Common use of Additional Provisions Applicable Only to Business Accounts Clause in Contracts

Additional Provisions Applicable Only to Business Accounts. A. If you are a corporation, partnership, limited liability company, association or some other form of business entity, that is accessing your business account through Retail Online Banking, you may have been issued one set of access codes (user ID, password, AAI, for your) company representative. It is your responsibility to ensure that access codes are provided only to persons you authorize. You represent to us that each company representative and anyone else using your access codes has general authority from your company to give us instructions to perform transactions using the Services. Each person using your access codes will have the ability to: • Transfer funds between your Accounts. • Make payments using the Bill Payment Services, regardless of the dollar amount of the transaction. • Make payments regardless of whether he/she is otherwise an authorized signer on any Accounts that are accessed. • Obtain information that we make available about qualifying Accounts. • Obtain other services or perform other transactions that we authorize or allow. • Allow anyone else to use those access codes to make payments or obtain information or other services. B. Customer Liability for Unauthorized Transactions From Business Accounts You are liable for all transactions that you make or authorize, even if the person you authorize exceeds your authority. If you or a company representative has given someone your access codes and want to terminate that person’s authority, you must notify us that transactions by such a person are no longer authorized. We may have to change your access codes or take additional steps to prevent further access by such person. Our system supporting the Services is designed so that it may be operated only upon entry of valid access codes. Since we condition access upon entry of valid access codes, we will accept instructions for payments or other transactions from any person using valid access codes. This is so even if the person obtaining access: • Is not a company representative. • Exceeds your authority or that granted by any company representative. • Does not have your authority. • Has had his/her authority changed or revoked. • Is an imposter or thief. You agree to be bound by all transactions from any business Account for which valid login was given were used. You authorize us to treat any instructions we receive using valid access codes as if the instructions had been made in writing and signed by the appropriate company representative. Unless there is substantial evidence to the contrary, our records will be conclusive regarding any access to, or action taken through, the Services. Notwithstanding the foregoing, we agree that you will not be responsible for transactions which occur after you have notified us to block the access codes that were used to perform the transaction, and we have had a reasonable opportunity to do so. Thus, the sooner you notify us of a problem, the better you can keep your losses down. Bank can be contacted as stated in Section III.C. You agree to promptly examine all Account statements and any confirmations of payments which we may send or make available to you, and to promptly notify us of any discrepancy or error within fourteen (14) days of receipt of any such statement or confirmation. Call us or write to us at the contact number or address set forth in Section III.C. of this Agreement as soon as you can, if you think your statement is wrong or if you need more information about a transfer covered by this Agreement which is listed on the statement. C. Limitations on Our Liability in Connection with Business Accounts We will make every reasonable effort to resolve any disputes that may arise in connection with the Service. We will only be responsible for acting on instructions that we actually receive. We cannot assume responsibility for any malfunctions or capacity reductions or other problems in your equipment or in public communications networks not under our control that may affect the accuracy or timeliness of transactions you perform. Our only liability is to correct errors within our control. We are not responsible or liable to you for any loss, damage or injury caused by the Services. Neither will we be liable for any consequential, incidental, special, indirect or punitive loss or damage, including but not limited to dishonor of checks or other items or expenses which you may incur or suffer by reason of this Agreement or the services we provide, whether or not the possibility or likelihood of such loss, damage, or expense is known to us. WE MAKE NO WARRANTIES, EXPRESS OR IMPLIED, IN CONNECTION WITH THE SERVICES WE PROVIDE YOU UNDER THIS AGREEMENT, INCLUDING, WITHOUT LIMITATION, THE WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. D. Security Procedures By entering into this Agreement and using the Service to perform transactions from business Accounts, you agree to comply with all of our present and future security procedures with respect to transactions and services covered by this Agreement. This includes, but is not limited to, protection of login ID, password, and AAI and other personal and business information. Our security procedures are contained in this Agreement and in other written procedures we may provide to you. Customer shall use reasonable efforts to enforce the terms associated with the tokens. Customer shall be solely responsible for use regarding tokens and any violations of the restrictions on use as set forth in this Agreement. Customer agrees that in the event of any breach of the terms of this Agreement, Customer will indemnify Bank against claims and losses arising from Customer’s actions that cause Bank to be in violation of the terms of this Agreement. Customer is strictly responsible to establish and maintain the procedures to safeguard against unauthorized transactions. Customer warrants that no individual will be allowed to initiate transfers in the absence of proper supervision and safeguards, and agrees to take reasonable steps to maintain the confidentiality of the security procedures and any log-on ID, AAI, passwords, tokens, and related instructions provided by Bank in connection with the security procedures. If Customer believes or suspects that any such information or instructions have been known or accessed by unauthorized persons, Customer agrees to notify Bank immediately followed by ▇▇▇▇▇▇▇▇’s written confirmation. The occurrence of unauthorized access will not affect any transfers made in good faith by Bank prior to receipt of such notification and within a reasonable time period to prevent unauthorized transfers. Customer agrees that it, and not Bank, have control over their computer systems. Accordingly, Customer assumes all liability related to connecting and securing internet access to the proper computer as well as complete control over the physical security of their Access Devices. Customer is solely responsible for the accurate creation, modification, and deletion of the Account information maintained on Customer’s Access Device used to interact with the Site. You acknowledge receiving a copy in writing of our current security procedures in other documents and disclosures we may provide to you. You agree that our current security procedures are commercially reasonable in the context of your business operations. We may at any time change our security procedures. We may advise you of such changes to the extent they affect your use of transactions and services under this Agreement, but failure to do so will not affect your obligations or our rights. You agree to give all of our security procedures the highest level of confidentiality and to ensure that no access codes are used by or accessible to anyone other than persons you have authorized. Notwithstanding any security procedure, which may from time to time be in effect for detecting errors in transactions covered by this Agreement, we have no duty to discover or report to you any such errors. Neither shall we be liable to you for the failure of such security procedure to detect such errors, regardless of the manner in which we apply such security procedures. You acknowledge and agree that corporate account takeovers ( “CATO”) wherein unauthorized person maliciously takes over a corporate bank account present significant risk to your assets. If an attacker gains access to an online account, they can transfer funds, steal sensitive customer information, and jeopardize the financial assets and position of a victim. Preventing CATO is primarily your responsibility. Prevention measures include a combination of training, technology, and good business policies. Central Bank recommends that Customers take the following steps to deter CATOs: • Performing a business risk assessment incorporating the processes used to initiate financial transactions. • Provide regular internet and email security training for all employees. • Require multifactor authentication to access both the Services and corporate email. • Usernames and passwords should be stored confidentially. Passwords should be complex (at least 12 characters with letters, numbers and symbols) and never used on multiple websites. Do not use automatic login features where usernames and passwords are automatically filled into a web browser without additional authentication. • Implement mandatory dual control for ACH and wire transactions. When two users are required to process transactions, the frequency of fraudulent transactions decreases substantially. • Monitor alerts and review the Site regularly to observe any balance changes, transfers, password changes, ACH/wire processing and account maintenance (phone or email address changes). • Remove online user accounts as part of the exit procedure when employees leave the company. Disable user accounts for employees on extended leave. Provide Bank with prompt notice thereof. • Do not use public or other unsecure computers or network connections (Wi-Fi) to access online services. • Review account balances and transactions regularly (daily is preferred). Please report any suspicious activity to Central Bank as soon as it is identified. • Do not click on links in unexpected e-mails or open attachments in unexpected e-mails, even from known senders. Be suspicious of any email asking for personal information including: account numbers, account verification, usernames, passwords or any personal information. • Develop an incident response program. This should include procedures to follow and resources to contact in the event of a malicious security event.

Additional Provisions Applicable Only to Business Accounts. A. If you are a corporation, partnership, limited liability company, association or some other form of business entity, that is accessing your business account through Retail Online Banking, you may have been issued we will issue one set of access codes (user ID, password, AAI, Access Credentials and any additional Security Procedures to an Account owner for your) company representativeeach Authorized Party. It is your responsibility to ensure that access codes Security Procedures are provided only to persons you authorize. You represent to us that each company representative Account owner, Authorized Party, and anyone else using your access codes Security Procedures has general authority from your company to give us instructions to perform transactions using the Services. Each person using you authorize to access your access codes Accounts through the Online Banking Services will have the ability to: • Transfer funds between your FCB Accounts. • Make payments using the from all Bill Payment ServicesPay funding Accounts, regardless of the dollar amount of the transaction. • Make payments regardless of whether he/she is otherwise an authorized signer on any bill pay funding Accounts that are accessed. • Obtain information that we make available about qualifying eligible Accounts. • Obtain other services Services or perform other transactions that we authorize or allow. • Allow anyone else to use those access codes Security Procedures to make payments or obtain information or other services. B. Customer Liability for Unauthorized Transactions From Business Accounts . • View statements. • View Check images. You are liable for all transactions that you make or authorize, even if the person you authorize exceeds your authority. If you or a company representative has given someone your access codes Security Procedures and you want to terminate that person’s authority, you must notify us that transactions by such a person are no longer authorized. You will be solely liable for all transactions and other communications initiated before FCB has received such notification and has had a reasonable opportunity to act on such notification. We may have to change your access codes Security Procedures or take additional steps to prevent further access by such person. Our system supporting the Services is designed so that it may be operated only upon entry of valid access codesSecurity Procedures. Since we condition access upon entry of valid access codesSecurity Procedures, we will accept instructions for payments or other transactions from any person using valid access codesSecurity Procedures. This is so even if the person obtaining access: • Is not a company representative. • Exceeds your authority or that granted by any company representative. • Does not have your authority. • Has had his/her authority changed or revoked. • Is an imposter or thief. You agree to be bound by all transactions from any business Account for which valid login was given Security Procedures were used. You authorize us to treat any instructions we receive using valid access codes Security Procedures as if the instructions had been made in writing and signed by the appropriate company representative. Unless there is substantial evidence You agree that FCB’s records as to the contrary, our records this Agreement and all related agreements and Service provisions will be conclusive conclusive, binding, and presumed accurate, in the absence of manifest error, regarding any access to, or action taken through, the Services. Notwithstanding the foregoing, we agree that you will not be responsible for transactions which occur after you have notified us to block the access codes Security Procedures that were used to perform the transaction, and we have had a reasonable opportunity to do so. Thus, the sooner you notify us of a problem, the better you can keep your losses down. Bank can If we fail or delay in making a transfer pursuant to your instructions, or if we make a transfer in an erroneous amount which is less than the amount per your instructions, unless otherwise required by law, our liability shall be contacted as stated in Section III.C. You agree limited to promptly examine all Account statements and any confirmations of payments interest on the amount which we failed to timely transfer, calculated from the date on which the transfer was to be made until the date it was actually made or you canceled the instructions. We may send pay such interest either to you or make available the intended recipient of the transfer, but in no event will we be liable to youboth parties, and our payment to promptly notify us of either party will fully discharge any discrepancy or error within fourteen (14) days of receipt of any such statement or confirmationobligation to the other. Call us or write to us at If we make a transfer in an erroneous amount which exceeds the contact number or address set forth in Section III.C. of this Agreement as soon as you canamount per your instructions, if you think your statement is wrong or if we permit an unauthorized transfer after we have had a reasonable time to act on a notice from you need more information about of possible unauthorized use as described above, unless otherwise required by law, our liability will be limited to a refund of the amount erroneously paid or transferred, plus interest thereon from the date of the payment or transfer covered by this Agreement which is listed on to the statement. C. Limitations on Our Liability date of the refund, but in Connection with Business Accounts We will make every reasonable effort no event to resolve any disputes that may arise in connection with the Serviceexceed sixty (60) days’ interest. We will only be responsible for acting on instructions that If we actually receive. We cannot assume responsibility for any malfunctions or capacity reductions or other problems in your equipment or in public communications networks not under our control that may affect the accuracy or timeliness of transactions you perform. Our only liability is to correct errors within our control. We are not responsible or become liable to you for any loss, damage or injury caused by the Services. Neither will we be liable for any consequential, incidental, special, indirect or punitive loss or damage, including but not limited to dishonor of checks or other items or expenses which you may incur or suffer by reason of interest compensation under this Agreement or the services we provideapplicable law, whether or not the possibility or likelihood of such loss, damage, or expense is known to us. WE MAKE NO WARRANTIES, EXPRESS OR IMPLIED, IN CONNECTION WITH THE SERVICES WE PROVIDE YOU UNDER THIS AGREEMENT, INCLUDING, WITHOUT LIMITATION, THE WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. D. Security Procedures By entering into this Agreement and using the Service to perform transactions from business Accounts, you agree to comply with all of our present and future security procedures with respect to transactions and services covered by this Agreement. This includes, but is not limited to, protection of login ID, password, and AAI and other personal and business information. Our security procedures are contained in this Agreement and in other written procedures we may provide to you. Customer shall use reasonable efforts to enforce the terms associated with the tokens. Customer interest shall be solely responsible for use regarding tokens and any violations of calculated based on the restrictions on use as set forth in this Agreement. Customer agrees that average federal funds rate at the Federal Reserve Bank in the event of any breach of district where FCB is headquartered for each day interest is due, computed on the terms of this Agreement, Customer will indemnify Bank against claims and losses arising from Customer’s actions that cause Bank to be in violation of the terms of this Agreement. Customer is strictly responsible to establish and maintain the procedures to safeguard against unauthorized transactions. Customer warrants that no individual will be allowed to initiate transfers in the absence of proper supervision and safeguards, and agrees to take reasonable steps to maintain the confidentiality of the security procedures and any log-on ID, AAI, passwords, tokens, and related instructions provided by Bank in connection with the security procedures. If Customer believes or suspects that any such information or instructions have been known or accessed by unauthorized persons, Customer agrees to notify Bank immediately followed by ▇▇▇▇▇▇▇▇’s written confirmation. The occurrence of unauthorized access will not affect any transfers made in good faith by Bank prior to receipt of such notification and within a reasonable time period to prevent unauthorized transfers. Customer agrees that it, and not Bank, have control over their computer systems. Accordingly, Customer assumes all liability related to connecting and securing internet access to the proper computer as well as complete control over the physical security of their Access Devices. Customer is solely responsible for the accurate creation, modification, and deletion of the Account information maintained on Customer’s Access Device used to interact with the Site. You acknowledge receiving a copy in writing of our current security procedures in other documents and disclosures we may provide to you. You agree that our current security procedures are commercially reasonable in the context of your business operations. We may at any time change our security procedures. We may advise you of such changes to the extent they affect your use of transactions and services under this Agreement, but failure to do so will not affect your obligations or our rights. You agree to give all of our security procedures the highest level of confidentiality and to ensure that no access codes are used by or accessible to anyone other than persons you have authorized. Notwithstanding any security procedure, which may from time to time be in effect for detecting errors in transactions covered by this Agreement, we have no duty to discover or report to you any such errors. Neither shall we be liable to you for the failure of such security procedure to detect such errors, regardless of the manner in which we apply such security procedures. You acknowledge and agree that corporate account takeovers ( “CATO”) wherein unauthorized person maliciously takes over a corporate bank account present significant risk to your assets. If an attacker gains access to an online account, they can transfer funds, steal sensitive customer information, and jeopardize the financial assets and position basis of a victim. Preventing CATO is primarily your responsibility. Prevention measures include a combination of training, technology, and good business policies. Central Bank recommends that Customers take the following steps to deter CATOs: • Performing a business risk assessment incorporating the processes used to initiate financial transactions. • Provide regular internet and email security training for all employees. • Require multifactor authentication to access both the Services and corporate email. • Usernames and passwords should be stored confidentially. Passwords should be complex (at least 12 characters with letters, numbers and symbols) and never used on multiple websites. Do not use automatic login features where usernames and passwords are automatically filled into a web browser without additional authentication. • Implement mandatory dual control for ACH and wire transactions. When two users are required to process transactions, the frequency of fraudulent transactions decreases substantially. • Monitor alerts and review the Site regularly to observe any balance changes, transfers, password changes, ACH/wire processing and account maintenance (phone or email address changes). • Remove online user accounts as part of the exit procedure when employees leave the company. Disable user accounts for employees on extended leave. Provide Bank with prompt notice thereof. • Do not use public or other unsecure computers or network connections (Wi360-Fi) to access online services. • Review account balances and transactions regularly (daily is preferred). Please report any suspicious activity to Central Bank as soon as it is identified. • Do not click on links in unexpected e-mails or open attachments in unexpected e-mails, even from known senders. Be suspicious of any email asking for personal information including: account numbers, account verification, usernames, passwords or any personal information. • Develop an incident response program. This should include procedures to follow and resources to contact in the event of a malicious security eventday year.

Additional Provisions Applicable Only to Business Accounts. (other than Sole Proprietors) A. If How do you are a corporationprotect your password? The loss, partnershiptheft or unauthorized use of your username and password could result in the loss of all the money in your account, limited liability company, association or some other form plus any amount available under your ready reserve. Your use of business entity, that is accessing your business account through Retail Online Banking, you may have been issued one set of access codes (user ID, password, AAI, for your) company representative. It the Electronic Banking Services is your responsibility agreement to ensure that access codes are provided only assume all risks and losses associated with the disclosure of your username and password to persons you authorize. You represent to us that each company representative and anyone else using your access codes has general authority from your company to give us instructions to perform transactions using the Services. Each person using your access codes will have the ability to: • Transfer funds between your Accounts. • Make payments using the Bill Payment Services, regardless of the dollar amount of the transaction. • Make payments regardless of whether he/she is otherwise an authorized signer on any Accounts that are accessed. • Obtain information that we make available about qualifying Accounts. • Obtain other services or perform other transactions that we authorize or allow. • Allow anyone else to use those access codes to make payments or obtain information employees or other services. B. Customer Liability for Unauthorized Transactions From Business Accounts You are liable for all transactions that you make or authorize, even if the person you authorize exceeds your authority. If you or a company representative has given someone your access codes and want to terminate that person’s authority, you must notify us that transactions by such a person are no longer authorized. We may have to change your access codes or take additional steps to prevent further access by such person. Our system supporting the Services is designed so that it may be operated only upon entry of valid access codes. Since we condition access upon entry of valid access codes, we will accept instructions for payments or other transactions from any person using valid access codes. This is so even if the person obtaining access: • Is not a company representative. • Exceeds your authority or that granted by any company representative. • Does not have your authority. • Has had his/her authority changed or revoked. • Is an imposter or thiefpersons. You agree that we may send notices and other communications, including password confirmations, to be bound by all transactions from the current address shown in our records, whether or not that address includes a designation for delivery to the attention of any business Account for which valid login was given were usedparticular individual. You authorize us to treat any instructions we receive using valid access codes as if the instructions had been made in writing and signed by the appropriate company representative. Unless there is substantial evidence to the contrary, our records will be conclusive regarding any access to, or action taken through, the Services. Notwithstanding the foregoing, we further agree that you ▇▇▇▇▇▇▇▇ State Bank will not be responsible or liable to you in any way if information is intercepted by an unauthorized person, either in transit or at your place of business. You agree to: 1) keep your password secure and strictly confidential, providing it only to authorized signers on your account(s); 2) instruct each person to whom you give your password that he or she is not to disclose it to any unauthorized person; and 3) immediately notify us and select a new password if you believe your password may have become known to an unauthorized person. The Bank will have no liability to you for transactions which occur after any unauthorized payment or transfer made using your password that occurs before you have notified us to block the access codes that were used to perform the transaction, of possible unauthorized use and we have had a reasonable opportunity to do so. Thus, the sooner you notify us of a problem, the better you can keep your losses down. Bank can be contacted as stated in Section III.C. You agree to promptly examine all Account statements and any confirmations of payments which we may send or make available to you, and to promptly notify us of any discrepancy or error within fourteen (14) days of receipt of any such statement or confirmation. Call us or write to us at the contact number or address set forth in Section III.C. of this Agreement as soon as you can, if you think your statement is wrong or if you need more information about a transfer covered by this Agreement which is listed act on the statement. C. Limitations on Our Liability in Connection with Business Accounts We will make every reasonable effort to resolve any disputes that may arise in connection with the Service. We will only be responsible for acting on instructions that we actually receive. We cannot assume responsibility for any malfunctions or capacity reductions or other problems in your equipment or in public communications networks not under our control that may affect the accuracy or timeliness of transactions you perform. Our only liability is to correct errors within our control. We are not responsible or liable to you for any loss, damage or injury caused by the Services. Neither will we be liable for any consequential, incidental, special, indirect or punitive loss or damage, including but not limited to dishonor of checks or other items or expenses which you may incur or suffer by reason of this Agreement or the services we provide, whether or not the possibility or likelihood of such loss, damage, or expense is known to us. WE MAKE NO WARRANTIES, EXPRESS OR IMPLIED, IN CONNECTION WITH THE SERVICES WE PROVIDE YOU UNDER THIS AGREEMENT, INCLUDING, WITHOUT LIMITATION, THE WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. D. Security Procedures By entering into this Agreement and using the Service to perform transactions from business Accounts, you agree to comply with all of our present and future security procedures with respect to transactions and services covered by this Agreement. This includes, but is not limited to, protection of login ID, password, and AAI and other personal and business information. Our security procedures are contained in this Agreement and in other written procedures we may provide to you. Customer shall use reasonable efforts to enforce the terms associated with the tokens. Customer shall be solely responsible for use regarding tokens and any violations of the restrictions on use as set forth in this Agreement. Customer agrees that in the event of any breach of the terms of this Agreement, Customer will indemnify Bank against claims and losses arising from Customer’s actions that cause Bank to be in violation of the terms of this Agreement. Customer is strictly responsible to establish and maintain the procedures to safeguard against unauthorized transactions. Customer warrants that no individual will be allowed to initiate transfers in the absence of proper supervision and safeguards, and agrees to take reasonable steps to maintain the confidentiality of the security procedures and any log-on ID, AAI, passwords, tokens, and related instructions provided by Bank in connection with the security procedures. If Customer believes or suspects that any such information or instructions have been known or accessed by unauthorized persons, Customer agrees to notify Bank immediately followed by ▇▇▇▇▇▇▇▇’s written confirmation. The occurrence of unauthorized access will not affect any transfers made in good faith by Bank prior to receipt of such notification and within a reasonable time period to prevent unauthorized transfers. Customer agrees that it, and not Bank, have control over their computer systems. Accordingly, Customer assumes all liability related to connecting and securing internet access to the proper computer as well as complete control over the physical security of their Access Devices. Customer is solely responsible for the accurate creation, modification, and deletion of the Account information maintained on Customer’s Access Device used to interact with the Site. You acknowledge receiving a copy in writing of our current security procedures in other documents and disclosures we may provide to you. You agree that our current security procedures are commercially reasonable in the context of your business operationsnotice. We may at any time change our suspend or cancel your password even without receiving such notice from you, if we suspect your password is being used in an unauthorized or fraudulent manner. B. Acknowledgement of Commercially Reasonable Security Procedures. By using Electronic Banking, you acknowledge and agree that this Agreement sets forth security procedures. We may advise you of such changes to the extent they affect your use of procedures for electronic banking transactions and services under this Agreement, but failure to do so will not affect your obligations or our rightsthat are commercially reasonable. You agree to give all of our security procedures the highest level of confidentiality and to ensure that no access codes are used be bound by instructions, whether authorized or accessible to anyone other than persons unauthorized, which we implement in compliance with these procedures, unless you have authorized. Notwithstanding any security procedure, which may from time given us prior notice of possible unauthorized use as described above (and we had a reasonable opportunity to time be in effect for detecting errors in transactions covered by this Agreement, we have no duty to discover or report to you any act on such errors. Neither shall we be liable to you for the failure of such security procedure to detect such errors, regardless of the manner in which we apply such security procedures. You acknowledge and agree that corporate account takeovers ( “CATO”) wherein unauthorized person maliciously takes over a corporate bank account present significant risk to your assets. If an attacker gains access to an online account, they can transfer funds, steal sensitive customer information, and jeopardize the financial assets and position of a victim. Preventing CATO is primarily your responsibility. Prevention measures include a combination of training, technology, and good business policies. Central Bank recommends that Customers take the following steps to deter CATOs: • Performing a business risk assessment incorporating the processes used to initiate financial transactions. • Provide regular internet and email security training for all employees. • Require multifactor authentication to access both the Services and corporate email. • Usernames and passwords should be stored confidentially. Passwords should be complex (at least 12 characters with letters, numbers and symbols) and never used on multiple websites. Do not use automatic login features where usernames and passwords are automatically filled into a web browser without additional authentication. • Implement mandatory dual control for ACH and wire transactions. When two users are required to process transactions, the frequency of fraudulent transactions decreases substantially. • Monitor alerts and review the Site regularly to observe any balance changes, transfers, password changes, ACH/wire processing and account maintenance (phone or email address changesnotice). • Remove online user accounts as part of the exit procedure when employees leave the company. Disable user accounts for employees on extended leave. Provide Bank with prompt notice thereof. • Do not use public or other unsecure computers or network connections (Wi-Fi) to access online services. • Review account balances and transactions regularly (daily is preferred). Please report any suspicious activity to Central Bank as soon as it is identified. • Do not click on links in unexpected e-mails or open attachments in unexpected e-mails, even from known senders. Be suspicious of any email asking for personal information including: account numbers, account verification, usernames, passwords or any personal information. • Develop an incident response program. This should include procedures to follow and resources to contact in the event of a malicious security event.