Procurement’s Power Duo: Finance and Legal

Banner artwork by /

This is the first part of a multi-part series addressing best practices and experience of a legal and procurement team in a rapidly growing startup environment.

Legal and finance collaboration

“You have to spend money to make money” as the old saying goes. Fundamentally, to start, operate, and grow a company takes capital, talent (who need to be paid), and often investment in marketing, sales, production, and fulfillment. All these essential functions rely upon tight partnership and communication between the finance and legal teams, as well as business owners and executives. In this article, the term “business owner” refers to internal functions or individuals accountable for business results related to procurement requests.

This article will address effective partnering from the perspective of a rising startup disrupting an established industry and leaning forward to grow quickly. While primarily applicable to small to mid-sized companies, this may also benefit larger established enterprises.

What do the finance procurement function and legal function do?

Finance teams have many responsibilities, including managing purchasing of goods and services necessary for the operation of the company. This involves identifying suppliers, negotiating business terms that are most favorable to the company, and building long-term relationships with reliable suppliers willing to partner with the company. Procurement generally focuses on negotiating pricing, availability, business terms, and items generally found on an order form.

From a practical perspective, the procurement team typically starts by discussing the business purchasing goals internally with the business owner (i.e., what does the business owner need, why, and by when?) followed by procurement reaching out to one or multiple vendors on behalf of the business owner and negotiates the price, quantity of items to be purchased (e.g., number of licenses/users), and term length for any agreement. A best practice for procurement is to use benchmark data to plan out various scenarios, prior to engaging and requesting quotes. When procurement can provide concrete data that reflects current market prices for similar vendors, this aids in negotiating advantageous deals for the company.

A best practice for procurement is to use benchmark data to plan out various scenarios, prior to engaging and requesting quotes.

Procurement may also be responsible for ensuring that the same tool and functionality does not already exist within the company. Duplicate software or SaaS (software as a service) tools can cause unnecessary spend and result in silos of information across the company. Avoiding SaaS sprawl” is a key function of procurement, in partnership with the information technology (IT) department and legal.

Legal’s role is to ensure the company is operating in compliance with relevant laws and regulations. Legal also leans in to drive business results and revenue growth. Legal should empower the business to move fast and grow effectively, and champion a “get-to-yes” approach, while protecting the company and shareholders.

In the context of procurement, legal helps protect the company’s intellectual property assets, including confidential and personal data, by ensuring appropriate protections are in place in contracts. Legal should work closely with Information Security (InfoSec)”) in assessing vendors to ensure they have appropriate security, privacy, redundancy, and business protection to protect the company’s data and provide reliable service.

In-house counsel should collaborate with the IT team to ensure safe and effective data security. Gorodenkoff /

Legal and InfoSec should require that a vendor utilize cybersecurity tooling to warn against risks (incidents that might happen) and even more importantly, utilizes effective detection of threats (intrusions and hacks that are actually taking place) and potential identity and permissions compromise. This is particularly relevant to US-based public companies with Security Exchange Commission materiality reporting obligations for cybersecurity incidents, and companies doing business with the European Union that may be subject to NIS2, DORA, and related cyber regulations.

Legal must consider the legal, business, and reputational risk of the vendor’s services to the company and assess these risks considering the business goals. Legal advises business owners of the risk level regarding a particular vendor and generally gives the owner the decision-making power. Legal helps mitigate risks by negotiating appropriate protections into any vendor agreement. However, in scenarios with potential risk of violating laws, legal should have escalatory power up to and including veto power to block a risky vendor from contracting with the company.

What are the separate and overlapping interests involved in procurement?

At a macro level, all teams within a company have a common interest in the financial success and growth of the company. But in day-to-day interactions, there is potential for misaligned interests, which parties should consider and address during the procurement process.

Business owner interests

Business terms need to be thoroughly reviewed by its owner to prevent miscommunication and dissatisfaction. chaylek /

The business owner primarily cares about finding a solution that will make their jobs more efficient and support revenue growth. For the business owner, issues like pricing, legal terms, and tool utilization are sometimes a secondary consideration. The business owner is accountable for (i.e., “owns”) the tool or service purchased and the resulting outcome. Thus, it is imperative that the business owner carefully reads and understands the business terms the company is signing up for. Often this message needs to be reinforced by finance and legal. Some business owners may simply “throw the contract over the wall” to legal or finance without having reviewed it, which places the burden of reviewing business terms on finance and legal, although this can be addressed by training. Both procurement and legal should specifically ask and get confirmation that the business owner has carefully considered what the vendor is providing, whether that will satisfy the business need now, and in the future, and under what circumstances the business owner would want to terminate the agreement. Vendors generally promise the sun, moon, and stars, but often those commitments disappear into a black hole after the contract is signed.

Vendors generally promise the sun, the moon, and the stars, but often those commitments to disappear in a black hole after the contract is signed.

Finance and procurement interests

The finance and procurement team has an interest in cutting costs, maximizing value received, and, from an audit perspective, ensuring that for each invoice, there is a valid contract associated with the spend. Using an automated procurement platform can greatly assist with this process by providing visibility and auditability in the approval flow. An end-to-end procurement tool can also provide a comprehensive view of the transaction that ties the requisition, contract, purchase order, invoice, and payment all together as one overall record.

Finance, in partnership with IT and legal, has an interest in reducing the number of tools used (i.e., limiting “SaaS sprawl”) thereby reducing the company’s spend on vendors and consolidating to preferred vendors to achieve greater financial leverage in pricing negotiations. Another concern is to identify and remediate “shadow IT” where users pick their own preferred tool, without IT, finance, or legal review, and expense it on a corporate credit card, or just pay privately for it. All of these scenarios are risky, both from a financial perspective (unmanaged spend) and from the point of information security, confidentiality, and privacy, if users are storing company data in unapproved tools without appropriate legal protection in place.

Legal interests

In addition to ensuring compliance with laws and regulations and growing the business, legal has a responsibility to protect company assets, including intellectual property, ensure responsible management of personally identifiable information, establish appropriate legal protection of the company in agreements, promote compliance with code of conduct and ethics, and avoid conflicts of interest in procurement.

Legal cares about having a valid contract with each vendor, with negotiated provisions that are favorable to the company, with appropriate time in advance to review and negotiate such provisions. Last minute “fire-drill” procurement requests make it challenging to negotiate terms favorable to the company. Legal advises the business owners of vendor risks, negotiates to limit such risk, and empowers the business owner to make their purchasing decision, for which the business owner is ultimately accountable. When legal and the business owner have a strong working relationship and established trust, this smooths out difficult conversations, particularly if a business owner’s request is denied. Doing business involves taking on some level of risk, and the level of “appropriate risk” will vary considerably depending on the stage of the business. The risk appetite of a startup is typically higher than a mid-size private company, which is again typically somewhat higher than a large publicly traded company. The risk continuum may run “from mild to wild” depending on the size, posture, and industry a company operates in.

The risk appetite of a startup is typically higher than a mid-size private company, which is again typically somewhat higher than a large publicly traded company. The risk continuum may run "from mild to wild" depending on the size, posture, and industry a company operates in.

How can procurement and legal best work together?

“The single biggest problem in communication is the illusion that it has taken place.”

George Shaw

“The single biggest problem in communication is the illusion that it has taken place,” said George Shaw.

Regular and structured communication is key to ensuring the finance and legal teams are operating in harmony with each other and that there are no “surprises.” Finance and legal should each be aware of where the other is in the process, particularly so leading up to busy periods such as end of quarter, major holidays, and year end, regular face-to-face communication addresses issues before they stall negotiations or signature.

Consistent communication between finance and in-house counsel keeps both teams updated and on the same page. 4 PM production /

A key factor in vendor agreements is the deadline by which they must be executed, which can often provide negotiating leverage to one party or another. When a business owner provides a deadline, it is worthwhile inquiring as to the basis of the deadline, and whether it is truly urgent. In many cases, the vendor wants a contract executed prior to a quarter end date or to achieve a bonus to the vendor sales rep for closing early. While this may be the vendor’s deadline, it is not necessarily the company’s deadline. In many cases the vendor may be willing to “sweeten the deal” with price concessions or add-on services if the contract is executed by the deadline. Procurement teams may utilize this to their advantage. If the deadline is driven by the company, both the procurement and legal teams understand that company-driven deadlines require prioritization. The urgency may give negotiating leverage to the vendor, so business owners should be counseled to not disclose urgency to the vendor.

Effective partnering with business owners

“Coming together is a beginning. Keeping together is progress. Working together is success.

Henry Ford

“Coming together is a beginning. Keeping together is progress. Working together is success,” said Henry Ford.”

The procurement and legal teams should start with understanding the business, what it needs to succeed, where its dependencies and vulnerabilities are, and the key timelines upon which the business operates. Team members may be assigned to supporting specific departments within the company, i.e., to marketing, facilities, or engineering. This allows the team member to work closely with business owners to gain familiarity and understanding with their working styles, identify the specific needs of that part of the business, and anticipate what the business needs to function to avoid urgent “need it now!” requests. For example, the needs of a facilities team purchasing leases, supplies, and building services are likely quite different to an IT or engineering team purchasing software licenses, cloud services, and security tooling.

This process often starts with identifying which function in the business “owns” the tool that they want to bring into the company. This function, and the individual(s) running it, should be accountable for implementing the tool within the company, and often will act as an administrator within the tool. Ideally, the requested tool or service should benefit the whole company, to avoid “tool silos” used only by a small subset of employees, and also “orphan tools” when a particular user moves on from the company, leaving the tool to become “shelfware.”

Procurement and IT may use benchmark data and conduct surveys of users to determine which categories of tools are required, whether they can be sourced from or are compatible with preferred vendors and tool suites (e.g., well known productivity and engineering tool-suites from Microsoft, Google, AWS, etc.), to avoid a business owner just picking their favorite tool or vendor.

Procurement collaborates with the business owner to finalize the order’s price, quantity, and dates, while legal handles the negotiation of key terms incorporating the business owner’s agreement and highlighting contractual risks. The business owner, often with their management’s input, makes the final purchase decision. If a purchase represents significant risks, the business owner decides whether to proceed based on legal advice. However, if there’s a risk of legal non-compliance, legal has the authority to escalate and veto the decision.

Crafting effective programs

An effective procurement program requires communication, understanding, and trust between finance, legal, and business owners. The second part of this series will address automation as an enabler for this procurement process, and as a tool to promote visibility and accountability throughout the procurement process.