Amended and Restated Prepaid Card Program Manager Agreement by and between the Registrant and Sutton Bank, dated April 1, 2016, as amended on December 21, 2017, September 1, 2018, and August 1, 2020
Exhibit 10.15
CERTAIN CONFIDENTIAL INFORMATION, MARKED BY [***], HAS BEEN EXCLUDED FROM THIS EXHIBIT BECAUSE (I) IT IS NOT MATERIAL AND (II) THE REGISTRANT CUSTOMARILY AND ACTUALLY TREATS THE INFORMATION AS PRIVATE AND CONFIDENTIAL.
CONFIDENTIAL AND PROPRIETARY
EXECUTION COPY
AMENDED AND RESTATED
PREPAID CARD PROGRAM MANAGER AGREEMENT
This Amended and Restated Prepaid Card Program Manager Agreement, including all schedules, exhibits, attachments, appendices and addenda attached hereto (collectively, the “Amended Program Manager Agreement”) is entered into as of April 1, 2016 (the “Effective Date”), by and between Marqeta, Inc., a Delaware corporation, whose address is 6201B Doyle St, Emeryville CA 94608 (“Manager”), and Sutton Bank, an Ohio chartered bank corporation, its subsidiaries and affiliates, whose main address is 1 South Main St. Attica, OH (“Sutton Bank”). It amends and restates the Program Manager Agreement entered into between parties as of October 1, 2011.
WHEREAS, Sutton Bank operates a prepaid card service and is an approved issuer of prepaid cards on the Discover, MasterCard, and Visa Networks;
WHEREAS, Sutton Bank provides services set forth in Exhibit B (the “Sutton Bank Prepaid Card Services”) and the other Program Documents in connection with Card Transactions processed on one or more Networks;
WHEREAS, Manager desires to manage one or more Cards pursuant to one or more Programs, subject to the terms and conditions of the Program Documents;
WHEREAS, Sutton Bank desires to designate Manager as the program manager for such Cards and Programs;
NOW THEREFORE, in consideration of the foregoing promises and the mutual agreements, provisions, covenants and conditions contained in this Amended Program Manager Agreement, Sutton Bank and Manager agree as follows:
ARTICLE I - RULES OF INTERPRETATION; DEFINITIONS
| 1.1 | Certain Interpretive Matters |
As used herein, (i) the terms “include” and “including” are meant to be inclusive and shall be deemed to mean “include without limitation” or “including without limitation”; (ii) the word “or” is disjunctive, but not necessarily exclusive; (iii) references to “dollars” or “$” shall be to United States dollars; (iv) the term “his” applies to both genders; (v) any Article, Section, Subsection, Paragraph or Subparagraph headings contained in this Amended Program Manager Agreement and the Preamble at the beginning of this Amended Program Manager Agreement are for reference purposes only and shall not affect in any way the meaning or interpretation of this Amended Program Manager Agreement (other than with respect to any defined terms contained in the Preamble); (vi) any reference made in this Amended Program Manager Agreement to a statute or statutory provision shall mean such statute or statutory provision as it has been amended
CONFIDENTIAL AND PROPRIETARY
through the date as of which the particular portion of the Amended Program Manager Agreement is to take effect, or to any successor statute or statutory provision relating to the same subject as the statutory provision so referred to in this Amended Program Manager Agreement, and to any then applicable rules or regulations promulgated thereunder, unless otherwise provided; (vii) the words “herein,” “hereof,” “hereunder” and words of like import shall refer to this Amended Program Manager Agreement as a whole (including its Schedules and Exhibits), unless the context clearly indicates to the contrary (for example, that a particular Section, Schedule or Exhibit is the, intended reference); (viii) words used herein in the singular, where the context so permits, shall be deemed to include the plural and vice versa; (ix) a reference in this Amended Program Manager Agreement contemplating certain action by Sutton Bank “after consultation with” or “in consultation with” or “in cooperation with” Manager does not mean that the consent or approval of Manager is required or contemplated in connection with such action; and (x) unless the context otherwise requires or unless otherwise provided herein, the terms defined in this Amended Program Manager Agreement that refer to a particular agreement, instrument or document also refer to and include all renewals, extensions, modifications, amendments and restatements of such agreement, instrument, or document.
| 1.2 | Definitions |
Terms not defined in this Amended Program Manager Agreement shall have the meanings given to them in the applicable Network Rules. Except as otherwise specifically indicated, the following terms shall have the following meanings in this Amended Program Manager Agreement (such meanings to be equally applicable to both the singular and plural forms of the terms defined):
“Activate”, “Activated” or “Activation” means, with respect to a Card, the process separate from funding of the Card by which the Cardholder causes the Card to be usable for Transactions as provided by and subject to the applicable Cardholder Agreement. The Parties acknowledge that two types of Activation may occur with respect to Cards: some Cards may be Activated by Distributors when they are first sold so that the Card may be used for Transactions immediately upon its purchase or distribution, and other Cards may be distributed to Cardholders in an un-activated state and need to be Activated by the Cardholder, usually via telephone or online, each as provided in the Program Due Diligence Application.
“Additional Products” includes any other products and service of Sutton Bank that may be offered to a Cardholder in connection with the Program(s), as mutually agreed upon by the Parties.
“Affiliate” means, with respect to any Person, any other Person that directly or indirectly controls, is controlled by or is under common control with such Person. For the purposes of this definition, “control” means the power to direct the management and policies of a Person, directly or indirectly, whether through the ownership of voting securities, by contract or otherwise; and the terms “common control” and “controlled” have meanings correlative to the foregoing.
“Amended Program Manager Agreement” has the meaning set forth in the Preamble.
“AML” means anti-money laundering.
- 2 -
CONFIDENTIAL AND PROPRIETARY
“Applicable Law” means the (i) Network Rules, (ii) the laws, court opinions, attorney general opinions, rules and regulations of the United States or of any State or the various agencies, departments or administrative or governmental bodies thereof, and any regulatory guidance, determinations of (or agreements with) an arbitrator or Regulatory Authority and directions or instructions from (or agreements with) any arbitrator or Regulatory Authority, as the same may be amended and in effect from time to time during the Term, including, without limitation, (1) the EFTA; (2) the GLBA; (3) the Bank Secrecy Act; (4) federal and state money services business laws; (5) the prohibition against unfair and deceptive trade practices in the Federal Trade Commission Act; (6) state data security laws; and (7) the Telephone Consumer Protection Act; (8) any and all sanctions or regulations enforced by OFAC; (9) statutes or regulations of any State relating to banks, banking, prepaid cards, money transmission or unclaimed property, to the extent applicable to the issuance, sale, authorization or usage of the products and services offered under the Programs or as otherwise applicable to any of the Parties, as all the same may be amended and in effect from time to time during the Term, and (iii) the published policies and procedures of Sutton Bank, as promulgated from time to time by Sutton Bank’s Board of Directors in good faith to ensure the continued safety and soundness of Sutton Bank.
“Applicant” means any Person who submits a completed application for a Card.
“Approved Programs” has the meaning given in Section 2.1.
“Audit Corrective Action Plan” has the meaning given in Section 3.1(O)(v).
“Audit Findings” has the meaning given in Section 3.1(O)(v).
“Auditing Party” has the meaning given in Section 3.1(O)(ii).
“Authorized Users” has the meaning given in Section 3.2(D).
“Bank BSA/AML/OFAC Requirements” has the meaning given in Section 5.4(C).
“Bank Indemnified Parties” has the meaning given in Section 11.1.
“Bank Secrecy Act” or “BSA” means the federal Bank Secrecy Act (12 U.S.C. §§ 1951 el seq.), as amended by the USA Patriot Act or otherwise from time to time, and all regulations thereunder and any successor regulations.
“BIN” means collectively the Bank Identification Number assigned to Bank by Visa, the Interbank Card Association number assigned to Bank by MasterCard, or similar identifier assigned to Bank by other Networks for the purposes of identifying and routing electronic payment transactions.
“BSA/AML/OFAC Procedures” has the meaning set forth in Section 5.4(A).
“Business Day” means any day other than a Saturday, Sunday or legal holiday, on which Sutton Bank is open to the public for carrying on substantially all of its banking functions.
- 3 -
CONFIDENTIAL AND PROPRIETARY
“Breakage” means, with respect to Cardholder-Funded Cards, any Cardholder Funds remaining on the Card upon the earlier to occur of (a) the Card’s expiration date (provided the Cardholder Funds expire on such date per the Cardholder Agreement), or (b) the date the Cardholder Funds are presumed to be abandoned under applicable state unclaimed property laws, to the extent such amounts are not otherwise required to be escheated under state unclaimed property laws pursuant to Section 5.7. With respect to Corporate-Funded Cards, “Breakage” means any Corporate Funds remaining on the Card upon the Card expiration date or the disclosed redemption period for such Corporate Funds, provided the Cardholder Agreement discloses that such funds will revert to the owner of such Corporate Funds following such data, to the extent such amounts are not otherwise required to be escheated under state unclaimed property laws pursuant to Section 5.7.
“Card” means a reloadable or non-reloadable prepaid card or other prepaid access device or number issued by Sutton Bank as a product of Sutton Bank in connection with any Program implemented pursuant to this Amended Program Manager Agreement and under authority from a Network.
“Card Program” means a system of services and features, as mutually agreed by Manager and Sutton Bank, relating to a particular type of Card provided by Manager and Sutton Bank pursuant to this Amended Program Manager Agreement. This Amended Program Manager Agreement contemplates that multiple Card Programs may be offered hereunder.
“Cardholder” means an individual who (i) applies for a Card and is issued a Card or otherwise provided a Card by Sutton Bank, (ii) uses a Card to effect a Transaction, or (iii) purchases or uses any Additional Products offered under the Programs.
“Cardholder Account” means (i) the prepaid account which is associated with a Card, and includes the record of debits and credits with respect to Transactions originated by a Cardholder as detailed on the Processor’s Network, and (ii) such other accounts for Additional Products.
“Cardholder Agreement” means the agreement between Sutton Bank and a Cardholder governing the terms and use of a Card.
“Cardholder Complaint” has the meaning given in Section 5.11(B).
“Cardholder Data” means information that is provided to or obtained by either Party in the performance of its obligations under this Addendum or otherwise regarding Applicants and current or former Cardholders, including without limitation (i) name, postal address, e-mail address, telephone number, date of birth, taxpayer identification numbers, Cardholder Account numbers, security codes, service codes (i.e., the three or four digit number on the magnetic stripe that specifies acceptance requirements and limitations for a magnetic stripe read transaction), valid to and from dates, as well as information and data related to payment instruments and Transactions, or Transactions data using payment instruments and methodologies (e.g., charge, credit, debit, prepaid) and regardless of whether or not a physical card is used in connection with such transactions, demographic data, data generated or created in connection with Cardholder Account processing and maintenance activities, Cardholder Account statementing and Cardholder service, telephone logs and records and other documents and information necessary for the processing and maintenance of Cardholder Accounts, (ii), business name, business address, business tax identification number, and certain information on owner or officer, if the Cardholder is a business, (iii) all “Nonpublic Personal Information” and “Personally Identifiable Financial Information” (as defined in 12 C.F.R. §§ 573.3(n) and (o), respectively), and, (iv) with respect to the disposal of such information, any record containing “Consumer Information,” as that term is defined in the regulations implementing 15 U.S.C. § 1681.
- 4 -
CONFIDENTIAL AND PROPRIETARY
“Cardholder Funds” means the funds provided by or on behalf of the Cardholder in connection with a requested Load to the Cardholder’s Card and that are legally owed to or owned by the cardholder.
“Cardholder-Funded Card” means a card funded solely with Cardholder Funds.
“Claim” means any and all threats, actions, demands, investigations, proceedings, claims, counterclaims, defenses, or allegations (whether formal or informal, individual or in a representative capacity) made by or on behalf of any Person, including the other Party, any consumer, Cardholder, Regulatory Authority, Network and any attorney general, district attorney or other law enforcement authority, that would not have arisen but for the Program. The term includes disputes based upon contract, tort, consumer rights, fraud and other intentional torts, constitution, statute, regulation, ordinance, common law and equity (including any claim for injunctive or declaratory relief) and includes disputes based on alleged violations of any Applicable Law.
“Client” means a business customer of Manager’s that retains Manager to issue Cards for use by Client’s employees, customers, enrollees, subscribers and/or members (collectively, the “Client Customers”), and that sells or distributes such Cards to the Client Customers as Manager’s agent.
“Complaint Summary” has the meaning given in Section 5.11(D)
“Complaints” has the meaning set forth in Section 5.11(D).
“Compliance Counsel” has the meaning set forth in Section 5.2.
“Confidential Information” has the meaning set forth in Section 8.2.
“Corporate Funded Card” means a card funded solely with Corporate Funds that are not legally owed to or owned by the Cardholder.
“Corporate Funds” means all funds received by Sutton Bank on or on behalf of and owned by a business in connection with and/or for crediting to a Corporate Funded Card.
“Corrective Action Plan Deadline” has the meaning set forth in Section 3.1(O)(v).
“Critical Services” shall mean services that (i) require a third party to access, store, transmit or process Cardholder Data in connection with the Program, (ii) involve significant bank functions or other activities that could cause Sutton Bank to face significant risk if the third party fails to meet expectations, (iii) could have significant customer impacts, or (iv) could have a major impact on Sutton Bank operations if Sutton Bank has to find an alternate third party or if the outsourced activity has to be brought in-house.
- 5 -
CONFIDENTIAL AND PROPRIETARY
“Criticism” has the meaning set forth in Section 5.11(A).
“Customer Identifying Information” means, collectively, the name, address(es), email address(es), telephone number(s), cell phone number(s), date of birth, and Social Security Number or Tax Identification Number of each Applicant or Cardholder.
“Discover” means DFS Services LLC and its successors and assigns.
“Distribution and Service Agreement” means the written agreement between Manager and a Distributor (and, if applicable, Sutton Bank) pursuant to the provisions of this Amended Program Manager Agreement.
“Distributor” means any marketer, seller of goods and/or services, or other business that has executed a Distribution and Service Agreement to distribute Cards under a Program. For avoidance of doubt, a “Distributor” does not include a Marketer who solely markets but does not distribute or service Cards under a Program.
“Effective Date” has the meaning set forth in the Preamble.
“EFTA” means the Electronic Fund Transfer Act (15 U.S.C. §§ 1693, et seq.) and Regulation E thereunder (12 C.F.R. Part 1005), each as may be amended from time to time.
“Executive Complaints” means (i) any complaint received by a Party from any Network or the Better Business Bureau relating to the Programs and (ii) any material written complaints received by or elevated to senior management of any Party relating to the Programs other than a Regulatory Communication.
“FDIC” means the Federal Deposit Insurance Corporation.
“FFIEC” means the Federal Financial Institutions Examination Council.
“FFIEC Handbook” has the meaning set forth in Section 6.6(A).
“Financial Information” has the meaning set forth in Section 4.1(D).
“FinCEN” means the Financial Crimes Enforcement Network.
“Funding Account” has the meaning set forth in Section 3.1(K).
“GLBA” means, collectively, the Gramm-Leach-Bliley Act, 15 U.S.C. §§ 6801, et. seq., the Privacy Regulations, and the standards for safeguarding customer information set forth in 12 C.F.R. Part 1016 and 16 C.F.R. Part 314 or such corresponding regulations as are applicable to the Programs and the Parties.
“IDTP” has the meaning given in Section 5.8.
“Independent Sales Organization” means a third party service provider sponsored by Sutton Bank pursuant to the Network Rules.
- 6 -
CONFIDENTIAL AND PROPRIETARY
“Information Security Requirements” has the meaning set forth in Section 8.1(F).
“Initial Term” has the meaning set forth in Section 10.1(A).
“Intellectual Property” has the meaning set forth in Section 3.1(H).
“Interchange” means the revenue paid to Sutton Bank by acquiring financial institutions for Transactions, as established by a Network.
“Legal Documents” has the meaning given in Section 5.11(C).
“Load”, “Loaded” or “Loading” means the process of adding Cardholder Funds or Corporate Funds to a Card at the time such Card is Activated or subsequent thereto, including but not limited to, by way of (i) third party load programs, such as Green Dot MoneyPak, (ii) point-of-sale “swipe” transactions, or (iii) corporate or Card transfers via a web portal or otherwise.
“Load Failure” means circumstances in which any Load amount intended to be made on a Card is not received by Sutton Bank.
“Losses” means any and all actual losses, assessments, damages, indemnities, liabilities, obligations, deficiencies, adjustments, judgments, settlements, dispositions, awards, offsets, penalties, fines and interest, and reasonable attorneys’, accountants’ and experts’ fees and expenses, including any such fees and expenses incurred in any investigations, proceedings, counterclaims, defenses or appeals that could reasonably result in incurring or avoiding any Losses.
“Manager” has the meaning set forth in the Preamble.
“Manager Contractors” has the meaning set forth in Section 11.1(D).
“Manager Indemnified Parties” has the meaning set forth in Section 11.3.
“Manager’s System” has the meaning set forth in Section 3.2(D).
“Mark” means the service marks, trademarks and copyrights of Manager, the Networks, or Sutton Bank, including the names and other distinctive marks or logos, which identify Manager, the Networks, or Sutton Bank, respectively.
“Marketer” means any marketer, seller of goods and/or services, or other business that has executed a Marketing Agreement with Manager solely to assist in the development of Marketing Materials and Marketing Campaigns in connection with a Program or to enable its branding to be marketed in connection with a Program and to not distribute or service Cards under a Program. For avoidance of doubt, a “Marketer” does not include a Person who, at the direction of a Marketer, merely posts advertising or provides Marketing Materials developed by Marketer to potential Cardholders, provided such Person is affiliated with the Marketer through common ownership or control, a franchising relationship with the Marketer, or such other arrangement described in the approved Program Due Diligence Application for a Program.
- 7 -
CONFIDENTIAL AND PROPRIETARY
“Marketing Agreement” means the written agreement between Manager and a Marketer pursuant to the provisions of this Amended Program Manager Agreement.
“Marketing Campaigns” means all marketing methods intended to generate requests for the Cards by targeting a population using specific advertising mediums, such as Internet marketing, blogging, tweeting, e-mailing, texting, direct mail marketing, telemarketing, radio or television commercial airtime, print advertising, billboard advertising, or other recognized methods of selling goods or services or acquiring sales leads.
“Marketing Materials” shall mean all media of any kind or nature, including without limitation, email solicitation messages, published advertising (such as newspaper and magazine advertisements), Internet media, Card art, Card carriers, Card displays, Facebook/MySpace posts, blogs, tweets, texts, banner ads, RSS feeds, telemarketing scripts, television or radio advertisements, brochures, postcards, posters, direct mailings, signage, frequently asked questions, interview or public speaking scripts and talking points, sales materials, and press releases intended for public dissemination or to promote, advertise and/or market a Program.
“MasterCard” means MasterCard International Incorporated and its successors and assigns.
“Merchant” has the meaning set forth in Section 3.1(L).
“Merchant Rewards Account” has the meaning set forth in Section 3.1(L).
“[***]” means [***].
“MSB” means the Money Services Business.
“NACHA” means the National Automated Clearing House Association and its successors and assigns.
“Network” means any Discover, NACHA, Visa, MasterCard, or any other card association or payment network selected by Bank and agreed to by Manager for the Settlement of Transactions contemplated by this Amended Program Manager Agreement.
“Network Rules” means the bylaws, operating rules and regulations of any applicable Network, including the PCI-DSS.
“OFAC’ means the United States Department of Treasury’s Office of Foreign Assets Control.
“Party” or “Parties” means, as applicable, Manager and/or Sutton Bank.
“PCI-DSS’ means the Payment Card Industry Data Security Standards established and implemented by the various payment card associations.
- 8 -
CONFIDENTIAL AND PROPRIETARY
“Person” means any legal person, including any individual, corporation, limited liability company, partnership, joint venture, association, joint-stock company, trust, unincorporated organization, governmental entity or other entity of any nature.
“Prepaid Access Rule” has the meaning given in Section 5.4(B).
“Privacy Notices” means all privacy policy disclosure statements required by Applicable Law, including without limit GLBA, in connection with the use of any Cardholder Data by Sutton Bank or Manager, any of Sutton Bank’s or Manager’s Affiliates or any third party engaged by Manager or Sutton Bank.
“Privacy Regulations” means those regulations or related interagency guidelines promulgated by federal Regulatory Authorities implementing Title V of GLBA.
“Processing Services” means those Services performed by Manager which are necessary to issue Cards and process Transactions in accordance with Applicable Law.
“Processor” means Manager solely in connection with providing Processing Services for Cards that are issued under this Amended Program Manager Agreement. Manager agrees that Manager shall provide the Processing Services for the Programs pursuant to the terms of this Amended Program Manager Agreement executed between Sutton Bank and Manager.
“Program” means a system of services approved by Sutton Bank under which a Cardholder may utilize a Card to conduct Transactions pursuant to the Cardholder Agreement. The Parties acknowledge that multiple Programs may exist under this Amended Program Manager Agreement based on meaningful differences, including but not limited to, Card terms and functionality, distribution locations, and Cardholder characteristics. All Programs shall be subject to the terms hereof and the prior written approval of Sutton Bank.
“Program Accounts” means the various deposit accounts established by Sutton Bank for purposes of facilitating the flow of funds, receiving Program reserve amounts, Cardholder Funds and Corporate Funds and the payment of Settlement Transactions to the Network.
“Program Documents” means all agreements and documents between Sutton Bank or Manager and any Network relating to each Program, including without limitation any issuer agreements or issuer processor agreements, as applicable, license agreements, Network Rules, operating regulations, trademark guidelines, dispute rules, technical specifications, issuer fee schedules, and all product guides, documents, rules and procedures incorporated herein or therein, together with all documents, rules and procedures of any Network that are applicable to a Program.
“Program Due Diligence Application” means a description and explanation of the parameters and features of a Program using the application provided by Sutton Bank, together with any accompanying exhibits or schedules.
“Program Fraud” has the meaning given in Section 3.1(N)(ii).
- 9 -
CONFIDENTIAL AND PROPRIETARY
“Program Materials” means all written and electronic materials relating to each Program utilized by Manager, including, but not limited to, Marketing Materials, training materials, policies and procedures, including without limitation, Cardholder Agreements, Cardholder service letters, any website established by Manager in connection with the Programs, customer service scripts, interactive voice response messaging, any information, notices or disclosures relating to Cards provided to Cardholders, including, but not limited to, Privacy Notices, error-resolution notices, change-in-terms notices, and disclosures required by the EFTA, and documents and any material amendments or updates thereto.
“Program Records” has the meaning given in Section 3.1(P)(i).
“Program Revenues” means all income derived from a Cardholder’s use of a Card or participation in a Program, including but not limited to, [***].
“Program Schedule” means a written addendum to this Amended Program Manager Agreement, substantially in the form attached hereto as Schedule 2.1 and executed by each Party, which sets forth the Parties’ respective duties and obligations with respect to a particular Card Program.
“Regulatory Authority” means any federal, state or local governmental, regulatory or self-regulatory authority, agency, court, tribunal, commission or other entity having jurisdiction over Sutton Bank, Manager or the Programs, including, but not limited to, the Office of the Comptroller of the Currency, FDIC, Federal Reserve, Federal Trade Commission, and Consumer Financial Protection Bureau. It may also include, as the circumstances dictate, any non-U.S. authority having or exercising jurisdiction related to the issuance, sale, authorization or usage of the Cards, Programs or services provided under this Amended Program Manager Agreement.
“Regulatory Communication” means all communications from any Regulatory Authority concerning the Programs.
“Renewal Term” has the meaning set forth in Section 10.1(A).
“Response to Audit Letter” has the meaning given in Section 3.1(O)(v).
“SEC” means the U.S. Securities and Exchange Commission.
“Security Contact” has the meaning set forth in Section 9.4.
“Security Guidelines” means the Interagency Guidelines Establishing Standards for Safeguarding Customer Information, the FFIEC Information Technology Examination Handbook, PCI-DSS, Section 501 of GLBA and any other guidance or directives issued by a Regulatory Authority or Networks pertaining to the security of Cardholder Data.
“Security Program” has the meaning set forth in Section 9.1.
“Sensitive Customer Information” has the meaning set forth in Section 8.1(E).
“Services” means those services specifically described in Exhibit D and otherwise described in this Amended Program Manager Agreement.
- 10 -
CONFIDENTIAL AND PROPRIETARY
“Settle” and “Settlement” mean the movement of funds tendered for or Loaded to Cards among Sutton Bank, other financial institutions and the Networks in accordance with Applicable Law to settle Transactions on such Cards.
“SSAE” has the meaning given in Section 9.2.
“Standard Terms” has the meaning set forth in Section 6.1(D).
“Successor Bank” has the meaning set forth in Section 10.5(A).
“Sutton Bank” has the meaning set forth in the Preamble.
“Switchover Date” has the meaning set forth in Section 10.5(C).
“Term” has the meaning set forth in Section 10.1.
“Third Party Service Provider” means a service provider which Manager utilizes to provide Critical Services in connection with the Program(s ).
“Transaction” means using a Card to do any of the following: (i) make a purchase or otherwise make a payment to or for the benefit of a third party; or (ii) obtain a credit for a previous purchase; (iii) make a cash withdrawal at an automated teller machine, bank teller or via other means; (iv) to transfer value to another Card or account; (v) to Load funds to a Card, or (vi) without duplication of any of the foregoing, any other transaction involving use of a Card.
“Transaction Fee” means a fee charged in connection with the sale of a Card. The amount of the Transaction Fee applied to each Card will vary depending on the particular Card, and shall be calculated by Manager in accordance with a pricing schedule approved by Sutton Bank. For purposes of clarity, a Transaction Fee is charged at the time a Card is sold.
“Visa” means Visa U.S.A. Inc. and its successors and assigns.
“Wind Down Period” means the period from the date of termination or expiration of the Amended Program Manager Agreement through the date that the Parties have completed the Wind-Down Plan for the Programs entirely pursuant to Section 10.5.
“Wind-Down Plan” has the meaning set forth in Section 10.5(C).
ARTICLE II - MANAGER’S ROLE; INCORPORATION OF AND COMPLIANCE WITH PROGRAM DOCUMENTS
| 2.1 | Manager’s Role |
Manager and Sutton Bank acknowledge that Manager is providing services with respect to the Prepaid Card Programs developed by Manager that have been reviewed and approved by Sutton Bank and for which Sutton Bank has approved Manager to provide the services described in this Amended Program Manager Agreement (each as specifically identified by Program description on Schedule 2.1 hereto, as the same may be amended from time to time) (the
- 11 -
CONFIDENTIAL AND PROPRIETARY
“Approved Programs”) as an agent and representative of Sutton Bank, who has primary responsibility for each Program’s compliance with Applicable Law and the Program Documents. Notwithstanding the foregoing, Manager acknowledges that (i) it will comply with the Program Documents as such are provided to Manager by Sutton Bank; (ii) it has received and thoroughly examined the Program Documents as provided by Sutton Bank, and (ii) each Card Transaction that Manager or Sutton Bank sends to or receives from any Network constitutes Manager’s ratification of the Program Documents, as then in effect and provided to Manager by Sutton Bank.
| 2.2 | Operating Regulations |
Manager acknowledges that as a “permitted Agent” of Sutton Bank, the terms of the Network Rules governing an issuer’s relationship with the applicable Network also govern Manager’s relationship with the applicable Network, to the extent applicable, including, for: cardholder obligations, responsibility for fraud, collections and other risks, data security, indemnity and liability, and confidentiality. Manager represents that it has read, agreed and will comply with all terms of the applicable Network Rules, including the foregoing specifically identified provisions as such are provided to Manager by Sutton Bank.
| 2.3 | General |
Sutton Bank and Manager hereby each acknowledge and agree that (a) Sutton Bank has established the Programs; (b) except as otherwise expressly provided in this Amended Program Manager Agreement, Sutton Bank shall have full control and continued oversight over the Programs, including without limitation all policies, activities and decisions with respect to each Program; (c) the products and services offered under the Programs pursuant to this Amended Program Manager Agreement are products of Sutton Bank; and (d) Manager shall serve as Sutton Bank’s administrator and servicer for the Programs, to which Sutton Bank has delegated specific responsibilities relating to the marketing and servicing of the Programs, including the marketing and sale of the Cards.
| 2.4 | Bank Determination of Applicable Law |
As between Sutton Bank and Manager with respect to each of their respective rights and obligations under this Amended Program Manager Agreement, to the extent there is a dispute between Sutton Bank and Manager with respect to the applicability of certain provisions of the Network Rules or Applicable Laws to one or more Program(s), Sutton Bank shall have the sole and exclusive right to determine (i) which of the Network Rules, Federal, State and local laws, court opinions, attorney general opinions, rules and regulations, and regulatory guidance, regulatory determinations of (or agreements with) or written directions of any arbitrator or Regulatory Authority, and modifications thereto, apply to each Program or the Parties hereto and thus are Applicable Laws; (ii) how such Applicable Laws apply to each Program; and (iii) how and to what extent pending, settled or decided lawsuits or enforcement actions affecting Sutton Bank or any other company, and legal and regulatory developments and trends, should be addressed in each Program; provided, however, that in making such determinations, Sutton Bank shall consult with Manager, shall exercise reasonable and professional judgment, and shall consult with legal counsel as appropriate. Notwithstanding the forgoing, Manager is expected and required to comply with all Applicable Laws that apply to Manager and the performance of its obligations under this Amended Program Manager Agreement.
- 12 -
CONFIDENTIAL AND PROPRIETARY
| 2.5 | Manager’s Right to Offer Programs; Statutory Authority of Regulatory Authority |
Sutton Bank grants Manager the right to offer the Programs on behalf of Sutton Bank, and hereby appoints Manager as Sutton Bank’s agent for the sole and limited purpose of providing the services described herein with respect to the Programs. As an authorized delegate and representative of Sutton Bank, Manager acknowledges and agrees to the following:
(A) any Regulatory Authority has and shall have the statutory authority to regulate, examine and initiate an enforcement action against Manager with respect to the activities performed by Manager as agent or representative of Sutton Bank;
(B) Sutton Bank and Manager, in its capacity as Sutton Bank’s authorized delegate and representative, are both subject to control and supervision by the appropriate Regulatory Authority;
(C) the Regulatory Authority may require both Sutton Bank and Manager, in its capacity as Sutton Bank’s authorized delegate and representative, to (and, if required, the Parties shall) submit periodic reports to the Regulatory Authority;
(D) the Regulatory Authority may require the Parties to (and, if required, the Parties shall) modify the terms of this Amended Program Manager Agreement or terminate Sutton Bank’s relationship with Manager at any time; and
(E) the Regulatory Authority may institute any other requirements or conditions that the Regulatory Authority deems appropriate for a particular purpose in connection with this Amended Program Manager Agreement and the rights and responsibilities set forth herein, in which case the Parties agree to comply with such requirements or conditions.
ARTICLE III - PARTIES’ RESPONSIBILITIES
| 3.1 | Manager’s Responsibilities |
As Sutton Bank’s agent and representative. Manager will develop, promote, market and sell, and operate Approved Programs on Sutton Bank’s behalf in accordance with this Amended Program Manager Agreement and the Program Documents, In addition, Manager further agrees to do the following:
(A) Execution of Agreements. It is Manager’s responsibility to execute any and all necessary agreements with (i) Clients that will be distributing or selling the Cards or distributing any of the Sutton Bank Prepaid Card Services; and (ii) any of Sutton Bank’s Networks.
(B) Due Diligence.
(i) Program Due Diligence Application. Manager will complete a Program Due Diligence Application for each Program proposed to be offered under this Amended Program Manager Agreement and will submit such Program Due Diligence Application in advance to Bank for Bank’s prior written approval. Manager shall ensure that each Program is offered in accordance with the Program Due Diligence Application approved by Sutton Bank. Sutton Bank shall have the right to conduct a risk assessment for each Program, which may include an assessment of any features of any Program product.
- 13 -
CONFIDENTIAL AND PROPRIETARY
(ii) Client Due Diligence. Manager acknowledges that prior to signing or authorizing any Client to sell or distribute Cards hereunder, each Client must be subject to Manager’s and Sutton Bank’s reasonable due diligence, and be approved by Sutton Bank, which approval will not be unreasonably withheld.
(C) Marketing. Manager will use its commercially reasonable efforts to market the Approved Program(s) to prospective Cardholders and to maximize sales and distribution of the related Cards on behalf of Sutton Bank, in compliance with applicable Network Rules. There shall be no limitation on the customer base to which the Approved Program(s) are marketed. Manager will also ensure that (1) the design of each Card meets the applicable Network’s design specifications, (2) Card terms and conditions, the Cardholder Agreement, packaging, point-of- sale display materials and any other associated materials comply with all requirements of the Program Documents and, where required, are approved by Sutton Bank, (3) all communications which display a Network’s name, logo, bug or marks are pre-approved by that Network, and (4) all Card shipping and storage practices comply with applicable Network Rules, including but not limited to card inventory management controls.. Manager further agrees that the services it provides hereunder shall be of professional quality and in accordance with industry standards and practices. Manager shall be responsible for the conduct and active monitoring and training of its employees, sales representatives, sales offices and agents with respect to all aspects of Manager’s performance under this Amended Program Manager Agreement and the Programs, including without limitation their respective compliance with this Amended Program Manager Agreement and Applicable Law.
(D) Background Checks and Employee Responsibility. Without limiting the Manger’s obligations in Section 3.1 (C), Manager shall (a) conduct background checks on each of its employees engaged in providing the Services on Manager’s behalf, (b) provide to Sutton Bank, upon Sutton Bank’s request, the name, signature, and, if available under Applicable Law, Social Security Number or similar government-issued identifying number, of each Manager employee and sales representative, and maintain such information for a period of three (3) years after the end of any such employee’s employment for any reason, and (c) comply with the provisions of Section 19 of the Federal Deposit Insurance Act, as amended by the Financial Institutions Reform, Recovery, and Enforcement Act of 1989 (12 U.S.C. § 1829). Manager shall be liable for all actions or failure to act by such employees. Manager shall exercise commercially reasonable efforts to promptly rectify any non-compliant activity or other activity that, in Sutton Bank’s commercially reasonable discretion, could cause harm to Sutton Bank’s reputation or business. In the event an employee or potential employee’s background check does not meet the standards of the Act cited in this Section 3.1(D), Manager may consult with Sutton Bank to determine if an exception is allowable under Sutton Bank’s “Employment Guidelines” or similar policies or procedures.
(E) Manager Training. Manager shall provide appropriate training for its officers, employees, agents and representatives with respect to their duties, if any, related to the Program, and shall appropriately supervise all such Persons. Sutton Bank shall have the right to (a) periodically review and audit Manager’s training program to ensure Manager’s compliance with Sutton Bank’s training program and (b) at the request of Sutton Bank, monitor and participate in any such training program.
- 14 -
CONFIDENTIAL AND PROPRIETARY
(F) New Approved Programs. Manager must obtain Sutton Bank’s prior approval to serve as program manager for each Program. Manager will submit a Program Due Diligence Application Form, attached hereto as Exhibit A, for each proposed Program for which Manager and Sutton Bank wish Manager to serve as the program manager. Sutton Bank will respond to each Program Due Diligence Application Form submitted by Manager within [***] of receipt. If the Program Due Diligence Application Form is approved and accepted by Sutton Bank, Schedule 2.1 to this Amended Program Manager Agreement will be amended to include such Program as an Approved Program. Upon Sutton Bank and Manager’s agreement to offer a Program to prospective Cardholders, Manager shall develop a marketing program to promote Cards to prospective Cardholders and Sutton Bank shall issue Cards within a designated BIN range assigned by the applicable Network for the Program.
(G) Program Modifications. Manager may suggest changes to a Program or the Cardholder Agreements, Program Materials, Marketing Campaigns, or Program Due Diligence Application at any time, subject to the prior written consent of Sutton Bank. Manager shall be responsible for all costs associated with any such changes suggested by Manager and approved by Sutton Bank. Changes to a Program or the Cardholder Agreements, Program Materials, Marketing Campaigns, or Program Due Diligence Application, including a determination that certain Program Materials or Marketing Campaigns are no longer authorized, may be made by Sutton Bank upon [***] notice to Manager, provided, however, that such notice shall not be required if such change (i) is appropriate to respond to any concern from a Regulatory Authority, (ii) is necessary in order to cause the Program to remain in compliance with Applicable Law, or (iii) is necessary to alleviate safety and soundness concerns or manage risk for Sutton Bank in connection with the Program and providing [***]prior notice is not feasible, in which case Sutton Bank shall provide notice as soon as commercially practicable. Sutton Bank shall take commercially reasonable steps to prevent undue expense for Manager when changing any Cardholder Agreements, Program Materials and Marketing Campaigns that are already in production. Unless otherwise mutually agreed upon by the Parties, upon Manager’s receipt of written notice from Sutton Bank of any such changes to a Program or Program Documents or the Cardholder Agreements, Program Materials, Marketing Campaigns, or Program Due Diligence Applications or receipt of new Program Documents, Manager shall implement such changes as soon as commercially practicable but in no event later than [***] from Manager’s receipt of notice of such change, determination or new Program Document. Alternatively, if the modification would result in a materially adverse change to one or more Programs or if the modification would require Manager to devote significant resources, significantly amend material agreements or incur significant cost and expense, Manager shall provide Sutton Bank with notice and reasonable detail of Manager’s concerns. Promptly following Sutton Bank’s receipt of such notice, the Parties shall meet in good faith to resolve Manager’s concerns in a mutually agreeable manner. If the Parties are unable to so resolve Managers concerns within [***] of Sutton Bank’s receipt of such notice, Manager may elect to terminate the affected Program or Programs or transition such Program or Programs to a Successor Bank, upon prior written notice to Sutton Bank and subject to the provisions for such termination or transition as provided in Section 10.5. Manager shall take all actions deemed necessary by Sutton Bank, in Sutton Bank’s commercially reasonable discretion, taking into account any legally-binding effective date with respect to any change in Applicable
- 15 -
CONFIDENTIAL AND PROPRIETARY
Law and the legal, compliance and reputation risks to the Parties, to implement the modification and/or terminate the affected Program(s) in the manner and time period specified by Sutton Bank. Sutton Bank may seek specific performance under this Section. Manager shall bear all reasonable costs related to any changes requested by Sutton Bank pursuant to the circumstances set forth in clauses (i), (ii) or (iii) of this Section 3.1(G).
(H) Intellectual Property. Sutton Bank agrees that all intellectual or proprietary property supplied or developed by Manager associated with any proposed Program and/or Approved Program, including, inventions, trade secrets, processes, business models, methods of doing business, know-how, works of authorship, copy, artwork, designs, software, code, and other material, and all patents, trademarks, service marks, trade names and logos, copyrights, trade secrets, moral rights, and other intellectual property and proprietary rights therein (hereinafter collectively referred to as the “Intellectual Property”) and information (including, without limitation, any Confidential Information as defined herein), shall be and remain the sole and exclusive property of Manager. For the avoidance of doubt, nothing in this Amended Program Manager Agreement constitutes a work for hire agreement, and nothing in this Amended Program Manager Agreement constitutes an agreement by a Manager to assign or otherwise convey title to any Intellectual Property. Notwithstanding the foregoing. Manager hereby grants Sutton Bank a limited, royalty-free, non-exclusive, non-transferable license to use such Intellectual Property solely as necessary to provide the Sutton Bank Prepaid Card Services.
(I) Obligation of Manager to Provide Information. Manager must provide reports of Program activity to Sutton Bank in a mutually agreed electronic format.
(J) Sales and Settlement. All funds received from customers in connection with the loading and reloading of value on Cards shall be handled in accordance with the terms of the Program Documents and this Amended Program Manager Agreement (Manager acknowledges and agrees that the requirements under the Program Documents shall supersede any conflicting obligations or restrictions in this Amended Program Manager Agreement); provided that Manager agrees that all such funds shall be held on behalf of Cardholders and as provided in the Program Documents and the Cardholder Agreement and Manager shall ensure (and cause all Clients to ensure) that no claims, liens nor any actions of ownership or possession of such funds will be permitted by any party other than the Manager, Cardholder, the Networks or Sutton Bank.
(K) Maintenance of Funding Accounts at Sutton Bank. A Funding Account is defined as a Program Account consisting of a demand deposit account to hold adequate funds to cover the amounts owing to Cardholders as determined by Manager and in accordance with Program Documents. Sutton Bank shall, at all times during the duration of this Amended Program Manager Agreement, establish and maintain a separate Funding Account for each Program. Manager will assist Sutton Bank in establishing the Funding Accounts. Sutton Bank will notify the Manager of the account numbers and any other information necessary for the Manager to transfer funds to such accounts.
- 16 -
CONFIDENTIAL AND PROPRIETARY
(L) Merchant Payments to Sutton Bank. A Merchant is defined as a customer of Manager that provides funds to Cardholder accounts for rewards, promotional, incentive, loyalty and other similar purposes, in accordance with the applicable Approved Program. From time to time Manager shall cause its Merchants, by timely, irrevocable wire transfer, to deposit into the appropriate Merchant Rewards Account held at Sutton Bank adequate funds to cover the amounts owing to Cardholders as determined by the Manager and its Merchants. The total liability to Cardholder for a given program is equal to the sum of the Funding Account and the Merchant Rewards account. Manager agrees that any funds deposited in the Funding Accounts and Merchant Rewards Accounts shall be for the sole purpose of satisfying claims on the Funding Accounts as provided in this Amended Program Manager Agreement and the applicable Approved Program.
(M) [***]
(N) Fraud Monitoring, Recovery and Liability.
(i) Fraud Monitoring. Manager shall monitor usage of Program products and services by Cardholders, and the provision of Program products and services by Distributors, to track, review and report on fraudulent use of Program products and services, and the Parties shall cooperate to reduce fraud. Manager also shall adopt such fraud monitoring practices in accordance with Sutton Bank’s internal procedures (as provided to Manager by Sutton Bank from time to time), standard industry practices and any Applicable Laws, as such industry practices or Applicable Laws may change over time. Manager shall provide to Sutton Bank a summary report of findings from Manager’s fraud monitoring upon request.
(ii) Fraud Reporting. Each Party shall immediately notify the other Party if a Party (or, in the case of Manager, any of its Distributors or Third Party Service Providers) become aware of any attempt by any Person to obtain or use a Card by fraud, including, but not limited to, value Load fraud, provisional credit fraud, unauthorized Card use, under floor limit processing, merchant fraud, or fraud committed by an employee of Manager or any of its Distributors or Third Party Service Providers (“Program Fraud”).
(iii) Fraud Investigation and Recovery. Manager shall cooperate fully with Sutton Bank and engage in any commercially reasonable efforts to locate and prosecute the perpetrator of any Program Fraud, and shall bear the costs of such efforts. In the event Sutton Bank has reasonable suspicion to believe that Program Fraud is taking place, Sutton Bank may in its sole discretion: (a) require Manager to halt the sale of Cards and/or Loads of Cards within a particular Card distribution channel or channels, (b) block the BIN associated with a specific Program offering or offerings, (c) freeze or suspend the suspicious Card Transactions, and (d) freeze or suspend any additional use of the remaining Cardholder Funds on such Cards, to the extent the actions described in clauses (a) through (d) above are in compliance with Applicable Law.
(iv) Liability for Fraud. Manager agrees that it shall be responsible for and liable to Sutton Bank for all expenses associated with and any losses attributable to Program Fraud, unless such expenses and losses were proximately caused by the negligence or willful misconduct of Sutton Bank. Manager shall reimburse Sutton Bank for any losses and expenses associated with Program Fraud within [***] of receiving written notice by Sutton Bank of such Program Fraud.
- 17 -
CONFIDENTIAL AND PROPRIETARY
(O) Program Audits and Examination Cooperation.
(i) Manager Audit Plans. Manager shall establish and maintain an internal audit plan for the Programs and its obligations under this Amended Program Manager Agreement as approved by the audit committee of Manager’s Board of Directors. Manager shall also establish and maintain an audit plan applicable to each Distributor’s, Marketer’s and Third Party Service Provider’s compliance with Applicable Laws in the performance of their obligations related to the Programs, and the Distribution and Service Agreements, the Marketing Agreements and Third Party Service Provider agreements, as applicable. Manager shall provide a copy of its audit plans to Sutton Bank, and shall respond in good faith to address any concerns raised by Sutton Bank, including with respect to the frequency, content and scope of the audits. Without limiting the foregoing, Sutton Bank may require that Manager perform an audit of any specified Distributor or Third Party Service Provider, pursuant to an audit plan and scope acceptable to Sutton Bank in its commercially reasonable discretion. Manager shall submit a written audit report to Sutton Bank in connection with each audit, and provide Sutton Bank with any additional information requested with respect to any material issues of concern identified in the audit or by Sutton Bank. Manager warrants that, as of the date of the submission of each such audit report to Sutton Bank that, to the best of Manager’s knowledge, such report is true, correct, complete, and not misleading. Upon Manager’s determination that any information contained in any such audit report is materially incorrect, incomplete or misleading in any way, Manager shall promptly notify Sutton Bank of the same.
(ii) Program Audits. Manager agrees at its sole cost that Sutton Bank, its authorized representatives and agents, and any Regulatory Authority or Network (“Auditing Party”) shall have the right, at any time during normal business hours and upon reasonable prior written notice, or at any other time required by Applicable Law or by a Regulatory Authority, to inspect, audit, and examine all of Manager’s facilities, records, personnel, books, accounts, data, reports, papers and computer records relating to the activities contemplated by this Amended Program Manager Agreement including, but not limited to, financial records and reports, the Security Program, associated audit reports, summaries of test results or equivalent measures taken by Manager and/or any Third Party Service Provider to ensure that the Security Programs meet the objectives of the Security Guidelines in accordance with Applicable Law and this Amended Program Manager Agreement and that Manager is otherwise in compliance with the terms of this Amended Program Manager Agreement and Applicable Law. Manager shall, and shall contractually require its Distributors and Third Party Service Providers to, make all such facilities, records, personnel, books, accounts, data, reports, papers, and computer records available to the Auditing Party for the purpose of conducting such inspections and audits, and the Auditing Party shall have the right to make copies and abstracts from Manager’s or a Distributor’s or Third Party Service Provider’s books, accounts, data, reports, papers, and computer records directly pertaining to the subject matter of this Amended Program Manager Agreement.
(iii) BSA/AML/OFAC Audits. Sutton Bank, or a third party selected by Sutton Bank may conduct a complete audit of Manager’s compliance with Manager’s approved BSA/AML/OFAC Procedures, which shall include, without limitation, a review of
- 18 -
CONFIDENTIAL AND PROPRIETARY
Manager’s compliance with Sutton Bank’s policies and procedures in place with respect to identifying the number of sales of Cards at any one Distributor location in one day, limiting the number of Cards activated by any one individual with the same social security number, limiting the number of Cards activated by individuals at any one physical address, and limiting the Loads to each Card. Manager will be responsible for all of the cost of these BSA/AML/OFAC audits.
(iv) Manager Cooperation. Manager agrees to cooperate, and shall contractually require all Distributors, Marketers and Third Party Service Providers to cooperate, with any examination, inquiry, audit, information request, site visit or the like, which may be required by any Regulatory Authority or Network with audit examination or supervisory authority over Sutton Bank, to the fullest extent requested by such Regulatory Authority, Network or Sutton Bank. Manager shall also provide to Sutton Bank any information which may be required by any Regulatory Authority or Network in connection with their audit or review of Sutton Bank or any Program and shall reasonably cooperate with such Regulatory Authority or Network in connection with any audit or review of Sutton Bank or any Program. Manager shall also provide, at its sole cost and expense, such other information as Sutton Bank, Regulatory Authorities or Network may from time to time reasonably request with respect to the financial condition of Manager and such other information as Sutton Bank may from time to time reasonably request with respect to third parties who have contracted with Manager relating to or in connection with this Amended Program Manager Agreement.
(v) Corrective Action Plans. Manager shall prepare a written response to Sutton Bank (a “Response to Audit Letter”) to all criticisms, recommendations, deficiencies, and violations of Applicable Law identified in reviews conducted by Sutton Bank, any Regulatory Authority or Network (“Audit Findings”). The Response to Audit Letter shall be delivered to Sutton Bank within [***] of Manager’s receipt of such Audit Findings, unless directed otherwise by a Regulatory Authority or a Network. The Response to Audit Letter shall include, at a minimum, a detailed discussion of the following:
(a) the planned corrective action to address the Audit Findings (“Audit Corrective Action Plan”);
(b) employee(s) of Manager tasked to remedy the Audit Findings;
(c) remedial actions proposed to be directed to current or past Cardholders negatively impacted by the Audit Findings (provided no such action shall be taken without express written approval from Sutton Bank);
(d) steps to be taken to prevent any recurrence of the Audit Findings;
(e) a specific timeframe, not to exceed [***], unless otherwise approved by Sutton Bank in advance, to implement the Audit Corrective Action Plan (“Corrective Action Plan Deadline”);
- 19 -
CONFIDENTIAL AND PROPRIETARY
(f) documentation evidencing that the Audit Corrective Action Plan has been implemented;
(g) if additional time is needed to implement the Audit Corrective Action Plan or deviations from the Audit Corrective Action Plan are necessary, a written request shall be submitted to Sutton Bank detailing the extenuating circumstances that necessitate an extension of the Corrective Action Plan Deadline and such extension request shall be subject to the reasonable approval of Sutton Bank; and
(h) identification of any Audit Findings disputed by Manager or where corrective action is not possible or necessary, supported by a detailed explanation of Manager’s position.
(P) Recordkeeping and Reporting.
(i) Recordkeeping. Unless otherwise agreed, Manager will keep, or cause to be kept, current and accurate records relating to each Program, including, but not limited to: (a) the identity of each Cardholder and the steps taken to verify such identity, if applicable to the Program; (b) all information received by Processor in each daily Settlement file; and (c) other information as may be required by Applicable Law (“Program Records”). With respect to each Card, Manager shall retain all Program Records for the time period required by Applicable Law, and in any event, for no less than five (5) years after the termination of any Cardholder Agreement or Program, whichever is later.
(ii) Reports and Access to Program Records. Sutton Bank shall be provided with access to any Program Records and any other information and documents it reasonably requests from time to time from Manager or any Distributor, Marketer or Third Party Service Provider retained by Manager with regard to any activity contemplated by or relating to this Amended Program Manager Agreement, and such information shall be provided in accordance with Sutton Bank’s specifications and requirements, including, but not limited to, the timeframe and format in which such information and documents must be provided. Manager shall ensure that it has ready access to all Program Records, including those maintained by its Distributors and Third Party Service Providers, in order to comply with any request from Sutton Bank pursuant to this Section.
(iii) All Program Records generated by Manager and its Third Party Service Providers in connection with the Program(s) shall be the property of Sutton Bank, subject to each Party’s (or a Marketer’s or Distributor’s) ownership interest in Joint Cardholder Data as defined in Section 7.1.
| 3.2 | Sutton Bank Responsibilities |
In addition to any other obligations of Sutton Bank set forth in this Amended Program Manager Agreement:
- 20 -
CONFIDENTIAL AND PROPRIETARY
(A) Sutton Prepaid Card Services. Sutton Bank shall be responsible for providing the Sutton Prepaid Card Services.
(B) Sutton Bank System Security. Sutton Bank shall implement and will comply with its security procedures designed to (i) prevent unauthorized access to Sutton Bank’s systems through computer hardware and software systems which are owned or controlled by Sutton Bank, and (ii) prevent unauthorized access to or use of Sutton Bank’s systems by Sutton Bank’s current and former personnel. When on site at Manager’s premises, Sutton Bank personnel shall observe and adhere to Manager’s policies and procedures generally applicable to visitors of Manager’s premises as provided to Sutton Bank by Manager.
(C) Sutton Bank Personnel. Sutton Bank shall be responsible for any acts or omissions of Sutton Bank employees, subcontractors and authorized agents acting with Sutton Bank’s authorization on Sutton Bank’s behalf, which, if performed by Sutton Bank, would constitute a breach of this Amended Program Manager Agreement. For the avoidance of doubt, Sutton Bank shall in no way be responsible for the acts or omissions of Manager or its employees, subcontractors, authorized agents, Distributors, Marketers or Third Party Service Providers.
(D) System Access. Sutton Bank acknowledges that it may receive access to Manager’s system, network components, or electronic databases (“Manager’s System”) in order to monitor Program activity. In such event, Sutton Bank will be responsible for the administration of Sutton Bank’s access to Manager’s System as follows:
(i) Sutton Bank will provide Manager with the names and contact information of the Sutton Bank employees who are authorized to access the Manager’s system in order to monitor Program activity (“Authorized Users”);
(ii) Sutton Bank will instruct Manager to disable access to Manager’s System for terminated Authorized Users or Authorized Users who no longer have a need to access Manager’s System; and
(iii) Sutton Bank will comply with Manager’s reasonable and industry standard security procedures provided to Sutton Bank with respect to maintaining secure access to Manager’s System.
(E) Notices of Changes. Except as such is limited by Applicable Law or the actions or requirements of a Regulatory Authority, Sutton Bank shall notify Manager as far as reasonably possible in advance of any: (a) change in the name or form of business organization of Sutton Bank or change in the location of its chief executive office; or (b) any material adverse change in Sutton Bank’s financial condition or operations that might materially and adversely affect Sutton Bank’s ability to perform its obligations under this Amended Program Manager Agreement.
(F) Notice of Proceedings. Except as such is limited by Applicable Law or the actions or requirements of a Regulatory Authority, Sutton Bank shall promptly notify Manager of any action, suit, litigation, proceeding, consent order, directive, sanction, facts and circumstances, and of all tax deficiencies and other proceedings before governmental bodies or officials, including any Regulatory Authority, affecting Sutton Bank, and the threat of reasonable prospect of same, which (i) relate to a Program or this Amended Program Manager Agreement, (ii) might give rise to any indemnification obligation pursuant to Article XI or (iii) might materially and adversely affect Sutton Bank’s ability to perform its obligations under this Amended Program Manager Agreement.
- 21 -
CONFIDENTIAL AND PROPRIETARY
(G) Sutton Bank’s Capitalization. Sutton Bank shall use reasonable efforts to (i) maintain sufficient capital to support its deposits and assets and (ii) remain a well-capitalized institution, as defined under the prompt corrective actions provisions of the Federal Deposit Insurance Act, 12 U.S.C. § 1831o and 12 C.F.R. Part 6.
(H) True and Correct Information. Sutton Bank covenants that all information furnished by Sutton Bank to Manager for purposes of or in connection with this Amended Program Manager Agreement shall be, to the best of Sutton Bank’s knowledge, as of the date provided, true and correct in all material respects and does not omit any material fact necessary to make the information so furnished not misleading. Except as disclosed to Manager, there is no fact known to Sutton Bank (including threatened or pending litigation) that is reasonably likely to materially and adversely affect the financial condition, business, property, or prospects of Sutton Bank.
(I) Cooperation. Sutton Bank covenants that it shall use commercially reasonable efforts to cooperate with Manager in the operation of the Programs and its obligations under the Amended Program Manager Agreement, including in respect of the settlement of disputes with Cardholders.
(J) Sutton Bank shall promptly notify Manager in writing in the event that Sutton Bank, together with its Affiliates, accumulates in excess of [***] in assets at any given date.
ARTICLE IV - REPRESENTATIONS AND WARRANTIES
| 4.1 | Manager Representations and Warranties |
Manager represents and warrants to Sutton Bank, as of the Effective Date, as follows:
(A) Existence. Manager is duly organized, validly existing and in good standing under the laws of the state of Delaware, and has its principal office in Emeryville, California.
(B) Authority. Manager has the corporate: and legal authority and power to enter into this Amended Program Manager Agreement and to perform the obligations set forth in the Program Documents.
(C) Ownership; No Infringement. Manager owns, has licensed, or otherwise has the right to use any trademarks, service marks, patents and other intellectual property necessary for it to use in the operation of each Approved Program referenced herein, and to the best of Manager’s knowledge any such use will not infringe upon the rights of any third party.
(D) Accuracy of Financial Information. Manager has delivered to Sutton Bank complete and accurate copies of its balance sheets and related statements of income and cash flows. All financial statements and information that have been furnished to Sutton Bank are accurate in all material respects and fairly represent, in all material respects, (i) the financial condition of Manager, including contingent liabilities of every type, which financial condition has not changed
- 22 -
CONFIDENTIAL AND PROPRIETARY
materially or adversely as of the date of this Amended Program Manager Agreement, and (ii) the terms, conditions and other information related to Manager’s Programs, which terms, conditions and other information has not changed materially or adversely as of the date of this Amended Program Manager Agreement. Additionally, Manager agrees to provide Sutton Bank, within [***] of Sutton Bank’s request therefor, with copies of Manager’s then-most current annual audited and/or interim unaudited financial statements, prepared in accordance with the requirements of the immediately preceding sentence, and such information concerning Manager’s Programs as Sutton Bank may request. The financial statements, terms, conditions and other information referred to in this Section 4.1(D) are referred to collectively as the “Financial Information.”
(E) Claims and Litigation. Neither Manager nor any of its Affiliates is the subject of any litigation, infringement, or enforcement action, and to the knowledge of Manager, neither manager nor any of its Affiliates is the subject of any investigation by any Person or governmental body which, if determined adversely to Manager or the Affiliate, would have a material adverse effect on (i) the business, financial condition or operations of Manager, or (ii) the ability of Manager to operate each Approved Program referenced herein, or (iii) the ability of Manager to perform its obligations under the Program Documents. Neither Manager nor any Affiliate or principal of Manager has been or is subject to (i) any criminal conviction (other than for minor traffic offenses and other petty offenses), (ii) any unpaid federal or state tax lien, (iii) administrative or enforcement proceedings commenced by the Securities and Exchange Commission, any state securities regulatory authority, the Federal Trade Commission, any federal or state banking regulator or any other federal or state regulatory agency, or (iv) any restraining order, decree, injunction or judgment in any proceeding or lawsuit alleging fraud or deceptive practice on the part of Manager or any principal or Affiliate of Manager. For the purposes of this Section 4.1(E), the term “principal” includes (i) any Person who directly or indirectly owns ten percent (10%) or more of Manager, (ii) any officer or director of Manager, and (iii) any Person actively participating in the control of Manager’s business.
(F) Consents. Manager has obtained all material licenses, consents or permissions needed from any applicable governing authority or other Person to perform, its duties set forth in the Program Documents and this Amended Program Manager Agreement.
(G) Compliance. Manager adheres to all applicable Applicable Law, and has completed and implemented an anti-money laundering compliance program, a copy of which has been provided to Sutton Bank.
(H) Resources. Manager has and will maintain all staffing, operational, and financial resources that are necessary or appropriate to perform its obligations under this Amended Program Manager Agreement and its agreements with Client(s).
| 4.2 | Sutton Bank Representations and Warranties |
Sutton Bank represents and warrants to Manager, as of the Effective Date, as follows:
- 23 -
CONFIDENTIAL AND PROPRIETARY
(A) Organization and Qualification. Sutton Bank is a state chartered bank duly organized, validly existing and in good standing under the laws of the state of Ohio. Sutton Bank is duly qualified and in good standing to do business in all jurisdictions where such qualification is necessary for it to carry out its obligations under this Amended Program Manager Agreement, except where the failure to so qualify would not have a material adverse effect on Sutton Bank’s business, or where the failure to so qualify would not have a material adverse effect on Manager’s or Sutton Bank’s ability to continue operation of the Programs. Sutton Bank is (i) a member in good standing with each Network necessary to the operation of the Programs, and (ii) is in good standing with each Regulatory Authority with jurisdiction over it, including the Federal Deposit Insurance Corporation.
(B) Corporate Authority.
(i) Corporate Power. Sutton Bank has all necessary corporate power and authority to enter into this Amended Program Manager Agreement and to perform all of the obligations to be performed by it under this Amended Program Manager Agreement.
(ii) Authorization. This Amended Program Manager Agreement has been duly authorized by all necessary proceedings, has been duly executed and delivered by Sutton Bank and is a valid and legally binding agreement of Sutton Bank duly enforceable in accordance with its terms (except as such enforcement may be limited by bankruptcy, insolvency, reorganization, moratorium and other laws relating to or affecting creditors’ rights generally and by general equity principles).
(iii) Approvals. No consent, approval, authorization, order, registration or qualification of or with any court or Regulatory Authority or other governmental body having jurisdiction over Sutton Bank is required for, and the absence of which would materially adversely affect, the legal and valid execution and delivery of this Amended Program Manager Agreement, and the performance of the transactions contemplated by this Amended Program Manager Agreement.
(iv) No Conflicts. The execution and delivery of this Amended Program Manager Agreement by Sutton Bank hereunder and the compliance by Sutton Bank with all provisions of this Amended Program Manager Agreement shall not: (i) conflict with, result in the breach of, constitute a default under or accelerate, terminate, modify or cancel or require any notice or consent under any agreement, contract, lease, license, instrument or other arrangement to which Sutton Bank is a party or by which it is bound or to which any of its assets is subject, except for such violations, conflicts, breaches, defaults, accelerations, terminations or modifications that would not have a material adverse effect on its ability to fulfill its obligations under this Amended Program Manager Agreement; or (ii) violate the charter, bylaws, or any other equivalent organizational document of Sutton Bank.
(C) Litigation. There is no pending, nor to the knowledge of Sutton Bank, threatened, suit, action, arbitration or other proceedings of a legal, administrative or regulatory nature, or any governmental investigation, against Sutton Bank or any of its Affiliates or any officer, director or employee which has not been previously disclosed to Manager in writing and which would materially and adversely affect Sutton Bank’s financial condition or Sutton Bank’s ability to perform its obligations under this Amended Program Manager Agreement.
- 24 -
CONFIDENTIAL AND PROPRIETARY
(D) Sutton Bank Marks. Sutton Bank has the legal right to use and to permit Manager to use, to the extent set forth herein, the Sutton Bank Marks.
(E) Intellectual Property Rights. In the event Sutton Bank provides any software or hardware to Manager, Sutton Bank has the legal right to such software or hardware and the right to permit Manager to use such software or hardware, and such use shall not violate any intellectual property rights of any third party.
(F) FDIC Insurance. Sutton Bank’s deposits are insured by the Federal Deposit Insurance Corporation to the full extent permitted by and available under Applicable Law, and no proceeding has been instituted to revoke such insurance.
ARTICLE V - PROGRAM COMPLIANCE
| 5.1 | Compliance with Applicable Law |
Each Party acknowledges and agrees that it shall comply with Applicable Law in the performance of its obligations under this Amended Program Manager Agreement. Manager agrees that it shall contractually obligate its Distributors, Marketers and Third Party Service Providers to comply with Applicable Law in the performance any services provided in connection with the Program. Sutton Bank may, if directed by a Regulatory Authority or for continued non compliance terminate this Amended Program Manager Agreement by giving written notice of termination to Manager, in which case the date of termination shall be as set forth in such notice.
| 5.2 | Compliance Counsel |
Sutton Bank may exercise its discretion to obtain legal counsel (“Compliance Counsel”) with expertise in the field of payment instruments to assist Sutton Bank in reviewing, and to advise Sutton Bank with regard to, the compliance with all Applicable Law, and all Program Materials, policies, procedures and guidelines pertaining to the Program. Such Compliance Counsel shall be employed solely by Sutton Bank and retained in that capacity so long as Sutton Bank deems advisable. Manager shall promptly reimburse Sutton Bank for such Compliance Counsel’s actual fees and disbursements for the review and advice beginning after such Compliance Counsel has provided [***] of billable time so advising Sutton Bank, as provided in this Section 5.2, upon presentation by Sutton Bank of statements therefore setting forth such fees and disbursements in reasonable detail; provided, however, that Sutton Bank will notify Manager prior to beginning any individual project or matter after the Effective Date if Sutton Bank believes that the fees and disbursements for such individual project or matter will exceed [***].
| 5.3 | Operating Policies and Procedures |
Each Party shall develop written policies and procedures associated with fulfilling its responsibilities and obligations contained herein and required by Applicable Law.
- 25 -
CONFIDENTIAL AND PROPRIETARY
| 5.4 | BSA/AML/OFAC Compliance |
(A) Manager’s BSA/AML/OFAC Procedures. Manager shall comply with the applicable provisions of the Bank Secrecy Act (“BSA”) and shall implement the comprehensive Bank Secrecy Act, customer identification, AML, OFAC program (the “BSA/AML/OFAC Procedures”) approved by Sutton Bank from time to time, designed specifically to address the BSA/AML/OFAC risks associated with each Program. Manager shall maintain the BSA/AML/OFAC Procedures, and such other compliance measures, including a system of internal controls, to ensure ongoing compliance with the Bank Secrecy Act, independent annual testing of the BSA/AML/OFAC Procedures, the designation of an individual or individuals responsible for coordinating and monitoring the BSA/AML/OFAC Procedures and periodic training of appropriate personnel. Manager and Sutton Bank shall coordinate complete reviews of the BSA/AML/OFAC Procedures and any other BSA/AML/OFAC guidelines of Manager as it relates to the Programs at least annually, and more frequently when new enforcement trends, regulatory guidance, or changes to Applicable Law suggest that such reviews are advisable in Sutton Bank’s reasonable determination.
(B) Provider of Prepaid Access. Manager shall ensure that each Distributor and Third Party Service Provider shall register as a money services business (MSB) as and to the extent required by Applicable Law, including, but not limited to, 31 CFR Parts 1010 and 1022 (“Prepaid Access Rule”). Regardless of whether Manager is required to register as a provider of prepaid access, Manager shall further ensure that Manager and any Distributors deemed to be “sellers” of prepaid access (as defined by the Prepaid Access Rule) comply with the Prepaid Access Rule, the BSA and any other applicable regulations promulgated by FinCEN, including, but not limited to, ensuring that Manager and all sellers of prepaid access comply with suspicious activity reporting, currency transaction reporting, anti-money laundering, and sales monitoring requirements, and maintain all records required under the Prepaid Access Rule and other Applicable Laws. Manager shall promptly accomplish all acts necessary to comply with FinCEN obligations under the Prepaid Access Rule, and shall indemnify and hold Sutton Bank harmless from any fines, penalties or sanctions of any nature resulting from Manager’s not complying with the rule.
(C) Bank BSA/AML/OFAC Requirements. Manager shall further comply with any requirements established by Sutton Bank and provided to Manager to ensure BSA/AML/OFAC compliance by Sutton Bank (“Bank BSA/AML/OFAC Requirements”), as the same may be amended from time to time by Sutton Bank. At a minimum, the Bank BSA/AML/OFAC Requirements include the following:
(i) prior to Activation, with respect to Programs that establish an ongoing relationship with a Cardholder or allow for re-Loads or cash withdrawals, Manager shall obtain, record and verify customer identification information regarding each such Cardholder in accordance with Applicable Law, and shall be responsible for ensuring that each such Cardholder meets Sutton Bank’s Customer Identification Program as required by Applicable Law and the Bank BSA/AML/OFAC Requirements;
(ii) Manager shall comply with all OFAC regulations, including, but not limited to: (1) ensuring that all Cardholders are screened prior to activation of a Card and periodically thereafter as required by Applicable Law through a screening system implemented to comply with OFAC regulations and the Bank BSA/AML/OFAC Requirements, and (2) complying with all OFAC and Sutton Bank directives regarding the prohibition or rejection of unlicensed trade and financial transactions with OFAC specified countries, entities and individuals; and (iii) Manager shall monitor the usage of products
- 26 -
CONFIDENTIAL AND PROPRIETARY
and services offered under each Program to track, review and report any suspicious activity in accordance with Applicable Law and the Bank BSA/AML/OFAC Requirements, including, but not limited to, all obligations to report such suspicious activity to Sutton Bank in accordance with applicable timeframes contained within the Bank BSA/AML/OFAC Requirements, or take such other actions as shall be requested from time to time by Sutton Bank.
(D) To the extent any of Manager’s obligations under this Section are performed by a third party, such third party shall be considered a Third Party Service Provider.
| 5.5 | Disclosure of Key Card Terms |
The Parties understand that the fees and substantive terms associated with a Card should be readily available for review by any Person inquiring about a Card. Each Party shall take commercially reasonable steps to ensure that prospective Cardholders have an opportunity to review the Cardholder Agreement if they desire to do so prior to submitting an application for a Card. Manager shall also ensure that customer service representatives and Manager staff and its Distributors are knowledgeable of the fees and substantive terms of each Program. The Parties shall each ensure that the Cardholder Agreement is available on any website administered by the respective Party to support a Program. Manager shall also clearly and conspicuously disclose to the Cardholder and any Applicant for a Card any dormancy fee that may be assessed each Card, how often such fees may be assessed, the conditions under which a fee may be assessed and that such fee may be assessed for inactivity.
| 5.6 | Privacy Notices |
Sutton Bank will prepare and approve a Privacy Notice to be provided to Cardholders on behalf of Sutton Bank that meets Sutton Bank’s privacy policy and otherwise reflects the terms of this Amended Program Manager Agreement related to ownership and use of Cardholder Data, including Customer Identifying Information, and Manager shall be responsible for providing this Privacy Notice to each Cardholder at Manager’s expense in accordance with Applicable Law, including providing the Privacy Notice in any foreign language through which Cardholders are being solicited via Sutton Bank approved Marketing Materials. In addition, Manager is responsible for preparing and delivering, at its expense, any Privacy Notice that Manager is separately required to provide to Persons under Applicable Law. Manager may choose to support the technological and disclosure requirements necessary to permit the electronic delivery of disclosures upon Cardholder consent consistent with Applicable Law, subject to Sutton Bank’s prior written approval.
| 5.7 | Escheat |
Manager shall provide escheat recordkeeping services on Sutton Bank’s behalf for the Programs in compliance with all state unclaimed property laws. Sutton Bank shall remit such unclaimed funds to the appropriate jurisdiction as required under Applicable Law. Manager shall be solely liable for any costs and fines related to any challenge by any Regulatory Authority with respect to escheat or unclaimed property laws, regardless of whether such cost is incurred by or such fines are assessed to Sutton Bank or Manager unless such challenge is related to Sutton Bank’s failure to remit to the appropriate jurisdiction any unclaimed funds following the receipt of accurate records from Manager. Manager shall be liable to Sutton Bank for any amounts claimed by states under unclaimed property laws that represent Breakage that has been previously paid to Manager by Sutton Bank.
- 27 -
CONFIDENTIAL AND PROPRIETARY
| 5.8 | Identity Theft Prevention Program (“IDTP”) |
Manager shall develop and implement an IDTP designed to detect, prevent, and mitigate identity theft in connection with the Programs. The IDTP shall be designed to comply with the provisions of 12 CFR 334.90-334.91 and 571.90-571.91 as well as the Interagency Guidelines on Identity Theft Detection, Prevention, and Mitigation set forth at Appendix J to 12 CFR Part 334. Manager shall submit the proposed IDTP to Sutton Bank for its prior review and approval.
| 5.9 | Unlawful Gambling |
Manager shall adopt policies and procedures to reasonably identify and block transactions related to participation of a Cardholder in illegal internet gambling as provided by the Unlawful Gambling Enforcement Act of 2006 and Regulation GG.
| 5.10 | Regulation E Compliance (12 C.F.R. 1005) |
Manager shall adopt policies and procedures to ensure that neither Manager nor any Distributor, Marketer or Third Party Service Provider participating in the Program markets, labels, displays or otherwise makes, represents or suggests to the public that a Card is or may be used as a “gift card” or “gift certificate” as such terms are defined by 12 C.F.R. 1005.20 if such Cards were not intended for gifting purposes pursuant to the Program Due Diligence Application approved by Sutton Bank. Manager shall further ensure that all Cards that may be re-Loaded are extended the same protections under Regulation E as are available to payroll card accounts (as that term is defined by Regulation E).
| 5.11 | Criticisms, Complaints and Legal Actions |
(A) Receipt of Criticism. In the event that a Party receives criticism or complaint in a Regulatory Communication or report of examination or in a related document or specific oral communication from, or is subject to formal or informal supervisory action by, or enters into an agreement with any Regulatory Authority or any Network with respect to any matter whatsoever relating to (including omissions therefrom) the Programs (any such event a “Criticism”), such Party, as applicable, shall advise the other Party in writing of the Criticism received within [***] of receipt and share with the other Party relevant portions of any written documentation, or for oral communications, provide a detailed summary in writing, received from the relevant Regulatory Authority or Network, as applicable, to the extent not specifically prohibited by Applicable Law or the Regulatory Authority or Network. Following receipt of such Criticism, the Parties shall in good faith consult as to the appropriate action to be taken to address such Criticism. Manager shall take all actions deemed necessary by Sutton Bank, in its commercially reasonable discretion, to address the Criticism in the manner and time period specified by Sutton Bank. In the event the Criticism relates to the Programs and any such Criticism requires a written response to any Regulatory Authority with jurisdiction over Sutton Bank, Sutton Bank shall have final approval over the form and content of such response. Sutton Bank may seek specific performance under this Section. In the event the Criticism is directed only to Manager or is from a Regulatory Authority with jurisdiction over Manager, Manager shall have final approval over the form and content of any response required to any Regulatory Authority after consulting in good faith with Sutton Bank.
- 28 -
CONFIDENTIAL AND PROPRIETARY
(B) Complaints and Resolution.
(i) All complaints received by a Party from a Cardholder relating to a Card or its use (“Cardholder Complaint”) that are material shall be promptly (i) reported to the other Party, and (ii) promptly addressed and resolved by Manager in accordance with Applicable Law and Manager’s complaint procedures; which procedures must be approved in advance by Sutton Bank.
(ii) Upon request, Manager agrees to promptly advise Sutton Bank of the results of any investigation relating to a Cardholder Complaint and provide an audit trail of information pertinent to the matter, all within any timeframes required by Applicable Law, but in no event later than [***] after notice of the Cardholder Complaint. The audit trail of information shall be sufficiently detailed to allow Sutton Bank to fully respond to a Regulatory Authority if such Regulatory Authority inquiries about a Cardholder Complaint.
(iii) Each shall provide the other Party with notice and copies of any Executive Complaint within [***] of receipt of such Executive Complaint. Manager shall promptly investigate each Executive Complaint and any similar complaints received by Sutton Bank that are forwarded to Manager and propose an appropriate response. Manager and Sutton Bank shall jointly approve the final responses for all Executive Complaints.
(C) Legal Actions and Requests. Each Party shall promptly notify the other Party of any legal action brought by a third party that may have a material effect on the Program(s). Each Party shall further provide the other Party with prompt notice and copies of all subpoenas, levies, garnishments or other legal requests received by the Party which require the assistance of the other Party in order to provide an accurate response, or which otherwise have a material effect on the Program(s), whether from a governmental authority, Regulatory Authority, private attorney, court or otherwise, relating to a Cardholder, a Card, a Program or this Amended Program Manager Agreement (“Legal Documents”). Either Party shall provide any assistance reasonably requested by the other Party in order to timely meet the response deadline of any Legal Document.
(D) Records of Program Complaints and Responses. Manager shall catalog and maintain copies of all Criticisms, Regulatory Communications, Legal Documents, Executive Complaints and Cardholder Complaints received by Manager (collectively, “Complaints”), and responses thereto for the period required by Applicable Law or such longer period as specified by Sutton Bank in a written notice to Manager. Manager shall provide Sutton Bank with a quarterly summary of all Complaints in the form and manner determined by or acceptable to Sutton Bank (each, a “Complaint Summary”). Sutton Bank (i) shall have access at all times to pending and closed Complaints and responses, and (ii) in Sutton Bank’s sole discretion, may audit a reasonable number of such Complaints.
- 29 -
CONFIDENTIAL AND PROPRIETARY
| 5.12 | Manager State and Federal Licensing and Registration Requirements |
Manager shall obtain and maintain, and shall ensure that each Distributor and Third Party Service Provider obtains and maintains, all licenses, registrations, permits and approvals necessary to perform their respective obligations in connection with the Programs in compliance with Applicable Law, including without limitation any state money transmitter licenses. In addition, Manager shall ensure that each Distributor and Third Party Service Provider shall register as a money services business (MSB) as and to the extent required by federal law. For purposes of compliance with state money transmitter licensing laws, Manager shall ensure that each Distributor is either (i) sponsored by Manager as an authorized delegate pursuant to appropriate agency agreements with Manager, or (ii) is appropriately licensed as a money transmitter or check seller or registered as a money services business, as applicable, to the extent required by federal or state money services business, money transmitter or sale of checks laws or the Bank Secrecy Act.
| 5.13 | Network Membership/Registration |
Sutton Bank shall (i) remain a member in good standing in the Networks associated with the Programs marketed by Manager on behalf of Sutton Bank, (ii) provide such BINs and similar identifiers necessary in conjunction with such products and services, (iii) register Manager with the Network(s) as a third-party provider (e.g., an Independent Sales Organization with Visa or as a Member Service Provider with MasterCard); (iv) timely pay all normal fees, dues and assessments associated with its membership, and (v) abide in all material respects with the Network Rules. Manager shall fully comply with the terms of any documents and agreements executed with any Network. Manager and Sutton Bank shall deliver to each other, within [***] of receipt, a copy of all notices or correspondence (other than Confidential Information) received from the Networks relating to the Programs marketed by Manager on behalf of Sutton Bank unless such communication is time-sensitive, in which case, such communication shall be delivered as soon as reasonably practicable.
| 5.14 | Network Obligations |
Each Party shall take all actions as may be reasonably required from time to time by any Network in connection with maintaining the Programs’ compliance with the Network Rules. Additionally, (i) Manager shall be responsible for all fees, charges, fines, penalties or other costs assessed from time to time by any Network in connection with any Program related to Manager’s acts or omissions, and, if such fees, charges, fines, penalties or other costs are paid by Sutton Bank, then Manager shall reimburse Sutton Bank for all such amounts, and (ii) Sutton Bank shall be responsible for all fees, charges, fines, penalties or other costs assessed from time to time by any Network in connection with any Program related to Sutton Bank’s acts or omissions, and, if such fees, charges, fines, penalties or other costs are paid by Manager, then Sutton Bank shall reimburse Manager for all such amounts.
- 30 -
CONFIDENTIAL AND PROPRIETARY
| 5.15 | FDIC Pass-Through Coverage |
With respect to all Cards eligible for pass-through federal deposit insurance coverage, Sutton Bank shall structure the Program Accounts in which Cardholder Funds and Corporate funds are deposited in a manner sufficient to afford Cardholder Funds and Corporate Funds the benefits of pass-through federal deposit insurance coverage under Federal Deposit Insurance Corporation regulations, including taking steps to maintain the Sutton Bank’s books and records in a manner that reflects that such Program Accounts and the Cardholder Funds contained therein are held in a fiduciary capacity on behalf of the relevant Cardholders. Manager shall maintain books and records of Cardholders and Cardholder Funds balances so as to permit the Cardholder Funds on deposit in the applicable Program Accounts to qualify for pass-through federal deposit insurance coverage. In the event the Cardholder Funds in the applicable Program Accounts are no longer eligible for pass-through federal deposit insurance coverage due to a change in Applicable Law or a directive from a Regulatory Authority, Sutton Bank will promptly notify Manager of same.
ARTICLE VI - DISTRIBUTOR, MARKETER AND THIRD PARTY SERVICE PROVIDER AGREEMENTS
| 6.1 | Development of Distributor and Marketer Group |
(A) New Distributor and Marketer Selection. Subject to this Article VI, Manager may from time to time select new Distributors and Marketers to participate in the Programs, following which Manager shall enter into Distribution and Service Agreements with such Distributors and a Marketing Agreement with such Marketers. Manager is hereby authorized to enter into agreements with each Distributor and Marketer which set forth the terms by which such Distributors and Marketers shall be compensated for its marketing and sale of Cards, as applicable. Manager shall be responsible for administering the business relationships with its Distributors and Marketers.
(B) Distributor Approval. No Distributor may participate in the Programs as a Distributor unless: (i) Sutton Bank approves the Distributor’s application; and (ii) Manager and the Distributor (and if applicable, Sutton Bank) execute a Distribution and Service Agreement with Standard Terms that have been approved by Sutton Bank pursuant to Section 6.1(C).
(C) Marketer Approval. Manager shall be entitled to retain Marketers to market the Programs provided that: (i) each such Marketer meets the underwriting guidelines mutually agreed upon by the Parties, as may be amended from time to time; and (ii) Manager and the Marketer execute a Marketing Agreement with Standard Terms that have been approved by Sutton Bank pursuant to Section 6.1(D).
(D) Distributor and Marketing Agreements. Manager will provide to Sutton Bank the following standard terms to be incorporated into its Distribution and Service Agreements and Marketing Agreements for Sutton Bank’s review and approval prior to use: confidentiality and data security obligations, settlement obligations, compliance obligations, Card security obligations, and obligations to obtain Sutton Bank approval for Programs and marketing materials and cooperate in Sutton Bank audits, as and to the extent applicable to Distributors or Marketers (the “Standard Terms”). Any material deviations from the Standard Terms shall require the prior written consent of Sutton Bank, and any such modifications to any Standard Terms after it has been executed by the Distributor or Marketer must be approved by Sutton Bank, such approval shall not be unreasonably withheld or conditioned, and Manager and Sutton Bank agree that it shall not be unreasonable for Sutton Bank to refuse a deviation from the Standard Terms or modification to the Standard Terms of an existing Distribution and Service Agreement or
- 31 -
CONFIDENTIAL AND PROPRIETARY
Marketing Agreement if Sutton Bank determines in its commercially reasonable judgment that such deviation or modification could expose Sutton Bank to legal or reputational risk, risk of lawsuit or regulatory action, or otherwise would be inconsistent with Sutton Bank’s risk policies. Manager shall provide to Sutton Bank copies of all executed Distribution and Service Agreements and Marketing Agreements, including all amendments, supplements and modifications thereof, promptly upon Sutton Bank’s written or e-mail request.
| 6.2 | Third Party Service Provider Agreement and Approval and Processing Services |
A Third Party Service Provider shall not provide services for the Programs unless such Third Party Service Provider is approved by Sutton Bank, nor shall Manager permit or direct a Third Party Service Provider to integrate or communicate with any other third party to provide Critical Services in connection with the Program(s) (with the exception of the Third Party Service Provider’s customary subcontracting relationships maintained in the ordinary course of business) without Sutton Bank’s prior written approval. Manager shall notify Sutton Bank in writing of any changes in Third Party Service Providers at least [***] prior to entering into a contractual relationship with a new Third Party Service Provider and at least [***] days (or such shorter time or promptly following termination in the event of termination for cause) prior to terminating any contractual relationship with any existing Third Party Service Provider. No material change in the scope of responsibilities of an approved Third Party Service Provider agreement may be made without Sutton Bank’s prior written approval. For avoidance of doubt, except for Distributers, Marketers and Third Party Service Providers providing Critical Services in connection with this Amended Program Manager Agreement, Manager may engage a third party to assist Manager in performing its obligations hereunder without obtaining Sutton Bank’s approval, provided Manager enters into a written agreement with such third party and provides Sutton Bank with the names and services performed by such third parties, as and to the extent reasonably requested by Sutton Bank from time to time.
(A) Processing Services. Manager shall provide to designated Sutton Bank personnel training on Processor’s systems to access all Program information and reports on Processor’s system relating to the Programs, subject to compliance with Manager’s network access and security policies and procedures. Notwithstanding anything to the contrary contained in this Amended Program Manager Agreement, Sutton Bank shall have the right (but not the obligation), at any time following a material breach by Processor or direction from a Regulatory Authority, to assume responsibility for the Processing Services and to perform through another third party designated by Sutton Bank, all services in connection therewith. Any third party and documented fees and expenses reasonably incurred by Sutton Bank in good faith in connection with the exercise of its rights set forth in this Section shall be paid by the Manager and Sutton Bank shall [***]. Notwithstanding the foregoing, if Sutton Bank exercises its right to assume the responsibility for the Processing Services, Manager shall have the right to terminate this Amended Program Manager Agreement pursuant to Article X.
(B) Approval of Assumption of Responsibilities by Manager or its Affiliates. In the event that Manager or any of Manager’s Affiliates chooses to perform any of the functions that, as of the time of such choice or the Effective Date of this Amended Program Manager Agreement (whichever is later), are being performed by any other Third Party Service Provider, Manager or such Affiliate, as applicable, must be approved by Sutton Bank, which approval shall not be unreasonably withheld, and must enter into an appropriate agreement with Sutton Bank to provide such services.
- 32 -
CONFIDENTIAL AND PROPRIETARY
| 6.3 | Changes to Agreements |
Sutton Bank may in its commercially reasonable discretion require that Manager modify the Standard Terms in any Distribution and Service Agreement, or Third Party Service Provider agreement, to reflect changes in Applicable Law or in response to a Criticism. In the event such a change occurs, Manager will notify affected counterparties of such change and any related changes in procedures. If such changes will have a material adverse impact on Manager or otherwise require Manager to devote significant resources or incur significant costs or expenses, Manager shall promptly notify Sutton Bank in writing or via e-mail and Manager and Sutton Bank shall meet in good faith to mutually agree upon a resolution. If Manager and Sutton Bank cannot so agree on a resolution, then Manager or Sutton Bank may terminate the applicable Program by providing the other Party with written notice no later than [***] following such the date of such meeting or other date as mutually agreed upon by the Parties. In such case, Manager shall still be obligated to [***] unless Manager elects to terminate the entire Amended Program Manager Agreement pursuant to Sections 10.1 or 10.2.
| 6.4 | Compliance by Distributors, Marketers and Third Party Service Providers |
(A) Manager shall assist Sutton Bank by monitoring the conduct of Distributors, Marketers and Third Party Service Providers and their proper compliance with respect to all aspects of their performance under the Programs, including without limitation their respective compliance with this Amended Program Manager Agreement, Applicable Laws and their respective Distributor, Marketer and Third Party Service Provider agreements.
(B) Manager shall reimburse Sutton Bank for Losses incurred by Sutton Bank arising out of Manager’s, a Distributor’s, a Marketer’s or a Third Party Service Provider’s actions, failures to act or failure to comply with Applicable Law, the Network Rules, this Amended Program Manager Agreement or the applicable Distributor, Marketer or Third Party Service Provider agreement, to the extent such actions, failures to act or failure to comply relate to the Programs, unless such action or failure results from acting in accordance any policy, procedure or instruction of Sutton Bank.
| 6.5 | Denial or Termination of Distributor, Marketer or Third Party Service Provider |
(A) Manager acknowledges and agrees that Sutton Bank’s decision whether to approve or reject any entity that is under consideration to become a Distributor or Third Party Service Provider, and whether to continue permitting any Distributor, Marketer or Third Party Service Provider to participate in the Program, shall be final and that Sutton Bank may direct Manager to terminate any Distributor, Marketer or Third Party Service Provider with respect to the Programs in the event that, in Sutton Bank’s commercially reasonable judgment, such Distributor, Marketer or Third Party Service Provider could expose Sutton Bank to legal, financial, or reputational risk, risk of lawsuit or Criticism, otherwise engages in types of businesses or conduct that is inconsistent with Sutton Bank’s corporate philosophies or risk tolerance, or, in the case of a Third Party Service Provider, fails to perform to reasonable industry standards.
- 33 -
CONFIDENTIAL AND PROPRIETARY
(B) Sutton Bank agrees to notify Manager in writing prior to the effective date of termination of any Distributor or Marketer hereunder which notice will include an explanation of the grounds for the termination. To the extent Manager disagrees with Sutton Bank’s termination decision under this Section, Manager shall have the opportunity to present countervailing facts or positions for reconsideration by Sutton Bank. Sutton Bank shall have sole final discretion on this issue, however. The notice period for termination of any Distributor or Marketer will be, in most instances, [***] prior notice; however, Sutton Bank may require a shorter notice period of [***] when in Sutton Bank’s reasonable judgment additional time beyond [***] would materially increase Sutton Bank’s exposure. In instances involving criminal or illegal activity or fraud, the Distributor or Marketer may be immediately suspended pending the effective termination date.
(C) In the event Sutton Bank determines pursuant to the terms hereof to terminate an existing Distributor, Marketer or Third Party Service Provider, Sutton Bank shall, subject to Applicable Law, cooperate with Manager to (i) transition the applicable service(s) to another Distributor or Third Party Service Provider, approved by Sutton Bank, or Program(s) undertaken with such Distributor or Third Party Service Provider to another issuing bank, or (ii) such other action or plan as mutually agreed upon by Sutton Bank and Manager.
| 6.6 | Distributor and Third Party Service Provider Due Diligence, Training and Monitoring |
(A) Due Diligence. Prior to referring any entity to Sutton Bank to become, as applicable, a Distributor or Third Party Service Provider, Manager shall perform a due diligence review and document such review of the entity and, as applicable, its principal owners and management, in accordance with any requirements provided by Sutton Bank and, with respect to Third Party Service Providers, as otherwise is consistent with the FFIEC’s IT Examination Handbook (including the booklets therein entitled “Supervision of Technology Service Providers” and “Outsourcing Technology Services”), as such handbook is amended from time to time (collectively, the “FFIEC Handbook”).
(B) Financial and Other Monitoring. Manager shall perform periodic financial monitoring of all Distributors and Third Party Service Providers, such monitoring to be consistent with Applicable Law and the pre-funding risk inherent in the relationship with such Distributor or Third Party Service Provider, including, but not limited to, the Network Rules and, in the case of any Third Party Service Provider, the FFIEC Handbook. Manager shall request Distributors and Third Party Service Providers to furnish Sutton Bank with such financial and other information as Sutton Bank may from time to time reasonably request. Manager shall promptly notify Sutton Bank of any information Manager receives that is reasonably likely to have a material adverse effect on the creditworthiness of any Distributor or Third Party Service Provider or that could affect a Distributor’s, Marketer’s or Third Party Service Provider’s ability to meet its obligations under the Programs. Manager also shall promptly notify Sutton Bank in the event Manager determines that a Distributor, Marketer or Third Party Service Provider is engaged in any activities that Manager believes may be reasonably likely to result in Criticism or material legal, financial or reputational risk to Sutton Bank or Manager or risk of lawsuit against Sutton Bank or Manager.
(C) Security Measures and Controls. Manager shall periodically monitor each Distributor’s and Third Party Service Provider’s operations, policies and procedures, such
- 34 -
CONFIDENTIAL AND PROPRIETARY
monitoring to be consistent with the requirements and guidance reflected in the FFIEC Handbook, and shall contractually obligate each Distributor and Third Party Service Provider (to the extent it may have access to Cardholder Data) to have proper security measures in place for the protection of Cardholder Data that are in compliance with Applicable Law, including, if applicable, the PCI-DSS as implemented by the applicable Network.
(D) Training. Manager shall provide to each Distributor and Third Party Service Provider that provides Cardholder-facing services (e.g., call center providers) all necessary and appropriate training and support required to implement the Programs, all in a form and substance reasonably satisfactory to Sutton Bank and in accordance with Applicable Law and standard industry practices as such industry practices may evolve during the term of this Amended Program Manager Agreement.
(E) Third Party Service Provider Site Certifications. If requested by Sutton Bank consistent with this Section or if required by Sutton Bank or Applicable Law, Manager shall perform periodic site certifications reasonably satisfactory to Sutton Bank of each Third Party Service Provider in order to determine that such entity has proper facilities, equipment, licenses and permits to perform its services related to the Program, in each case in accordance with the criteria established by Sutton Bank and communicated to Manager. Manager shall submit a written inspection report to Sutton Bank in connection with each such site certification in such form as Sutton Bank shall reasonably designate, and Manager warrants that, as of the date of the submission of such inspection report to Sutton Bank, to the best of Manager’s knowledge, the report is true, correct, complete and not misleading. Upon Manager’s determination that any information contained in any such inspection report is materially incorrect, incomplete, or misleading in any way, Manager shall promptly notify Sutton Bank of same.
(F) Secret Shopping. Sutton Bank may from time to time reasonably require Manager to conduct a secret shopper program to monitor sales of Cards by one or more Distributors in the manner mutually agreed upon by the Parties. Such secret shopping program will be designed to review the Distributor’s Card sales practices and merchandising.
| 6.7 | Existing Distributors, Marketers and Third Party Service Providers |
Manager shall provide Sutton Bank such information as reasonably requested with respect to all Distributors, Marketers and Third Party Service Providers. To the extent Manager has existing relationships with “resellers” that offer Manager’s Cards services to third parties on Manager’s behalf, Sutton Bank agrees to review such “resellers” solely for purposes of determining whether such “resellers” may become approved by Sutton Bank as Distributors hereunder.
| 6.8 | Access to Third Party Service Providers |
Manager hereby authorizes Sutton Bank, in connection with Sutton Bank’s routine oversight for the Programs, to (i) communicate directly with any Third Party Service Provider, and (ii) to obtain from such Third Party Service Provider any reports and information relating to any Program that Sutton Bank deems necessary or appropriate, and Manager hereby authorizes Third Party Service Providers to communicate directly with Sutton Bank and provide such reports and information to Sutton Bank; provided, however, that Sutton Bank will not exercise these rights to conduct or to allow Sutton Bank’s auditors to conduct formal audits of the Third Party Service Providers.
- 35 -
CONFIDENTIAL AND PROPRIETARY
| 6.9 | Expenses and Liability |
Unless agreed upon otherwise by the Parties, Manager shall be responsible for all fees and expenses payable to each Distributor, Marketer and Third Party Service Provider, and shall remain liable for any services performed by any Distributor, Marketer and Third Party Service Provider. A dispute between Manager and a Distributor, Marketer or Third Party Service Provider shall not relieve Manager from performing any of its obligations hereunder.
ARTICLE VII - CARDHOLDER INFORMATION
| 7.1 | Ownership of Accounts, Cardholder Data and Program Materials |
Except as otherwise provided in this Amended Program Manager Agreement, as between the Parties, Sutton Bank shall own all Cardholder Data and Cardholder Accounts, Cardholder Agreements and Program Materials and shall have all rights, powers and privileges with respect thereto subject to Sutton Bank’s agreement hereunder to transfer such records to a new sponsor bank upon termination or expiration of this Amended Program Manager Agreement. During the Term, Manager may use Cardholder Data as expressly provided in this Amended Program Manager Agreement and in accordance with the Privacy Notices. Notwithstanding the foregoing, the Parties agree that certain aspects of Cardholder Data shall be deemed to be the joint property and Confidential Information of both parties (or a Marketer or Distributor, as applicable), to the extent Manager (or the applicable Marketer or Distributor) collects such information from Cardholders in the ordinary course of business and not solely in connection with the Program(s) (“Joint Cardholder Data”). Sutton Bank shall not, directly or indirectly, use, or sell or otherwise transfer any right in or to, the Joint Cardholder Data other than as provided herein or as mutually agreed by the Parties.
| 7.2 | Sharing of Cardholder Data and Program Materials |
Notwithstanding anything to the contrary in this Amended Program Manager Agreement, sharing of any information between Manager and Sutton Bank and the use thereof shall be subject to their respective privacy policies, Security Guidelines and Applicable Law. Subject to the limitations in this Section, upon Manager’s reasonable request, Sutton Bank shall provide Cardholder Data or segments for use by Manager in connection with the discharge of Manager’s obligations or exercise of Manager’s rights under this Amended Program Manager Agreement or in accordance with the Privacy Policy. Except as provided in Section 7.1, neither Manager not its Affiliates, Distributors, Marketers, or Third Party Service Providers may without the prior written consent of Sutton Bank disclose Cardholder Data or any segment thereof to any third party or Affiliate, except to the extent permitted by this Amended Program Manager Agreement or required under Applicable Law. To the extent that Manager discloses Cardholder Data to one or more of its Affiliates, Third Party Service Providers, or Distributors or permits such Affiliate(s), Third Party Service Provider(s), or Distributor(s) to use Cardholder Data in accordance with this Section, Manager agrees to cause such parties to comply with the provisions of this Article VII.
- 36 -
CONFIDENTIAL AND PROPRIETARY
| 7.3 | Data Obtained Independently by Manager |
Nothing contained in this Article VII or elsewhere in this Amended Program Manager Agreement shall apply to, limit or prohibit the use in any manner of, any information or data owned or held by Manager or its Affiliates, or any Third Party Service Provider, Marketer or Distributor, or any of their respective Affiliates to the extent such information or data has been independently obtained by Manager or its Affiliates from a source other than Sutton Bank, even if such information or data is duplicative of Cardholder Data.
ARTICLE VIII - INFORMATION SECURITY AND CONFIDENTIALITY
| 8.1 | Cardholder Data Security |
(A) Each Party acknowledges and agrees that this Amended Program Manager Agreement constitutes an agreement for Manager to perform services for Sutton Bank as contemplated in Title V of GLBA and the Privacy Regulations. Without limiting the generality of the terms of this Amended Program Manager Agreement, Manager and Processor each agree that they shall protect the privacy of Cardholder Data to at least the same extent that Sutton Bank must maintain that confidentiality under GLBA and the Privacy Regulations. Without limiting the generality of the foregoing sentence, except as otherwise provided in any Program Schedule, neither Manager nor Processor shall:
(i) use any Cardholder Data except to perform its obligations under this Amended Program Manager Agreement (unless such Cardholder Data is used for Manager’s internal business purposes), or
(ii) disclose any Cardholder Data other than to:
| (a) | any Network or any other entity to which disclosure is necessary in connection with the processing a Transaction; |
| (b) | a Third Party Service Provider in connection with a permitted use of such Cardholder Data under this Section 8.1, provided that each such Third Party Service Provider agrees in writing to maintain all such Cardholder Data as strictly confidential in perpetuity and not to use or disclose such information to any person other than Sutton Bank, Manager or Processor, except as required by Applicable Law or any Regulatory Authority (after giving Sutton Bank, Manager or Processor, as applicable, prior notice and an opportunity to defend against such disclosure) or as permitted under Sutton Bank’s Privacy Policy; provided, further, that each such Third Party Service Provider maintains, and agrees in writing to maintain, an information security program that is designed to protect Cardholder Data and information related to Transactions, and which complies with the requirements under the Network Rules, including but not limited to the requirement for such Third Party Service Provider, upon termination of any of its associated Card Programs, to securely destroy all Cardholder Data in its possession associated with such Card Program as quickly as circumstances permit in accordance with best industry practices and provide a written notice to Sutton Bank that the destruction of the Cardholder Data has been completed; |
- 37 -
CONFIDENTIAL AND PROPRIETARY
| (c) | its employees, consultants, attorneys and accountants with a need to know such Cardholder Data in connection with a permitted use of such Cardholder Data under this Section 8.1; provided that (1) any such person is bound by terms substantially similar to this Section 8.1 as a condition of employment or of access to Cardholder Data or by professional obligations imposing comparable terms; and (2) such Party shall be responsible for the compliance by each such person with the terms of this Section 8.1; or |
| (d) | any Regulatory Authority (1) in connection with an examination of any Party; or (2) pursuant to a specific requirement to provide such Cardholder Data by such Regulatory Authority or pursuant to compulsory legal process; provided that such Party seeks the full protection of confidential treatment for any disclosed Cardholder Data to the extent available under Applicable Law governing such disclosure, and with respect to clause (2), to the extent permitted by Applicable Law, such Party (x) provides at least [***] prior notice of such proposed disclosure to the other Parties if reasonably possible under the circumstances, and (y) seeks to redact the Cardholder Data to the fullest extent possible under Applicable Law governing such disclosure. |
(B) During the Term of this Amended Program Manager Agreement, the Cardholder Data shall be owned by Sutton Bank and shall be subject to Sutton Bank’s privacy policy set forth in each Privacy Notice, and the manner in which such Cardholder Data may be used, shared and disclosed by the Parties during the Term shall be as set forth herein or as addressed in the Program Schedule for each particular Card Program, all in accordance with the Privacy Regulations and Applicable Law. Sutton Bank shall not, directly or indirectly, use, or sell or otherwise transfer any right in or to, the Cardholder Data other than as provided herein or as mutually agreed by the Parties in a Program Schedule. Sutton Bank shall ensure that its privacy policy and each Privacy Notice permits, subject to Applicable Law, (i) Sutton Bank to share Cardholder Data with Manager, Processor and their respective Third Party Service Providers, and (ii) Manager and Processor to use Cardholder Data in the manner described herein or as permitted by Applicable Law.
(C) With respect to the sharing, use and disclosure of Cardholder Data following the expiration or termination of this Amended Program Manager Agreement in its entirety or any Program Schedule, Manager shall securely destroy all Cardholder Data in its possession associated with such terminated Program Schedule(s) as quickly as circumstances permit in accordance with best industry practices and provide a written notice to Sutton Bank that the destruction of the Cardholder Data has been completed.
- 38 -
CONFIDENTIAL AND PROPRIETARY
(D) Manager shall establish commercially reasonable administrative, technical and physical safeguards for Cardholder Data in its control or possession from time to time. Such safeguards shall be designed for the purpose of: (i) insuring the security of such records and information, (ii) protecting against any known threats or hazards to the security or integrity of such records and information; and (iii) protecting against unauthorized access to or use of such records and information that would result in substantial harm or inconvenience to any Cardholder; (iv) ensure against the proper disposal of Cardholder Data. Such safeguards shall be established in accordance with Applicable Law, including, without limitation, Section 501 of GLBA and the Interagency Guidelines Establishing Standards for Safeguarding Customer Information adopted pursuant to Section 501 of GLBA.
(E) Subject to any obligations placed upon Manager or Processor by a law enforcement agency, such Party agrees to fully disclose to Sutton Bank any actual or suspected breach in security which results in unauthorized intrusions into such Party’s computer and other information systems that may materially affect Sutton Bank and the Cardholders or otherwise may involve the potential unauthorized disclosure, access to, acquisition of, or other loss or use of Cardholder Data, including “sensitive customer information.” As soon as such Party has reason to believe that it has a security breach, and in no event later than [***] after the discovery of any such breach, it shall notify Sutton Bank in writing and provide (to the extent Manager or Processor has the following information): (i) a description of the breach or loss, including the data it occurred, (ii) the number of individuals or accounts affected and their states of residence, (iii) the information accessed, acquired, lost, or misused; (iv) whether the breach or loss was computerized in nature or a paper loss, (v) whether such information was encrypted or unencrypted, (vi) whether encryption keys or passwords may have been compromised, and (vii) a description of the steps taken to investigate the incident, secure systems or recover lost information, and prevent the recurrence of further security breaches or losses of the same type. For purposes of this subsection (E), “Sensitive Customer Information” includes a consumer’s name, address, or telephone number in conjunction with the consumer’s social security number, driver’s license number, account number, credit or debit card number, or a personal identification number or password that would permit access to the customer’s account, or any combination of components of customer information that would allow someone to log onto or access a customer’s account, such as a username and password, or password and account number. In addition, in the event of an actual or suspected breach in security of Manager’s or Processor’s computer or other information systems, such Party agrees to permit an independent qualified third party auditor to perform an investigation (including the installation of monitoring or diagnostic software or equipment) to locate the source and scope of the breach and provide Sutton Bank with any material Sutton Bank-related information that such independent auditor discovers with respect to the breach, all at the expense of Manager or Processor respectively.
(F) Each Party has designed and implemented an information security program that is designed to protect Cardholder Data and information related to Transactions that complies with the requirements under the Network Rules. At all times during the term of the Amended Program Manager Agreement, each Party shall be in compliance with all information and data security requirements promulgated by the Network and applicable to card issuers (as set forth in the Network Rules) and the Interagency Guidelines Establishing Standards for Safeguarding Customer Information (collectively the “Information Security Requirements”), as the same may be revised from time to time. Each Party shall provide the other Parties with copies of all reports on compliance, quarterly and annual status forms and other reports filed by such Party with the Network in accordance with the Network Rules.
- 39 -
CONFIDENTIAL AND PROPRIETARY
| 8.2 | Confidential Information |
(A) Each Party acknowledges that it may receive Confidential Information of the other Parties. For purposes of this Amended Program Manager Agreement, “Confidential Information” includes the terms of this Amended Program Manager Agreement, any customer information (other than Cardholder Data), financial data and budgetary or proprietary business information, income or sales data or projections, customer lists, business operations, policies, procedures and techniques, advertising summary or tracking reports or other reports generated in accordance with this Amended Program Manager Agreement, schematics, ideas, techniques, know how, concepts, development tools and processes, procedures, computer printouts, computer programs, design drawings and manuals, and improvements, patents, copyrights, technology, source codes, business methods, trade secrets (including all intellectual property contained in the forgoing, or other intellectual property of any kind or nature, plans for future development and new product concepts, contemplated products, research, development, and strategies. Cardholder Data shall not be Confidential Information, but rather shall be subject to the provisions of Section 8.1 above. The term “Confidential Information” shall not include information which, prior to delivery, (i) was already in the recipient Party’s possession; (ii) is or becomes generally available to the public through lawful means, other than as the result of a disclosure by the recipient Party or its representatives; (iii) becomes available to a recipient Party without confidential or proprietary restriction by a third party who rightfully possesses the information without confidential or proprietary restrictions; or (iv) the recipient Party can demonstrate that it was independently developed by such recipient Party. Except as otherwise specifically provided in this Amended Program Manager Agreement, each Party agrees that it will not, publish, communicate, divulge, or disclose to any person, firm, or corporation any Confidential Information of any other Party, except in the performance of the terms of this Amended Program Manager Agreement. No Party shall distribute any material labeled as “Visa Confidential” to outside parties without written authorization from Visa. Each Party shall comply with all Applicable Law, including the PCI-DSS, in regards to all Confidential Information and Cardholder Data.
(B) Each Party agrees that it will not use any Confidential Information of any other Party except (i) for the benefit of any other Party, and (ii) as necessary to fulfill its obligations or exercise its rights under this Amended Program Manager Agreement, and only for such purposes and only for the time that it is necessary to do so, except to the extent it is otherwise permitted under this Amended Program Manager Agreement. Each Party will take commercially reasonable security precautions, at least as great as the precautions it takes to protect its own Confidential Information and as may be required by Applicable Law, with respect to the Confidential Information of any other Party which it receives and will disclose such Confidential Information only on a need to know basis and only to its subsidiary, agent or subcontractor who is obligated to treat such Confidential Information in a manner consistent with all the obligations of this Amended Program Manager Agreement. Liability for damages due to disclosure of the Confidential Information by any such third party shall be with the Party that disclosed the Confidential Information to the third party. Each Party shall promptly notify the other Parties upon discovery of any loss or unauthorized disclosure of the Confidential Information of any Party. This Section 8.2 supplements any separate written confidentiality agreement or nondisclosure agreement between any of the Parties, and in the event any such agreement conflicts with the terms hereof, this Amended Program Manager Agreement shall control.
- 40 -
CONFIDENTIAL AND PROPRIETARY
| 8.3 | Required Disclosures |
In the event that the recipient of Confidential Information is requested or becomes legally compelled to disclose any Confidential Information of any other Party ) pursuant to a subpoena or court order; a summons, order, demand or other judicial or governmental process issued by a Regulatory Authority; or in connection with any regulatory report, audit, inquiry or other request for information from such a Regulatory Authority; or as required by Applicable Law, it is agreed that such recipient Party will provide the disclosing Party with prompt written notice of such request(s) to enable the disclosing Party to seek a protective order to protect and preserve the confidential nature of the Confidential Information. In such event, each Party agrees that it will furnish only that portion of the Confidential Information which is legally required and will exercise reasonable efforts to obtain reliable assurance that confidential treatment will be accorded to that portion of the Confidential Information and other information which is being disclosed. To the extent the recipient Party is prohibited from notifying the disclosing Party of a subpoena, order, summons or demand, by the terms of same, the recipient Party shall exercise its reasonable efforts to narrow the scope of disclosure as provided in the forgoing sentence. Each Party shall immediately notify the other upon discovery of any loss or unauthorized disclosure of the Confidential Information of any other Party.
ARTICLE IX - SECURITY BREACHES; DISASTER RECOVERY
| 9.1 | Security Program |
In the event that Manager or any Third Party Service Provider accesses, stores, transmits or processes Cardholder Data, Manager shall, and shall require any Third Party Service Providers to, as applicable, establish and maintain appropriate administrative, technical and physical safeguards designed to (i) protect the security, confidentiality and integrity of the Cardholder Data, (ii) ensure against any anticipated threats or hazards to its security and integrity, (iii) protect against unauthorized access to or use of such information or associated records which could result in substantial harm or inconvenience to any Cardholder or applicant, and (iv) ensure the proper disposal of Cardholder Data (collectively, the “Security Program”). At all times during the Term, (x) Manager shall use the same degree of care in protecting the Cardholder Data against unauthorized disclosure as it accords to its other confidential customer information, but in no event less than a reasonable standard of care, and (y) the Security Program shall be in compliance with Applicable Law, the Security Guidelines and all information and data security requirements promulgated by the Networks and applicable to card issuers (as set forth in the Network Rules), as the same may be revised from time to time. Any material change to the Security Program by Manager shall be approved in advance by Sutton Bank.
| 9.2 | SSAE Report |
Manager shall provide to Sutton Bank on an annual basis the Statement on Standards for Attestation Engagements (“SSAE”) No. 16, Reporting on Controls at a Service Organization. Manager shall also provide Sutton Bank with copies of all other reports on compliance, quarterly and annual status forms and other reports filed by Manager with any Network in accordance with the Network Rules, if applicable.
- 41 -
CONFIDENTIAL AND PROPRIETARY
| 9.3 | Testing |
Manager’s Security Program shall be reviewed and tested internally at least annually, at Manager’s expense, in order to demonstrate compliance with all Applicable Law, including documented policies and procedures and an internal audit and quality assurance program. Manager shall further cause, at its expense, independent testing of Manager’s Security Program, which testing shall include, but is not limited to, penetration testing, vulnerability scans, and a PCI-DSS assessment performed by a qualified security assessor approved by the PCI Security Standards Council. The schedule of such testings, audits and quality reviews shall be provided to Sutton Bank at least annually and results from each such tests, audits or reviews shall be promptly provided to Sutton Bank in writing in accordance with the schedule or upon the request of Sutton Bank.
| 9.4 | Security Contact |
Each of the Parties has provided to the other Party the name and contact information of such Party’s designated primary and secondary “Security Contact” appointed for the purpose of being contacted in connection with (i) any security breach or failure requiring immediate notification to a Party with respect to the unauthorized use or disclosure of Cardholder Data or (ii) any use or disclosure of a Party’s Confidential Information except in the manner permitted by Article VIII. A Party may from time to time change its primary and secondary Security Contact by providing written notice of such change in accordance with the notice requirements herein. In the event a named Security Contact is no longer in the employ of the applicable Party, or is otherwise unable or unwilling to perform the duties of a Security Contact as set forth herein, then a replacement Security Contact shall be named by such Party as soon as possible but in no event later than [***] after the Security Contact has ceased employment with such Party or the occurrence of the event giving rise to such Security Contact’s inability or unwillingness to perform such duties. Each Party shall further ensure that either the primary Security Contact or the secondary Security Contact is available at any given time to fulfill the purposes of this Section, unless otherwise approved in advance in writing by the other Party.
| 9.5 | Storage of Information |
Manager will only store Cardholder Data and Program Records at its data center locations which have been approved by Sutton Bank (or in the case of approved Distributors or Third Party Service Providers, the third party address approved by Sutton Bank). Any change of the location of a data center must be approved by Sutton Bank at least [***] in advance of Cardholder Data or Confidential Information being stored at such new location.
| 9.6 | Notification |
Manager agrees that in the event there is a breach of security of Manager or any Third Party Service Provider resulting in unauthorized disclosure of Cardholder Data or other Confidential Information of Sutton Bank, Manager will promptly, and in no event later than [***] after the discovery of any such breach, notify the primary, or if unreachable, the secondary Security Contact
- 42 -
CONFIDENTIAL AND PROPRIETARY
of Sutton Bank (as identified in Section 9.4) of such breach, the nature of such breach, and the corrective action taken to respond to the breach and shall take all steps at its own expense to immediately limit, stop or otherwise remedy such misappropriation, disclosure or use, including, but not limited to, notification and cooperation and compliance with Regulatory Authority. Manager acknowledges and agrees that in the event of a security breach, Sutton Bank shall engage an assessor to determine the extent of the breach. Manager shall give the assessor access to Manager’s facilities, records and personnel, as requested by the assessor, and shall be responsible for all costs, expenses and fees of the assessor. Manager shall provide to Sutton Bank, upon receipt, any and all reports or documents prepared by or received from the assessor.
| 9.7 | Expense Reimbursement |
(A) Manager Reimbursement. If Manager or any Third Party Service Provider suffers a data security breach that results, in Sutton Bank’s sole discretion, in the engagement of Sutton Bank resources to investigate and/or correct the breach Manager shall reimburse Sutton Bank for Sutton Bank’s reasonable expenses with respect to the following, except to the extent that such breach was proximately caused by Sutton Bank’s gross negligence, or willful misconduct or fraud, or breach of Sections 3.2(B) or 3.2(D) of this Amended Program Manager Agreement:
(i) providing notices and information regarding unauthorized access to Cardholder Data which results in the misuse of such information, or the reasonable possibility that misuse of such information shall occur, involving any Cardholder Data which is attributable, in whole or in part, to Manager or any Distributor, Third Party Service Provider or Manager Affiliate to (i) appropriate law enforcement agencies, Regulatory Authorities and Networks, and (ii) affected Applicants and Cardholders to the extent Sutton Bank deems such notices required by Applicable Law or as Sutton Bank otherwise deems necessary or appropriate in the exercise of its commercially reasonable judgment;
(ii) providing fraud monitoring and consumer report (credit report) monitoring services to affected Applicants and Cardholders to the extent Sutton Bank deems such services to be necessary or appropriate in the exercise of its commercially reasonable judgment; and
(iii) replacing Cards or other access devices if Sutton Bank reasonably determines replacement is necessary as a result of such unauthorized access to Cardholder Data which is attributable to Manager, its Affiliates or Distributors or Third Party Service Providers. Manager shall pay any such undisputed amounts within [***] of its receipt of Sutton Bank’s documentation supporting such expense. Without limiting the foregoing, Manager shall reimburse Sutton Bank for any Losses incurred by Sutton Bank as a result of unauthorized access to Cardholder Data or Confidential Information through Manager or a Distributor or Third Party Service Provider.
| 9.8 | Disaster Recovery Plan |
At all times during the Term and for so long as this Amended Program Manager Agreement remains in effect, Manager shall and shall require all Third Party Service Providers to, prepare and maintain disaster recovery, business resumption, and contingency plans appropriate for the nature
- 43 -
CONFIDENTIAL AND PROPRIETARY
and scope of the activities of and the obligations to be performed by Manager or any Third Party Service Providers hereunder. Manager shall ensure that such plans are sufficient to enable Manager or the Third Party Service Provider to promptly resume, without giving effect to the Force Majeure provisions herein, the performance of its obligations hereunder in the event of a natural disaster, destruction of facilities or operations, utility or communication failures or similar interruption in operations and shall ensure that all material records, including, but not limited to, Cardholder Data, are backed up in a manner sufficient to survive any disaster or business interruption. These plans shall ensure that, without giving effect to the Force Majeure provisions herein, such resumption takes place no later than the timelines set forth in the aforementioned plans. Manager shall make available to Sutton Bank copies of all such disaster recovery, business resumption, and contingency plans and shall obtain Sutton Bank’s prior written approval before making any material modifications to such plan. Manager and any Third Party Service Provider shall periodically, and no less than annually, test such disaster recovery, business resumption, and contingency plans as may be appropriate and prudent in light of the nature and scope of the activities and operations of Manager and its obligations hereunder. Manager shall further facilitate and cooperate with any requests by Sutton Bank to participate in, monitor or audit the annual testing process of Manager or a Third Party Service Provider under this Section. A complete report of the results of such annual testing shall be promptly provided to Sutton Bank upon request.
ARTICLE X - TERM AND TERMINATION
| 10.1 | Term |
(A) Term. The initial term of this Amended Program Manager Agreement shall commence on the Effective Date and terminate at midnight on the fifth (5th) anniversary of the Effective Date (the “Initial Term”), unless sooner terminated in accordance with the terms hereof. This Amended Program Manager Agreement shall be automatically renewed on the same terms and conditions for a two (2) year term ( a “Renewal Term”) (the Initial Term, collectively with the Renewal Term, the “Term”) thereafter, unless any Party provides written notice to the other Parties of its intent not to renew at least one hundred eighty (180) days prior to the expiration of the Initial Term or any Renewal Term then in effect.
(B) Mutual Consent. This Amended Program Manager Agreement may be terminated at any time during the Term, without cost or penalty, by mutual consent of Sutton Bank and Manager, or by either Party upon one hundred eighty (180) days prior written notice to the other Party.
| 10.2 | Termination for Cause |
(A) By Sutton Bank. Sutton Bank may terminate this Amended Program Manager Agreement at any time during the Term:
(i) Immediately upon notice in the event of a breach or series of breaches by Manager of the Program Documents that are material either individually or in the aggregate, if such breach or breaches are not cured within thirty (30) days after receipt by Manager of a written notice from Sutton Bank alleging breach and requiring Manager to cure such breach or breaches;
- 44 -
CONFIDENTIAL AND PROPRIETARY
(ii) Immediately upon notice in the event Manager has failed to pay any amounts to Sutton Bank when due as set forth in the Program Documents, and such amount is not paid within five (5) Business Days after Manager receives notice of such nonpayment;
(iii) Immediately upon notice in the event (1) Manager is placed into conservatorship or receivership or proceedings are commenced and remain unstayed for a period of at least thirty (30) days to wind up, dissolve, liquidate or reorganize Manager, (2) proceedings are instituted against Manager by or before any regulatory authority to terminate Manager’s license or other regulatory approval or to cause any of Manager’s officers or directors to cease and desist from any alleged unsafe or unsound practice, (3) Sutton Bank, in its reasonable discretion, determines that there exists an imminent and material threat to the security of Sutton Bank’s prepaid card services or any network accessed or operated by Sutton Bank, if applicable, as a result of any act or omission by Manager or an agent of Manager, including, without limitation, Manager’s failure to comply with any Network Rules with respect to the issuer’s responsibilities for data security verification and certification, which could result in a substantial detriment to Sutton Bank, if applicable; or (4) Sutton Bank, in its reasonable discretion, determines that Manager’s failure to comply with any provision of Applicable Law or any other requirements, including licensing requirements, imposed upon Manager by any federal or state governmental authority has resulted in or may reasonably be expected to result in an imminent and material threat to Manager’s legal capacity to materially comply with Manager’s duties and obligations under the Program Documents; or
(iv) Immediately upon notice in the event that Manager creates circumstances giving rise to a substantial risk of loss and/or harm to the goodwill of any Network if such circumstances are not eliminated within thirty (30) days after receipt by Manager of a written notice from Sutton Bank alleging such circumstances and requiring Manager eliminate such circumstances.
(B) By Manager. Manager may terminate this Amended Program Manager Agreement at any time during the Term immediately upon notice in the event: (1) of a breach or series of breaches by Sutton Bank of the Program Documents that are material either individually or in the aggregate, if such breach or breaches are not cured within 30 days after receipt by Sutton Bank of a written notice from Manager alleging breach and requiring Sutton Bank to cure such breach or breaches; (2) Sutton Bank is placed into conservatorship or receivership or proceedings are commenced and remain unstayed for a period of at least thirty (30) days to wind up, dissolve, liquidate or reorganize Sutton Bank; (3) proceedings are instituted against Sutton Bank by or before any Regulatory Authority to terminate Sutton Bank’s ability to issue prepaid cards or other regulatory approval or to cause any of Sutton Bank’s officers or directors to cease and desist from any alleged unsafe or unsound practice and such proceedings remain unstayed for a period of at least thirty (30) days; (4) Sutton Bank is no longer an approved issuer of prepaid cards on any Network with respect to which a Card Program exists, (5) Sutton Bank has failed to pay any amounts to Manager when due as set forth in this Amended Program Manager Agreement or the Program Documents, and such amount is not paid within fifteen (15) Business Days after Sutton Bank receives notice of such nonpayment; (6) Manager, in its reasonable discretion, determines that Sutton Bank’s failure to comply with any provision of Applicable Law or any other
- 45 -
CONFIDENTIAL AND PROPRIETARY
requirements imposed upon Sutton Bank by any federal or state governmental authority has resulted in or may reasonably be expected to result in an imminent and material threat to Sutton Bank’s capacity to materially comply with Sutton Bank’s duties and obligations under the Program Documents or this Amended Program Manager Agreement if such failure is not cured within 30 days after receipt by Sutton Bank of a written notice from Manager describing the failure in commercially reasonable detail and requiring Sutton Bank to cure the failure; (7) Sutton Bank is determined to be in “troubled condition” (as such term is defined in or interpreted in accordance with Applicable Law); (8) if Sutton Bank, together with its Affiliates, accumulates assets that, in the aggregate, are equal to, or greater than, [***], which will have the effect of removing Sutton Bank from the small issuer exemption under 12 CFR Part 235.5(a)(1) or any successor provision; or (9) Sutton Bank is prohibited from adding volume to the Programs or adding new Programs in order to [***] due to a directive from a Regulatory Authority rendered against Sutton Bank provided such directive is not attributable to the Program(s) or the actions or omissions of Manager or any Manager Contractor; provided such directive remains unstayed for a period of at least thirty (30) days; and provided Sutton Bank has not agreed to [***] so long as the directive is outstanding.
(C) Change in Law. In the event that any material change in any Applicable Law, or in the interpretation of such Applicable Law, makes continued performance by any party under the then-current terms and conditions of the Program Documents illegal and the Parties, using their reasonable best efforts, are unable to agree upon modifications to the Program Documents to avoid such illegality, then any party may terminate this Amended Program Manager Agreement, without penalty, by written notice to the other Party, which notice will be effective upon the earlier to occur of (i) the 90th day following delivery of the notice to the other Party or (ii) the effective date of such change in Applicable Law. To be effective, any written notice terminating this Amended Program Manager Agreement pursuant to this Section 10.2(C) must include a detailed explanation and evidence of the illegality created as a result of such change in Applicable Law.
(D) Other Remedies. In the event of any occurrence giving rise to a termination right under Section 10.2(A) above, Sutton Bank may at its election, without exercising, waiving or limiting such termination right in connection with, such occurrence, elect to require that Manager cease selling or distributing new Cards and entering into new Programs. In addition, in the event that any Client(s) fails to make any Settlement Payment or to maintain a required balance in the Settlement Account, Sutton Bank may suspend performance of any Sutton Bank obligations under the Program Documents if such Client fails to make the Settlement Payment or maintain the required balance in the Settlement Account within two (2) Business Days after Client receives notification of such failure.
| 10.3 | Effect of Termination or Expiration |
(A) Actions to Give Effect to Termination. Upon any termination of this Amended Program Manager Agreement or expiration of the Term, subject to Section 10.4, Sutton Bank and Manager will, as soon as reasonably practicable, execute such documents and do such things as may be reasonably necessary to give effect to the termination provisions of this Amended Program Manager Agreement.
- 46 -
CONFIDENTIAL AND PROPRIETARY
(B) Survival of Obligations. Each party will continue to be responsible for any obligations incurred under this Amended Program Manager Agreement or the other Program Documents prior to any termination of this Amended Program Manager Agreement or expiration of the Term, including but not limited to the obligation to pay any amounts that accrued prior to termination or expiration of this Amended Program Manager Agreement that remain owed to the other party(ies) after such termination or expiration.
| 10.4 | Cessation of Card Sale and Distribution after Termination or Expiration |
Subject to Section 10.5, upon any expiration or termination of this Amended Program Manager Agreement or expiration of any Approved Program, Manager will immediately cease selling or distributing (including the cessation of both direct sales and third party sales through Clients) Cards under this Amended Program Manager Agreement or the Approved Program, as applicable.
| 10.5 | Wind Down Period; Orderly Transition |
(A) General Obligations. Upon the expiration or termination of this Amended Program Manager Agreement, (i) Manager may elect to either transition one or more Programs to an alternative card issuer designated by Manager (any such institution, a “Successor Bank”) in accordance with Applicable Law and pursuant to Section 10.5(B) or (ii) one or more Programs may be wound down in accordance with Applicable Law and pursuant to Section 10.5(C). Each Party acknowledges that the main goals of the Wind Down Period are (in order or priority) (i) to benefit the Cardholders by minimizing any possible burdens or confusion and (ii) to protect and enhance the names and reputations of the Parties, both of whom have invested their names and reputations in the Programs, the Programs and Cards issued hereunder. Unless otherwise required by Applicable Law or any Regulatory Authority, upon the expiration or termination of this Amended Program Manager Agreement for any reason, the Parties agree to cooperate in good faith to wind down or transition each Program in a commercially reasonable way as soon as reasonably possible to provide for a smooth and orderly transition or wind-down. Such cooperation will include continued acceptance of Cards presented for payment until such Cards expire or are cancelled as set forth below, and continued provision of customer service to all outstanding Cardholders in accordance with the terms of this Amended Program Manager Agreement up until the Cards expire or are terminated.
(B) Manager Transition Election. In the event that Manager elects to transition one or more Programs to a Successor Bank pursuant to Section 10.5(A), Sutton Bank’s obligations shall include: (i) executing and delivering a transfer agreement containing terms and conditions generally consistent with banking industry practice (including customary representations, warranties and obligations) for the transfer of the Programs and related BINs to the Successor Bank; and (ii) taking all other actions necessary to transfer the Programs and BINs to such Successor Bank. Sutton Bank’s documented reasonable out-of-pocket costs associated with the transition activities described in this Section shall be reimbursed by Manager within thirty (30) days of receipt of Sutton Bank’s invoice therefore; provided that Sutton Bank has notified Manager of such costs prior to incurring such costs.
- 47 -
CONFIDENTIAL AND PROPRIETARY
(C) Wind-Down Plan. As soon as reasonably practicable after expiration of this Amended Program Manager Agreement, or receipt of delivery of a termination notice with respect to this Amended Program Manager Agreement or one or more Programs, Manager shall provide to Sutton Bank in writing a proposed transition or wind-down plan, detailing (i) whether the affected Program(s) are to be wound down or transferred to a Successor Bank; and (ii) a proposed timeline, which shall designate a date as of which the affected Programs shall be wound down or transferred from Sutton Bank to a Successor Bank (“Switchover Date”). Sutton Bank and Manager shall meet promptly thereafter to review such proposed plan and to determine a mutually acceptable transition or wind-down plan (a “ Wind-Down Plan”); provided, however, that if Sutton Bank and Manager fail to reach mutual agreement on the Wind-Down Plan within thirty (30) days, Sutton Bank shall establish a Wind-Down Plan that is appropriate for the affected Program(s) and that is, to the extent practicable, substantially similar to other wind- down plans used by Sutton Bank for other programs similar to the affected Program(s) hereunder, in which case such Wind-Down Plan shall be deemed to be approved by Manager. The wind-down or transition of any affected Program(s) shall occur as soon as reasonably possible and in no event later than one hundred eighty (180) days after expiration of this Amended Program Manager Agreement; provided, however, that such time period may extended by mutual written agreement of the Parties.
(D) Wind Down Period General Obligations. During the Wind Down Period, the Parties shall continue to be bound by and comply with the terms of this Amended Program Manager Agreement and perform all of their obligations hereunder and shall remain liable for the representations and warranties, covenants and indemnification obligations under this Amended Program Manager Agreement. If Sutton Bank determines in its sole discretion that Manager has failed to continue to provide customer service to the affected Cardholders during the wind-down period in accordance with the terms of this Amended Program Manager Agreement, Manager shall take all necessary steps to either (i) effect the transfer to Sutton Bank of control of the toll free telephone numbers and websites used by Manager with respect to such Program or (ii) redirect Cardholders using such telephone numbers and websites to such toll-free telephone numbers and websites as designated by Sutton Bank.
(E) Further Assurances. Each Party shall; (i) give such further assurances to the Successor Bank and shall execute, acknowledge and deliver all such acknowledgments, assignments and other instruments and take such further action as may be reasonably necessary and appropriate to effectively vest in the Successor Bank the full legal and equitable title to Sutton Bank’s rights in any affected Program(s) being transitioned to the Successor Bank and (ii) make commercially reasonable efforts to assist the Successor Bank in the orderly transition of the sponsorship of the Program. The Parties agree to work in good faith to assure a smooth transition of the Program and continuity of operations with respect to the Program.
ARTICLE XI - INDEMNIFICATION AND LIABILITY
| 11.1 | Indemnification Obligation By Manager |
Manager covenants and agrees to indemnify and hold Sutton Bank, its Affiliates, and their respective officers, directors, employees, agents, successors and permitted assigns (“Bank Indemnified Parties”) harmless against any Losses, arising out of third party Claims in connection with:
- 48 -
CONFIDENTIAL AND PROPRIETARY
(A) any failure on the part of Manager to perform or comply with any covenant or obligation required to be performed or complied with by Manager under or pursuant to this Amended Program Manager Agreement,
(B) any inaccuracy, breach or untruthfulness of any representation or warranty made by Manager under or pursuant to this Amended Program Manager Agreement,
(C) any infringement or alleged infringement of any third party’s marks or intellectual property rights in connection with the Cards or the Program or as a result of Sutton Bank’s use of the Manager Marks hereunder,
(D) any noncompliance with or violation of any Applicable Laws (including without limitation with respect to Program Materials and Marketing Campaigns), the gross negligence or willful misconduct of Manager, or any of Manager’s Affiliates, employees, officers, directors, Distributors, Marketers, Third Party Service Providers or agents, representatives or independent contractors (all such contractors, agents and representatives, including Distributors, Marketers and Third Party Service Providers, the “Manager Contractors”),
(E) any wrongful acts or omissions of Manager or Manager Contractors in connection with the improper use of Cardholder Data or in connection with the transfer of the Program(s) to a Successor Bank,
(F) any failure on the part of Manager or any Manager Contractor to comply with or discharge any of its or their obligations, liabilities or other amounts due or owing by Manager or such Manager Contractor to any third party, including, in the case of Manager, due or owing to any Manager Contractor,
(G) any unauthorized or fraudulent access to or use of Cardholder Data caused by the action or inaction, or intentional misconduct of an employee of Manager or Manager Contractors, or arising from a security breach to computer systems maintained by Manager or maintained by Manager Contractors on behalf of Manager.
(H) any Losses arising solely from the Sutton Bank’s failure to comply with the Applicable Law or a direction or requirement from a Regulatory Authority or Network where such failure arose out of Manager’s failure to meet its obligations under this Amended Program Manager Agreement or to obtain and provide all information to Sutton Bank needed for Sutton Bank to comply, unless Sutton Bank failed to inform Manager of the need for such actions or the need to cease taking such actions; or
(I) any misrepresentation or false or misleading statement made by Manager or Manager Contractors to any Person, Regulatory Authority or legislative body regarding Sutton Bank, a Program, this Amended Program Manager Agreement or the terms or conditions hereof.
- 49 -
CONFIDENTIAL AND PROPRIETARY
| 11.2 | Limited Exception and Conditions |
Manager’s indemnification obligations under Section 11.1 shall exclude any Losses, to the extent such Losses arise directly from (A) an act of fraud, embezzlement or criminal activity by a Bank Indemnified Party, (B) the gross negligence, willful misconduct or bad faith by a Bank Indemnified Party, (C) failure of the Sutton Bank to comply with, or to perform its obligations under, this Amended Program Manager Agreement, or (D) Losses arising from noncompliance with or violation of any Applicable Law by Manager or a Manager Contractor solely to the extent that such Parties acted in good faith in accordance with Sutton Bank’s written instructions and/or requirements regarding Applicable Law.
| 11.3 | By Sutton Bank |
Sutton Bank covenants and agrees to indemnify and hold Manager, Manager Contractors, and each of their respective Affiliates, and their respective officers, directors, employees, agents, and permitted assigns (the “Manager Indemnified Parties”) harmless against any Losses, arising out of third party Claims in connection with:
(A) any failure on the part of Sutton Bank to perform or comply with any covenant or obligation required to be performed or complied with by Sutton Bank under or pursuant to this Amended Program Manager Agreement,
(B) any inaccuracy, breach or untruthfulness of any representation or warranty made by Sutton Bank under or pursuant to this Amended Program Manager Agreement,
(C) any infringement or alleged infringement of any third party’s marks or intellectual property rights as a result of Manager’s use of the Sutton Bank Marks hereunder,
(D) the gross negligence or willful misconduct of Sutton Bank or its employees, officers, directors, vendors, agents, representatives or independent contractors (excluding Manager or Manager Contractors),
(E) any wrongful acts or omissions of Sutton Bank in connection with the improper use of Cardholder Data or in connection with the transfer of Network responsibilities hereunder to a Successor Bank, in each case excluding any Losses to the extent such Losses arise from the acts or omissions of Manager, including any failure to comply with the terms of this Amended Program Manager Agreement,
(F) any unauthorized or fraudulent access to or use of Cardholder Data caused by the gross negligence or intentional misconduct of an employee of Sutton Bank or of its Affiliates, or arising from a security breach to computer systems maintained by Sutton Bank or maintained by third parties (other than Manager or a Manager Contractor) on behalf of Sutton Bank; or
(G) any misrepresentation or false or misleading statement made by Sutton Bank or its Affiliates to any Person, Regulatory Authority or legislative body regarding Manager, a Program, this Amended Program Manager Agreement or the terms or conditions hereof.
| 11.4 | Limited Exception and Conditions |
Sutton Bank’s indemnification obligations under Section 11.3 shall exclude any Losses to the extent such Losses arise directly from (A) an act of fraud, embezzlement or criminal activity by a Manager Indemnified Party, (B) the gross negligence, willful misconduct or bad faith by a Manager Indemnified Party, or (C) failure of the Manager to comply with, or to perform its obligations under, this Amended Program Manager Agreement.
- 50 -
CONFIDENTIAL AND PROPRIETARY
| 11.5 | Defense of Claims |
(A) Notice. If any Claim is commenced that may give rise to a right of indemnification, or any knowledge is received of a state of facts which, if not corrected, may give rise to a right of indemnification, the indemnified party shall give prompt written notice to the indemnifying party. The failure to give such notice shall not, however, relieve the indemnifying party of its indemnification obligations except to the extent that the indemnifying party is actually harmed thereby.
(B) Right to Defend Claim. The indemnifying party shall have the right to defend any such Claim in its name and at its expense, shall select the counsel for the defense of such Claim as approved by the indemnified party, which approval shall not be unreasonably withheld or delayed, and shall cooperate with the indemnified party in the conduct of the defense against such Claim; provided, however, that the indemnifying party shall not have the right to defend any such Claim if (i) it fails to employ appropriate counsel approved by indemnified party to assume the defense of such Claim or refuses to replace such counsel upon the indemnified party’s reasonable request; (ii) the indemnified party advises the indemnifying party that there are issues which could raise possible conflicts of interest between the indemnifying party and the indemnified party or that the indemnified party has claims or defenses that are separate from or in addition to the claims or defenses of the indemnifying party; or (ii) such Claim seeks an injunction or cease and desist order; provided further, that Manager may not, as an indemnifying party or otherwise, defend against a Claim or select the counsel for the defense of a Claim if the Claim was brought by a Regulatory Authority. If the Parties are unable to resolve the issue, then the matter will be resolved in accordance with Section 12.2. In each such case set forth in this Section 11.5, the indemnified party shall have the right to direct the defense of the Claim and retain its own counsel, and the indemnifying party shall pay the cost of such defense, including reasonable attorneys’ fees and expenses.
(C) Indemnifying Party Election. If the indemnifying party elects and is entitled to compromise or defend such Claim it shall within thirty (30) days (or sooner, if the nature of the Claim so requires) notify the indemnified party of its intent to do so, and the indemnified party shall, at the expense of the indemnifying party, cooperate in the defense of such Claim. In such case, the indemnified party shall have the right to participate in the defense of any Claim with counsel selected by it. Except as provided in this Article, the fees and disbursements of such counsel shall be at the expense of the indemnified party.
(D) Indemnifying Party Obligation. The indemnifying party shall have no obligation to pay the monetary amount of the settlement of any Claim entered into by the indemnified party without the prior written consent of the indemnifying party (which consent shall not be unreasonably withheld or delayed). Notwithstanding the indemnifying party’s right to direct the defense against any Claim, the indemnifying party shall not have the right to compromise or enter into an agreement settling any claim, suit, demand or action without the prior written consent of the indemnified party (which consent shall not be unreasonably withheld or delayed).
- 51 -
CONFIDENTIAL AND PROPRIETARY
| 11.6 | No Special Damages |
UNLESS OTHERWISE AGREED, IN NO EVENT SHALL EITHER PARTY BE LIABLE TO THE OTHER WHETHER IN CONTRACT, TORT, EQUITY OR OTHERWISE FOR ANY INDIRECT, INCIDENTAL, CONSEQUENTIAL, SPECIAL, PUNITIVE OR EXEMPLARY DAMAGES, INCLUDING, BUT NOT LIMITED TO, LOST PROFITS, EVEN IF SUCH PARTY HAS KNOWLEDGE OF THE POSSIBILITY OF SUCH DAMAGES ARISING FROM OR RELATED TO THIS AMENDED PROGRAM MANAGER AGREEMENT; PROVIDED, HOWEVER, THAT THE LIMITATIONS SET FORTH IN THIS SECTION SHALL NOT APPLY TO OR IN ANY WAY LIMIT THE INDEMNITY OBLIGATIONS UNDER THIS AMENDED PROGRAM MANAGER AGREEMENT.
| 11.7 | Disclaimers of Warranties |
ALL SERVICES PROVIDED BY THE PARTIES HEREUNDER ARE PROVIDED ON AN “AS IS” AND “AS AVAILABLE” BASIS, AND EXCEPT AS EXPRESSLY STATED IN THIS AMENDED PROGRAM MANAGER AGREEMENT EACH PARTY SPECIFICALLY DISCLAIMS ALL WARRANTIES OF ANY KIND, EXPRESS OR IMPLIED, ARISING OUT OF OR RELATED TO THIS AMENDED PROGRAM MANAGER AGREEMENT, INCLUDING WITHOUT LIMITATION, ANY WARRANTY OF MARKETABILITY, FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT, AND IMPLIED WARRANTIES ARISING FROM COURSE OF DEALING OR COURSE OF PERFORMANCE, EACH OF WHICH IS HEREBY EXCLUDED BY AGREEMENT OF THE PARTIES.
ARTICLE XII - GENERAL
| 12.1 | Assignment |
No party may assign this Amended Program Manager Agreement without the express written consent of the other party.
| 12.2 | Dispute Resolution; Governing Law |
(A) In the event of any dispute, controversy, or claim arising out of or relating to this Amended Program Manager Agreement or the construction, interpretation, performance, breach, termination, enforceability or validity thereof (hereinafter, a “Dispute”), the Party raising such Dispute shall notify the other promptly and no later than sixty (60) days from the date of its discovery of the Dispute. In the case of a Dispute relating to account or Transaction statements or similar matter, the failure of a Party to notify the other Party of such Dispute within sixty (60) days from the date of its receipt shall result in such matter being deemed undisputed and accepted by the Party attempting to raise such Dispute.
(B) The Parties shall cooperate and attempt in good faith to resolve any Dispute promptly by negotiating between persons who have authority to settle the Dispute and who are at a higher level of management than the persons with direct responsibility for administration and performance of the provisions or obligations of this Amended Program Manager Agreement that are the subject of the Dispute.
- 52 -
CONFIDENTIAL AND PROPRIETARY
(C) This Amended Program Manager Agreement shall be governed by, construed and enforced in accordance with the laws of the State of Ohio, without regard to that state’s conflict of laws principles. Jurisdiction and venue for the formal resolution of any disputes relating to this Amended Program Manager Agreement shall lie exclusively in the Federal and State Courts of Ohio any such claims shall be governed by Ohio law without giving effect to any choice of law rules. Each Party agrees that service of process in any action or proceeding hereunder may be made upon such Party by certified mail, return receipt requested, to the address for notice set forth herein.
(D) EACH PARTY ALSO, KNOWINGLY AND WILLINGLY, AND FOLLOWING CONSULTATION WITH COUNSEL, HEREBY UNCONDITIONALLY AND IRREVOCABLY WAIVES ANY RIGHT TO A TRIAL BY JURY IN CONNECTION WITH ANY DISPUTE ARISING UNDER THIS AMENDED PROGRAM MANAGER AGREEMENT.
| 12.3 | Entire Agreement; Amendments |
This Amended Program Manager Agreement and the other Program Documents constitute the entire agreement of the parties with regard to the specific subject matter thereof and supersede all prior written and/or oral understandings between the parties. Except as otherwise expressly provided herein, this Amended Program Manager Agreement may not be amended, modified or changed in any way except by a written instrument executed by an authorized representative of each party. Notwithstanding any other term or provision of this Section 12.3, in the event Sutton Bank and Manager agree to establish an additional Approved Program under this Amended Program Manager Agreement, as described in Section 3.1(F), the terms and conditions of the applicable exhibits to this Amended Program Manager Agreement will be updated to reflect the terms of the new Approved Program (as reflected in the Sutton Bank -approved Program Application Form and on Schedule 2.1 hereto) without further execution by any party, and such additional Approved Program shall be governed by the terns of this Amended Program Manager Agreement and the other Program Documents.
| 12.4 | Counterparts |
This Amended Program Manager Agreement may be executed in counterparts, each of which will be deemed an original and both of which together will constitute one instrument.
| 12.5 | Third Party Beneficiaries |
This Amended Program Manager Agreement is for the sole and exclusive benefit of the Parties and nothing in this Amended Program Manager Agreement will be construed to grant to any Person (other than the Parties, and their respective successors and permitted assigns) any right, remedy or claim under or in respect of this Amended Program Manager Agreement or any provision hereof; provided however that Sutton Bank’s subsidiaries and affiliates used by Sutton Bank in connection with any Program are each intended third party beneficiaries of all rights and protections, including limitations of liability and indemnification, to which Sutton Bank is entitled under the Program Documents.
- 53 -
CONFIDENTIAL AND PROPRIETARY
| 12.6 | Survival |
Upon later of any termination of this Amended Program Manager Agreement, Switchover Date or any Wind Down Period, the Parties will retain any rights or remedies available to such party under this Amended Program Manager Agreement or in law or at equity. Subject to any specific limitations on survival set forth herein, the following Articles and Sections of this Amended Program Manager Agreement will survive the termination or expiration of this Amended Program Manager Agreement in accordance with their terms: Sections 12.2 and 12.3, Sections 12.5 through 12.8, Article I, Article IV, Article VII, Article VIII, Article X and Article XI.
| 12.7 | Force Majeure |
No Party shall be liable for any failure or delay on its part to perform, and shall be excused from performing any of its non-monetary obligations hereunder if such failure, delay or non-performance results in whole or in part from any cause beyond the absolute control of the party, including any act of God, act of war, riot, actions of terrorists, earthquake, fire, explosion, natural disaster, flooding, embargo, sabotage each a “Force Majeure Event”); provided, however, that the Party suffering the Force Majeure Event shall immediately implement its Disaster Recovery Plan. A Party desiring to rely upon any of the foregoing as an excuse for failure, default or delay in performance shall, when the cause arises, give to the other Party prompt notice in writing of the facts which constitute such cause, and, when the cause ceases to exist, give prompt notice thereof to the other Party. This Section 12.7 shall in no way limit the right of a Party to this Amended Program Manager Agreement to make any claim against third parties for any damages suffered due to said cause.
| 12.8 | Specific Performance |
The Parties acknowledge and agree that the remedy at law for any breach by either Party of its confidentiality covenants and obligations under Article VIII of this Amended Program Manager Agreement is inadequate and that the non-breaching Party, in addition to any other relief available to it, will be entitled to specific performance by the breaching Party to the extent permitted by Applicable Law.
| 12.9 | Representation |
Each party acknowledges that it has been duly represented by counsel of its choice and fully understands all terms of this Amended Program Manager Agreement. No assumption or inference will be made or granted based on drawer or drafter of this Amended Program Manager Agreement, the Network Rules, and all other Program Documents.
[Signatures on Following Page]
- 54 -
CONFIDENTIAL AND PROPRIETARY
EXECUTION COPY
IN WITNESS WHEREOF, with the intention to be bound by the terms of this Amended Program Manager Agreement, the Parties have executed this Amended Program Manager Agreement as of the day and year first above written by causing their respective authorized representatives to sign where indicated below.
| SUTTON BANK | [MANAGER] MARQETA, INC. | |||||||
| By: | /s/ J. Anthony Gorrell | By: | /s/ Omri Dahan | |||||
| Title: EVP & CFO | Title: Chief Revenue Officer | |||||||
| Address for Notices: | Address for Notices: | |||||||
| SUTTON BANK 1 S. MAIN ST., PO BOX 505 ATTICA, OHIO 44807 ATTN: J. ANTHONY GORRELL, EVP & CFO FACSIMILE: [***] | MARQETA, INC. 6201B DOYLE ST. EMERYVILLE, CALIFORNIA 94608 ATTN: ERIC BACHMAN, COO FACSIMILE: [***] | |||||||
CONFIDENTIAL AND PROPRIETARY
EXECUTION COPY
SCHEDULE 2.1
APPROVED PROGRAMS
Program 1
| Program Name/Description | ||||
| MARQETA | ||||
| Issuer | Client | Program Expiration Date | ||
| SUTTON BANK | MARQETA | |||
Program 2
| Program Name/Description | ||||
| Issuer | Client | Program Expiration Date | ||
IN WITNESS WHEREOF, each of Manager and Sutton Bank hereby acknowledges and agrees that this Schedule 2.1[_], executed as of this ____ day of _________, 20__, is intended to supplement and be incorporated into that certain Amended Program Manager Agreement entered into by the parties as of __________________________, 20__.
| Sutton Bank | Manager | |
|
|
| |
| By: Tony Gorrell | By: | |
| Title: EVP, CFO | Title: | |
CONFIDENTIAL AND PROPRIETARY
EXECUTION COPY
EXHIBIT A
PROGRAM APPLICATION FORM
[Separately provided]
CONFIDENTIAL AND PROPRIETARY
EXECUTION COPY
EXHIBIT B
SUTTON BANK PREPAID CARD SERVICES
| 1. | Sponsor Programs with Networks, including obtaining all required Network approvals. |
| 2. | Comply with all Network Rules pertaining to issuing financial institution |
| 3. | Oversee and review all aspects of Programs with respect to compliance with all Applicable Law pertaining issuing prepaid cards |
| 4. | Manage Program Accounts |
| 5. | Implement new programs with Networks |
| 6. | Issuing Cards for Approved Programs in accordance with the applicable Program Schedule and Cardholder Agreement |
| 7. | Approving each Program and Additional Products that may be provided under each Program or any non-financial products or services requiring Bank approval that may be offered to Cardholders in accordance with the terms of this Amended Program Manager Agreement |
| 8. | Approving all new Program Due Diligence Application Forms, Program Schedules, Cardholder Agreements, Program Materials and Marketing Campaigns and any changes to a such documents in accordance with Sections 3.1(B), 3.1(C), 3.1(F) and 3.1(G) of the Amended Program Manager Agreement. |
| 9. | In accordance with Section 5.4, approving Manager’s BSA/AML/OFAC Procedures; |
| 10. | Providing Manager with any notifications received from a Network (other than PCI Standards) with respect to any Program or any changes in Network Rules |
| 11. | Working closely with Manager to develop and enhance the Programs to meet Bank’s strategic objectives and goals, including by reviewing, assessing and approving in its commercially reasonable discretion, any modifications proposed by Manager |
| 12. | Upon reasonable request by Manager, providing Manager with any reconciliation reports for each Program Account maintained by Manager at Bank, and, to the extent Program funds flow through a non-Manager Program Account at Bank, reconciliation reports for each such Account. |
CONFIDENTIAL AND PROPRIETARY
EXHIBIT C
[***]
CONFIDENTIAL AND PROPRIETARY
EXHIBIT D
MANAGER SERVICES
The following is a general description of the Services to be provided by Manager on Sutton Bank’s behalf, either in-house or through Third-Party Service Providers. Where an inconsistency exists between the general descriptions of Services to be provided to Sutton Bank under this Amended Program Manager Agreement and the specific descriptions contained in any other documentation, including correspondence, operations manuals, procedures manuals, or implementation manuals (other than an inconsistency consisting solely of a greater degree of detail in such documentation than in this Amended Program Manager Agreement), the provisions of this Amended Program Manager Agreement shall control. No such material change to the Services shall be effective without Sutton Bank’s prior written consent.
Processing all applications and establishing all Cardholder Accounts on behalf of Sutton Bank, including, but not limited to:
- providing Cardholder Agreements;
- application of Sutton Bank’s rules to incoming Card applications
- submitting to Sutton Bank applications for approval
- providing information to Processor to establish the Cardholder Accounts
- collecting and maintaining Cardholder identification
- screening Cardholder applicants for compliance purposes
- conducting initial review of all Cardholder Accounts to ensure compliance with BSA/AML/OFAC laws and directives
- authorizing Card Activation
- setting of PIN
Card creation, production and shipment, including:
- Card design
- purchase and safekeeping of plastic stock
- embossing and encoding of Cards
- printing of Card carriers
- mailing or other delivery of Cards
- preparation and mailing of all other documents required or otherwise to be sent to Cardholders
- providing monthly and other periodic account statements
- customer service in accordance with the terms of this Amended Program Manager Agreement
- all other Program-related mailings to Cardholders including shipping costs and postage
- any other services necessary or desirable to effectuate the Program or as agreed upon by Sutton Bank and Manager from time to time.
Back office support functions, including:
- individual Cardholder Account maintenance
- Transaction and payment authorization, decline, processing, clearing and settlement and all accounting relating to Cards
- statement preparation and issuance
CONFIDENTIAL AND PROPRIETARY
| • | clearing and Settlement |
| • | balancing and reconciling |
| • | fraud prevention and security control |
| • | data capture and reporting and information management services |
| • | providing Sutton Bank with reports detailing transactions and servicing with respect to each Program or Additional Product marketed by Manager on behalf of Sutton Bank as may be mutually agreed upon by the Parties from time to time at no additional cost to Sutton Bank within the reasonable capacity of Manager; |
| • | exercising commercially reasonable efforts to monitor changes in Applicable Law related to the Programs and notifying Sutton Bank of any such changes of which Manager becomes aware that may impact Sutton Bank and the Programs in a material manner |
| • | providing appropriate notices to Sutton Bank as required hereunder |
| • | helpdesk and technical support for Sutton Bank |
Customer Service, including:
| • | Cardholder account and Transaction dispute processing and resolution, and any other informal disputes or resolutions as needed from the Cardholder, as promptly as commercially reasonable, and not later than full resolution within sixty (60) days |
| • | Lost and stolen Card reporting processing and disbursing Cardholder refunds on behalf of Sutton Bank for each Program in accordance with Applicable Law |
- D - 2 -
CONFIDENTIAL AND PROPRIETARY
FIRST AMENDMENT TO THE AMENDED AND RESTATED PREPAID CARD PROGRAM MANAGER AGREEMENT
THIS FIRST AMENDMENT TO THE AMENDED AND RESTATED PREPAID CARD PROGRAM MANAGER AGREEMENT (“First Amendment”) is made by and between Marqeta, Inc., a Delaware corporation, whose address is 180 Grand Avenue, Oakland, CA 94612 (“Marqeta”) and Sutton Bank, an Ohio chartered bank corporation, its subsidiaries and affiliates, whose main address is 1 South Main St. Attica, OH 44807 (“Sutton Bank”). This First Amendment amends the Amended and Restated Prepaid Card Program Manager Agreement with an effective date of April 1, 2016 (“Agreement”). This First Amendment shall be effective as of the last date executed by a Party below (“First Amendment Effective Date”). Capitalized terms which are not defined herein shall be defined as set forth in the Agreement.
For good and valuable consideration, the receipt and adequacy of which is hereby acknowledged, the Parties hereto agree to make the following changes to the Agreement:
| 1. | The first sentence in Section 10.1(A) to the Agreement “Term” shall be deleted in its entirety and restated as follows, if the First Amendment Effective Date is December 1, 2017: |
The initial term of this Amended Program Manager Agreement shall commence on the Effective Date and terminate at midnight on the seventh (7th) anniversary of the Effective Date (the “Initial Term”), unless sooner terminated in accordance with the terms hereof.
| 2. | The updated revenue sharing and fees set forth herein shall be effective beginning December 1, 2017. |
| 3. | Exhibit C to the Agreement, section titled “[***]” is deleted and restated as follows: |
[***]
| 4. | Exhibit C to the Agreement, section titled “[***]” is deleted and restated as follows: |
[***]
| 5. | The following section titled “[***]” shall be added to Exhibit C to the Agreement: |
[***]
| 6. | This First Amendment and the Agreement constitute the entire agreement between the Parties and supersede any other agreements between the Parties in regard to the subject matter hereof. |
| 7. | Prior to the First Amendment Effective Date, Marqeta will provide Sutton Bank evidence of its waiver from the Pulse network for PINLESS eCommerce. |
| 8. | Before January 31, 2018, Marqeta and Sutton will meet in good faith to agree on [***]. |
CONFIDENTIAL AND PROPRIETARY
| 9. | This First Amendment may be executed by the Parties in separate counterparts and transmitted by fax or e-mail of a scanned copy, each of which when executed shall be deemed to be an original but all of which taken together shall constitute one and the same Agreement. |
IN WITNESS WHEREOF, the Parties have by their duly authorized representatives executed this First Amendment as of the dates set forth below.
| Sutton Bank | Marqeta, Inc. | |||||||
| By: |
| By: |
| |||||
| Name: |
| Name: |
| |||||
| Title: |
| Title: |
| |||||
| Date: |
| Date: |
| |||||
CONFIDENTIAL AND PROPRIETARY
SECOND AMENDMENT TO THE AMENDED AND RESTATED PREPAID CARD PROGRAM MANAGER AGREEMENT
THIS SECOND AMENDMENT TO THE AMENDED AND RESTATED PREPAID CARD PROGRAM MANAGER AGREEMENT (this “Second Amendment”) is made by and between Marqeta, Inc., a Delaware corporation, whose address is 180 Grand Avenue, Oakland, CA 94612 (“Manager”) and Sutton Bank, an Ohio state-chartered bank corporation, its subsidiaries and affiliates, whose main address is 1 South Main St., Attica, OH 44807 (“Sutton Bank”). This Second Amendment amends the Amended and Restated Prepaid Card Program Manager Agreement, effective as of April 1, 2016, as amended by the First Amendment to the Amended and Restated Prepaid Card Program Manager Agreement, effective as of December 21, 2017 (as amended, the “Agreement”). This Second Amendment shall be effective as of September 1, 2018 (the “Amendment Effective Date”). Capitalized terms which are not defined herein shall be defined as set forth in the Agreement.
For good and valuable consideration, the receipt and adequacy of which is hereby acknowledged, the Parties hereto agree to make the following changes to the Agreement:
| 1. | The definition of “[***]” in Section 1.2 of the Agreement “Definitions” is deleted and restated as follows: |
“[***]” means [***].
| 2. | The first sentence in Section 10.1(A) of the Agreement “Term” is deleted and restated as follows: |
The initial term of this Amended Program Manager Agreement shall commence on the Effective Date and terminate at midnight on the seventh (7th) anniversary of the Amendment Effective Date (the “Initial Term”), unless sooner terminated in accordance with the terms hereof.
| 3. | The following Section 10.2(E) shall be added to Section 10.2 of the Agreement “Termination for Cause”: |
(E) Early Termination Fee. In the event Manager unilaterally terminates this Amended Program Manager Agreement for any reason other than those set forth in Section 10.2(B) or 10.2(C), Manager shall pay an early termination fee based on the time remaining in the Term, as set forth in Exhibit C. The Parties acknowledge and agree that the early termination fee payable under this Section 10.2(E) constitutes liquidated damages and not a penalty, and is in addition to all other rights of Sutton Bank, including the right to specific performance under Section 12.8 of this Amended Program Manager Agreement. The parties further acknowledge that (i) the amount of loss or damages likely to be incurred is incapable or is difficult to precisely estimate and (ii) the early termination fee provided hereunder bears a reasonable relationship to, and is not plainly or grossly disproportionate to, the probable loss likely to be incurred in connection with any early termination by Manager.
| 4. | Exhibit C to the Agreement is deleted and restated in its entirety in the form attached hereto. |
- 1
CONFIDENTIAL AND PROPRIETARY
| 5. | All provisions of the Agreement, as expressly amended and modified by this Second Amendment, shall remain in full force and effect. After this Second Amendment becomes effective, all references in the Agreement referring to the Agreement shall be deemed to be references to the Agreement as amended by this Second Amendment. This Second Amendment shall not be deemed, either expressly or impliedly, to waive, amend or supplement any provision of the Agreement other than as set forth herein. |
| 6. | This Second Amendment may be executed by the Parties in separate counterparts and transmitted by fax or e-mail of a scanned copy, each of which when executed shall be deemed to be an original but all of which taken together shall constitute one and the same Agreement. |
IN WITNESS WHEREOF, the Parties have by their duly authorized representatives executed this Second Amendment as of the dates set forth below.
| Sutton Bank | Marqeta, Inc. | |||||||
| By: | /s/ J. Anthony Gorrell | By: | /s/ Omri Dahan | |||||
| Name: | J. Anthony Gorrell | Name: | Omri Dahan | |||||
| Title: | EVP & CFO | Title: | Chief Revenue Officer | |||||
| Date: | Nov 2,2018 | Date: | Nov 2, 2018 | |||||
- 2 -
CONFIDENTIAL AND PROPRIETARY
EXHIBIT C
[***]
-1-
CONFIDENTIAL AND PROPRIETARY
Third Amendment to Prepaid Card Program Manager Agreement
THIS THIRD AMENDMENT TO AMENDED AND RESTATED PREPAID CARD PROGRAM MANAGER AGREEMENT (this “Third Amendment”) is effective as of August 1, 2020 (“Third Amendment Effective Date”), by and between SUTTON BANK, an Ohio state- chartered bank (“Sutton Bank”) and MARQETA, INC., a Delaware corporation (“Manager”) (each of Bank and Manager a “Party” and collectively the “Parties”).
WHEREAS, the Parties executed and delivered that certain Amended and Restated Prepaid Card Program Manager Agreement, dated as of April 1, 2016 (the “Agreement”);
WHEREAS, the Parties wish to amend the Agreement in the manner set forth herein; and
WHEREAS, pursuant to Section 12.3, “Entire Agreement; Amendments” of the Agreement, the desired amendments requested must be contained in a written agreement signed by the Parties,
NOW THEREFORE, in consideration of the mutual covenants, agreements and promises contained herein, the receipt and sufficiency of which are hereby acknowledged, and intending to be legally bound, the Parties hereto for themselves and their successors and assigns do hereby agree, represent and warrant as follows:
1. Definitions. Capitalized terms used in this Third Amendment without definition shall have the meanings ascribed to such terms in the Agreement.
2. Amendment to Section 3.1 “Manager’s Responsibilities,” Subsection (K), “Maintenance of Funding Accounts at Sutton Bank.” Section 3.1, “Manager’s Responsibilities,” Subsection (K), “Maintenance of Funding Accounts at Sutton Bank” is hereby rescinded and restated in its entirety as follows:
(K) Maintenance of Funding Accounts at Sutton Bank. A “Funding Account” is defined as a Program Account consisting of a demand deposit account holding adequate funds to cover the amounts owing to Cardholders as determined by Sutton Bank in consultation with Manager and in accordance with Program Documents. Sutton Bank shall, at all times during the duration of this Amended Program Manager Agreement, establish and maintain Funding Accounts for all Programs. Manager will assist Sutton Bank in establishing the amounts contained in the Funding Accounts. Sutton Bank will notify the Manager of the account numbers and any other information necessary for the Manager to transfer funds to such accounts.
| (i) | For all Programs except as provided in Section 3.1(K)(ii), Manager agrees to establish and maintain a minimum amount of funds within the Funding Accounts (the “Funding Amount”), as [***], calculated as of [***], in an amount equal to [***]. |
For clarity, the minimum Funding Amount will be calculated by adding [***] and then dividing by [***] and then multiplying by [***]. The minimum balance in the Funding Account shall be adjusted [***].
CONFIDENTIAL AND PROPRIETARY
| (ii) | Notwithstanding Section 3.1(K)(i), the Funding Amount shall not be required for [***]. |
| (iii) | Sutton Bank may use the Funding Amount [***] associated with any Program. |
| (iv) | Manager shall replenish each Funding Account required in this Section 3.1 within [***] of Manager’s receipt of notification from Sutton Bank that [***]. If Manager fails to replenish any Funding Account, Sutton Bank [***]. Upon the termination of any Program, including due to termination of this Agreement, all funds held in the applicable Funding Account(s) shall be returned to Manager, [***] after all Cards have expired or otherwise terminated. |
3. Amendment to Section 3.2, “Sutton Bank Responsibilities.” Amendment to Section 3.2, “Sutton Bank Responsibilities” Section 3.2, “Sutton Bank Responsibilities” of the Agreement is hereby amended by adding a new subsection (K) stating “Sutton Bank agrees that, during the Term, Sutton Bank shall not [***]. Further, during the Term, with respect to any Program listed in Exhibit E, “Covered Programs,” Sutton Bank shall not, without the prior written consent of Manager, [***]. With respect to a Covered Program, the foregoing restriction will not apply in the event that [***]. Without limitation to the foregoing, Sutton Bank additionally agrees to refrain [***]. The Parties acknowledge that the obligations of this section 3.2(K) are reasonable and necessary for the protection of the goodwill of the business conducted by Manager. The Parties farther agree that notwithstanding Section 11.6 of the Agreement, damages may not be a sufficient remedy for a breach of the provisions contained in this section 3.2(K) and Manager or Sutton Bank, as applicable, is entitled to specific performance or injunctive relief (as appropriate) as a remedy for any breach or threatened breach by the other Party, in addition to any other remedies available at law or in equity. The obligations contained in this Section 3.2 (K) will no longer apply in the event that Marqeta agrees to sell its assets, operations or business related to card issuance and processing to a third party.
4. Amendment to Section 5.4. Section 5.4 is hereby amended by adding the following Subsection immediately after Subsection (D):
[***].
5. Amendment to Section 5.11(B)(i), “Complaints and Resolution.” Section 5.11(B)(i) of the Agreement is hereby amended by adding the following sentence immediately after the existing last sentence: “The Parties shall negotiate in good faith, by and between persons who possess the requisite authority to act for each Party, which persons shall exercise their respective best efforts, for purpose of updating the existing complaint management procedures between Sutton Bank and Manager, with the intent to create written procedures that address (among other topics) Manager’s obligations around response times and reporting. Such negotiations shall commence no later than fourteen (14) days after the Third Amendment Effective Date, with the goal of executing a definitive agreement on or before December 31, 2020”
CONFIDENTIAL AND PROPRIETARY
6. Amendment to Section 10.1, “Term,” Subsection (A), “Term.” Section 10.1, “Term,” Subsection (A), “Term” of the Agreement is hereby amended by replacing the first sentence “The initial term of this Amended Program Manager Agreement shall commence on the Effective Date and terminate at midnight on the seventh (7th) anniversary of the Amendment Effective Date (the “Initial Term”), unless sooner terminated in accordance with the terms hereof.” with “The initial term of this Amended Program Manager Agreement shall commence on the Effective Date and terminate at midnight on the ninth (9th) anniversary of the Amendment Effective Date (the “Initial Term”), unless sooner terminated in accordance with the terms hereof.”
7. Amendment to Section 10.1, “Term,” Subsection (B), “Mutual Consent.” Section 10.1, “Term,” Subsection (B), “Mutual Consent” is hereby rescinded and restated in its entirety as follows: “This Agreement may be terminated at any time during the Term, without cost or penalty, by mutual consent of Sutton Bank and Manager.”
8. Amendment to Article XII—“General.” Article XII of the Agreement is hereby amended by adding a new Section 12.10, “Notice,” stating “Except where service of process is required, where a Party is required to provide the other Party with notice, written notice, or notification under this Agreement, the Parties agree email will be sufficient.”
9. Amendment to Exhibit C, “[***] AND EXPENSE.” Exhibit C to the Agreement is hereby rescinded and restated in its entirety in the form attached hereto.
10. Addition of Exhibit E. Exhibit E is hereby added to the Agreement in the form attached hereto.
11. Conflict. In the event of any conflict between the terms of the Agreement and this Third Amendment, this Third Amendment shall control.
12. Effect of Third Amendment. Except as expressly revised herein, the Agreement shall remain in full force and effect as written.
13. Miscellaneous. This Third Amendment shall be governed by and construed and enforced in accordance with the internal laws of the State of Ohio without regard to its conflict of laws principles. This Third Amendment may be executed by facsimile and in counterparts, each of which shall be deemed an original, and all of which when taken together shall be deemed one and the same instrument. The Agreement, as revised hereby sets forth the entire agreement of the Parties with respect to the subject matter hereof and thereof, supersedes any and all prior contemporaneous agreements or understandings, whether written or oral, between the Parties with respect to such subject matter. This Third Amendment shall inure the benefit of and be binding upon the Parties and each of their respective successors and assigns. Section headings used in this Third Amendment are included herein for convenience of reference only and will not constitute a part of this Third Amendment for any other purpose.
CONFIDENTIAL AND PROPRIETARY
IN WITNESS WHEREOF, the Parties have executed this Third Amendment as of the date first above set forth.
| SUTTON BANK | ||
| By: | /s/ J. Anthony Gorrell | |
| Name: | J. Anthony Gorrell | |
| Title: | CEO | |
| Date: | September 30, 2020 | 2:40 PM PDT | |
| MARQETA, INC. | ||
| By: | /s/ Omri Dahan | |
| Name: | Omri Dahan | |
| Title: | Chief Revenue Officer | |
| Date: | September 30, 2020 | 8:55 AM PDT | |
CONFIDENTIAL AND PROPRIETARY
EXHIBIT C
[***] AND EXPENSE
[***]
Sutton Bank shall pay Manager all card transaction interchange associated with any approved Program
FEES AND EXPENSES OF PROGRAM MANAGER
| A. | Manager shall pay to Sutton Bank for [***] Programs Excluding [***] |
For all Networks, Manager will pay to Sutton Bank the Fee listed in Table 1 below of aggregate settled net dollar volume of all transactions (including [***], and [***]) conducted using Cards issued under Program(s) on a [***]. However, this calculation will exclude the [***] (as provided in Section C of this Exhibit) as well as [***]. This model is a [***], tiered model whereby all volumes are calculated at the appropriate tier and then [***]. Such fees are settled [***]. For example, [***]. Such amounts will be netted from interchange payments paid to Manager by Sutton Bank within [***] of the end of each [***] in which the applicable transactions have occurred. Each such payment shall be accompanied by a report, detailing the transaction dates and amounts and the aggregate net dollar volume on which such payment is based.
Table 1
| [***] | [***] | |
| [***] | [***] | |
| [***] | [***] | |
| [***] | [***] | |
| [***] | [***] | |
| [***] | [***] |
| B. | Manager will pay a fee for all [***] Programs excluding [***] |
For all Networks, Manager will pay to Sutton Bank Fees listed in Table 2 below of aggregate settled net dollar volume of all settled transactions (including [***], and [***]) conducted using Cards issued under Program(s) issued on a [***]). However, this calculation will exclude the [***] (as provided in Section C of this Exhibit). This model is a [***] tiered model whereby all volumes are calculated at the appropriate tier and then [***], invoiced [***]. For example, [***]. Such amounts will be netted from interchange payments paid to Manager by Sutton Bank within [***] of the end of each [***] in which the applicable transactions have occurred. Each such payment shall be accompanied by a report, detailing the transaction dates and amounts and the aggregate net dollar volume on which such payment is based.
CONFIDENTIAL AND PROPRIETARY
Table 2
| [***] | [***] | |||||||
| [***] | [***] | [***] | [***] | |||||
| [***] | [***] | [***] | [***] | |||||
| [***] | [***] | [***] | [***] | |||||
| [***] | [***] | [***] | [***] | |||||
| [***] | [***] | [***] | [***] | |||||
For any [***] in which the [***] settled transaction volume exceeds [***], a single fee of [***] will apply to [***].
| C. | Transaction Volume Fee for [***] |
For all Networks, Manager will pay to Sutton Bank the fees in Table 3 below on all [***] volume (between [***]) conducted using Cards issued under the [***] calculated independently of each other. This model is a [***] tiered model. Fee leveraged on funds settled to cardholder account. Settled [***].
Table 3
| [***] | [***] | |
| [***] | [***] | |
| [***] | [***] | |
| [***] | [***] | |
| [***] | [***] | |
| [***] | [***] |
For any [***] in -which the [***] volume exceeds [***], the transaction volume fee -will not be calculated using Table 3 above or the [***] tiered model, but rather a single fee of [***] -will apply to [***].
Manager will pay Sutton Bank a fee of [***] for all [***] volume, excluding [***] volume, on the [***].
Manager will pay Sutton Bank a fee of [***] for all [***] transactions associated with the [***].
| D. | No [***] Activity Fee |
There shall be no fees leveraged on [***] activity.
| E. | Pass Through Expenses |
For Pass Through Expenses listed in Table 4 below, Sutton Bank will pass such expenses to Manager as actual costs and without mark-up. Invoiced as occurs. Such Pass Through Expenses must be attributable to a Program of the Manager and substantiated by documentation from the applicable third party. Pass Through Expenses must be passed through to Manager within [***] from the date they are assessed/invoiced by the applicable third party, otherwise they will be considered
CONFIDENTIAL AND PROPRIETARY
waived. Pass Through Expenses that have not been disputed within [***] of receipt by Manager and that have been paid or deducted from Manager’s account are deemed paid in full.
Table 4
| [***] | [***] | |
| [***] | [***] | |
| [***] | [***] | |
| [***] | [***] |
EARLY TERMINATION
The Early Termination Fee shall be determined by multiplying (i) the average of the [***] during the [***] period preceding the effective date of termination (or, if no [***] invoice has been received, the estimated total [***] billing for each Service to be received hereunder), by (ii) [***], as set forth in the table below, by (iii) the number of [***]; plus [***] existing on Sutton Bank’s books on the date of termination. Upon request by Manager, Sutton Bank shall disclose to Manager the amount of any such [***].
| c. | Table 5 of the Early Termination is modified as follows: |
Table 5
| [***] | [***] | |
| [***] | [***] | |
| [***] | [***] | |
| [***] | [***] | |
| [***] | [***] | |
| [***] | ||
VOLUME GUARANTEE
Manager agrees to guarantee that Sutton Bank will maintain the following volume of Manager’s total Network settled activity during [***]within the following periods as listed in Table 6, based upon the percentage of total volume recorded in [***].
Table 6
| [***] | [***] | |
| [***] | [***] | |
| [***] | [***] | |
| [***] | [***] | |
| [***] | [***] | |
| [***] | [***] |
CONFIDENTIAL AND PROPRIETARY
MARQETA MONTHLY [***]
Sutton Bank shall pay Manager a [***] on a [***] basis according to Table 7—[***] by transferring funds to the bank account identified by Manager. Sutton Bank shall provide to Manager a [***] invoice with each payment which documents the calculation of [***]. Sutton Bank will calculate (1) the [***], and (2) the [***] by multiplying the [***] by the applicable [***] in Table 7. For example, if the [***] invoice amount for a [***] is calculated to be [***] based on [***] for a total of [***], then a [***] of [***] would be applied to calculate a [***] amount of [***]. The same calculation would be applied to the [***] portion of the [***] invoice.
The first [***] payment will apply to the [***] received by Marqeta in [***]. Thereafter, each [***] payment will apply to each [***] invoice for [***] and [***] programs billed to Marqeta throughout the Initial Term of the Agreement.
Table 7— [***]
| [***] | [***] | |||
| [***] | [***] | [***] | ||
| [***] | [***] | |||
| [***] | [***] | |||
| [***] | [***] | |||
| [***] | ||||
| [***] | [***] | |||
| [***] | [***] | |||
| [***] | [***] |
MISCELLANEOUS CHARGES
Manager will pay to Sutton Bank the following fees, which will be payable upon Manager’s receipt of a fee statement (“Fee Statement”) that provides a detailed accounting of each fee, including at minimum: the type of fee, how the fee was calculated, the data used to calculate the fee, any reasons or reason codes associated with the cause of the fee (e.g. why a wire was returned), an identifier (such as account token) indicating the Client that is the source or cause of the fee, the applicable Program name, and any additional fee-specific information listed below. The fee statement shall be provided to Manager along with the monthly invoice, covering the prior’s month’s activity. Sutton and Manager agree to suspend the assessment of the fees for a period of 60 days from the signing of this Third Amendment to mutually agree on the procedures regarding each of these fees.
| i. | Temporary Fee for Manual Return Wires— [***] return wire Fee charged for all manually returned wires for any consumer or business that wires monies to Sutton for a program account where wire functionality is not approved as part of the fact sheet. The Temporary Fee for Manual Return Wires will only be payable through [***]. |
| ii. | Call Center Fee— [***] per call or email handled by Sutton Bank Fee charged to Manager for all calls received by Sutton Bank by any consumer or business for a Program requesting assistance in regard to said Program, excluding calls transferred to Manager’s toll-free number. |
CONFIDENTIAL AND PROPRIETARY
| iii. | Regulatory complaint not responded to [***] prior to the complaint response due date, [***] per occurrence. Fee charged to manager for any and all complaints received from governmental authorities that are sent to Manger for a response and Manager fails to respond to Sutton Bank within this time frame. Payment for this fee will be contingent upon Sutton Bank following the complaints policies and procedures established between the Parties. |
| iv. | ACH Recall Notices. Manager shall respond to any ACH Recall Notice received from the U.S. Treasury within [***], and any ACH Recall Notice received from any ODFI within [***]. Failure to comply with the above requirements for any reason shall result Manager’s payment of a [***] penalty fee to Sutton for each untimely response to a U.S. Treasury ACH Recall Notice, and a [***] penalty fee to for each untimely response to an ODFI ACH Recall Notice. |
VISA FEES
Sutton Bank and Manager acknowledge that there are [***] total Visa fees in dispute. Sutton Bank and Manager will [***] of the disputed Visa fees. Manager’s portion will payable over the [***] period beginning [***]. Such amounts (approximately [***] per [***]) will be netted from amounts paid to Manager by Sutton Bank.
DECLINED ATM FEE CHARGES REBATE
Sutton Bank and Manager acknowledge that Manager included declined ATM transactions in the monthly invoice count. [***]. Sutton Bank agrees that if Manager provides a revised monthly count within [***] of the signing of this Third Amendment, Sutton will rebate the ATM declined portion of the charges from [***] through [***]. Manager agrees to provide the following information for such period: number of ATM Total Transactions, number of approved ATM transactions and number of declined ATM transactions. Sutton will total the amount of these declined transactions and multiply them by the applicable rate and divide by the remaining months in the year. This amount will then be deducted from the current [***] invoice through the 2020 year.
Billing Disputes
Sutton Bank and Manager agree that Expenses are deemed accurate, and the full amount will be deducted from Manager’s account [***] of receipt by Manager.
CONFIDENTIAL AND PROPRIETARY
Exhibit E
COVERED PROGRAMS
| [***] |
| [***] |
| [***] |
| [***] |
| [***] |
| [***] |
| [***] |
| [***] |
| [***] |
| [***] |
| [***] |
| [***] |
| [***] |
| [***] |
| [***] |
| [***] |
CONFIDENTIAL AND PROPRIETARY
April 12, 2021
CONFIDENTIAL COMMUNICATION
| Re: | Waiver of obligation to negotiate tri-party agreement |
This letter agreement (“Agreement”) serves as confirmation of the agreement between Sutton Bank (“Sutton”) and Marqeta, Inc. (“Marqeta” and together with Sutton, the “Parties”) that each Party hereby releases the other Party from, and waives its right to enforce against the other Party, the obligations imposed by Section 4 of the Third Amendment to the Amended and Restated Prepaid Card Program Agreement, effective as of August 1, 2020, by and between the Parties (the “Third Amendment”). For convenience, Section 4 of the Third Amendment is replicated and attached hereto as Exhibit A.
The Parties agree that this Agreement is confidential, and its contents are intended only for the use of the Parties. This letter may not be reproduced or circulated without the other Party’s prior written consent.
The Parties have executed this Agreement as of the date first above set forth.
| Sutton Bank |
| By: /s/ Tony Gorrell |
| Tony Gorrell |
| Chief Executive Officer and Director |
| Sutton Bank 1 South Main St. |
| Attica, OH 44807 |
| Marqeta, Inc. |
| By: /s/ Philip Faix |
| Philip Faix |
| Chief Financial Officer |
| Marqeta, Inc. 180 Grand Ave., 6th FL. |
| Oakland, CA 94612 |
CONFIDENTIAL AND PROPRIETARY
EXHIBIT A
SECTION 4 OF THE THIRD AMENDMENT
4. Amendment to Section 5.4. Section 5.4 is hereby amended by adding the following Subsection immediately after Subsection (D):
(E) [***]
