A property management agreement should explain how operational risks are allocated between the property owner and the manager.
The agreement should not assume that every problem at the property is automatically the manager’s responsibility.
Some risks may arise from:
- the physical condition of the property;
- structural defects;
- guest behaviour;
- staff conduct;
- contractor performance;
- equipment failure;
- booking errors;
- payment disputes;
- data-security incidents;
- regulatory non-compliance;
- events outside either party’s control.
The agreement should identify which party controls each area of risk and which party is best placed to prevent, manage or insure against it.
Liability provisions should be consistent with the manager’s actual authority.
A manager should not generally accept responsibility for a matter that the manager cannot control. At the same time, the manager should remain accountable for authorised actions, failures to follow agreed procedures and misuse of the owner’s money, property or information.
### The Manager’s Standard of Performance Should Be Defined
The agreement should describe the level of care expected from the manager.
It may require the manager to:
- perform the agreed services with reasonable care;
- follow approved operating procedures;
- act within the authority granted;
- comply with financial approval limits;
- maintain accurate records;
- supervise staff and contractors appropriately;
- notify the owner of material problems;
- take proportionate action in emergencies;
- protect confidential information;
- avoid undisclosed conflicts of interest.
The agreement should not rely only on broad promises to manage the property “professionally” or “to the highest standard.”
Those expressions may create expectations without explaining the specific conduct required.
Performance obligations should be linked to measurable procedures, reporting requirements and approval rules.
### Owner Responsibilities Should Also Be Identified
Risk allocation should not focus only on the manager.
The owner may remain responsible for:
- the structural condition of the property;
- major capital repairs;
- adequate operating funds;
- accurate ownership and property information;
- decisions requiring owner approval;
- insurance arrangements;
- legal or professional advice;
- matters outside the manager’s authority;
- compliance obligations assigned to the owner or operating entity.
The agreement should address what happens if the owner delays an important decision or fails to provide necessary funds.
For example, the manager may notify the owner that:
- electrical equipment is unsafe;
- a roof requires urgent repair;
- a licence-related document is missing;
- insurance has expired;
- a contractor requires advance payment;
- an essential appliance should be replaced.
If the owner does not respond, the agreement should explain whether the manager may act, suspend an affected service, limit guest use or take another protective measure.
The manager should not be liable for the consequences of an owner decision that the manager properly documented and was not authorised to override.
### Guest-Related Risks Require Clear Procedures
Commercially operated villas may face claims involving:
- personal injury;
- damaged or missing property;
- booking cancellations;
- refunds;
- payment disputes;
- inaccurate advertising;
- service complaints;
- loss of guest belongings;
- privacy concerns;
- security incidents.
The agreement should define the manager’s authority to respond to these matters.
It should state whether the manager may:
- communicate with the guest;
- offer a service recovery measure;
- approve a refund;
- collect evidence;
- arrange urgent assistance;
- notify an insurer;
- appoint a contractor;
- settle a claim.
Financial limits should apply where the manager is permitted to issue refunds or agree to compensation.
The manager should preserve relevant evidence, which may include:
- booking records;
- guest communications;
- photographs;
- staff statements;
- payment records;
- inspection reports;
- incident reports;
- CCTV records where lawfully maintained;
- contractor findings.
Indonesia’s consumer-protection framework may be relevant where accommodation or related services are supplied to guests. The agreement should therefore avoid assuming that internal risk allocation between the owner and manager will eliminate rights or responsibilities that may apply to third parties.
### Contractor Risk Should Follow Control
The agreement should address responsibility for contractors appointed to work at the property.
Important questions include:
- who selected the contractor;
- who approved the scope and price;
- who supervised the work;
- who verified completion;
- who received the warranty;
- whether the contractor was properly qualified where required;
- whether a conflict of interest existed.
A manager should not automatically guarantee every contractor’s work.
However, the manager may remain responsible for failures within the manager’s own role, such as:
- appointing a contractor without required approval;
- failing to disclose a financial interest;
- ignoring an obvious defect;
- paying an invoice without checking completion;
- failing to collect agreed documentation;
- acting outside the approved budget.
The agreement should preserve available rights against the contractor and require the transfer of relevant warranties, invoices and correspondence to the owner.
### Indemnity Clauses Should Be Specific
An indemnity may require one party to compensate the other for particular losses, claims or liabilities.
Indemnity language should identify:
- the event that activates the indemnity;
- the types of loss covered;
- whether third-party claims are included;
- the procedure for notifying the other party;
- who controls the defence or settlement;
- whether prior consent is required;
- which exclusions apply.
A broad clause requiring one party to indemnify the other against “all losses whatsoever” may not reflect the intended commercial arrangement.
The clause should distinguish between losses arising from:
- the manager’s unauthorised conduct;
- the owner’s instructions;
- property defects;
- guest claims;
- staff claims;
- contractor actions;
- regulatory breaches;
- misuse of funds;
- breach of confidentiality;
- data incidents.
The agreement should also consider whether responsibility should be reduced where both parties contributed to the loss.
### Liability Limitations Should Match the Risk
The parties may consider limitations on certain categories of liability.
These may include:
- a financial cap;
- exclusion of indirect or consequential loss;
- exclusion of losses caused by inaccurate owner information;
- exclusion of events outside the manager’s control;
- specific treatment of lost revenue;
- separate rules for third-party claims.
Any limitation should be drafted carefully and reviewed against applicable law.
The agreement should consider whether the limitation applies to:
- negligence;
- wilful misconduct;
- fraud;
- misuse of owner funds;
- confidentiality breaches;
- unauthorised transactions;
- personal injury;
- damage to third-party property;
- regulatory penalties.
The same limitation may not be appropriate for every category of conduct.
A low general liability cap may provide inadequate protection where the manager controls substantial rental income, booking accounts or sensitive information.
### Insurance Responsibilities Should Be Allocated
The agreement should identify which party is responsible for arranging and maintaining relevant insurance.
Depending on the property and operating model, the parties may need to consider coverage relating to:
- buildings;
- contents;
- public liability;
- property operations;
- employees;
- contractors;
- business interruption;
- guest-related incidents;
- vehicles;
- cyber or data risks.
The agreement should not state that a property is “fully insured” without identifying the actual policies and coverage.
It should address:
- policyholder identity;
- insured property and activities;
- coverage limits;
- exclusions;
- deductibles;
- renewal dates;
- premium payment;
- notification requirements;
- claims procedures;
- access to policy documents.
The existence of insurance does not by itself determine contractual liability.
A loss may fall outside the policy, exceed the coverage limit or be excluded because a required procedure was not followed.
The agreement should therefore coordinate insurance obligations with notification, recordkeeping and risk-allocation clauses.
### Insurance Claims Need a Procedure
The manager may be the first person to discover damage or receive notice of an incident.
The agreement should state whether the manager is authorised or required to:
- secure the property;
- arrange emergency action;
- take photographs;
- collect statements;
- preserve damaged items;
- notify the owner;
- notify the insurer or broker;
- obtain repair quotations;
- assist with claim documents.
The manager should not admit liability, promise compensation or settle an insured claim unless authorised.
Late or incomplete reporting may affect the handling of a claim. The agreement should therefore establish clear internal notification deadlines without assuming that those deadlines replace the requirements of the relevant insurance policy.
### Personal Data and Account Security Create Additional Risk
A property manager may process personal information relating to:
- guests;
- property staff;
- contractors;
- owners;
- payment contacts;
- emergency contacts.
The manager may also control booking accounts, email addresses, payment systems and property-access information.
Indonesia’s Personal Data Protection Law regulates the processing and protection of personal data, including responsibilities concerning security and confidentiality.
The agreement should address:
- permitted use of personal information;
- access controls;
- password security;
- authorised personnel;
- information sharing;
- storage and retention;
- incident reporting;
- deletion or transfer after termination.
The manager should promptly notify the appropriate party of unauthorised access, loss of information or compromise of an important operational account.
Liability for a data incident should reflect the roles of the parties, their control over the relevant system and their compliance with agreed security procedures.
### Events Outside the Parties’ Control Should Be Addressed
A property may be affected by events that neither the owner nor manager can reasonably prevent.
These may include:
- natural disasters;
- serious utility failures;
- government restrictions;
- civil disruption;
- widespread platform outages;
- public-health measures;
- other exceptional events.
The agreement should define how such events affect:
- service obligations;
- guest communication;
- cancellations and refunds;
- emergency expenditure;
- property access;
- reporting;
- management fees;
- termination rights.
A force-majeure clause should not automatically excuse every failure connected to a difficult event.
The affected party should normally be expected to notify the other party, explain the impact and take reasonable steps to reduce further loss where possible.
### Incident Reporting Supports Risk Management
The agreement should require written reporting of material incidents.
An incident report may identify:
- the date and time;
- the persons involved;
- what occurred;
- immediate action taken;
- property or equipment affected;
- injuries or complaints;
- witnesses;
- photographs or supporting evidence;
- notifications made;
- recommended follow-up action.
Incident records help the parties evaluate responsibility, insurance coverage, contractor performance and preventive measures.
A property management agreement cannot remove every operational risk.
It can, however, create a structured system for assigning responsibilities, reporting incidents, maintaining insurance, handling claims and determining which party bears the consequences of particular decisions or failures.
For a Bali villa owner, that structure is essential where another party controls daily operations and interacts with guests, staff, contractors and property systems.