TRANSITION SERVICES AGREEMENT BYAND BETWEEN NAVIENT CORPORATION AND SLM CORPORATION DATED AS OF APRIL 29, 2014 TABLE OF CONTENTS

EX-10.1 6 d719399dex101.htm EX-10.1 EX-10.1

Exhibit 10.1

Execution Copy

TRANSITION SERVICES AGREEMENT

BY AND BETWEEN

NAVIENT CORPORATION

AND

SLM CORPORATION

DATED AS OF APRIL 29, 2014


TABLE OF CONTENTS

 

        

Page

 

ARTICLE I

DEFINITIONS

  

ARTICLE II

  
SERVICES, DURATION AND SERVICES MANAGERS   

Section 2.01.

  Services; Scope      8   

Section 2.02.

  Duration of Services      8   

Section 2.03.

  Pricing for Services      8   

Section 2.04.

  Changes to Services.      8   

Section 2.05.

  Excluded Services      9   

Section 2.07.

  Services Managers      9   

Section 2.08.

  Personnel      10   

ARTICLE III

  
ADDITIONAL ARRANGEMENTS   

Section 3.01.

  Software and Software Licenses      11   

Section 3.02.

  Computer-Based and Other Resources      12   

Section 3.03.

  Access to Facilities      12   

Section 3.04.

  Cooperation      13   

Section 3.05.

  Security and Privacy      13   

Section 3.06.

  IT Transition Completion Requirements; IT Transition Changes      17   

ARTICLE IV

  
COSTS AND DISBURSEMENTS   

Section 4.01.

  Costs and Disbursements      18   

Section 4.02.

  Tax Matters      19   

Section 4.03.

  No Right to Set-Off      20   

ARTICLE V

  
STANDARD FOR SERVICE   

Section 5.01.

  Standard for Service      20   

Section 5.02.

  Disclaimer of Warranties      21   

Section 5.03.

  Compliance with Laws and Regulations      21   

ARTICLE VI

  
LIMITED LIABILITY AND INDEMNIFICATION   

Section 6.01.

  Consequential and Other Damages      22   

Section 6.02.

  Limitation of Liability      22   

Section 6.03.

  Obligation To Re-perform; Liabilities      22   

Section 6.04.

  Indemnification          23   

Section 6.05.

  Liability for Payment Obligations      23   

Section 6.06.

  Exclusion of Other Remedies      23   

 

-i-


ARTICLE VII

  
TERM AND TERMINATION   

Section 7.01.

  Term and Termination      23   

Section 7.02.

  Effect of Termination      25   

Section 7.03.

  Force Majeure      25   

ARTICLE VIII

GENERAL PROVISIONS

  

Section 8.01.

  No Agency      25   

Section 8.02.

  Subcontractors      25   

Section 8.03.

  Treatment of Confidential Information      26   

Section 8.04.

  Further Assurances      27   

Section 8.05.

  Dispute Resolution      27   

Section 8.06.

  Notices      27   

Section 8.07.

  Severability      28   

Section 8.08.

  Entire Agreement      28   

Section 8.09.

  No Third-Party Beneficiaries      28   

Section 8.10.

  Governing Law      28   

Section 8.11.

  Amendment; Waiver      28   

Section 8.12.

  Rules of Construction      28   

Section 8.13.

  Counterparts      29   

Section 8.14.

  Assignability      29   

Section 8.15.

  Public Announcements      30   

Section 8.16.

  Non-Recourse      30   

Section 8.17.

  Audit Rights      30   

Section 8.18.

  Title to Intellectual Property      30   

Section 8.19.

  Order of Precedence      31   

EXHIBIT I: Services Managers

EXHIBIT II: Disclosing Party Security Requirements

EXHIBIT III: Key Employees

EXHIBIT IV: Excluded SMI Projects

SCHEDULE 1: Comprehensive Information Technology Services

SCHEDULE 2: Short-Term Shared Loan Servicing Services

SCHEDULE 3: Customer Experience Services

SCHEDULE 4: Trust Administration Services

SCHEDULE 5: Facilities Services

SCHEDULE 6: Third Party TSA Support Services

SCHEDULE 7: Government Relations

SCHEDULE 8: Services Business Development Support and IT Services

SCHEDULE 9: Financial and HR Systems Support Services

 

-ii-


TRANSITION SERVICES AGREEMENT

This TRANSITION SERVICES AGREEMENT, dated as of April 29, 2014 (this “Agreement”), is by and between Navient Corporation, a Delaware corporation (“Navient”), and SLM Corporation, a Delaware corporation (“SLM BankCo”). Unless otherwise defined in this Agreement, all capitalized terms used in this Agreement shall have the meaning set forth in the Separation and Distribution Agreement, dated as of April 28, 2014, by and among Existing SLM, SLM BankCo and Navient (as amended, modified or supplemented from time to time in accordance with its terms, the “Separation and Distribution Agreement”).

RECITALS

WHEREAS, the board of directors of Existing SLM Corporation has determined that it is in the best interests of Existing SLM and its stockholders to separate Existing SLM’s Navient Business and SLM BankCo Business;

WHEREAS, Existing SLM, SLM BankCo and Navient have entered into the Separation and Distribution Agreement;

WHEREAS, in order to facilitate and provide for an orderly separation and transition under the Separation and Distribution Agreement, the Parties (as defined herein) desire to enter into this Agreement to set forth the terms and conditions pursuant to which each of the Parties and their affiliates shall provide to the other the Services (as defined herein) for a transitional period; and

WHEREAS, the Separation and Distribution Agreement requires execution and delivery of this Agreement by Navient and SLM BankCo on or prior to the Distribution Date.

NOW, THEREFORE, in consideration of the foregoing and the mutual agreements contained in this Agreement and other good and valuable consideration, the receipt and sufficiency of which are hereby acknowledged, the Parties, intending to be legally bound, hereby agree as follows:

ARTICLE I

DEFINITIONS

The following capitalized terms used in this Agreement shall have the meanings set forth below:

Additional Services” shall have the meaning set forth in Section 2.04(a).

Agreement” shall have the meaning set forth in the Preamble.

Banking Agency Regulation P” shall have the meaning set forth in Section 3.05(c).

Cause” shall mean a person’s indictment for embezzlement or fraud, conviction of a felony, pleading guilty or nolo contendere to a felony or breach of fiduciary duty, or deliberate disregard of the Code of Business Conduct of Navient.


CFPB Regulation P” shall have the meaning set forth in Section 3.05(c).

CIO” shall have the meaning set forth in Section 3.06(b).

Completion Criteria” shall have the meaning set forth in Section 3.06(a).

Confidential Information” shall have the meaning set forth in Section 8.03.

cost,” as used in any Schedule to this Agreement, shall mean the Provider’s fully loaded cost inclusive of all standard overhead allocations, unless otherwise expressly provided in any such Schedule.

Disaster Recovery/Business Continuity Plan” shall have the meaning set forth in Section 3.08(b).

Disclosing Party” shall have the meaning set forth in Section 3.05(a).

Disclosing Party Customer Information” shall have the meaning set forth in Section 3.05(c).

Disclosing Party Security Requirements” shall have the meaning set forth in Section 3.05(b).

DSS” shall have the meaning set forth in Section 3.05(g).

Force Majeure” shall have the meaning set forth in the Separation and Distribution Agreement.

FTC Final Rule” shall have the meaning set forth in Section 3.05(c).

GLB Requirements” shall have the meaning set forth in Section 3.05(c).

Group” shall have the meaning set forth in the Separation and Distribution Agreement.

Information Security Program Requirements” shall have the meaning set forth in Section 3.05(c).

Interest Payment” shall have the meaning set forth in Section 4.01(d).

IT Transition” shall have the meaning set forth in Section 3.06(a).

IT Transition Milestones” shall have the meaning set forth in Section 3.06(a).

Key Employees” shall mean the individuals set forth on Exhibit III hereto.

Milestone Dates” shall have the meaning set forth in Section 3.06(b).

Navient” shall have the meaning set forth in the Preamble.

 

-2-


Navient Business Plan” shall mean the business plan of the Navient Group for the two-year period following the date of this Agreement, in the form and on the terms approved by the Board of Directors of SLM Corporation in October 2013.

Navient Program Manager” shall have the meaning set forth in the Separation and Distribution Agreement.

Navient Services” shall have the meaning set forth in Section 2.01.

Navient Services Manager” shall have the meaning set forth in Section 2.07(a).

Non-assignable Contract” shall have the meaning set forth in the Separation and Distribution Agreement.

Party” shall mean Navient and SLM BankCo individually, and “Parties” shall mean Navient and SLM BankCo collectively, and, in each case, their permitted successors and assigns.

PCI” shall have the meaning set forth in Section 3.05(g).

Preferred Stock” shall have the meaning set forth in the SMI Amended and Restated Charter.

Preferred Stock Period” shall have the meaning set forth in the SMI Amended and Restated Charter.

Provider” shall mean the Party or its Subsidiary or Affiliate providing a Service under this Agreement or obligated or designated to complete a task.

Provider Indemnified Party” shall have the meaning set forth in Section 6.04.

Receiving Party” shall have the meaning set forth in Section 3.05(a).

Receiving Party Personnel” shall have the meaning set forth in Section 3.05(b).

Recipient” shall mean the Party or its Subsidiary or Affiliate to or for whom a Service or task under this Agreement is being provided or performed.

Recipient Indemnified Party” shall have the meaning set forth in Section 6.05.

Redemption Date” has the meaning set forth in Section 3.06(h),

Redemption Price” has the meaning set forth in in the SMI Amended and Restated Charter.

Reimbursement Charge(s)” shall have the meaning set forth in Section 4.01(b).

Representatives” shall have the meaning set forth in the Separation and Distribution Agreement.

 

-3-


Restricted Access Navient Customer Information” shall have the meaning set forth in Section 3.05(h).

Schedule(s)” shall have the meaning set forth in Section 2.01.

Security Incident” shall have the meaning set forth in Section 3.05(d).

Security Audit” shall have the meaning set forth in Section 3.05(e).

Separation and Distribution Agreement” shall have the meaning set forth in the Preamble.

Separation Projects” shall mean the separation and migration projects listed on Annex A to Statement of Work C to Schedule 1.

Service Charge(s)” shall have the meaning set forth in Section 4.01(a).

Service Decrease” shall have the meaning set forth in Section 2.04(b).

Service Extension” shall have the meaning set forth in Section 7.01(c).

Service Increase” shall have the meaning set forth in Section 2.04(a).

Service Locations” shall have the meaning set forth in Section 3.08(a).

Services” shall have the meaning set forth in Section 2.01.

Shared Contract” shall have the meaning set forth in the Separation and Distribution Agreement.

SLM BankCo” shall have the meaning set forth in the Preamble.

SLM BankCo Business Plan” shall mean the business plan of the SLM BankCo Group for the two-year period following the date of this Agreement, in the form and on the terms approved by the Board of Directors of SLM Corporation in October 2013.

SLM BankCo Program Manager” shall have the meaning set forth in the Separation and Distribution Agreement.

SLM BankCo Services” shall have the meaning set forth in Section 2.01.

SLM BankCo Services Manager” shall have the meaning set forth in Section 2.07(b).

SMI” shall mean Sallie Mae, Inc., a Delaware corporation and Subsidiary of Navient.

SMI Amended and Restated Charter” shall mean the Amended and Restated Certificate of Incorporation of SMI filed with the Secretary of State of the State of Delaware on April 28, 2014.

 

-4-


SMI Board” shall have the meaning set forth in the Separation and Distribution Agreement.

Special Preferred Director” shall have the meaning set forth in the SMI Amended and Restated Charter.

Subcontractors” shall have the meaning set forth in Section 3.05(c).

Taxes” shall have the meaning set forth in the Tax Matters Agreement.

Termination Charges” shall have the meaning set forth in Section 7.01(b)(i)(A).

Transfer Taxes” shall have the meaning set forth in Section 4.02.

ARTICLE II

SERVICES, DURATION AND SERVICES MANAGERS

Section 2.01. Services; Scope. Subject to the terms and conditions of this Agreement, (a) Navient shall provide, or cause one or more of its Subsidiaries to provide, to the SLM BankCo Group the services for which Navient is the Provider as set forth in Schedules 1, 2, 3, 4, 5, 6, 7, 8 and 9 to this Agreement (the “Navient Services”) and (b) SLM BankCo shall provide, or cause one or more of its Subsidiaries to provide, to the Navient Group the services for which SLM BankCo is the Provider as set forth in Schedules 1, 2, 3, 4, 5, 6, 7, 8 and 9 to this Agreement (the “SLM BankCo Services,” and, collectively with the Navient Services, any Additional Services, any Service Increases, any Service Decreases and any New Services, the “Services”). The description and scope of the Services shall be as set forth on Schedules 1, 2, 3, 4, 5, 6, 7, 8 and 9 (each a “Schedule”, and collectively, the “Schedules”). All of the Services shall be for the sole use and benefit of the Recipient and its respective Affiliates.

Section 2.02. Duration of Services . Subject to the terms of this Agreement, each of Navient and SLM BankCo shall provide or cause to be provided to the respective Recipient(s) each Service until the earlier to occur of, with respect to each such Service, (a) the expiration of the duration of the term for such Service (or, subject to the terms of Section 7.01(c), the expiration of any Service Extension) as set forth on the applicable Schedule or (b) the date on which such Service is terminated under Section 7.01(b); provided, however, that the duration of the Services shall not extend beyond the two-year anniversary of the date of this Agreement.

Section 2.03. Pricing for Services. Subject to the terms of this Agreement, the Service Charge for each Service to be provided by a Provider shall be as reflected on the Schedules. With respect to each Service or category of Services, the applicable Schedule shall set forth (i) the Recipient that will be invoiced the Service Charge for such Service or category of Services and (ii) the Provider that will be paid such Service Charge. Service Charges and any applicable Reimbursement Charges shall be invoiced and paid in accordance with Article IV.

Changes to Services. (a) Service Increases; Additional Services. After the date of this Agreement, if a Recipient requests that a Provider (i) increase the volume, amount or frequency, as applicable, of any Service provided by a Provider (any such increase, a “Service Increase”) by up to 50% of the volume, amount or frequency contemplated by the SLM BankCo

 

-5-


Business Plan or the Navient Business Plan, as applicable, or (ii) provide a service that is materially different from and in addition to the Services then included on the Schedules hereto (each, an “Additional Service”) but was provided, immediately prior to the Effective Time, by a member of the Navient Group to the Pre-Separation Consumer Banking Business, in the case of a request by SLM BankCo, or by a member of the SLM BankCo Group to the Pre-Separation Education Loan Business, in the case of a request by Navient (other than because the Parties agreed such service would not be provided), then in each case such Provider shall be obligated to perform such Service Increase or Additional Service. If the Recipient requests that the Provider perform a Service Increase that exceeds 150% of the Services to be performed in the manner contemplated by the SLM BankCo Business Plan or Navient Business Plan, as applicable, then the Provider shall use commercially reasonable efforts to cooperate with the Recipient to provide such Service Increase.

(b) Service Decreases. After the date of this Agreement, a Recipient may request the Provider to decrease the volume, amount, level or frequency, as applicable, of any Service provided by a Provider (any such decrease, a “Service Decrease”) by providing a written notice to Provider; provided, however, that, after delivery of a notice of Service Decrease, the Provider shall have no obligation to agree to a subsequent request of the Recipient for a Service Increase with respect to such decreased Services.

Section 2.04. (c) Mutual Agreement; Supplements to Schedules. In connection with any request for Additional Services, Service Increases or Service Decreases in accordance with this Section 2.04, the Navient Services Manager and the SLM BankCo Services Manager shall in good faith negotiate the terms of a supplement to the applicable Schedule, which terms shall be consistent with the terms of, and the pricing methodology used for, similar Services provided under this Agreement. Upon the mutual written agreement of the Parties, the supplement to the applicable Schedule shall describe in reasonable detail the nature, description, scope, expiration and duration, Service Charges and other terms applicable to such Additional Services, Service Increases or Service Decrease in a manner similar to that in which the Services are described in the existing Schedules. Each supplement to the applicable Schedule, as agreed to in writing by the Parties, shall be deemed part of this Agreement as of the date of such supplement and the Additional Services or Service Increases set forth therein shall be deemed “Services” provided under this Agreement, in each case subject to the terms and conditions of this Agreement.Excluded Services. It is not the intent of the Provider to render, nor of the Recipient to receive from the Provider, professional advice or opinions, whether with regard to Tax, legal, treasury, finance, employment or other business and financial matters, technical advice, including environmental matters. The Recipient shall not rely on, or construe, any Service rendered by or on behalf of the Provider as such professional advice or opinions or technical advice, and the Recipient shall seek all third-party professional advice and opinions or technical advice as it may desire or need. In addition, no provision of this Agreement shall require any Provider to render services that are prohibited from being provided by the Provider or to the Recipient by any applicable Law or if the provision of such services by the Provider or to the Recipient would violate any applicable Law.

Section 2.06. Services Managers. (a) Navient hereby appoints and designates the individuals set forth on Exhibit I to act as the initial services managers for the corresponding Services Schedules on Exhibit I (each, a”Navient Services Manager”), each of whom will be

 

-6-


directly responsible for coordinating and managing the delivery of the Navient Services under the applicable Service Schedule and have authority to act on Navient’s behalf with respect to matters relating to the provision of the identified Services under this Agreement. Each Navient Services Manager will report to the Navient Program Manager and will work with the personnel of the Navient Group to periodically address issues and matters raised by SLM BankCo relating to the provision of Services under this Agreement. Navient shall notify SLM BankCo of the appointment of a different Navient Services Manager, if necessary, in accordance with Section 8.06.

(b) SLM BankCo hereby appoints and designates the individuals set forth on Exhibit I to act as the initial services managers for the corresponding Services Schedules on Exhibit I (each, a “SLM BankCo Services Manager”), each of whom will be directly responsible for coordinating and managing the delivery of the SLM BankCo Services under the applicable Services Schedule and have authority to act on SLM BankCo’s behalf with respect to matters relating to the provision of the identified Services under this Agreement. Each SLM BankCo Services Manager will report to the SLM BankCo Program Manager and will work with the personnel of the SLM BankCo Group to periodically address issues and matters raised by Navient relating to the provision of Services under this Agreement. SLM BankCo shall notify Navient of the appointment of a different SLM BankCo Services Manager, if necessary, in accordance with Section 8.06.

Section 2.07. Personnel. (a) The Provider of any Service will make available to the Recipient of such Service such personnel as may be necessary to provide such Service on the understanding that such personnel shall remain employed and/or engaged by the Provider. The Provider will have the right, in its reasonable discretion, to (i) designate which personnel it will assign to perform such Service, and (ii) remove and replace such personnel at any time; provided, however, that any such removal or replacement shall not be the basis for any increase in any Service Charge or Reimbursement Charge payable hereunder or relieve the Provider of its obligation to provide any Service hereunder; provided, further, that the Provider will use its commercially reasonable efforts to limit the disruption to the Recipient in the transition of the Services to different personnel.

 

(b) In the event that the provision of any Service by the Provider requires the cooperation and services of the personnel of the Recipient, the Recipient will make available to the Provider such personnel (who shall be appropriately qualified for purposes of so supporting the provision of such Service by the Provider) as may be necessary for the Provider to provide such Service on the understanding that such personnel shall remain employed and/or engaged by the Recipient. The Recipient will have the right, in its reasonable discretion, to (i) designate which personnel it will make available to the Provider in connection with the provision of such Service, and (ii) remove and replace such personnel at any time; provided, however, that any resulting increase in costs to the Provider shall be borne by the Recipient and any resulting adverse effect to the provision of such Service by the Provider will not be deemed a breach of this Agreement by the Provider; provided, further, that the Recipient will use its commercially reasonable efforts to limit the disruption to the Provider in the transition of such personnel. If the Provider, in its reasonable discretion and following discussions with the Recipient, requests the Recipient to remove and/or replace any such personnel from their roles in respect of the Services being provided by the Provider, the Recipient shall comply with such request.

 

-7-


(c) No Provider shall be liable under this Agreement for any Liabilities incurred by the Recipient Indemnified Parties that are primarily attributable to, or that are a consequence of, any actions or inactions of the personnel of the Recipient, except for any such actions or inactions undertaken pursuant to the direction of the Provider.

(d) Nothing in this Agreement shall grant the Provider, or its employees, agents and third-party providers that are performing the Services, the right directly or indirectly to control or direct the operations of the Recipient or any member of its Group. Such employees, agents and third-party providers shall not be required to report to the management of the Recipient nor be deemed to be under the management or direction of the Recipient. The Recipient acknowledges and agrees that, except as may be expressly set forth herein as a Service or otherwise expressly set forth in the Separation and Distribution Agreement, another Ancillary Agreement or any other applicable agreement, no Provider or any member of its Group shall be obligated to provide, or cause to be provided, any service or goods to any Recipient or any member of its Group.

ARTICLE III

ADDITIONAL ARRANGEMENTS

Section 3.01. Assistance Regarding Software and Software Licenses. Navient shall use commercially reasonable efforts to assist SLM BankCo in its efforts to obtain licenses (or other appropriate rights) to use, duplicate and distribute, as necessary and applicable, certain computer software necessary for Navient to provide, and SLM BankCo to receive, Navient Services or for Navient to transition such Navient Services to SLM BankCo; provided, however, that Navient shall not be required to pay any fees or other payments or incur any obligations or liabilities to enable SLM BankCo to obtain any such license or rights (except and to the extent that SLM BankCo advances such fees or payments to Navient); provided, further, that Navient shall not be required to seek broader rights or more favorable terms for SLM BankCo than those applicable to Effective Time Sallie Mae or as may be applicable to Navient from time to time hereafter; provided, further, that SLM BankCo shall bear only those costs that relate solely and directly to obtaining such licenses (or other appropriate rights) in the ordinary course. The Parties acknowledge and agree that there can be no assurance that Navient’s efforts will be successful or that SLM BankCo will be able to obtain such licenses or rights on acceptable terms or at all and, where Navient enjoys rights under any enterprise or site license or similar license, the Parties acknowledge that such license typically precludes partial transfers or assignments or operation of a service bureau on behalf of unaffiliated entities. In the event that SLM BankCo is unable to obtain such software licenses, the Parties shall work together using commercially reasonable efforts to obtain an alternative software license to allow Navient to provide, and SLM BankCo to receive, such Navient Services (or allow Navient to transition such Navient Services to SLM BankCo), and the Parties shall negotiate in good faith an amendment to the applicable Schedule to reflect any such new arrangement, which amended Schedule shall not require SLM BankCo to pay for any fees, Taxes, expenses or costs relating to the software license that SLM BankCo was unable to obtain pursuant to the provisions of this Section 3.01(a).

(a) If and to the extent requested by Navient, SLM BankCo shall use commercially reasonable efforts to assist Navient in its efforts to obtain licenses (or other appropriate rights) to use, duplicate and distribute, as necessary and applicable, certain computer software necessary for SLM BankCo to provide, and Navient to receive, SLM BankCo Services or for SLM BankCo

 

-8-


to transition such SLM BankCo Services to Navient; provided, however, that SLM BankCo shall not be required to pay any fees or other payments or incur any obligations or liabilities to enable Navient to obtain any such license or rights (except and to the extent that Navient advances such fees or payments to SLM BankCo); provided, further, that SLM BankCo shall not be required to seek broader rights or more favorable terms for Navient than those applicable to Effective Time Sallie Mae or as may be applicable to SLM BankCo from time to time hereafter; provided, further, that Navient shall bear only those costs that relate solely and directly to obtaining such licenses (or other appropriate rights) in the ordinary course. The Parties acknowledge and agree that there can be no assurance that SLM BankCo’s efforts will be successful or that Navient will be able to obtain such licenses or rights on acceptable terms or at all and, where SLM BankCo enjoys rights under any enterprise or site license or similar license, the Parties acknowledge that such license typically precludes partial transfers or assignments or operation of a service bureau on behalf of unaffiliated entities. In the event that Navient is unable to obtain such software licenses, the Parties shall work together using commercially reasonable efforts to obtain an alternative software license to allow SLM BankCo to provide, and Navient to receive, such SLM BankCo Services (or allow SLM BankCo to transition such SLM BankCo Services to Navient), and the Parties shall negotiate in good faith an amendment to the applicable Schedule to reflect any such new arrangement, which amended Schedule shall not require Navient to pay for any fees, Taxes, expenses or costs relating to the software license that Navient was unable to obtain pursuant to the provisions of this Section 3.01(b).

(b) In the event that there are any costs associated with obtaining software licenses in accordance with this Section 3.01 that (i) would not be payable in the ordinary course, including in the form of a “transfer fee” or other similar fees or expenses payable by the Recipient or the Provider, and (ii) would not have been payable by the Recipient or the Provider absent the need for a consent or waiver in connection with the license that the Recipient is seeking to obtain, such costs shall be paid by the Recipient.

Section 3.02. Computer-Based and Other Resources. From and after the date of this Agreement, each Party and its Affiliates shall cause all of their Representatives having access to the computer software, networks, hardware, technology or computer-based resources of the other Party and its Affiliates pursuant to the Separation and Distribution Agreement, or any Ancillary Agreement, or in connection with the performance, receipt or delivery of any Service, to comply with all security guidelines (including physical security, network access, internet security, confidentiality and personal data security guidelines) of such other Party and its Affiliates of which written notice is provided by such other Party. Each Party shall ensure that the access contemplated by this Section 3.02 shall be used by its Representatives only for the purposes contemplated by, and subject to the terms of, this Agreement.

Section 3.03. Access to Facilities. (a) SLM BankCo shall, and shall cause its Subsidiaries to, allow Navient and its Representatives reasonable access to the facilities of SLM BankCo necessary for Navient to fulfill its obligations under this Agreement.

(b) Navient shall, and shall cause its Subsidiaries to, allow SLM BankCo and its Representatives reasonable access to the facilities of Navient necessary for SLM BankCo to fulfill its obligations under this Agreement.

 

-9-


(c) Notwithstanding the other rights of access of the Parties under this Agreement, each Party shall, and shall cause its Subsidiaries to, afford the other Party, its Subsidiaries and Representatives, following not less than five business days’ prior written notice from the other Party, reasonable access during normal business hours to the facilities, information, systems, infrastructure and personnel of the relevant Providers as reasonably necessary for the other Party to verify the adequacy of internal controls over information technology, reporting of financial data and related processes employed in connection with the Services, including in connection with verifying compliance with Section 404 of the Sarbanes-Oxley Act of 2002; provided, however, such access shall not unreasonably interfere with any of the business or operations of such Party or its Subsidiaries.

(d) Except as otherwise permitted by the other Party in writing, each Party shall permit only its authorized Representatives, contractors, invitees or licensees to access the other Party’s facilities.

Section 3.04. Cooperation. It is understood that it will require the significant efforts of both Parties to implement this Agreement and to ensure performance of this Agreement by the Parties at the agreed-upon levels in accordance with all of the terms and conditions of this Agreement. The Parties will cooperate, acting in good faith and using commercially reasonable efforts, to effect a smooth and orderly transition and performance of the Services provided under this Agreement from the Provider to the Recipient (including the assignment or transfer of the rights and obligations under any third-party contracts relating to the Services); provided, however, that this Section 3.04 shall not require either Party to incur any out-of-pocket costs or expenses unless and except as expressly provided in this Agreement or otherwise agreed to in writing by the Parties. Any Non-assignable Contract or Shared Contract shall be treated in the manner provided in Section 2.5 of the Separation and Distribution Agreement.

Section 3.05. Security and Privacy.

(a) Receiving Party; Disclosing Party. For purposes of this Section 3.05, “Receiving Party” means a party that obtains, maintains, processes, receives or otherwise is permitted access to Confidential Information of the other party (“Disclosing Party”).

(b) Disclosing Party Security Requirements; Security Questionnaire. Receiving Party shall comply, and shall cause its employees (“Receiving Party Personnel”) to comply (to the extent applicable to individuals), with the provisions set forth in Exhibit II (the “Disclosing Party Security Requirements”). As periodically requested by Disclosing Party, but no more frequently than annually, Receiving Party shall promptly, fully and accurately complete Disclosing Party’s Information Security Questionnaire and other documents or requests for information regarding Receiving Party’s information security practices relating to Disclosing Party’s Confidential Information (e.g., summaries of security audits, summaries of test results or other equivalent evaluations of Receiving Party’s information security practices).

(c) Customer Information Handling Requirements. Receiving Party hereby agrees that (i) it shall comply, (ii) it shall cause all Receiving Party Personnel to comply and (iii) it shall cause all agents, contractors, subcontractors, and vendors that perform services that are used by Receiving Party to provide the Services (collectively, “Subcontractors”) to comply, to the extent

 

-10-


they have access to Disclosing Party Customer Information (as defined below), with all reuse, redisclosure and other customer information handling, processing, security and protection requirements that are specifically required of a non-affiliated third-party processor or servicer (or subcontractor) under the Federal Trade Commission’s Privacy of Consumer Financial Information; Final Rule (16 CFR 313) (the “FTC Final Rule”), the Joint Banking Agencies’ Privacy of Consumer Financial Information; Final Rule (12 CFR Parts 40, 216, 332 and 573) (the “Banking Agency Regulation P”), or the Bureau of Consumer Financial Protection’s Privacy of Consumer Financial Information (Regulation P) (12 CFR 1016) (the “CFPB Regulation P”), as applicable, each implementing Title V of the Gramm-Leach-Bliley Act, Public Law 106-102 (the “GLB Requirements”) and other applicable federal and state consumer privacy Laws. Without limiting the foregoing, Receiving Party agrees that:

 

  (i) it is prohibited from disclosing or using any “nonpublic personal information” (as defined in the GLB Requirements) that it may obtain, maintain, process or otherwise receive from, through or on behalf of Disclosing Party in connection with this Agreement or as may have been received pursuant to the Separation and Distribution Agreement (the “Disclosing Party Customer Information”), except solely to carry out the purposes for which it was disclosed, including use under an applicable exception contained in Section 313.14 or 313.15 of the FTC Final Rule, Section 332.14 or 332.15 of the Banking Agency Regulation P, or Section 1016.14 or 1016.15 of the CFPB Regulation P, as applicable, in the ordinary course of business to carry out those purposes; and

 

  (ii) it has implemented and will maintain a written information security program that complies with applicable state laws and regulations pertaining to the protection of personal information (e.g., MA 201 CMR 17.00) and that is designed to meet the following objectives as set forth in the Interagency Guidelines Establishing Information Security Standards; Final Rule (12 CFR Part 30, et al.) (the “Information Security Program Requirements”):

 

  (1) Ensure the security and confidentiality of the Disclosing Party Customer Information;

 

  (2) Protect against any anticipated threats or hazards to the security or integrity of such information;

 

  (3) Protect against unauthorized access to or use of such information that could result in substantial harm or inconvenience to any customer; and

 

  (4) Ensure the proper disposal of Disclosing Party Customer Information and “consumer information” (as that term is defined in the Interagency Guidelines Establishing Information Security Standards; Final Rule (12 CFR Part 30, et al.)).

 

-11-


(d) Security Incidents. Unless specifically requested by law enforcement not to communicate with Disclosing Party, Receiving Party shall report to Disclosing Party all known Security Incidents. For clarity, with respect to SLM BankCo Confidential Information accessed by Navient Representatives during the IT Transition, Navient shall be deemed to be the Receiving Party and SLM BankCo shall be deemed to be the Disclosing Party for purposes of SLM BankCo Confidential Information (including SLM BankCo’s Disclosing Party Customer Information) hosted by Navient. With respect to Navient Confidential Information accessed by SLM BankCo Representatives during the IT Transition, SLM BankCo shall be deemed to be the Receiving Party and Navient shall be deemed to be the Disclosing Party for purposes of Navient Confidential Information (including Navient’s Disclosing Party Customer Information) accessible by SLM BankCo. “Security Incident” means any unauthorized action by a known or unknown person or automated program (e.g., worm, virus, web crawler, malware, etc.) that leads to one of the following: unintended disclosure of confidential, customer, employee or other sensitive information, denial of service, misuse of system access, or unauthorized access or intrusion, all to the extent they affect the security, confidentiality or integrity of the Disclosing Party’s Confidential Information received, stored, processed, or maintained by Receiving Party. “Security Incident” shall also include any contact by a law enforcement agency with Receiving Party regarding any of Disclosing Party’s Confidential Information, unless specifically mandated by law enforcement not to communicate with Disclosing Party. To the extent Receiving Party becomes aware of any Security Incidents occurring with respect to its Subcontractors that have access (either authorized or unauthorized) to Disclosing Party’s Confidential Information, Receiving Party shall be required to report such Security Incidents in accordance with the provisions of this Section. If a Security Incident occurs, Receiving Party shall notify Disclosing Party within 24 hours in accordance with the procedure and contact information set forth on Exhibit II and provide the following information, to the extent known at such time: nature and impact of the Security Incident; actions already taken by Receiving Party; Receiving Party’s assessment of immediate risk; and corrective measures to be taken, evaluation of alternatives and next steps. Receiving Party shall continue providing (i) appropriate status reports to Disclosing Party regarding the resolution of the Security Incident and prevention of future such Security Incidents, and (ii) cooperation, as reasonably requested by Disclosing Party, in order to further investigate and resolve the Security Incident. Disclosing Party may require that the Services provided by Receiving Party to Disclosing Party be suspended, connectivity with Receiving Party be terminated or that other appropriate action be taken pending such resolution. Receiving Party shall preserve evidence of all Security Incidents and allow external forensic analysis either onsite or through shipment of components. Except as otherwise provided in Section 10.13 of the Separation and Distribution Agreement, Disputes arising in connection with a Security Incident, including without limitation, Disputes regarding the occurrence or non-occurrence of a Security Incident or the appropriate remediation measures, shall be addressed using the same escalation processes and dispute resolution procedures as applicable to Disputes arising in connection with the IT Transition.

(e) Security Audits. During the Term and thereafter for as long as Receiving Party retains Disclosing Party Confidential Information, Disclosing Party, its representatives and agents will be entitled to conduct audits of Receiving Party’s relevant operations, facilities, and systems to confirm that Receiving Party has complied with the Disclosing Party Security Requirements and the Information Security Program Requirements (each, a “Security Audit”); provided that, following the termination of this Agreement, such Security Audits may only be

 

-12-


conducted by the Disclosing Party once per consecutive 12-month period commencing upon the effective date of termination of this Agreement. Any Security Audit shall be scheduled with reasonable prior notice and conducted during normal business hours and shall not unreasonably interfere with Receiving Party’s business activities. Receiving Party may require any such auditor to sign a customary confidentiality agreement. In the event that any Security Audit results in the discovery of material security risks to Disclosing Party Confidential Information, Receiving Party shall respond to Disclosing Party in writing with Receiving Party’s plan to promptly take reasonable measures and corrective actions necessary to effectively eliminate the risk, at no cost to Disclosing Party. Receiving Party shall have 15 business days to cure such security risk, unless the parties mutually agree in writing to a longer period of time for such cure. Disclosing Party’s right, and the right of its representatives and agents, to conduct Security Audits, and any exercise of such right, shall not in any way diminish or affect Receiving Party’s duties and liabilities under this Agreement. The Parties acknowledge and agree that the audit rights and limitations provided in this paragraph (e) are independent from the audit rights and limitations provided in Section 8.17.

(f) Subcontractors. Receiving Party shall be responsible for the acts and omissions of its Subcontractors as if they were the acts and omissions of its employees. Without limiting the foregoing, Receiving Party (a) shall oversee any such Subcontractors that obtain, maintain, process, receive, or otherwise are permitted access to Disclosing Party’s Confidential Information (including, without limitation, all Disclosing Party Customer Information) by taking reasonable steps to select and retain Subcontractors that are capable of maintaining appropriate safeguards to protect the security and confidentiality of the Disclosing Party’s Confidential Information, (b) shall require Subcontractors to comply with (i) confidentiality provisions substantially similar to those set forth in this Agreement, (ii) to the extent the Subcontractor has access to Disclosing Party Customer Information, privacy and security provisions substantially similar to those set forth in the Customer Information Handling Requirements paragraphs of this Agreement, and (iii) to the extent the Subcontractor has access to, stores, or processes the Disclosing Party’s customers’ cardholder information, the PCI DSS (defined immediately below) in effect from time to time, and (c) shall take commercially reasonable steps to require Subcontractors to adhere to the Disclosing Party Security Requirements set forth in Exhibit II. Receiving Party shall provide Disclosing Party with a list of Subcontractors from time-to-time as reasonably requested by Disclosing Party.

(g) PCI Requirements. If Receiving Party has access to, stores, or processes the Disclosing Party’s customers’ cardholder information, Receiving Party hereby confirms that it has on file a current Report on Compliance, evidencing that it is in compliance with the payment card industry (“PCI”) data security standard (“DSS”). Receiving Party shall provide Disclosing Party with a copy of the PCI DSS Attestation of Compliance Letter upon request. In addition to the foregoing, to the extent applicable to the Services being provided to Disclosing Party hereunder, Receiving Party will comply with and adhere to the PCI DSS in effect from time to time. Each party shall be responsible for the implementation, testing, and compliance with respect to PCI data security controls within their respective PCI DSS boundaries. These requirements are applicable to all infrastructure and systems processing or storing any cardholder information as defined by the PCI DSS. Any change in Receiving Party’s PCI compliance and/or certification status shall be promptly communicated to Disclosing Party.

 

-13-


(h) Limitations on Access. Notwithstanding anything contained herein to the contrary, SLM BankCo shall not, and shall cause its Representatives to not, access or attempt to access any customer/loan information except (i) the Navient customer information as necessary to perform the SLM BankCo Services, and (ii) the customer information pertaining to SLM BankCo owned loans (including loans owned by third party lenders who have contracted with SLM BankCo to provide certain services) (all customer information other than that described in subsections (i) and (ii) is collectively referred to as the “Restricted Access Navient Customer Information.” If SLM BankCo inadvertently or otherwise accesses any Restricted Access Navient Customer Information, SLM BankCo agrees to not to use or disclose the Restricted Access Navient Customer Information.

Section 3.06. IT Transition Completion Requirements; IT Transition Governance.

(a) Upon approval by a majority of the members of the SMI Board, which approval shall include the approval of the Special Preferred Director, that the “Completion Criteria” for each “IT Transition Milestone”, as each is described in Schedule 1, have been satisfied, the migration of SLM BankCo’s customer data, servicing and origination service functions to an independent SLM BankCo platform or alternative long-term platform (the “IT Transition”) shall be deemed to be complete.

(b) The Chief Information Officers of each of Navient and SLM BankCo (each, a “CIO”) shall coordinate and manage the delivery of Services under Schedule 1 so as to allow the IT Transition Milestones to be completed by the applicable “Milestone Dates” set forth on Schedule 1. The CIO’s shall promptly escalate all Service delivery issues, material delays in completing the IT Transition Milestones, and material disputes arising under Schedule 1 to the Separation and Oversight Committee.

(c) Any proposal by either Party to:

(i) modify the IT Transition Milestones (including the addition or removal of Separation Projects comprising any IT Transition Milestone);

(ii) modify any of the Completion Criteria or Milestone Dates;

(iii) amend the material terms of Schedule 1 or any Statement of Work thereunder; or

(iv) modify the cost allocation, budgets or spend commitments provided in Schedule 1 in any material respect;

in each case, shall be promptly submitted to the Separation and Oversight Committee for approval. If the Separation and Oversight Committee does not unanimously approve any such proposal, such proposal shall be escalated to the SMI Board for approval by a majority of the members of the SMI Board, which approval shall include the approval of the Special Preferred Director.

 

-14-


(d) If any IT Transition Milestone is not completed by the applicable Milestone Date, the SMI Board will promptly meet to review (i) the impact to the remaining IT Transition Milestones and associated Milestone Dates, (ii) the remediation efforts undertaken by the Parties in respect of such uncompleted IT Transition Milestone, and (iii) the incremental costs, if any, to be incurred by the Parties in respect of such uncompleted IT Transition Milestone and remediation efforts. The SMI Board shall review and approve any additional budget or cost allocation arising out of the uncompleted IT Transition Milestone in accordance with paragraph (c) above (including the requirement of approval by the Special Preferred Director).

(e) Navient shall cause any proposed changes to the operations of SMI that would reasonably be expected to adversely affect, in any material respect, the ability of the Navient Group to timely satisfy Navient’s obligations in respect of the Completion Criteria for any IT Transition Milestone to be promptly submitted to the SMI Board for approval by a majority of the members of the SMI Board of Directors of SMI, which approval shall include the approval of the Special Preferred Director; provided, however that the foregoing consent requirement shall not apply to the SMI projects and operations that are set forth on Exhibit IV.

(f) Prior to any termination (other than a termination for Cause or at the request of SLM BankCo) or replacement of a Key Employee of SMI during the Preferred Stock Period, Navient shall provide prompt written notice to the Special Preferred Director of Navient’s intention to terminate or replace such Key Employee. Navient shall cause any such proposed termination or replacement to be submitted to the SMI Board for approval by a majority of the members of the SMI Board, which approval shall include the approval of the Special Preferred Director. Notwithstanding anything to the contrary herein, SMI may terminate a Key Employee for Cause (without the approval of, or provision of prior notice to, SLM BankCo or the Special Preferred Director) to the extent it reasonably determines, in consultation with counsel, that Cause for termination of such Key Employee exists.

(g) SLM BankCo shall not make any changes to the operations of the SLM BankCo Group that would reasonably be expected to adversely affect, in any material respect, the ability of the Navient Group to timely satisfy Navient’s obligations in respect of the Completion Criteria for any IT Transition Milestone without the prior written consent of Navient. Further, SLM BankCo shall not reassign any Key Employee, or any other employee of SLM BankCo assigned to perform Services pursuant to Statement of Work C (Separation Projects) under Schedule 1 for Projects that have a material impact to the fulfillment of the IT Transition Milestones, in each case without Navient’s prior written consent. Notwithstanding anything to the contrary herein, SLM BankCo may terminate a Key Employee for Cause (without the approval of Navient SLM BankCo) to the extent it reasonably determines, in consultation with counsel, that Cause for termination of such Key Employee exists.

(h) Navient shall cause SMI to redeem all of the issued and outstanding shares of Preferred Stock, out of funds legally available therefor, for the Redemption Price on the date (the “Redemption Date”) that is the earlier to occur of (i) three business days

 

-15-


following the determination, and approval by the SMI Board pursuant to paragraph (a) that the IT Transition has been completed, and (ii) the 24 month anniversary of the initial issuance of the Preferred Stock.

Section 3.07. Additional Special Preferred Director Approval Rights.

(a) During the Preferred Stock Period, Navient shall not permit SMI to enter into any merger, consolidation or combination of SMI into or with any other corporation or entity (regardless of whether SMI is the surviving entity) without the approval of the majority of the members of the SMI Board, which approval shall include the approval of the Special Preferred Director.

(b) During the Preferred Stock Period, Navient shall cause the Chief Executive Officer of SMI to certify to the holder(s) of the Preferred Stock, within five business days after the end of each calendar quarter, that none of the actions described in Sections 3.06(e) or (h) or paragraph (a) above have been effected by SMI during such quarter (or, if any such action has been taken, that the actions taken by SMI comply with the provisions of Sections 3.06 and 3.07(a).

Section 3.08. Disaster Recovery; Business Continuity.

(a) Disaster Recovery and Business Continuity. Receiving Party will be responsible for disaster recovery and business continuity planning, testing, implementation, and execution related to all locations from which services are provided under this Agreement (including locations of Receiving Party’s Subcontractors, “Service Locations”). Receiving Party shall provide the services described in this Section 3.08 without extra charge to the Disclosing Party:

(i) maintaining and testing the Disaster Recovery/Business Continuity Plan (as defined below);

(ii) implementing the Disaster Recovery/Business Continuity Plan in the event of a disaster affecting Service Locations within the specified timeframes;

(iii) carrying out disaster recovery, business continuity or redundancy procedures related to the services in accordance with such Disaster Recovery/Business Continuity Plan; and

(iv) designing and implementing a Disaster Recovery/Business Continuity plan to minimize disruption to the business of Disclosing Party.

(b) Disaster Recovery/Business Continuity Plan. Receiving Party shall maintain a Disaster Recovery/Business Continuity plan (the “Disaster Recovery/Business Continuity Plan”) that covers services that are provided to Disclosing Party and each of the proposed Service Locations. The Receiving Party will provide a target recovery time objective (RTO) and recovery point objective (RPO) of 48 hours and 2 hours, respectively, unless a lower minimum is provided in the Disaster Recovery/Business Continuity Plan in respect of any particular application.

 

-16-


(c) Testing. Receiving Party will test the Disaster Recovery/Business Continuity Plan on at least an annual basis or more often as required by any regulatory authority having authority over Receiving Party.

(d) Priority. If a disaster or major site impact occurs involving the need to recover operations at a Service Location or to operate from a fallback site and, as a result, it is necessary for Receiving Party or its Subcontractors to allocate limited resources between or among several organizations, Receiving Party shall not treat Disclosing Party less favorably than any other customer for purposes of allocation of such resources.

ARTICLE IV

COSTS AND DISBURSEMENTS

Section 4.01. Costs and Disbursements. (a) Except as otherwise provided in this Agreement, a Recipient of Services shall pay to the Provider of such Services a fee for the Services (or category of Services, as applicable) (each fee constituting a “Service Charge” and, collectively, “Service Charges”) as listed on the Schedules. During the term of this Agreement, the amount of a Service Charge for any Services (or category of Services, as applicable) may increase or decrease to the extent of: (i) any increases or decreases mutually agreed to by the Parties, (ii) any Service Charges applicable to any Additional Services, Service Increases, Service Decreases or New Services, and (iii) any increase or decrease in the rates or charges imposed by any unaffiliated third-party provider that is providing Services.

(b) Except as otherwise provided in this Agreement or the Schedules, the Recipient shall reimburse the Provider for reasonable out-of-pocket costs and expenses incurred by the Provider or its Affiliates in connection with providing the Services (including necessary travel-related expenses) to the extent that such costs and expenses are not reflected in the Service Charge for such Services (each such cost or expense, a “Reimbursement Charge” and, collectively, “Reimbursement Charges”); provided, however, that any such cost or expense that is materially inconsistent with historical practice between the Parties for any Service (including business travel-related expenses) shall require advance approval of the Recipient. Any authorized travel-related expenses incurred in performing the Services shall be incurred and charged to the Recipient in accordance with the Provider’s then-applicable business travel policies.

(c) Unless otherwise provided on a Schedule, each Provider shall prepare a monthly invoice that reflects all Service Charges and Reimbursement Charges with respect to the Services provided to each Recipient during the prior calendar month; provided, however, that to the extent any third-party costs and expenses are to be included in any Service Charges or Reimbursement Charges, each Provider shall have up to 60 days following receipt of the applicable invoice for such third-party costs or expenses before invoicing to each Recipient. Such invoice shall be submitted to the Recipient within 30 calendar days following the end of the prior calendar month and shall provide the Recipient with documentation reasonably necessary to support the calculation of such Service Charges and any Reimbursement Charges.

 

-17-


(d) The Recipient shall pay the amount of each monthly invoice of Service Charges and Reimbursement Charges by wire transfer (or such other method of payment as may be agreed between the Parties) to the Provider within 30 calendar days of the receipt of each such invoice, including appropriate documentation as described herein, as instructed by the Provider. In the absence of a timely notice of a billing dispute in accordance with the provisions of Article VII of the Separation and Distribution Agreement, if the Recipient fails to pay such undisputed amount by the due date, the Recipient shall be obligated to pay to the Provider, in addition to the amount due, interest at an annual default interest rate of the Prime Rate plus two percent (2%) per annum, or the maximum legal rate, whichever is lower (the “Interest Payment”), accruing from the date the payment was due through the date of actual payment. In the event of any billing dispute, the Recipient shall promptly pay any undisputed amount. All amounts due and payable hereunder shall be invoiced and paid in U.S. dollars.

(e) Subject to the confidentiality provisions set forth in Section 8.03, each Party shall, and shall cause their respective Affiliates to, provide, upon 10 days’ prior written notice from the other Party, any information within such Party’s or its Affiliates’ possession that the requesting Party reasonably requests in connection with any Services being provided to such requesting Party by an unaffiliated third-party provider, including any applicable invoices, agreements documenting the arrangements between such third-party provider and the Provider and other supporting documentation; provided, however, that each Party shall make no more than one such request during any fiscal quarter.

Section 4.02. Tax Matters.

(a) Without limiting any provisions of this Agreement, the Recipient shall be responsible for (i) all excise, sales, use, transfer, stamp, documentary, filing, recordation and other similar Taxes, (ii) all value added, goods and services or similar recoverable indirect Taxes, if any, and (iii) any related interest and penalties incurred solely as a result of the Recipient’s failure to timely pay such Taxes to Provider (collectively, “Transfer Taxes”), in each case imposed or assessed as a result of the provision of Services by the Provider. The Party required to account for Transfer Tax shall provide to the other Party evidence of the remittance of the amount of such Transfer Tax to the relevant Governmental Authority. The Provider agrees that it shall take commercially reasonable actions to cooperate with the Recipient in obtaining any refund, return, rebate, exemption, or the like of any Transfer Tax, including by filing any necessary exemption or other similar forms, certificates, or other similar documents. The Recipient shall promptly reimburse the Provider for any costs incurred by the Provider or its Affiliates in connection with the Recipient obtaining a refund or overpayment of refund, return, rebate, exemption, or the like of any Transfer Tax. For the avoidance of doubt, any applicable gross receipts-based or net income-based Taxes shall be borne by the Provider.

(b) The Recipient shall be entitled to deduct and withhold Taxes required by any Governmental Requirements to be withheld on payments made pursuant to this Agreement. To the extent any amounts are so withheld, the Recipient shall (i) pay, in addition to the amount otherwise due to the Provider under this Agreement, such additional amount as is necessary to ensure that the net amount actually received by the Provider will equal the full amount the Provider would have received had no such deduction or withholding been required, (ii) pay such deducted and withheld amount to the proper Governmental Authority, and (iii) promptly provide

 

-18-


to the Provider evidence of such payment to such Governmental Authority. The Provider shall, prior to the date of any payment to be made pursuant to this Agreement, at the request of the Recipient, make commercially reasonable efforts to provide the Recipient any certificate or other documentary evidence (x) required by Governmental Requirements or (y) which the Provider is entitled by Governmental Requirements to provide in order to reduce the amount of any Taxes that may be deducted or withheld from such payment and the Recipient agrees to accept and act in reliance on any such duly and properly executed certificate or other applicable documentary evidence.

(c) If the Provider (i) receives any refund (whether by payment, offset, credit or otherwise) or (ii) utilizes any overpayment of Taxes that are borne by Recipient pursuant to this Agreement, then the Provider shall promptly pay, or cause to be paid, to the Recipient an amount equal to the deficiency or excess, as the case may be, with respect to the amount that the Recipient has borne if the amount of such refund or overpayment (including, for the avoidance of doubt, any interest or other amounts received with respect to such refund or overpayment) had been included originally in the determination of the amounts to be borne by Recipient pursuant to this Agreement, net of any additional Taxes and costs the Provider incurs or will incur as a result of the receipt of or in obtaining such refund or such overpayment.

Section 4.03. No Right to Set-Off. The Recipient shall timely pay the full amount of Service Charges and Reimbursement Charges and, except in the case of amounts disputed in good faith, shall not set-off, counterclaim or otherwise withhold any amount owed to the Provider under this Agreement on account of any obligation owed by the Provider to the Recipient.

ARTICLE V

STANDARD FOR SERVICE

Section 5.01. Standard for Service. (a) The Provider agrees (i) to perform the Services with substantially the same nature, quality, standard of care and service levels at which the same or similar services were performed by or on behalf of the Provider (or its predecessor) during the 12 months prior to the Distribution Date or as otherwise provided in the Schedules or; and (ii) upon receipt of written notice from the Recipient identifying any outage, interruption or other failure of any Service, except as otherwise provided in the Schedules, to respond to such outage, interruption or other failure of such Service in a manner that is substantially similar to the manner in which such Provider or its Affiliates responded to any outage, interruption or other failure of the same or similar services prior to the Distribution Date. Except as otherwise provided in the Schedules, the Parties acknowledge that an outage, interruption or other failure of any Service shall not be deemed to be a breach of the provisions of this Section 5.01 so long as the applicable Provider complies with the foregoing clause (ii).

(b) Nothing in this Agreement shall require the Provider to perform or cause to be performed any Service to the extent the manner of such performance would be prohibited by or constitute a violation of applicable Law or any existing contract or agreement with a third party. If the Provider is or becomes aware of any potential violation on the part of the Provider, the Provider shall promptly send a written notice to the Recipient of any such potential violation. The Parties each agree to cooperate and use commercially reasonable efforts to obtain any

 

-19-


necessary third-party consents required under any existing contract or agreement with a third party to allow the Provider to perform or cause to be performed any Service in accordance with the standards set forth in Section 5.01(a) and/or the applicable Schedule. Any costs and expenses incurred by either Party in connection with obtaining any such third-party consent that is required to allow the Provider to perform or cause to be performed any Service shall be solely the responsibility of the Recipient. If, with respect to a Service, the Parties, despite the use of such commercially reasonable efforts, are unable to obtain a required third-party consent or the performance of such Service by the Provider would continue to constitute a violation of applicable Laws, the Provider shall use commercially reasonable efforts in good faith to provide such Services in a manner as closely as possible to the standards described in Section 5.01(a) and in the applicable Schedules.

Section 5.02. Disclaimer of Warranties. EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT (INCLUDING THE SCHEDULES AND EXHIBITS HERETO), THE PARTIES ACKNOWLEDGE AND AGREE THAT THE SERVICES ARE PROVIDED AS-IS, THAT EACH RECIPIENT ASSUMES ALL RISKS AND LIABILITY ARISING FROM OR RELATING TO ITS USE OF AND RELIANCE UPON THE SERVICES AND EACH PROVIDER, TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, MAKES NO REPRESENTATION OR WARRANTY WITH RESPECT THERETO. EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT (INCLUDING THE SCHEDULES AND EXHIBITS HERETO), TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, EACH PROVIDER HEREBY EXPRESSLY DISCLAIMS ALL REPRESENTATIONS AND WARRANTIES REGARDING THE SERVICES, WHETHER EXPRESS OR IMPLIED, EITHER IN FACT OR BY OPERATION OF LAW, BY STATUTE OR OTHERWISE, INCLUDING ANY REPRESENTATION OR WARRANTY IN REGARD TO QUALITY, PERFORMANCE, NONINFRINGEMENT, COMMERCIAL UTILITY, MERCHANTABILITY OR FITNESS OF ANY SERVICE FOR A PARTICULAR PURPOSE.

Section 5.03. Compliance with Laws and Regulations. Each Party shall be responsible for its own compliance and its Subcontractors’ compliance with any and all Laws applicable to its performance under this Agreement, including, without limitation, Laws applicable to a Receiving Party’s obligations under Section 3.05. No Party shall knowingly take any action in violation of any such applicable Law that results in liability being imposed on the other Party.

ARTICLE VI

LIMITED LIABILITY AND INDEMNIFICATION

Section 6.01. Consequential and Other Damages. Other than with respect to servicing and collections activities that are Navient Liabilities pursuant to Section 2.3(a)(i)(B) of the Separation and Distribution Agreement, notwithstanding anything to the contrary contained in the Separation and Distribution Agreement or this Agreement, except for breaches of confidentiality obligations (including, without limitation, breach of confidentiality obligations relating to customer information or a Receiving Party’s breach of Section 3.05), or in the case of bad faith, gross negligence or willful misconduct (including the willful refusal to provide Services), no Party shall be liable to the other Party or any of its Affiliates or Representatives, whether in contract, tort (including negligence and strict liability) or otherwise, at law or equity, for any special, indirect, incidental, punitive or consequential damages whatsoever (including

 

-20-


lost profits or damages calculated on multiples of earnings approaches), which in any way arise out of, relate to or are a consequence of, the performance or nonperformance by such Party (including any Affiliates and Representatives and any unaffiliated third-party providers, in each case, providing any applicable Services) under this Agreement or the provision of, or failure to provide, any Services under this Agreement, including with respect to loss of profits, business interruptions or claims of customers, even if such Party has been advised of the possibility of such damages.

Section 6.02. Limitation of Liability.

(a) Other than with respect to servicing and collections activities that are Navient Liabilities pursuant to Section 2.3(a)(i)(B) of the Separation and Distribution Agreement, and except as otherwise provided on a Schedule, the Liabilities of each Provider and its Affiliates and Representatives, collectively, under this Agreement for any act or failure to act in connection herewith (including the performance or breach of this Agreement), or from the sale, delivery, provision or use of any Services provided under or contemplated by this Agreement, whether in contract, tort (including negligence and strict liability) or otherwise, at law or equity, except for breaches of confidentiality obligations (including, without limitation, breach of confidentiality obligations relating to customer information or a Receiving Party’s breach of Section 3.05) or in the case of bad faith, gross negligence or willful misconduct (including the willful refusal to provide Services), shall not exceed the total aggregate Service Charges (excluding for the avoidance of doubt any Reimbursement Charges) actually paid to such Provider pursuant to this Agreement; provided, that until the Operational Servicing Date, Navient’s Liabilities under Statement of Work A (IT Hosting) to Schedule 1 shall be limited as provided in paragraph (b) below.

(b) Notwithstanding the limitation set forth in paragraph (a) above and except for breaches of confidentiality obligations (including, without limitation, breach of confidentiality obligations relating to customer information or a Navient’s breach of Section 3.05) or in the case of bad faith, gross negligence or willful misconduct (including the willful refusal to provide Services), the aggregate Liabilities of Navient and its Affiliates and Representatives, collectively, under this Agreement for Navient’s act or failure to act under Statement of Work A (IT Hosting) to Schedule 1 (including the performance or breach of Statement of Work A) occurring prior to the Operational Servicing Date shall be limited as follows: (1) Navient shall not be liable for the first $10,000,000 of Liabilities incurred by SLM BankCo attributable to such breach, and (2) if SLM BankCo’s Liabilities exceed $10,000,000, then Navient shall be liable for the next $35,000,000 of such SLM BankCo Liabilities over $10,000,000.

Section 6.03. Obligation To Re-perform; Liabilities. In the event of any breach of this Agreement by any Provider with respect to the provision of any Services (with respect to which the Provider can reasonably be expected to re-perform in a commercially reasonable manner), the Provider shall (a) promptly correct in all material respects such error, defect or breach or re-perform in all material respects such Services at the request of the Recipient and at the sole cost and expense of the Provider and (b) subject to the limitations set forth in Sections 6.01 and 6.02, reimburse the Recipient and its Affiliates and Representatives for Liabilities attributable to such breach by the Provider. Except as provided on a Schedule, the remedy set forth in this Section

 

-21-


6.03 shall be the sole and exclusive remedy of the Recipient for any such breach of this Agreement solely in the event that re-performance is possible in a commercially reasonable manner. Any request for re-performance in accordance with this Section 6.03 by the Recipient must be in writing and specify in reasonable detail the particular error, defect or breach, and such request must be made no more than one month from the date such error, defect or breach becomes apparent or should have reasonably become apparent to the Recipient.

Section 6.04. Indemnification. Subject to the limitations and other provisions of this Agreement, the provisions of Article IV of the Separation and Distribution Agreement shall govern indemnification matters and procedures arising under or in connection with this Agreement.

Section 6.05. Liability for Payment Obligations. Nothing in this Article VI shall be deemed to eliminate or limit, in any respect, Navient’s or SLM BankCo’s express obligation in this Agreement to pay Service Charges and Reimbursement Charges for Services rendered in accordance with this Agreement.

Section 6.06. Exclusion of Other Remedies. Except as otherwise provided in the Schedules hereto, the provisions of Sections 6.03 of this Agreement shall, to the maximum extent permitted by applicable Law, be the sole and exclusive remedies of the Provider Indemnified Parties and the Recipient Indemnified Parties, as applicable, for any claim, loss, damage, expense or liability, whether arising from statute, principle of common or civil law, principles of strict liability, tort, contract or otherwise under this Agreement.

ARTICLE VII

TERM AND TERMINATION

Section 7.01. Term and Termination. (a) This Agreement shall commence immediately upon the Distribution Date and shall terminate upon the earlier to occur of: (i) the last date on which either Party is obligated to provide any Service to the other Party in accordance with the terms of this Agreement (not to extend beyond the two-year anniversary of this Agreement) or (ii) the mutual written agreement of the Parties to terminate this Agreement in its entirety.

(b) (i) Without prejudice to a Recipient’s rights with respect to a Force Majeure set forth in Section 7.03, and except as otherwise set forth in a Schedule, a Recipient may from time to time terminate this Agreement with respect to the entirety of any individual Service but not a portion thereof:

(A) for any reason or no reason, upon providing at least 30 days’ prior written notice to the Provider; provided, however, that the Recipient shall pay to the Provider the necessary and reasonable documented out-of-pocket costs incurred in connection with the wind down of such Service other than any employee severance and relocation expenses, but including unamortized license fees and costs for equipment used to provide such Service, contractual obligations under agreements used to provide such Service, any breakage or termination fees and any other termination costs payable by the Provider with respect to any resources or pursuant to any

 

-22-


other third-party agreements that were used by the Provider to provide such Service (or an equitably allocated portion thereof, in the case of any such equipment, resources or agreements that also were used for purposes other than providing Services) (“Termination Charges”); or

(B) if the Provider of such Service has failed to perform any of its material obligations under this Agreement with respect to such Service, unless the Provider has (x) cured such failure within the 30-day period following receipt by the Provider of a written notice of such failure from the Recipient or, (y) the Provider has made substantial progress to cure such failure and implemented a plan that results in a cure of such failure within 60 days of receipt by the Provider of the written notice from the Recipient.

(ii) A Provider may terminate this Agreement with respect to one or more Services, in whole but not in part, at any time upon prior written notice to the Recipient if the Recipient has failed to perform any of its material obligations under this Agreement relating to such Services, including making payment of Service Charges and Reimbursement Charges when due, unless the Recipient has (x) cured such failure within the 30-day period following receipt by the Recipient of a written notice of such failure from the Provider or, (y) other than the Recipient’s failure to pay Service Charges or Reimbursement Charges when due (which is governed by clause (x)), the Recipient has made substantial progress to cure such breach and implemented a plan that results in a cure of such breach within 60 days of receipt by the Recipient of the written notice from the Provider. The relevant Schedule shall be updated to reflect any terminated Service.

(iii) In the event that any Service is terminated other than at the end of a month, the Service Charge associated with such Service shall be pro-rated appropriately. The Parties acknowledge that there may be interdependencies among the Services being provided under this Agreement that may not be identified on the applicable Schedules and agree that, if the Provider’s ability to provide a particular Service in accordance with this Agreement is materially and adversely affected by the termination of another Service in accordance with this Section 7.01(b), then the Parties shall negotiate in good faith to amend the Schedule relating to such affected continuing Service, which amendment shall be consistent with the terms of, and the pricing methodology used for, comparable Services.

(c) In connection with the termination of any Service identified on the Schedules as being subject to the provisions of this Section 7.01(c), if the Recipient reasonably determines that it will require such Service to continue beyond the date on which such Service is scheduled to terminate in the applicable Schedule, the Recipient may request the Provider to extend such Service for up to six months (unless otherwise provided in the Schedule applicable to such Service) (each, a “Service Extension”) by written notice to the Provider no less than 90 days prior to the date of such scheduled termination, and the Parties shall use commercially reasonable efforts to comply with such Service Extension; provided, however, that (i) there shall be no more than one Service Extension with respect to each Service, (ii) the Provider shall not be obligated to provide such Service Extension if a third-party consent is required and cannot be

 

-23-


obtained by the Provider, (iii) each Service Extension shall be permissible under applicable Law, including bank and bank holding company regulations, and (iv) no Service Extension may extend past the conclusion of the Preferred Stock Period. Unless otherwise agreed, Service Charges relating to any Service Extension shall be increased by 5% of the Service Charge reflected on the Schedules with respect to such Service. Within five days following either Party’s receipt of a written notice requesting a Service Extension, the Navient Services Manager and the SLM BankCo Services Manager shall in good faith (x) negotiate the terms of an amendment to the applicable Schedule, which amendment shall be consistent with the terms of, and the pricing methodology used for, the applicable Service (subject to the 5% increase of the applicable Service Charges, as described above); and (y) determine the costs and expenses (which shall not include any Service Charges payable under this Agreement), if any, that would be incurred by the Provider or the Recipient, as the case may be, in connection with the provision of such Service Extension, which costs and expenses shall be borne solely by the Recipient. Each such amended Schedule, as agreed to in writing by the Parties, shall be deemed part of this Agreement as of the date of such agreement and any Services provided pursuant to such Service Extensions shall be deemed “Services” provided under this Agreement, in each case subject to the terms and conditions of this Agreement. If a Recipient requests any subsequent extension of Services, such extension shall be subject to mutual agreement of the Parties and shall be provided at a mutually agreed market rate.

Section 7.02. Effect of Termination. Upon termination of any Service pursuant to this Agreement, the Provider of the terminated Service will have no further obligation to provide the terminated Service, and the relevant Recipient will have no obligation to pay any future Service Charges relating to any such Service; provided, however, that the Recipient shall remain obligated to the relevant Provider for (a) the Service Charges, Reimbursement Charges, and Transfer Taxes owed and payable in respect of Services provided prior to the effective date of termination and (b) any applicable Termination Charges payable in the event that the Recipient terminates such Service pursuant to Section 7.01(b)(i)(A). In connection with the termination of any Service, the provisions of this Agreement not relating solely to such terminated Service shall survive any such termination, and in connection with a termination of this Agreement, Article I, Article VI (including liability in respect of any indemnifiable Liabilities under this Agreement arising or occurring on or prior to the date of termination), Article VII, Article VIII, Section 3.05 (so long as the Receiving Party continues to hold or store Confidential Information) and liability for all due and unpaid Service Charges, Reimbursement Charges, Termination Charges and Transfer Taxes, shall continue to survive indefinitely.

Section 7.03. Force Majeure. Notwithstanding anything to the contrary herein, if either party is rendered unable, in whole or in part, by a Force Majeure to satisfy its obligations under this Agreement, such party shall not be deemed to have breached any such obligation upon delivery of written notice of such event to the other Party hereto, for so long as such party remains unable to perform such obligation as a result of such event. The following events shall not constitute force majeure events: (a) acts or omissions of subcontractors; and (b) delays or failures to the extent they could have been avoided or their impact mitigated through the use of commercially reasonable business continuity measures. If either Party is unable to materially perform its obligations under this Agreement and its performance is excused pursuant to this Section 7.03 for a period of 30 consecutive days, the other Party may terminate this Agreement upon at least three business days’ written notice and shall not be required to pay any Termination Charges pursuant to Section 7.01(b).

 

-24-


ARTICLE VIII

GENERAL PROVISIONS

Section 8.01. No Agency. Nothing in this Agreement shall be deemed in any way or for any purpose to constitute any Party an agent of an unaffiliated party in the conduct of such other Party’s business. A Provider of any Service under this Agreement shall act as an independent contractor and not as the agent of the Recipient in performing such Service, maintaining control over its employees, its subcontractors and their employees and complying with all withholding of income at source requirements, whether federal, national, state, local or foreign.

Section 8.02. Subcontractors. A Provider may hire or engage one or more subcontractors to perform any or all of its obligations under this Agreement; provided, however, that (a) such Provider shall use the same degree of care in selecting any such subcontractor as it would if such contractor was being retained to provide similar services to the Provider and (b) such Provider shall in all cases remain primarily responsible for all of its obligations under this Agreement with respect to the scope of the Services, the standard for services as set forth in Article V and the content of the Services provided to the Recipient.

Section 8.03. Treatment of Confidential Information. (a) The Parties shall not, and shall cause all other persons providing Services or having access to information of the other Party that is confidential or proprietary (including, without limitation, Disclosing Party Customer Information, “Confidential Information”) not to, disclose to any other person or use, except for purposes of this Agreement, any Confidential Information of the other Party; provided, however, that the Confidential Information may be used by such Party to the extent that such Confidential Information has been (i) in the public domain through no fault of such Party or any member of such Group or any of their respective Representatives, (ii) later lawfully acquired from other sources by such Party (or any member of such Party’s Group) which sources are not themselves bound by a confidentiality obligation or (iii) independently generated without reference to any Confidential Information of the other Party; provided, further, that each Party may disclose Confidential Information of the other Party, to the extent not prohibited by applicable Law: (i) to its Representatives on a need-to-know basis in connection with the performance of such Party’s obligations under this Agreement; (ii) in any report, statement, testimony or other submission required to be made to any Governmental Authority having jurisdiction over the disclosing Party; or (iii) in order to comply with applicable Law, or in response to any summons, subpoena or other legal process or formal or informal investigative demand issued to the disclosing Party in the course of any litigation, investigation or administrative proceeding. In the event that a Party becomes legally compelled (based on advice of counsel) by deposition, interrogatory, request for documents subpoena, civil investigative demand or similar judicial or administrative process to disclose any Confidential Information of the other Party, such disclosing Party shall provide the other Party with prompt prior written notice of such requirement, and, to the extent reasonably practicable, cooperate with the other Party (at such other Party’s expense) to obtain a protective order or similar remedy to cause such Confidential Information not to be disclosed, including interposing all available objections thereto, such as objections based on settlement privilege. In the event that such protective order or other similar remedy is not obtained, the disclosing Party

 

-25-


shall furnish only that portion of the Confidential Information that has been legally compelled, and shall exercise its commercially reasonable efforts (at such other Party’s expense) to obtain assurance that confidential treatment will be accorded such Confidential Information.

(b) Upon the termination of this Agreement, either Party may request, in such Party’s sole discretion, that all Confidential Information belonging to such Party either be promptly returned to such Party or promptly destroyed by the other Party, and in either case not retained by such other Party or its Affiliates or their respective Subcontractors in any form. Notwithstanding anything to the contrary contained herein, each Party’s legal department may retain an archival copy of all or any portion of such Confidential Information to the extent required by applicable Law. The rights and obligations of the Parties regarding the non-disclosure and use of Confidential Information exchanged under this Agreement shall survive any return, retention or destruction of any Confidential Information.

(c) All Confidential Information shall remain the property of the Disclosing Party.

(d) Each Party shall, and shall cause its Representatives to, protect the Confidential Information of the other Party by using the same degree of care to prevent the unauthorized disclosure of such as the Party uses to protect its own confidential information of a like nature, but in any event no less than a reasonable degree of care.

(e) Each Party shall be liable for any failure by its respective Representatives to comply with the restrictions on use and disclosure of Confidential Information contained in this Agreement.

(f) Each Party shall comply with all applicable local, state, national, federal and foreign privacy and data protection Laws that are or that may in the future be applicable to the provision of Services under this Agreement.

Section 8.04. Further Assurances. Each Party covenants and agrees that, without any additional consideration, it shall execute and deliver any further legal instruments and perform any acts that are or may become necessary to effectuate this Agreement.

Section 8.05. Dispute Resolution. Any Dispute shall be resolved in accordance with the procedures set forth in Article VII and Section 10.13 of the Separation and Distribution Agreement, which shall be the sole and exclusive procedures for the resolution of any such Dispute unless otherwise specified herein or in Article VII or Section 10.13 of the Separation and Distribution Agreement.

Section 8.06. Notices. Except with respect to routine communications by the Navient Services Manager and the SLM BankCo Services Manager under Section 2.07, all notices, requests, claims, demands and other communications under this Agreement shall be in writing and shall be given or made (and shall be deemed to have been duly given or made upon receipt) by delivery in person, by overnight courier service, by facsimile or electronic transmission with receipt confirmed (followed by delivery of an original via overnight courier service) or by registered or certified mail (postage prepaid, return receipt requested) to the respective Parties at the following addresses (or at such other address for a Party as shall be specified in a notice given in accordance with this Section 8.06):

 

-26-


  (i) if to Navient:

Navient Corporation

Attention: Paul Mayer

2001 Edmund Halley Drive

Reston, Virginia 20191

with copies to:

Navient Corporation

Attention: General Counsel

2001 Edmund Halley Drive

Reston, Virginia 20191

 

  (ii) if to SLM BankCo:

SLM Corporation

Attention: Paul Thome

175 South West Temple, 6th Floor

Salt Lake City, UT 84101

with copies to:

SLM Corporation

Attention: General Counsel

300 Continental Drive

Newark, Delaware 19713:

Section 8.07. Severability. If any term or other provision of this Agreement is invalid, illegal or incapable of being enforced under any Law or as a matter of public policy, all other conditions and provisions of this Agreement shall nevertheless remain in full force and effect so long as the economic or legal substance of the transactions contemplated by this Agreement is not affected in any manner materially adverse to any Party. Upon such determination that any term or other provision is invalid, illegal or incapable of being enforced, the Parties shall negotiate in good faith to modify this Agreement so as to effect the original intent of the Parties as closely as possible in a mutually acceptable manner in order that the transactions contemplated by this Agreement be consummated as originally contemplated to the greatest extent possible.

Section 8.08. Entire Agreement. This Agreement, together with the documents referenced herein (including the Schedules, the Separation and Distribution Agreement and any other Ancillary Agreements) constitutes the entire agreement between the Parties and their respective Affiliates with respect to the subject matter hereof and supersedes all prior written and

 

-27-


oral and all contemporaneous oral agreements, negotiations, discussions, writings, understandings, commitments and conversations with respect to such subject matter, and there are no agreements or understandings between the Parties other than those set forth or referred to herein or therein.

Section 8.09. No Third-Party Beneficiaries. Except as provided in Article VI with respect to Provider Indemnified Parties and Recipient Indemnified Parties, this Agreement is for the sole benefit of the Parties and their permitted successors and assigns and nothing in this Agreement, express or implied, is intended to or shall confer upon any other Person, including any union or any employee or former employee of Navient or SLM BankCo, any legal or equitable right, benefit or remedy of any nature whatsoever, including any rights of employment for any specified period, under or by reason of this Agreement.

Section 8.10. Governing Law. This Agreement (and any claims or disputes arising out of or related to this Agreement or to the transactions contemplated by this Agreement or to the inducement of any Party to enter into this Agreement or the transactions contemplated by this Agreement, whether for breach of contract, tortious conduct or otherwise and whether predicated on common law, statute or otherwise) shall in all respects be governed by, and construed in accordance with, the Laws of the State of Delaware, including all matters of construction, validity and performance, in each case without reference to any conflict of Law rules that might lead to the application of the Laws of any other jurisdiction.

Section 8.11. Amendment; Waiver. No provision of this Agreement, including any Schedules to this Agreement, may be amended, supplemented or modified except by a written instrument making specific reference to this Agreement or any such Schedules to this Agreement, as applicable, signed by each of the Parties. Waiver by a Party of any default by the other Party of any provision of this Agreement shall not be deemed a waiver by the waiving Party of any subsequent or other default, nor shall it prejudice the rights of the waiving Party.

Section 8.12. Rules of Construction. Interpretation of this Agreement shall be governed by the following rules of construction: (a) words in the singular shall be held to include the plural and vice versa, and words of one gender shall be held to include the other gender as the context requires; (b) references to the terms Article, Section, paragraph, Exhibit and Schedule are references to the Articles, Sections, paragraphs, Exhibits and Schedules of this Agreement unless otherwise specified; (c) references to “$” shall mean U.S. dollars; (d) the word “including” and words of similar import when used in this Agreement shall mean “including without limitation,” unless otherwise specified; (e) the word “or” shall not be exclusive; (f) references to “written” or “in writing” include in electronic form; (g) provisions shall apply, when appropriate, to successive events and transactions; (h) the headings contained in this Agreement are for reference purposes only and shall not affect in any way the meaning or interpretation of this Agreement; (i) Navient and SLM BankCo have each participated in the negotiation and drafting of this Agreement and if an ambiguity or question of interpretation should arise, this Agreement shall be construed as if drafted jointly by the Parties and no presumption or burden of proof shall arise favoring or burdening either Party by virtue of the authorship of any of the provisions in this Agreement or any interim drafts of this Agreement; (j) a reference to any Person includes such Person’s successors and permitted assigns; (k) any reference to “days” means calendar days unless Business Days are expressly specified; and (l) when calculating the period of time before

 

-28-


which, within which or following which any act is to be done or step taken pursuant to this Agreement, the date that is the reference date in calculating such period shall be excluded, and if the last day of such period is not a Business Day, the period shall end on the next succeeding Business Day.

Section 8.13. Counterparts. This Agreement may be executed in one or more counterparts, and by each Party in separate counterparts, each of which when executed shall be deemed to be an original but all of which taken together shall constitute one and the same agreement. Delivery of an executed counterpart of a signature page to this Agreement by facsimile or portable document format (PDF) shall be as effective as delivery of a manually executed counterpart of this Agreement.

Section 8.14. Assignability. This Agreement shall not be assigned or transferred by operation of Law or otherwise without the prior written consent of Navient and SLM BankCo, except that each Party may:

(a) assign all of its rights and obligations under this Agreement to any of its Subsidiaries; provided, that no such assignment shall release Navient or SLM BankCo, as the case may be, from any liability or obligation under this Agreement;

(b) in connection with the divestiture of any Subsidiary or business of such Party that is a Recipient to an acquiror that is not a competitor of the Provider, assign to the acquiror of such Subsidiary or business its rights and obligations as a Recipient with respect to the Services provided to such divested Subsidiary or business under this Agreement; provided, however, that (i) no such assignment shall release Navient or SLM BankCo, as the case may be, from any liability or obligation under this Agreement; (ii) any and all costs and expenses incurred by either Party in connection with such assignment (including in connection with clause (iii) of this proviso) shall be borne solely by the assigning Party; and (iii) the Parties shall in good faith negotiate any amendments to this Agreement, including the Schedules and Exhibits hereto, that may be necessary or appropriate in order to assign such Services; and

(c) in connection with the divestiture of any Subsidiary or business of such Party that is a Recipient to an acquiror that is a competitor of the Provider, assign to the acquiror of such Subsidiary or business its rights and obligations as a Recipient with respect to the Services provided to such divested Subsidiary or business under this Agreement; provided, however, that (i) no such assignment shall release Navient or SLM BankCo, as the case may be, from any liability or obligation under this Agreement; (ii) any and all costs and expenses incurred by either Party in connection with such assignment (including in connection with clause (iii) of this proviso) shall be borne solely by the assigning Party; (iii) the Parties shall in good faith negotiate any amendments to this Agreement, including the Schedules and Exhibits hereto, that may be necessary or appropriate in order to ensure that such assignment will not (x) materially and adversely affect the businesses and operations of each of the Parties and their respective Affiliates or (y) create a competitive disadvantage for the Provider with respect to an acquiror that is a competitor; and (iv) no Party shall be obligated to provide any such assigned Services to an acquiror that is a competitor if the provision of such assigned Services to such acquiror would disrupt the operation of such Party’s businesses or create a competitive disadvantage for such Party with respect to such acquiror.

 

-29-


Section 8.15. Public Announcements. From and after the Distribution Date, the Parties shall consult with each other before issuing, and give each other the opportunity to review and comment upon, that portion of any press release or other public statement that relates to the transactions contemplated by this Agreement, and shall not issue any such press release or make any such public statement prior to such consultation, except (a) as may be required by applicable Law, court process or by obligations pursuant to any listing agreement with any national securities exchange or national securities quotation system; or (b) as otherwise set forth in the Separation and Distribution Agreement.

Section 8.16. Non-Recourse. No past, present or future director, officer, employee, incorporator, member, partner, shareholder, Affiliate, agent, attorney or representative of either Navient or SLM BankCo or their Affiliates shall have any liability for any obligations or liabilities of Navient or SLM BankCo, respectively, under this Agreement or for any claims based on, in respect of, or by reason of, the transactions contemplated by this Agreement.

Section 8.17. Audit Rights. Each Party may, at such Party’s sole cost and expense, from time to time (but no more frequently than once per year) audit the books and records of the other Party reasonably relating to the Services that the other Party is obligated to provide under this Agreement and to otherwise verify such Party’s compliance with the terms and conditions of this Agreement. Each Party shall reasonably cooperate with any audit conducted by the other Party pursuant to this Section 8.17; provided that the Party conducting the audit shall give the other Party reasonable written notice of any audit, but in no event less than 30 days’ notice, prior to such audit. Any audit pursuant to this Section 8.17 shall be conducted during normal business hours for the applicable location in a manner that does not materially disrupt the operations of the other Party. The Parties acknowledge and agree that the audit rights and limitations provided in this Section 8.17 are independent from the audit rights and limitations provided in
Section 3.05(e).

Section 8.18. Title to Intellectual Property. Except as expressly provided for under the terms of this Agreement (including the Schedules and Exhibits hereto), each Party acknowledges that it shall acquire no right, title or interest (including any license rights or rights of use) in any Intellectual Property which is owned or licensed by the other Party, by reason of the provision or receipt of the Services provided hereunder. Neither Party shall remove or alter any copyright, trademark, confidentiality or other proprietary notices that appear on any Intellectual Property owned or licensed by the other Party. Neither Partyshall attempt to decompile, translate, reverse engineer or make excessive copies of any Intellectual Property owned or licensed by the other Party, and each Party shall promptly notify the other Party of any such attempt, regardless of whether by the notifying Party or any third party, of which the notifying Partybecomes aware.

Section 8.19. Order of Precedence. The following shall apply to the extent of any conflict among the terms in the various documents within this Agreement (including Schedules and Exhibits):

(a) to the extent the conflicting provisions can reasonably be interpreted so that such provisions are consistent with each other, such consistent interpretations will prevail; and

 

-30-


(b) to the extent paragraph (a) above does not resolve such conflict, then the Schedules and Exhibits will prevail over a conflicting term in this Agreement.

[The remainder of this page is intentionally left blank.]

 

-31-


IN WITNESS WHEREOF, the Parties have caused this Agreement to be executed on the date first written above by their respective duly authorized officers.

 

NAVIENT CORPORATION
By:  

/s/ John F. Remondi

Name:   John F. Remondi
  Title:    Chief Executive Officer
SLM CORPORATION
By:  

/s/ Raymond Quinlan

  Name: Raymond Quinlan
  Title:   Chief Executive Officer

 

-32-


Exhibit I

Services Managers

Overall Services Managers

 

Initial SLM BankCo Services Manager:

   Paul Thome

Initial Navient Services Manager:

   Paul Mayer

Service Schedule Services Managers

Schedule 1 (Comprehensive IT):

 

Initial SLM BankCo Services Manager:

   Mike Brannon

Initial Navient Services Manager:

   Mary Jo Adams

Schedule 2 (Short-Term Shared Loan Servicing):

 

Initial SLM BankCo Services Manager:

   Tim Hanrahan

Initial Navient Services Manager:

   Mike Maier

Schedule 3 (Customer Experience):

 

Initial SLM BankCo Services Manager:

   Tim Hanrahan

Initial Navient Services Manager:

   Lisa Stashik

Schedule 4 (Trust Administration):

 

Initial SLM BankCo Services Manager:

   Lance Welch

Initial Navient Services Manager:

   Scott Booher

Schedule 5 (Facilities Services):

 

Initial SLM BankCo Services Manager:

   Larry Zepp

Initial Navient Services Manager:

   Joe Muffler

 

-33-


Schedule 6 (Third Party TSA Support):

 

Initial SLM BankCo Services Manager:

   David O’Connell

Initial Navient Services Manager:

   Mary Jo Adams

Schedule 7 (Government Relations):

 

Initial SLM BankCo Services Manager:

   Rick Nelson

Initial Navient Services Manager:

   Tim Morrison

Schedule 8 (Services Business Development Support and IT Services Support):

 

Initial SLM BankCo Services Manager:

   Kirk Etten

Initial Navient Services Manager:

   Wendy Kincaid

Schedule 9 (Financial and HR Systems Support Services)

 

Initial SLM BankCo Services Manager:

   Brian Carp

Initial Navient Services Manager:

   Peter Strang

 

-34-


Exhibit II

DISCLOSING PARTY SECURITY REQUIREMENTS

Access to Disclosing Party Confidential Information (including, without limitation, any non-public personal information or personally identifiable information of customers or consumers for which the Disclosing Party is the custodian) shall, subject to the other applicable provisions of the Agreement, be restricted to the Receiving Party with whom the Disclosing Party is contracting under the Agreement and the employees and, to the extent permitted by the Agreement, the permitted Subcontractors of the Disclosing Party (and their respective personnel) (each, including the Receiving Party, an “Accessing Party”) who (1) shall provide the Services under the Agreement and (2) have been properly trained and instructed as to all obligations set forth in the Agreement and this Exhibit H with respect to the access and use of such Disclosing Party Confidential Information. Any Accessing Party hardware or software used to accesses, process, store or transmit any Disclosing Party Confidential Information shall be referred to herein as an “Affected Computing Device.” In order to prevent unauthorized use, access, modification, or disruption to Disclosing Party Confidential Information, information security measures shall be implemented with respect to any Affected Computing Device.

In addition to the security of Affected Computing Devices, this Exhibit must take a broader view of security. The security of these devices is dependent upon the Accessing Party maintaining a secure infrastructure that implements an array of industry standard controls. Therefore, this Exhibit covers the infrastructure necessary to protect the Affected Computing Device. This does not cover the Accessing Party’s entire infrastructure and controls regime, but only the slice which assures the security of the Affected Computing Devices.

Access Control

 

  1. Access to Affected Computing Devices shall be configured with the concept of “Least Privilege” enforced. Access to Affected Computing Devices shall be granted only to those individuals who shall have it in order to provide the Services.

 

  2. Access to Affected Computing Devices shall be granted in line with formally documented user administration processes that are designed to ensure:

 

  a. All users granted access to Affected Computing Devices shall be explicitly approved by appropriate Accessing Party management; and

 

  b. Provisioning and de-provisioning of access to critical Affected Computing Devices is reviewed at regularly scheduled intervals by appropriate Accessing Party management.

 

  3. All Affected Computing Devices shall be configured to require users to periodically change their passwords. Password length, complexity and reuse shall adhere to industry standard practices.

 

-35-


  4. Accessing Party shall limit access by means of wireless networking to Disclosing Party Confidential Information to the minimum required situations. Where such wireless access is necessary, such Accessing Party shall require that authentication, encryption, and security for the wireless network meets generally accepted industry standard practices.

 

  5. Accessing Party authentication credentials that are no longer required or that are no longer authorized to obtain access to Disclosing Party Confidential Information from Affected Computing Devices shall be (promptly disabled.

 

  6. In the event that Accessing Party is provided with Disclosing Party administered credentials or devices to permit access to Disclosing Party Confidential Information, Accessing Party shall promptly notify the Disclosing Party, within 24 hours in a manner that is mutually agreed upon by the parties, of a personnel change whereby an individual no longer requires Disclosing Party administered authentication credentials to Disclosing Party Confidential Information.

 

  7. Network protection mechanisms meeting industry standard practices shall be implemented for all Accessing Party company networks accessing Disclosing Party Confidential Information.

 

  8. Accessing Party’s personnel shall exercise restraint with their access privileges to Disclosing Party Confidential Information, shall not attempt to circumvent or subvert any security measures and not use their access for anything other than the provision of Services.

 

  9. Access to Disclosing Party Confidential Information over the public Internet shall be restricted.

Logging & Monitoring

 

  10. All Affected Computing Devices shall be configured to audit relevant security events using industry standard practices.

 

  11. Audit and event logs for Affected Computing Devices shall be adequately protected to prevent contents from being modified or deleted in an unauthorized fashion.

 

  12. System logs are to be analyzed for suspicious activity.

Patching & Configuration Management

 

  13. Accessing Party shall maintain a security patching/update validation process that is designed to ensure that all Affected Computing Devices are patched in a timely manner consistent with industry standard practices.

 

  14. Accessing Party shall follow industry standard practices to implement secure system configurations.

 

  15. Accessing Party change control management procedures shall be documented and followed.

 

-36-


Storage & Media Protection

 

  16. Servers, enterprise data storage devices, backup tapes and media, and other Affected Computing Devices used to support network communications shall be located in a secure and restricted access location within Accessing Party facilities, or approved Subcontractor facilities,

 

  17. All backup media, including tapes, sent off site that contains Disclosing Party Confidential Information shall be encrypted using industry standard practices.

 

  18. When Disclosing Party Confidential Information is required to be destroyed or disposed per the terms of the Agreement, such Disclosing Party Confidential Information, whether in paper, electronic or other form requires secure disposal or destruction. These measures shall be in line with industry standard practices.

Physical & Environmental Protection

 

  19. Accessing Party Facilities at which Affected Computing Devices are stored or maintained shall have appropriate controls implemented that restrict physical access to only authorized personnel. Visitor access to such facilities shall be based on authentication of visitor identity and visitors shall be escorted.

 

  20. Data centers housing Disclosing Party Confidential Information are required to have controlled access with working security cameras. Data center access control lists shall be kept current.

 

  21. Accessing Party shall provide at least 90 days’ advance notification to Disclosing Party prior to relocation or transfer of Accessing Party’s datacenter housing Disclosing Party Confidential Information.

Vulnerability Assessments

 

  22. Accessing Party shall maintain a vulnerability management and assessment program based on industry standard practices that frequently assesses Affected Computing Devices and mitigates or eliminates vulnerabilities.

 

  23. Routine network and database scans shall be scheduled. The scan results shall be analyzed and vulnerabilities identified and remediated within a timeframe commensurate with the relative risk.

 

  24. Accessing Party shall engage, at its expense, an unrelated security firm to perform an annual penetration test of Affected Computing devices. Accessing Party shall implement security controls and practices to mitigate risks identified during such an assessment.

 

-37-


Encryption

 

  25. When Disclosing Party Confidential Information is being accessed, or transmitted, over the Internet or via a public switched network, the communications session shall utilize a secure transport mechanism meeting industry standard for encryption. All laptops, hand-held devices and removable storage devices, shall utilize full disk encryption meeting industry standards for encryption.

Malware Protection

 

  26. Affected Computing Devices shall be appropriately and reasonably protected against malicious software. All such Affected Computing Devices shall be configured with up-to-date anti-virus.

Security Awareness & Training

 

  27. All Accessing Party personnel who have access to Disclosing Party Confidential Information are required to successfully complete initial security awareness training, including affirmative acknowledgement of their security and privacy responsibilities, and annual refresher training thereafter.

Host-Based Security – End Point Computing

 

  28. Only devices provided by or under the management of Accessing Party personnel or by Disclosing Party may be used to access Disclosing Party Confidential Information. Public resources such as hotel PC kiosks, or other public-access terminals such as those available in malls and airports, may not be used for this purpose.

Policies and Procedures

 

  29. Upon request, but no more frequently than annually, Accessing Party shall permit Disclosing Party to review its information security, physical security, and privacy policy at the Accessing Party’s facility.

 

  30. Accessing Party shall develop, implement, and maintain logical network diagrams and security documentation for the Affected Computing Devices to provide an overview of the security requirements and a description of the security controls in place.

Change Management

 

  31. Accessing Party shall utilize a change management process based on industry standards that is designed to ensure that Accessing Party information security personnel have insight and approval over changes affecting security devices (e.g., firewalls, VPNs, IPS) and systems handling authentication, authorization, and auditing.

 

-38-


Data Loss Prevention

 

  32. Accessing Party shall maintain an approach to data loss prevention in-line with industry standards to mitigate the risk of unauthorized data disclosure from applications and network infrastructure.

Asset Inventory

 

  33. Accessing Party shall maintain an asset inventory of all critical Affected Computing Devices that access, store, process or transmit Disclosing Party Confidential Information.

Remote Access

 

  34. In the event Accessing Party requires remote access to Disclosing Party’s network:

 

  a. Accessing Party’s use of individually assigned Disclosing Party remote access credentials and authentication devices are for the sole use of that individual and not to be shared with anyone else for any reason.

 

  b. Accessing Party remote access to Disclosing Party’s network will require a Disclosing Party approved or Disclosing Party-provided multi-factor authentication.

Background Investigations

 

  35. Accessing Party on-boarding process for personnel that will have access to Disclosing Party Confidential Information shall include, at its expense, an industry standard background investigation.

 

  36. Accessing Party shall not assign any individual to Disclosing Party who (1) has been convicted of a felony of any nature or a misdemeanor of violence, theft or fraud or a crime involving dishonesty or breach of trust; (2) has an unverifiable SSN, address, employment, or education; or (3) appears on the OFAC list.

 

  37. Accessing Party shall promptly notify Disclosing Party in the event Accessing Party becomes aware that any individual assigned to Disclosing Party is under investigation or arrested for, or convicted of, a felony of any nature or a misdemeanor of violence, theft or fraud or a crime involving dishonesty or breach of trust.

Systems Development and Maintenance

 

  38. Accessing Party will annually conduct appropriate application security reviews for critical applications and prior to the promotion of production changes to critical application.

 

-39-


Segregation of Duties

 

  39. Accessing Party shall safeguard Disclosing Party Confidential Information by employing commercially reasonable practices, techniques and/or technologies, to implement segregation of duties.

Cloud Service Delivery1

 

  40. Accessing Party shall document controls used to maintain logical separation of data (prevent inadvertent release of data) in multi-tenant environments.

 

 

1  Adapted from the Cloud Security Alliance Cloud Controls Matrix Version 1.1 (2010), http://www.cloudsecurityalliance.org/cm.html

 

-40-


Exhibit III

Key Employees

A. Navient Key Employees

 

  1. Pat Lawicki

 

  2. Cheri Dayton

 

  3. Jon Jones

 

  4. Matt Anderson

 

  5. Michael Castagna

 

  6. Jeff Dossman

 

  7. Rich Jackson

 

  8. Brenda Nethery

 

  9. Mark Perrault

 

  10. Carol Swartz

B. SLM BankCo Key Employees

 

  1. Dan Kennedy

 

  2. Jerry Archer

 

  3. Mike Brannon

 

  4. Mike Migliore

 

  5. Mike Bandy

 

  6. John Sullivan

 

-41-


Exhibit IV

Excluded SMI Projects

 

  1. Regulatory, legislative, and production ticket support

 

  2. FDR (by FDR), CLASS, CLASS ED, Collection systems development

 

  3. Collection Platform Replacement

 

  4. Telephony Replacement Projects, including I3/IVR

 

  5. xPressions Deployment

 

  6. IT Cost Reduction Initiatives

 

  7. IT On-going Upgrades/Deployments/Maintenance

 

  8. Business activities included in the Navient business plan presented to the SLM Board in October 2013.

 

  9. Initiatives to support ED Servicing including default prevention and customer experience initiatives to support ED Scorecard improvement

 

-42-


Schedule 1

Comprehensive Information Technology Services

[See attached.]

 

-43-


Schedule 2

Short-Term Shared Loan Servicing Services

[See attached.]

 

-44-


Schedule 3

Customer Experience Services

[See attached.]

 

-45-


Schedule 4

Trust Administration Services

[See attached.]

 

-46-


Schedule 5

Facilities Services

[See attached.]

 

-47-


Schedule 6

Third Party TSA Support Services

[See attached.]

 

-48-


Schedule 7

Government Relations Services

[See attached.]

 

-49-


Schedule 8

Services Business Development Support and IT Services

[See attached.]

 

-50-


Schedule 9

Financial and HR Systems Support Services

[See attached.]

 

-51-