Common use of Physical and Electronic Security Clause in Contracts

Physical and Electronic Security. (a) Third-Party Sender is solely responsible for providing for and maintaining the physical, electronic, procedural, administrative, and technical security of data and systems in Third-Party Sender’s possession or under Third-Party Sender’s control. Without limiting the generality of the foregoing, Third-Party Sender specifically acknowledges and agrees that as part of the foregoing obligation Third-Party Sender shall comply with the provisions of Section 1.6 of the Rules, entitled “Security Requirements,” for the safeguarding of Protected Information, as that term is defined in the Rules. Financial Institution is not responsible for any computer viruses (including, without limitation, programs commonly referred to as “malware,” “keystroke loggers,” and/or “spyware”), problems or malfunctions resulting from any computer viruses, or any related problems that may be associated with the use of Effective December 7, 2022 an online system or any ACH Origination services. Any material downloaded or otherwise obtained is obtained at Third-Party Sender’s own discretion and risk, and Financial Institution is not responsible for any damage to Third- Party Sender’s computer or operating systems or for loss of data that results from the download of any such material, whether due to any computer virus or otherwise. Third-Party Sender is solely responsible for maintaining and applying anti-virus software, security patches, firewalls, and other security measures with respect to Third-Party Sender’s operating systems, and for protecting, securing, and backing up any data and information stored in or on Third-Party Sender’s operating systems. Financial Institution is not responsible for any errors or failures resulting from defects in or malfunctions of any software installed on Third-Party Sender’s operating systems or accessed through an Internet connection. (b) Third-Party Sender acknowledges and agrees that it is Third-Party Sender’s responsibility to protect itself and to be vigilant against e-mail fraud and other internet frauds and schemes (including, without limitation, fraud commonly referred to as “phishing” and “pharming”). Third-Party Sender agrees to educate User(s), agents, and employees as to the risks of such fraud and to train such persons to avoid such risks. Third-Party Sender acknowledges that Financial Institution will never contact Third-Party Sender by e-mail in order to ask for or to verify account numbers, Security Devices, or any sensitive or confidential information. In the event Third-Party Sender receives an e-mail or other electronic communication that Third-Party Sender believes, or has reason to believe, is fraudulent, Third-Party Sender agrees that neither Third-Party Sender nor its User(s), agents, and employees shall respond to the e-mail, provide any information to the e-mail sender, click on any links in the e-mail, or otherwise comply with any instructions in the e-mail. Third-Party Sender agrees that Financial Institution is not responsible for any losses, injuries, or harm incurred by Third-Party Sender as a result of any electronic, e-mail, or Internet fraud. (c) In the event of a breach of the Security Procedure, Third-Party Sender agrees to assist Financial Institution in determining the manner and source of the breach. Such assistance shall include, but shall not be limited to, providing Financial Institution or Financial Institution’s agent access to Third-Party Sender’s hard drive, storage media and devices, systems and any other equipment or device that was used in breach of the Security Procedure. Third-Party Sender further agrees to provide to Financial Institution any analysis of such equipment, device, or software or any report of such analysis performed by Third-Party Sender, Third-Party Sender’s agents, law enforcement agencies, or any other third party. Failure of Third-Party Sender to assist Financial Institution as provided herein shall be an admission by Third-Party Sender that the breach of the Security Procedure was caused by a person who obtained access to transmitting facilities of Third-Party Sender or who obtained information facilitating the breach of the Security Procedure from Third-Party Sender and not from a source controlled by Financial Institution.

Physical and Electronic Security. (a) 7.1. Third-Party Sender is solely responsible for providing for and maintaining the physical, electronic, procedural, administrative, and technical security of data and systems in Third-Party Sender’s possession or under Third-Party Sender’s control. Without limiting the generality of the foregoing, Third-Party Sender specifically acknowledges and agrees that as part of the foregoing obligation Third-Party Sender shall comply with the provisions of Section 1.6 of the Rules, entitled “Security Requirements,” for the safeguarding of Protected Information, as that term is defined in the Rules. Financial Institution Bank is not responsible for any computer viruses (including, without limitation, programs commonly referred to as “malware,” “keystroke loggers,” and/or “spyware”), problems or malfunctions resulting from any computer viruses, or any related problems that may be associated with the use of Effective December 7, 2022 an online system or any ACH Origination services. Any material downloaded or otherwise obtained is obtained at Third-Party Sender’s own discretion and risk, and Financial Institution Bank is not responsible for any damage to Third- Third-Party Sender’s computer or operating systems or for loss of data that results from the download of any such material, whether due to any computer virus or otherwise. Third-Party Sender is solely responsible for maintaining and applying anti-virus software, security patches, firewalls, and other security measures with respect to Third-Party Sender’s operating systems, and for protecting, securing, and backing up any data and information stored in or on Third-Party Sender’s operating systems. Financial Institution Bank is not responsible for any errors or failures resulting from defects in or malfunctions of any software installed on Third-Party Sender’s operating systems or accessed through an Internet connection. (b) 7.2. Third-Party Sender acknowledges and agrees that it is Third-Party Sender’s its responsibility to protect itself and to be vigilant against e-mail fraud and other internet frauds and schemes (including, without limitation, fraud commonly referred to as “phishing” and “pharming”). Third-Party Sender agrees to educate User(s)User, agents, and employees as to the risks of such fraud and to train such persons to avoid such risks. Third-Party Sender acknowledges that Financial Institution Bank will never contact Third-Party Sender by e-mail in order to ask for or to verify account Account numbers, Security Devices, or any sensitive or confidential information. In the event Third-Party Sender receives an e-mail or other electronic communication that Third-Party Sender believes, or has reason to believe, is fraudulent, Third-Party Sender agrees agree that neither Third-Party Sender Sender, nor its User(s), agents, and employees shall respond to the e-mail, provide any information to the e-mail sender, click on any links in the e-mail, or otherwise comply with any instructions in the e-e- mail. Third-Party Sender agrees that Financial Institution Bank is not responsible for any losses, injuries, or harm incurred by Third-Third- Party Sender as a result of any electronic, e-mail, or Internet internet fraud. (c) 7.3. In the event of a breach of the Security ProcedureProcedures, Third-Party Sender agrees to assist Financial Institution Bank in determining the manner and source of the breach. Such assistance shall include, but shall not be limited to, providing Financial Institution Bank or Financial InstitutionBank’s agent access to Third-Party Sender’s hard drive, storage media and devices, systems and any other equipment or device that was used in breach of the Security ProcedureProcedures. Third-Party Sender further agrees to provide to Financial Institution Bank any analysis of such equipment, device, or software or any report of such analysis performed by Third-Party Sender, Third-Party Sender’s agents, law enforcement agencies, or any other third party. Failure of Third-Party Sender to assist Financial Institution as provided herein Bank shall be an admission by Third-Party Sender that the breach of the Security Procedure Procedures was caused by a person who obtained access to transmitting facilities of Third-Party Sender or who obtained information facilitating the breach of the Security Procedure Procedures from Third-Party Sender and not from a source controlled by Financial InstitutionBank.

Physical and Electronic Security. (a) Third-Party Sender is solely responsible for providing for and maintaining the physical, electronic, procedural, administrative, and technical security of data and systems in Third-Party Sender’s possession or under Third-Party Sender’s control. Without limiting the generality of the foregoing, Third-Party Sender specifically acknowledges and agrees that as part of the foregoing obligation Third-Party Sender shall comply with the provisions of Section 1.6 of the Rules, entitled “Security Requirements,” for the safeguarding of Protected Information, as that term is defined in the Rules. Financial Institution is not responsible for any computer viruses (including, without limitation, programs commonly referred to as “malware,” “keystroke loggers,” and/or “spyware”), problems or malfunctions resulting from any computer viruses, or any related problems that may be associated with the use of Effective December 7February 6, 2022 2023 an online system or any ACH Origination services. Any material downloaded or otherwise obtained is obtained at Third-Party Sender’s own discretion and risk, and Financial Institution is not responsible for any damage to Third- Party Sender’s computer or operating systems or for loss of data that results from the download of any such material, whether due to any computer virus or otherwise. Third-Party Sender is solely responsible for maintaining and applying anti-virus software, security patches, firewalls, and other security measures with respect to Third-Party Sender’s operating systems, and for protecting, securing, and backing up any data and information stored in or on Third-Party Sender’s operating systems. Financial Institution is not responsible for any errors or failures resulting from defects in or malfunctions of any software installed on Third-Party Sender’s operating systems or accessed through an Internet connection. (b) Third-Party Sender acknowledges and agrees that it is Third-Party Sender’s responsibility to protect itself and to be vigilant against e-mail fraud and other internet frauds and schemes (including, without limitation, fraud commonly referred to as “phishing” and “pharming”). Third-Party Sender agrees to educate User(s), agents, and employees as to the risks of such fraud and to train such persons to avoid such risks. Third-Party Sender acknowledges that Financial Institution will never contact Third-Party Sender by e-mail in order to ask for or to verify account numbers, Security Devices, or any sensitive or confidential information. In the event Third-Party Sender receives an e-mail or other electronic communication that Third-Party Sender believes, or has reason to believe, is fraudulent, Third-Party Sender agrees that neither Third-Party Sender nor its User(s), agents, and employees shall respond to the e-mail, provide any information to the e-mail sender, click on any links in the e-mail, or otherwise comply with any instructions in the e-mail. Third-Party Sender agrees that Financial Institution is not responsible for any losses, injuries, or harm incurred by Third-Party Sender as a result of any electronic, e-mail, or Internet fraud. (c) In the event of a breach of the Security Procedure, Third-Party Sender agrees to assist Financial Institution in determining the manner and source of the breach. Such assistance shall include, but shall not be limited to, providing Financial Institution or Financial Institution’s agent access to Third-Party Sender’s hard drive, storage media and devices, systems and any other equipment or device that was used in breach of the Security Procedure. Third-Party Sender further agrees to provide to Financial Institution any analysis of such equipment, device, or software or any report of such analysis performed by Third-Party Sender, Third-Party Sender’s agents, law enforcement agencies, or any other third party. Failure of Third-Party Sender to assist Financial Institution as provided herein shall be an admission by Third-Party Sender that the breach of the Security Procedure was caused by a person who obtained access to transmitting facilities of Third-Party Sender or who obtained information facilitating the breach of the Security Procedure from Third-Party Sender and not from a source controlled by Financial Institution.

Physical and Electronic Security. (a) a. Third-Party Sender is solely responsible for providing for and maintaining the physical, electronic, procedural, administrative, and technical security of data and systems in Third-Party Sender’s possession or under Third-Party Sender’s control. Without limiting the generality of the foregoing, Third-Party Sender specifically acknowledges and agrees that as part of the foregoing obligation Third-Party Sender shall comply with the provisions of Section 1.6 of security requirements applicable to Entries, whether under the RulesRules or under relevant law, entitled “Security Requirements,” for the safeguarding of Protected Information, as that term is defined in the Rulesrule or regulation. Financial Institution Banc is not responsible for any computer viruses (including, without limitation, programs commonly referred to as “malware,” “keystroke loggers,” and/or “spyware”), problems or malfunctions resulting from any computer viruses, or any related problems that may be associated with the use of Effective December 7, 2022 an online system or any ACH Origination services. Any material downloaded or otherwise obtained is obtained at Third-Party Sender’s own discretion and risk, and Financial Institution Banc is not responsible for any damage to Third- Third-Party Sender’s computer or operating systems or for loss of data that results from the download of any such material, whether due to any computer virus or otherwise. Third-Party Sender is solely responsible for maintaining and applying anti-virus software, security patches, firewalls, and other security measures with respect to Third-Party Sender’s operating systems, and for protecting, securing, and backing up any data and information stored in or on Third-Party Sender’s operating systems. Financial Institution Banc is not responsible for any errors or failures resulting from defects in or malfunctions of any software installed on Third-Party Sender’s operating systems or accessed through an Internet connection. (b) b. Third-Party Sender acknowledges and agrees that it is Third-Party Sender’s its responsibility to protect itself and to be vigilant against e-mail fraud and other internet frauds and schemes (including, without limitation, fraud commonly referred to as “phishing” and “pharming”). Third-Party Sender agrees to educate User(s)User, agents, and employees as to the risks of such fraud and to train such persons to avoid such risks. Third-Party Sender acknowledges that Financial Institution will never contact Third-Party Sender by e-mail in order to ask for or to verify account numbers, Security Devices, or any sensitive or confidential information. In the event Third-Party Sender receives an e-mail or other electronic communication that Third-Party Sender believes, or has reason to believe, is fraudulent, Third-Party Sender agrees that neither Third-Party Sender Sender, nor its User(s), agents, and employees shall respond to the e-mail, provide any information to the e-mail sender, click on any links in the e-mail, or otherwise comply with any instructions in the e-mail. Third-Party Sender agrees that Financial Institution Banc is not responsible for any losses, injuries, or harm incurred by Third-Party Sender as a result of any electronic, e-mail, or Internet internet fraud. (c) c. In the event of a breach of the Security ProcedureProcedures, Third-Party Sender agrees to assist Financial Institution Banc in determining the manner and source of the breach. Such assistance shall include, but shall not be limited to, providing Financial Institution Banc or Financial InstitutionBanc’s agent access to Third-Third- Party Sender’s hard drive, storage media and devices, systems and any other equipment or device that was used in breach of the Security Procedure. Third-Party Sender further agrees to provide to Financial Institution Banc any analysis of such equipment, device, or software or any report of such analysis performed by Third-Party Sender, Third-Party Sender’s agents, law enforcement agencies, or any other third party. Failure of Third-Party Sender to assist Financial Institution as provided herein Banc shall be an admission by Third-Party Sender that the breach of the Security Procedure Procedures was caused by a person who obtained access to transmitting facilities of Third-Party Sender or who obtained information facilitating the breach of the Security Procedure Procedures from Third-Party Sender and not from a source controlled by Financial InstitutionBanc.

Physical and Electronic Security. (a) Third-Party Sender is solely responsible for providing for and maintaining the physical, electronic, procedural, administrative, and technical security of data and systems in Third-Party Sender’s possession or under Third-Party Sender’s control. Without limiting the generality of the foregoing, Third-Party Sender specifically acknowledges and agrees that as part of the foregoing obligation Third-Party Sender shall comply with the provisions of Section 1.6 of the Rules, entitled “Security Requirements,” for the safeguarding of Protected Information, as that term is defined in the Rules. Financial Institution is not responsible for any computer viruses (including, without limitation, programs commonly referred to as “malware,” “keystroke loggers,” and/or “spyware”), problems or malfunctions resulting from any computer viruses, or any related problems that may be associated with the use of Effective December 7, 2022 an online system or any ACH Origination services. Any material downloaded or otherwise obtained is obtained at Third-Party Sender’s own discretion and risk, and Financial Institution is not responsible for any damage to Third- Party Sender’s computer or operating systems or for loss of data that results from the download of any such material, whether due to any computer virus or otherwise. Third-Party Sender is solely responsible for maintaining and applying anti-virus software, security patches, firewalls, and other security measures with respect to Third-Party Sender’s operating systems, and for protecting, securing, and backing up any data and information stored in or on Third-Party Sender’s operating systems. Financial Institution is not responsible for any errors or failures resulting from defects in or malfunctions of any software installed on Third-Party Sender’s operating systems or accessed through an Internet connection. (b) Third-Party Sender acknowledges and agrees that it is Third-Party Sender’s responsibility to protect itself and to be vigilant against e-mail fraud and other internet frauds and schemes (including, without limitation, fraud commonly referred to as “phishing” and “pharming”). Third-Party Sender agrees to educate User(s), agents, and employees as to the risks of such fraud and to train such persons to avoid such risks. Third-Party Sender acknowledges that Financial Institution will never contact Third-Party Sender by e-mail in order to ask for or to verify account numbers, Security Devices, or any sensitive or confidential information. In the event Third-Party Sender receives an e-mail or other electronic communication that Third-Party Sender believes, or has reason to believe, is fraudulent, Third-Party Sender agrees that neither Third-Party Sender nor its User(s), agents, and employees shall respond to the e-mail, provide any information to the e-mail sender, click on any links in the e-mail, or otherwise comply with any instructions in the e-mail. Third-Party Sender agrees that Financial Institution is not responsible for any losses, injuries, or harm incurred by Third-Party Sender as a result of any electronic, e-mail, or Internet fraud. (c) In the event of a breach of the Security Procedure, Third-Party Sender agrees to assist Financial Institution in determining the manner and source of the breach. Such assistance shall include, but shall not be limited to, providing Financial Institution or Financial Institution’s agent access to Third-Party Sender’s hard drive, storage media and devices, systems and any other equipment or device that was used in breach of the Security Procedure. Third-Party Sender further agrees to provide to Financial Institution any analysis of such equipment, device, or software or any report of such analysis performed by Third-Party Sender, Third-Party Sender’s agents, law enforcement agencies, or any other third party. Failure of Third-Party Sender to assist Financial Institution as provided herein shall be an admission by Third-Party Sender that the breach of the Security Procedure was caused by a person who obtained access to transmitting facilities of Third-Party Sender or who obtained information facilitating the breach of the Security Procedure from Third-Party Sender and not from a source controlled by Financial Institution.