Security Report. Within one hundred eighty (180) days of the effective date of a Service Addendum; and within ten (10) days of each anniversary thereof (or as may otherwise be reasonably requested by Ministerio de Hacienda), Company will deliver to Ministerio de Hacienda a report prepared (no more than one (1) year prior to such date) by an audit firm and such report must describe Company's systems and security controls implemented and used at the locations involved in Company's provision of the Services governed by the Service Addendum (such report, the "Security Report"). The third-party auditor must be a widely-used and reputable auditor in the financial services industry in the applicable jurisdiction and with respect to the United States must be a national major auditing firm. The Security Report must be a SOC 2 Type II report that has been prepared in accordance with the American Institute of Certified Public Accountants' Trust Service Principles/Criteria (including security, availability, processing integrity, confidentiality, and privacy). Where a SOC 2 Type II report cannot be procured or where it is not a common report in the applicable jurisdiction, Company may provide a mutually agreed upon widely accepted equivalent (e.g., a SOC2 Type I report during an initial period). Company will use its best commercially reasonable efforts to cause each Service Provider to also provide Ministerio de Hacienda a Security Report in accordance with the foregoing requirements.
Appears in 2 contracts
Sources: Master Services Agreement (Athena Bitcoin Global), Master Services Agreement (Athena Bitcoin Global)