• Home
  • /
  • Software
  • /
  • Mitigating corporate risk of widespread software dependency

Mitigating corporate risk of widespread software dependency

Understanding the strategic role of software escrow in South Africa.

Johannesburg, 01 Nov 2023
Software escrow manages the risks associated with relying on third-party software.
Software escrow manages the risks associated with relying on third-party software.

A major South African corporation might use up to 4 000 third-party software products that are business-critical. The relentless pursuit of greater efficiencies, more streamlined processes, more innovation as well as the persistent march of rapid digitalisation continues to propel organisations into an expanding and complex digital ecosystem. Embedded in the interplay between software vendors and business end-users is a deep dependency that is redefining the contours of corporate risk management and the governance of technology and information assets.

In this high-stakes arena, the repercussions of software supplier insolvency, supplier breaches of licence obligations or the acquisition of a software supplier by an end-user competitor can lead to an unplanned, sudden business interruption. Unexpected downtime of a mission-critical system stands as a harbinger of potential financial perils, including revenue loss and regulatory fines. Grave consequences are likely such as customer dissatisfaction, market share shrinkage, reputational damage and the loss of IT jobs. This underscores the imperative for companies to fortify their digital foundations against unforeseeable software failures.

Globally, software escrow has crystallised as a best practice solution for managing the risks associated with relying on third-party software. Executive Risk Consultant at ESCROWSURE, Guy Krige, says: “With the increasing recognition of the widespread dependency on an array of software vendors, there’s a coming of age for the software escrow industry in South Africa. This is a strategic business continuity practice that safeguards the latest version of verified and tested software source code, which can be released to the end-user in the case of pre-defined events that would otherwise have catastrophic consequences for the business.

ESCROWSURE, which previously operated as Escrow Europe, stands at the forefront of the South African market. The business has spearheaded the growth of the software escrow industry for over two decades and today provides full-service software escrow services to leading South African corporates across the finance and insurance sector, including ABSA, Old Mutual, Discovery and Sanlam. Software failure, which may also occur as a result of cyber security issues, poses a significant organisational risk that must be fully taken into account by company boards and leadership. At present, software escrow stands as the singular safeguarding solution mapping seamlessly to the rigorous framework outlined in the King Report for Technology and Information Governance, alongside compliance with various internationally recognised technology and IT risk management protocols.

Krige further notes a discernible shift in the corporate landscape, where interdependent entities increasingly insist that their business partners leverage software escrow agreements. "What we find is that among businesses who understand the risks associated with third-party software and become aware of software escrow as a mitigation measure, the uptake of the solution is swift and comprehensive. Anticipating the evolving landscape, we expect not only private enterprises but also government bodies and other institutions to view the utilisation of software escrow agreements as a prerequisite when selecting key suppliers. It's not merely about ticking a box; it's a strategic imperative for ensuring resilience and continuity in an age where the reliance on software is omnipresent." This foresight positions ESCROWSURE not only as the market leader but, more importantly, as a local provider guiding and supporting South African enterprises towards fortified operational resilience through strategic software escrow partnerships.



The purpose of Software Escrow - protecting your organisations Business Continuity Many organisations are entirely dependent on third party Software Products for their mission critical business processes and functions. This dependency constitutes Operational Risk. It is crucial for such Software End-Users to mitigate their exposure to such risk.

An escrow arrangement is the most cost-effective tool for protecting the interests of both parties – the Software End-User as well as the Intellectual Property (IP) of the Software Supplier.

Constituted in South Africa in 2003, Escrow Europe (Pty) Ltd t/a ESCROWSURE is South Africa’s leading software escrow service provider and is dedicated to the highly specialised practice of locally and internationally effective Software Escrow arrangements, tailored to manage the operational risk associated with an organisations absolute dependency on proprietary Software. The sole focus of ESCROWSURE is on quality software escrow arrangements - in escrow terminology referred to as Active Escrow.

With Active Escrow, Intellectual Property (IP) such as software source code and technical documentation is not only securely vaulted but is also professionally verified and updated on a routine basis. 

Editorial contacts

Rafeeqah Gertze
liquidlingo Communications
(+27) 83 765 3345