products or services offered by independent third-party provid - ers through a customer’s outsourcing provider. These are not traditional subcontractor arrangements. Rath - er, the bundled offering includes two providers who – in theory – remain independent of one another, with the customer’s outsourcing provider serving more in the role of a managed services provider. Practitioners need to be wary of these models, as any number of providers have not resolved certain privity of contract and liability issues associated with this approach. The above-mentioned approaches may represent an attempt by outsourcing providers to claw back against a very clear trend in the industry during the past sev - eral years, which is the breaking up of “mega” out - sourcing contracts into several one-off agreements for individual services and products. Alternatively,
6 CHAMBERS.COM
INTRODUCTION Contributed by: Jeffrey Harvey, Randall Parks, Andrew Geyer and Cecilia Oh, Hunton Andrews Kurth LLP
outsourcing providers may be co-mingling managed services and outsourced services to a greater extent and simply hoping to become a one-stop shop for their customers. Whether or not a “blip”, build operate transfer (BOT)/ global capability centres (GCC) models are also on the rise. BOT/GCC models are not new and became rela - tively disfavoured over the last two decades. However, because these models enable customers to maintain more control over the servicing staff, customers are also in a better position to guide the technologies used and adopted by the servicing staff (as opposed to being beholden to the sometimes less nimble tools used by outsourcing providers).
Regardless of the reason, the introduction of new products, new services and new/revisited models demands that practitioners pay closer attention to the governing agreements. While many of the legal topics have not changed throughout the years, the approach to these topics certainly has and often calls for mul - tiple approaches to address the same topic – each dependent upon the technology provided.
7 CHAMBERS.COM
ARMENIA Law and Practice Contributed by: Narine Beglaryan and Anahit Aloyan Concern Dialog
Russia
Georgia
Armenia
Yerevan
Azerbaijan
Turkey
Iran
Contents 1. Market Conditions p.10 1.1 IT Outsourcing p.10 1.2 Business Process Outsourcing (BPO) p.10 1.3 New Technology p.10 1.4 Outsourced Services p.11 2. Regulatory Environment p.11 2.1 Restrictions on Technology Transactions or Outsourcing p.11 2.2 Industry-Specific Restrictions p.11 2.3 Restrictions on Data Processing or Data Security p.12 3. Model Outsourcing Contracts p.13 3.1 Standard Contract Model p.13 3.2 Alternative Contract Models p.13 3.3 Digital Transformation p.13 4. Contract Terms p.13 4.1 Customer Protections p.13 4.2 Termination p.15 4.3 Liability p.15 4.4 Implied Terms p.16 4.5 Data Protection and Cybersecurity p.16 4.6 Performance Measurement and Management p.16
4.7 Digital Transformation p.16 5. Employment Matters p.16 5.1 Employee Transfers p.16 5.2 Role of Trade Unions or Workers’ Councils p.17 5.3 Offshore, Nearshore and Onshore p.17 5.4 Remote Working p.17
8 CHAMBERS.COM
ARMENIA Law and Practice Contributed by: Narine Beglaryan and Anahit Aloyan, Concern Dialog
Concern Dialog is a top-tier, full-service law firm headquartered in Yerevan, Armenia. It has been a trusted partner for businesses and individuals seek - ing legal counsel and representation since 1998. The firm is renowned for its work in the areas of corporate law, labour law, competition law, tax law, contract law, family law (including child abduction cases) and regulatory issues. The firm has extensive experience in regulatory matters in the technology, media and telecommunications (TMT), mining, energy, utilities,
banking and finance, medical services, real estate and not-for-profit sectors. In addition to its renowned consulting and transaction practice, the firm’s litiga - tion practice is regarded as one of the leading ones in Armenia for landmark litigation and arbitration cases. The firm’s membership of TagLaw and Nextlaw net - works, as well as its co-operation with individual law firms from various jurisdictions, allow it to provide services to its Armenian clients virtually worldwide. To see more, visit https://dialog.am/en/page/aboutus
Authors
Narine Beglaryan is a senior partner at Concern Dialog and leads the firm’s corporate law and M&A area of practice, as well as its banking law and capital markets, data protection and privacy practices. Her role
Anahit Aloyan is an associate at Concern Dialog who specialises in civil law. She joined Concern Dialog’s team in 2023.
encompasses providing expert legal advice and litigating on behalf of clients. Narine Beglaryan has been a licensed attorney since 2012. She joined the Concern Dialog team in 2013. With over 15 years of experience, her expertise is recognised internationally, as evidenced by her inclusion in the main ranking lists such as the prestigious Chambers Global and Chambers Europe. Prior to joining the Concern Dialog team, she worked for seven years in a bank and in the telecommunications sector (as in-house counsel).
Concern Dialog 1 Charents str. Yerevan, 0025 Armenia Tel: +374 6027 8888 Email: info@dialog.am Web: dialog.am
9 CHAMBERS.COM
ARMENIA Law and Practice Contributed by: Narine Beglaryan and Anahit Aloyan, Concern Dialog
1. Market Conditions 1.1 IT Outsourcing
digital operations and advanced data analytics for international clients. Armenia’s BPO offerings typically include: • Software development: web, mobile, enterprise and custom solutions • IT support services: cloud infrastructure, DevOps, helpdesk • AI and data analytics solutions: predictive model - ling, machine learning platforms • Cybersecurity services: audits, penetration testing, protocol development • BPO services: technical support, customer service, back-office administration • Specialised projects: fintech software, healthcare IT, R&D collaborations A segmentation of providers has emerged: boutique firms often concentrate on niche services such as cus - tomer support, translation, market research and big data, while mid-sized providers specialise in finance and HR outsourcing. Newer entrants are diversifying into marketing, branding and other specialised IT ser - vices. Reflecting international trends, Shared Services Cen - tres and long-term BPO arrangements are being increasingly adopted in Armenia, particularly in finance and accounting functions. 1.3 New Technology Armenia has rapidly developed into a recognised hub for IT outsourcing and software development, sup - ported by a strong educational base, competitive costs and government-backed incentives. Service providers are increasingly embedding AI, machine learning and robotic process automation into their offerings, moving beyond transactional tasks to deliv - er higher-value, technology-enabled solutions. Several key trends define the Armenian IT outsourcing landscape: • Cloud adoption and SaaS models: Armenian companies are increasingly delivering cloud-based solutions, including software as a service (SaaS)
Armenia has developed into a regional hub for IT out - sourcing and software development, often referred to as the “Silicon Mountains” of the Caucasus. The IT outsourcing market was projected to reach USD49.44 million by 2025, with the broader IT services sector expected to grow to USD143.37 million. The sec - tor has sustained an average annual growth rate of around 23%, driven by both domestic innovation and increasing demand from international clients. The country’s strategic location between Europe and Asia, combined with a multilingual and culturally aligned workforce, allows Armenian providers to col - laborate effectively across global markets. Developers demonstrate strong expertise in major programming languages and specialise in mobile and web applica - tions, embedded systems and IoT, AI and machine learning, cybersecurity, fintech and healthcare IT. The government has played a central role in foster - ing this growth through targeted tax incentives. These include a 0% corporate income tax for qualifying IT start-ups, a reduced 10% personal income tax for employees, a 200% R&D super deduction and a 1% turnover tax regime for smaller firms. 1.2 Business Process Outsourcing (BPO) Armenia’s business process outsourcing (BPO) sec - tor is on a steady upward trajectory, with revenues projected to reach USD42.14 million in 2025 and an anticipated compound annual growth rate of 3.54% between 2025 and 2030, reaching USD50.14 million by 2030. BPO activity typically targets non-core pro - cesses, allowing businesses to retain control over their essential operations while achieving efficiency in support functions. The sector is developing in parallel with IT outsourc - ing, with providers focusing on technical support, customer service, back-office administration and data analytics. At the same time, the market is increasingly shaped by IT-enabled outsourcing, including consult - ing, application outsourcing and web hosting. Provid - ers are moving beyond transactional support towards higher-value services, such as product development,
10 CHAMBERS.COM
ARMENIA Law and Practice Contributed by: Narine Beglaryan and Anahit Aloyan, Concern Dialog
2. Regulatory Environment 2.1 Restrictions on Technology Transactions or Outsourcing Armenia does not have cross-sector legislation spe - cifically regulating outsourcing. Instead, restrictions arise under sectoral laws in regulated industries (see 2.2 Industry-Specific Restrictions ). Outsourcing arrangements in the public sector may also be pre - scribed by law, particularly where state functions or services are delegated. The principal legal considera - tions relate to data protection and information security requirements (see 2.3 Restrictions on Data Process- ing or Data Security ). 2.2 Industry-Specific Restrictions In Armenia, outsourcing and technology transactions are subject to sector-specific regulation, particularly in the banking, insurance and healthcare sectors. In the banking sector, outsourcing of both core and ancillary operations is permitted, provided that where the outsourced activity requires a licence, the contrac - tor itself holds the relevant authorisation. Outsourc - ing such activities is subject to prior approval from the Central Bank of Armenia (CBA), which may refuse approval if outsourcing threatens financial stability, clients’ interests or effective supervision. Even after approval, banks remain fully liable towards clients, third parties and the CBA for the outsourced opera - tions. The insurance sector is likewise tightly regulated. Insurers may delegate certain functions – including claims handling, actuarial work and asset manage - ment – only with the CBA’s prior authorisation. The outsourcing contract must include mandatory pro - visions, such as confidentiality safeguards, explicit audit and supervision rights for the insurer and the CBA, and liability rules for improper performance. Both the insurer and its contractors fall under the CBA’s supervisory authority, and the CBA may require amendment or termination of outsourcing contracts that pose regulatory or consumer risks. In the healthcare sector, the management of the national electronic healthcare system, which involves sensitive personal health data, is centralised. Techni -
and tailored infrastructure, a trend reinforced by the growth of distributed teams and remote work. • Artificial intelligence and machine learning: sig - nificant investment in education and research has positioned Armenian developers to design advanced AI and machine learning applications. • Electronic design automation and chip design: Armenia’s established expertise underpins projects in IoT and embedded systems. • Cybersecurity: providers are expanding into pene - tration testing, protocol development and managed security services, meeting rising global demand for secure digital operations. • Mobile applications: Armenian firms have deliv - ered successful products across iOS and Android, strengthening the country’s international reputation in app development. 1.4 Outsourced Services In Armenia, the most commonly outsourced services are concentrated in the IT and back-office domains. IT outsourcing remains the leading segment, cover - ing software development, application outsourcing, web hosting and IT consulting/implementation. These services are frequently sought by international clients attracted by Armenia’s strong pool of skilled develop - ers and competitive cost base. Back-office outsourcing is also well established, par - ticularly in finance and accounting functions such as bookkeeping, payroll processing, statutory reporting and tax compliance. Human resources outsourcing, including workforce administration, recruitment sup - port and training management, is gaining traction among both domestic SMEs and local branches of multinational corporations. Customer service outsourcing, often delivered through call centres or multilingual support hubs, is another growth area. Finally, niche areas such as translation, market research, digital marketing and big data ana - lytics are emerging as specialised outsourcing offer - ings.
11 CHAMBERS.COM
ARMENIA Law and Practice Contributed by: Narine Beglaryan and Anahit Aloyan, Concern Dialog
cal maintenance and operation are entrusted exclu - sively to a single operator selected by public tender, under government-defined criteria. This ensures state oversight and protection of medical confidentiality in technology-related outsourcing. 2.3 Restrictions on Data Processing or Data Security The Law on the Protection of Personal Data defines personal data broadly as any information relating to an identified or identifiable natural person. It distin - guishes between ordinary data, special category data (such as information on race, ethnicity, political views, religious or philosophical beliefs, trade union member - ship, health or sexual life), biometric personal data and publicly available data. Armenian legislation on data protection provides for four general principles relating to the general process - ing of personal data: lawfulness, proportionality, reli - ability, and minimum engagement of data subjects in the process. As a general rule, the processing of personal data requires the data subject’s consent, except for the cases directly provided by Armenian legislation. Data controllers are obliged to ensure security of pro - cessing, including the use of encryption keys and the prevention of unauthorised access. Although the law foresees further detailed requirements to be adopted by government decision, such secondary legislation has not yet been enacted, leaving a degree of uncer - tainty in practice. In the event of a security breach such as the leakage of personal data from an elec - tronic system, the controller is obliged to immediately publish a statement about it while also informing the Police of the Republic of Armenia and the Personal Data Protection Agency. Another security breach envisaged by the Law on the Protection of Personal Data is the detection of illegal actions with personal data. In such a case, the controller is obliged to elimi - nate the committed violations not later than within three working days. In case of impossibility to elimi - nate the violations, the controller is obliged to imme - diately destroy the personal data and inform the data subject or their representative about eliminating viola - tions or destroying personal data within three working
days, and to also inform the Agency if the request was received from it. Cross-border transfers of personal data are permitted with the consent of the data subject or if the transfer of data results from the purposes of personal data pro - cessing and/or is necessary for the fulfilment of those purposes. The authorisation of the Agency to transfer personal data to another country may not be needed if a sufficient level of protection of personal data is ensured in the receiving country. A sufficient level of personal data protection is considered to be provided if personal data is transferred in accordance with inter - national agreements or personal data is transferred to any country included in the list officially published by the Agency. Personal data may be transferred to the territory of a state that does not provide a sufficient level of protection only with the permission of the Agency, if the personal data is transferred on the basis of a contract and the contract provides guarantees of personal data protection that have been approved by the Agency as providing sufficient protection. In such cases, the controller is obliged to apply in writing to the Agency and receive permission to transfer. Sector-specific rules apply in areas such as banking, insurance, medical services, telecommunications and anti-money laundering. Telecom operators, for example, are required to maintain the confidentiality of communications, with disclosure permitted only upon written consent or by court order in cases pro - vided by law. Recent Developments As for developments in the last year, there is currently a legislative project that includes a proposed Law on Cybersecurity. This law aims to create a cyber-safe environment for the information systems and criti - cal information infrastructures used to provide vital services in the Republic of Armenia. The proposed law aims to regulate relations relating to the detection of cyber incidents and their notification, prevention and resolution, monitoring, control, and cybersecu - rity audit of compliance with the requirements of this law, as well as defining the scope of the persons who are obliged to ensure the cybersecurity of information systems, infrastructures and the critical information they use, as well as their continuous, uninterrupted
12 CHAMBERS.COM
ARMENIA Law and Practice Contributed by: Narine Beglaryan and Anahit Aloyan, Concern Dialog
and safe use. In addition, the Armenian government’s action plan for the years 2021 to 2026 establishes as a goal the improvement of the level of personal data protection in the Republic of Armenia, particularly with the help of aligning newly adopted as well as current legal acts concerning personal data protection.
particularly in the IT and telecommunications sec - tors, where cloud computing, SaaS and IaaS models are increasingly adopted by both private companies and public institutions. Most digital service providers use their own standardised contracts tailored to the specific services they offer, which companies must accept to use those services. This shift to digitalisa - tion requires that these model contracts address the following key issues: • Data protection and confidentiality: heightened emphasis on data processing, confidentiality and information security. • Technical appendices and service levels: digital outsourcing agreements more frequently incor - porate detailed schedules on service availability, reversibility, interoperability and data portability. • Liability clauses: strengthened provisions address - ing data breaches, cybersecurity incidents and non-compliance with evolving sectoral standards, especially in finance, telecommunications and pay - ment services. • Regulatory influences: outsourcing in regulated industries, notably banking and financial services, is increasingly shaped by CBA requirements on internal risk management and IT security. As mentioned in 3.1 Standard Contract Models , tech - nology transactions and outsourcing arrangements in Armenia are generally governed by the Civil Code, pri - marily under the rules on contracts for paid provision of services and contractor agreements. There is no dedicated legislative framework for IT or outsourcing agreements; therefore, such contracts are treated as ordinary civil contracts, supplemented by sector-spe - cific laws (for example, on data protection). Armenian customer protection legislation applies to natural persons. However, in this context (and in the context of this section 4. Contract Terms ), “customer” or “client” refers to a legal entity receiving services under a civil contract, which is therefore outside the scope of customer protection regulation. 4. Contract Terms 4.1 Customer Protections
3. Model Outsourcing Contracts 3.1 Standard Contract Model
There is no industry-specific model agreement for outsourcing or technology transactions in Armenia. In practice, outsourcing relationships are governed by the general provisions of the Civil Code, in particular the rules on paid service provision contracts and con - tractor agreements. These provisions allow the parties to freely define the terms of their outsourcing arrangements, including the scope of services, performance standards, time - lines, methods of remuneration and allocation of risks. Agreements are typically negotiated on a case-by- case basis and supplemented by clauses or annexes dealing with confidentiality, data protection, liability, warranties, subcontracting and dispute resolution. As a result, outsourcing contracts in Armenia follow a customised, negotiated approach, rather than a standardised contractual model. 3.2 Alternative Contract Models In Armenia, as in many jurisdictions, the bilateral out - sourcing (paid service provision) contract remains the default model for most commercial outsourcing arrangements. Alternative structures are less common but available where strategic, regulatory or economic considerations make them suitable. In practice, these can include service contracts with subsidiaries (in- house outsourcing), joint ventures/partnerships, multi- sourcing (splitting services between several suppli - ers), build-operate-transfer arrangements, managed services/long-term outsourcing and public-private
partnerships for public services. 3.3 Digital Transformation
Digital transformation has had a gradual but notice - able effect on outsourcing transactions in Armenia,
13 CHAMBERS.COM
ARMENIA Law and Practice Contributed by: Narine Beglaryan and Anahit Aloyan, Concern Dialog
A contract for paid provision of services requires the provider to render services to the customer in exchange for payment, and must be concluded in written form. Failure to observe the written form requirement does not invalidate the contract, but lim - its the parties’ ability to rely on witness testimony in case a dispute arises; however, they may still present written or other evidence. Besides general contractual liability provisions, addi - tional customer protections and remedies are as fol - lows: • The provider must perform the services personally, unless otherwise agreed. • If performance becomes impossible due to circum - stances for which neither party is responsible, the customer is required only to reimburse the pro - vider’s actual expenses, unless the law or contract provides otherwise. • The customer may terminate the service contract at any time, subject to reimbursement of the pro - vider’s actual expenses. • Conversely, the provider may withdraw from the contract, but must fully compensate the customer for any losses incurred as a result of such with - drawal. • As for sector-specific protections, operators of electronic commerce platforms are obliged to display mandatory information about vendors and retain this information throughout the vendors’ presence on the platform and for at least one year thereafter (unless a longer period is required by law or contract). Contractor agreements apply where one party (the contractor) undertakes to perform defined work and deliver a tangible or intangible result, while the other party (the customer) undertakes to accept the result and pay for it. The form requirements mirror those for paid service provision contracts. Statutory protections for customers are wider in this case and include the following: • In contracts for the manufacture of goods, owner - ship of the work passes to the customer.
• Work must be performed using the contractor’s own resources (labour, materials, equipment), unless otherwise agreed. • The contractor is liable for the quality of materials and equipment it supplies. • The contractor is responsible for meeting both interim and final deadlines. • The customer may at any time inspect the work in progress and its quality, without interfering in the contractor’s activities. • If the contractor fails to commence or performs so slowly that timely completion is clearly impossible, the customer may terminate the contract and claim damages. • If it becomes evident during performance that the result will be defective, the customer may set a reasonable period to correct the defects; if such defects are not corrected, the customer may termi - nate the contract, remedy defects at the contrac - tor’s expense and/or claim damages. • The customer may terminate the contract at any time before acceptance, subject to payment for completed work and compensation of losses caused by termination. • The result must comply with contractual require - ments or, in their absence, with ordinary quality standards. • Work may be subject to a statutory or contractual warranty period during which defects must not arise. • In case of defects, the customer may demand cor - rection, price reduction or reimbursement of repair costs, or terminate the contract with damages. • The contractor bears the risk of accidental loss until formal acceptance by the customer. • Claims may be raised within the warranty period or, if no such period is agreed, within two years. • If, in the course of performance, a party obtains access to new technical solutions, know-how or trade secrets, it may not disclose them to third par - ties without the other party’s consent. It is worth noting that in practice, outsourcing and technology contracts in Armenia often combine fea - tures of both paid provision of service and contractor agreements.
14 CHAMBERS.COM
ARMENIA Law and Practice Contributed by: Narine Beglaryan and Anahit Aloyan, Concern Dialog
4.2 Termination In the case of paid service provision contracts, the law allows the customer to terminate the contract unilater - ally at any time. When doing so, the customer is obli - gated to compensate the service provider only for the actual costs incurred in performing the services up to the point of termination. This mechanism ensures that the service provider is not financially disadvantaged for work already performed, while giving the customer flexibility to stop the contract if necessary. Conversely, the service provider also has the right to terminate the contract if the customer’s actions or failures make proper performance impossible, but in such cases, the provider must fully compensate the customer for any resulting damages. In the case of contractor agreements, the customer may terminate the contract if it becomes clear dur - ing performance that the work is not being properly executed. In such circumstances, the customer must first provide the contractor with a reasonable period to correct the defects. If the contractor fails to rem - edy such defects within this period, the customer may terminate the contract and, if necessary, hire another party to complete or correct the work, with the con - tractor bearing any resulting costs. Additionally, the customer has the right to terminate the contract at any time before the work is delivered by paying the contractor for the work already performed, while also compensating for any losses caused to the contrac - tor due to early termination. Similarly, the contractor has the right to suspend or refuse performance if the customer fails to fulfil its obligations – such as failing to provide materials, equipment or required instruc - tions – or if such failures make timely or proper com - pletion impossible. Upon termination, the contrac - tor is required to return any materials, equipment or property provided by the customer, or compensate the customer for their value if return is impossible. Furthermore, if the contract ends before the customer formally accepts the work, the customer has the right to receive the unfinished results of the work, with reim - bursement of costs already incurred by the contractor. 4.3 Liability Under Armenian law, the injured party is entitled to full compensation for all damages caused by the breach, unless a lower measure of compensation is expressly
provided by law or contract. This includes both actu - al loss – such as damage to or loss of property, or expenses incurred to restore rights – and lost profit, which covers income that would have been earned under normal conditions had the breach not occurred. Non-material losses, such as harm to dignity or repu - tation, are recoverable only in cases explicitly pro - vided by law. Armenian law does not explicitly use the “direct” or “indirect” (consequential) loss terminology. In prac - tice, however, actual loss is treated similarly to what other jurisdictions call direct loss, while lost profit can encompass what might be considered indirect or consequential loss elsewhere. Courts generally allow recovery for losses if they are causally linked to the breach and reasonably foreseeable. As already mentioned, lost profit is expressly recover - able if causally connected to the breach. Goodwill, business reputation, and honour are pro - tected under Article 1087.1, which provides remedies for injury caused by insult or defamation, including public apologies, publication of court decisions, or monetary compensation. Compensation for harm to business reputation is treated as non-material damage and is recoverable if proven through judicial process. Certain losses cannot be limited or excluded under Armenian law: • Non-material damages arising from violations of fundamental rights, including the right to life and liberty, the prohibition of torture, the right to a fair trial, and property rights, as regulated in Article 1087.2: These damages are assessed according to principles of reasonableness, equity and pro - portionality, and compensation is payable from the state or local budget, depending on the responsi - ble authority. • Intentional or grossly negligent acts: Liability can - not be excluded for deliberate misconduct or gross negligence. • Harm to honour, dignity or business reputation: Compensation for insult or defamation under Arti - cle 1087.1 cannot be contractually limited. Reme - dies may include monetary compensation (ranging
15 CHAMBERS.COM
ARMENIA Law and Practice Contributed by: Narine Beglaryan and Anahit Aloyan, Concern Dialog
up to several thousand times the minimum wage, depending on severity), public apology or publica - tion of court rulings, with the right to additionally recover related property or economic losses. 4.4 Implied Terms Armenian law does not explicitly recognise “implied terms” in the same way as common law jurisdictions. However, the Civil Code establishes that obligations must be performed properly, in accordance with the contract terms, the law and other legal acts. Where specific contractual terms or legal requirements are absent, performance must comply with customary business practices or generally accepted standards. 4.5 Data Protection and Cybersecurity As mentioned in 2.3 Restrictions on Data Processing or Data Security , currently Armenia does not have a dedicated national law on cybersecurity. However, the country is a party to the Budapest Convention on Cybercrime. Cybersecurity crimes are defined under the Criminal Code of Armenia. 4.6 Performance Measurement and Management In Armenia, the most common contractual clauses that allow a customer to manage and measure a supplier’s performance in technology and outsourc - ing agreements are typically derived from the gen - eral rules governing contractor agreements under the Civil Code. These include obligations on the contrac - tor to perform work in accordance with the contract and applicable quality standards, with liability for any defects or delays in delivery. For instance, contrac - tor agreements usually set out clear timelines for the completion of work, including interim milestones where appropriate, and provide the customer with the right to inspect the work at any stage without interfer - ing in the contractor’s methods. Payment provisions are linked to proper performance and acceptance of work, with mechanisms for advance payments, adjust - ments for additional work, or withholding in case of non-performance. Contractors are required to notify the customer of any obstacles, defective materials, or circumstances that could affect the timely or proper completion of the work, and the customer is entitled to direct remedial actions, including correction of defects or termination of the contract if necessary. Subcon -
tracting is permitted, but the contractor remains fully liable for performance. Additional clauses often cover the proper use and safekeeping of customer-provided materials and equipment, confidentiality of technical and commercial information, and warranties over the quality of the delivered work. Together, these provi - sions provide a framework for the customer to moni - tor, assess and enforce supplier performance in a structured and legally enforceable manner. 4.7 Digital Transformation Generally, the contractual terms governing cloud- based technology or outsourcing do not differ sub - stantially from traditional arrangements, and the prin - ciples under the Civil Code still apply. However, in the context of cloud services, particular attention is typically given to: • the safety of the transfer and the location of the data centre; • the reversibility provisions; and • security provisions. Under Armenian law, there is no specific regulation on employee transfers in the context of outsourcing. Instead, the matter is governed by the general provi - sions of the Labour Code, which defines an employ - ee’s essential employment conditions. These include the workplace, salary and the method of its determi - nation, benefits, working hours and rest regime, job classification and titles, job functions, and the type of employment contract. Such conditions may only be changed by the employer in cases of changes in workload, or in economic, technological or organisa - tional circumstances. Any such change requires prior notice to the employee, and if the previous essential conditions cannot be maintained and the employee does not give written consent to continue under the new conditions, the employment contract must be terminated in accordance with the procedures of the Labour Code. 5. Employment Matters 5.1 Employee Transfers Employee transfers may also arise in cases of legal succession. In the event of a corporate reorganisation
16 CHAMBERS.COM
ARMENIA Law and Practice Contributed by: Narine Beglaryan and Anahit Aloyan, Concern Dialog
(such as merger, consolidation, separation or restruc - turing), all rights and obligations, including those under employment contracts, automatically transfer to the successor entity. This means that when out - sourcing is structured as a transfer of a business unit that qualifies as a reorganisation, employees can be automatically transferred to the new employer with - out termination of their contracts. However, if such transfer results in changes to any essential working conditions, compliance with the above-mentioned procedure remains mandatory. In practice, the most common approaches are either to offer employees new employment contracts with the outsourcing provider or to retain them with the original employer, while the outsourced services are delivered externally under contractual arrangements between the outsourcing company and the client company. 5.2 Role of Trade Unions or Workers’ Councils Under the Labour Code, employees have the right to freely establish trade unions to protect and represent their interests. Where no trade union exists, employ - ees may elect representatives or delegate representa - tion to a sectoral or territorial union. In practice, such employee representations are not commonly estab - lished. If they do exist, the employer must respect the representatives’ rights, refrain from interfering with their activities, and consult them before making deci - sions affecting employees’ legal status. While Arme - nian law provides that, in certain cases, employer con - sent may be required, no such cases are currently defined, meaning that consultation remains advisory rather than mandatory. 5.3 Offshore, Nearshore and Onshore In Armenia, there has been a growing trend towards onshoring in outsourcing transactions. Armenian com - panies increasingly prefer to retain or relocate services
within the country rather than rely on offshore provid - ers. This shift is driven by several factors: • heightened awareness of data protection and cybersecurity risks, particularly where client or employee personal data is processed; • the introduction of government incentives for local IT and tech service providers, which makes onshore solutions more cost-effective; • competitive pricing of domestic providers, coupled with the steady development of Armenia’s IT and business services sector; and • operational efficiencies gained from cultural align - ment, absence of time zone barriers, and easier The Labour Code expressly defines remote working as the performance of an employee’s duties without being physically present at the workplace. Remote working is permissible only with the mutual consent of the employer and the employee, provided the nature of the work allows it. The arrangement must be docu - mented in writing. The conditions of remote work – including the provi - sion of equipment, reimbursement of related expens - es, and procedures for performance monitoring – are determined by collective agreements, internal policies or mutual written agreement. During remote work, the employee must remain accessible to the employer and properly fulfil their duties; failure to do so is treated as a disciplinary breach. Importantly, the health and safety obligations of the employer are significantly reduced in the remote work - ing context, with the exception of the duty to provide necessary personal protective equipment. Employees working remotely, whether from Armenia or abroad, retain all rights and guarantees provided under Arme - nian labour law. regulatory compliance. 5.4 Remote Working
17 CHAMBERS.COM
Page i Page 1 Page 2 Page 3 Page 4 Page 5 Page 6 Page 7 Page 8 Page 9 Page 10 Page 11 Page 12 Page 13 Page 14 Page 15 Page 16 Page 17 Page 18 Page 19 Page 20 Page 21 Page 22 Page 23 Page 24 Page 25 Page 26 Page 27 Page 28 Page 29 Page 30 Page 31 Page 32 Page 33 Page 34 Page 35 Page 36 Page 37 Page 38 Page 39 Page 40 Page 41 Page 42 Page 43 Page 44 Page 45 Page 46 Page 47 Page 48 Page 49 Page 50 Page 51 Page 52 Page 53 Page 54 Page 55 Page 56 Page 57 Page 58 Page 59 Page 60 Page 61 Page 62 Page 63 Page 64 Page 65 Page 66 Page 67 Page 68 Page 69 Page 70 Page 71 Page 72 Page 73 Page 74 Page 75 Page 76 Page 77 Page 78 Page 79 Page 80 Page 81 Page 82 Page 83 Page 84 Page 85 Page 86 Page 87 Page 88 Page 89 Page 90 Page 91 Page 92 Page 93 Page 94 Page 95 Page 96 Page 97 Page 98 Page 99 Page 100 Page 101 Page 102 Page 103 Page 104 Page 105 Page 106 Page 107 Page 108 Page 109 Page 110 Page 111 Page 112 Page 113 Page 114Powered by FlippingBook