AMENDMENT NO. 2 TO SCHWAB MASTER FUND ACCOUNTING AND SERVICES AGREEMENT
Exhibit (h)(iii)(b)
AMENDMENT NO. 2 TO ▇▇▇▇▇▇
MASTER FUND ACCOUNTING AND SERVICES AGREEMENT
This Amendment No. 2 to Master Fund Accounting and Services Agreements (the “Amendment”), effective as of November 14, 2024, is by and among each Fund (as defined below) and State Street Bank and Trust Company, a Massachusetts trust company (the “Accounting Agent”). Capitalized terms used but not defined herein shall have the meaning ascribed to them in the Accounting Agreements (as defined below).
WITNESSETH:
WHEREAS, the investment companies identified on Appendix A hereto (the “▇▇▇▇▇▇ Funds”) and the Accounting Agent entered into that certain Master Fund Accounting and Services Agreements dated as of October 1, 2005 (as amended, the “▇▇▇▇▇▇ Accounting Agreement” or “Agreement”), pursuant to which the Accounting Agent provides certain fund accounting services to such ▇▇▇▇▇▇ Funds; and
WHEREAS, the ▇▇▇▇▇▇ Funds and the Accounting Agent desire to amend the ▇▇▇▇▇▇ Accounting Agreement as more particularly set forth below.
NOW THEREFORE, in consideration of the mutual covenants and agreements hereinafter contained, the parties hereto agree as follows:
| 1. | Information Security. The following new Section is hereby added to the ▇▇▇▇▇▇ Accounting Agreement: |
“SECTION 11.14. INFORMATION SECURITY. Accounting Agent shall comply with the provisions described in Schedule C (Accounting Agent Information Security Schedule) attached hereto.”
| 2. | Schedule C: Attachment No 1 to the Amendment attached hereto shall be added to the Agreement as Schedule C (Accounting Agent Information Security Schedule). |
| 3. | Except as modified hereby, all other terms and conditions of the ▇▇▇▇▇▇ Accounting Agreement shall remain in full force and effect. |
| 4. | This Amendment may be executed in multiple counterparts, which together shall constitute one instrument. |
[SIGNATURE PAGE FOLLOWS]
SIGNATURE PAGE
IN WITNESS WHEREOF, each of the parties has caused this instrument to be executed in its name and behalf by its duly authorized representative and its seal to be hereunder affixed as of the date first above-written.
EACH OF THE ENTITIES SET FORTH ON APPENDIX A HERETO
| By: | /s/ ▇▇▇▇ ▇▇▇▇▇ | |
| Name: | ▇▇▇▇ ▇▇▇▇▇ | |
| Title: | CFO ▇▇▇▇▇▇ Funds and ETFs | |
| STATE STREET BANK AND TRUST COMPANY | ||
| By: | /s/ ▇▇▇▇▇ ▇▇▇▇▇▇▇▇▇ | |
| Name: | ▇▇▇▇▇ ▇▇▇▇▇▇▇▇▇ | |
| Title: | Senior Vice President | |
APPENDIX A
TO
MASTER FUND ACCOUNTING AND SERVICES AGREEMENT
MANAGMENT INVESTMENT COMPANIES AND PORTFOLIOS THEREOF, IF ANY
| Company | ▇▇▇▇▇▇ Funds |
| ▇▇▇▇▇▇ Investments (a Massachusetts business trust) | |
| ▇▇▇▇▇▇ 1000 Index Fund | |
| ▇▇▇▇▇▇ California Tax-Free Bond Fund | |
| ▇▇▇▇▇▇ Global Real Estate Fund | |
| ▇▇▇▇▇▇ Opportunistic Municipal Bond Fund | |
| ▇▇▇▇▇▇ Short-Term Bond Index Fund | |
| ▇▇▇▇▇▇ Tax-Free Bond Fund | |
| ▇▇▇▇▇▇ Treasury Inflation Protected Securities Index Fund | |
| ▇▇▇▇▇▇ U.S. Aggregate Bond Index Fund | |
| ▇▇▇▇▇▇ Capital Trust (a Massachusetts business trust) | |
| ▇▇▇▇▇▇ International Opportunities Fund | |
| ▇▇▇▇▇▇ Balanced Fund | |
| ▇▇▇▇▇▇ Core Equity Fund | |
| ▇▇▇▇▇▇ Dividend Equity Fund | |
| ▇▇▇▇▇▇ Fundamental Emerging Markets Equity Index Fund | |
| ▇▇▇▇▇▇ Fundamental Global Real Estate Index Fund | |
| ▇▇▇▇▇▇ Fundamental International Equity Index Fund | |
| ▇▇▇▇▇▇ Fundamental International Small Equity Index Fund | |
| ▇▇▇▇▇▇ Fundamental U.S. Large Company Index Fund | |
| ▇▇▇▇▇▇ Fundamental U.S. Small Company Index Fund | |
| ▇▇▇▇▇▇ Health Care Fund | |
| ▇▇▇▇▇▇ International Core Equity Fund | |
| ▇▇▇▇▇▇ International Index Fund | |
| ▇▇▇▇▇▇ Large-Cap Growth Fund | |
| ▇▇▇▇▇▇ MarketTrack All Equity Portfolio | |
| ▇▇▇▇▇▇ MarketTrack Balanced Portfolio | |
| ▇▇▇▇▇▇ MarketTrack Conservative Portfolio | |
| ▇▇▇▇▇▇ MarketTrack Growth Portfolio | |
| ▇▇▇▇▇▇ Monthly Income Fund - Income Payout | |
| ▇▇▇▇▇▇ Monthly Income Fund – Flexible Payout | |
| ▇▇▇▇▇▇ Monthly Income Fund- Target Payout | |
| ▇▇▇▇▇▇ S&P 500 Index Fund | |
| ▇▇▇▇▇▇ Small-Cap Equity Fund | |
| ▇▇▇▇▇▇ Small-Cap Index Fund | |
| Schwab Target 2010 Fund | |
| Schwab Target 2010 Index Fund | |
| Schwab Target 2015 Fund | |
| Schwab Target 2015 Index Fund | |
| Schwab Target 2020 Fund |
| ▇▇▇▇▇▇ Target 2020 Index Fund | |
| Schwab Target 2025 Fund | |
| Schwab Target 2025 Index Fund | |
| Schwab Target 2030 Fund | |
| Schwab Target 2030 Index Fund | |
| ▇▇▇▇▇▇ Target 2035 Fund | |
| ▇▇▇▇▇▇ Target 2035 Index Fund | |
| Schwab Target 2040 Fund | |
| Schwab Target 2040 Index Fund | |
| Schwab Target 2045 Fund | |
| ▇▇▇▇▇▇ Target 2045 Index Fund | |
| Schwab Target 2050 Fund | |
| ▇▇▇▇▇▇ Target 2050 Index Fund | |
| Schwab Target 2055 Fund | |
| Schwab Target 2055 Index Fund | |
| ▇▇▇▇▇▇ Target 2060 Fund | |
| ▇▇▇▇▇▇ Target 2060 Index Fund | |
| ▇▇▇▇▇▇ Target 2065 Fund | |
| Schwab Target 2065 Index Fund | |
| Schwab Total Stock Market Index Fund | |
| ▇▇▇▇▇▇ U.S. Large-Cap Growth Index Fund | |
| ▇▇▇▇▇▇ U.S. Large-Cap Value Index Fund | |
| ▇▇▇▇▇▇ U.S. Mid-Cap Index Fund | |
| The ▇▇▇▇▇▇▇ ▇▇▇▇▇▇ Family of Funds (a Massachusetts business trust) | |
| ▇▇▇▇▇▇ AMT Tax-Free Money Fund | |
| ▇▇▇▇▇▇ California Municipal Money Fund | |
| ▇▇▇▇▇▇ Government Money Fund | |
| ▇▇▇▇▇▇ Municipal Money Fund | |
| ▇▇▇▇▇▇ New York Municipal Money Fund | |
| Schwab Retirement Government Money Fund | |
| ▇▇▇▇▇▇ Treasury Obligations Money Fund | |
| ▇▇▇▇▇▇ U.S. Treasury Money Fund | |
| Schwab Value Advantage Money Fund | |
| ▇▇▇▇▇▇ ▇▇▇▇▇▇▇ Portfolios (a Massachusetts business trust) | |
| ▇▇▇▇▇▇ Government Money Market Portfolio | |
| ▇▇▇▇▇▇ S&P 500 Index Portfolio | |
| ▇▇▇▇▇▇ VIT Balanced Portfolio | |
| ▇▇▇▇▇▇ VIT Balanced with Growth Portfolio | |
| ▇▇▇▇▇▇ VIT Growth Portfolio | |
| ▇▇▇▇▇▇ Strategic Trust (a Delaware statutory trust) | |
| ▇▇▇▇▇▇ U.S. Broad Market ETF | |
| ▇▇▇▇▇▇ U.S. Large-Cap ETF | |
| ▇▇▇▇▇▇ U.S. Large-Cap Growth ETF | |
| ▇▇▇▇▇▇ U.S. Large-Cap Value ETF | |
| ▇▇▇▇▇▇ U.S. Mid-Cap ETF |
| ▇▇▇▇▇▇ U.S. Small-Cap ETF | |
| ▇▇▇▇▇▇ U.S. Dividend Equity ETF | |
| ▇▇▇▇▇▇ U.S. REIT ETF | |
| ▇▇▇▇▇▇ International Equity ETF | |
| ▇▇▇▇▇▇ International Small-Cap Equity ETF | |
| ▇▇▇▇▇▇ International Dividend Equity ETF | |
| ▇▇▇▇▇▇ Emerging Markets Equity ETF | |
| ▇▇▇▇▇▇ U.S. TIPS ETF | |
| ▇▇▇▇▇▇ Short-Term U.S. Treasury ETF | |
| ▇▇▇▇▇▇ Intermediate-Term U.S. Treasury ETF | |
| ▇▇▇▇▇▇ U.S. Aggregate Bond ETF | |
| ▇▇▇▇▇▇ Fundamental U.S. Broad Market ETF | |
| ▇▇▇▇▇▇ Fundamental U.S. Large Company ETF | |
| ▇▇▇▇▇▇ Fundamental U.S. Small Company ETF | |
| ▇▇▇▇▇▇ Fundamental International Equity ETF | |
| ▇▇▇▇▇▇ Fundamental International Small Equity ETF | |
| ▇▇▇▇▇▇ Fundamental Emerging Markets Equity ETF | |
| ▇▇▇▇▇▇ 1000 Index ETF | |
| ▇▇▇▇▇▇ 1-5 Year Corporate Bond ETF | |
| ▇▇▇▇▇▇ 5-10 Year Corporate Bond ETF | |
| ▇▇▇▇▇▇ Long-Term U.S. Treasury ETF | |
| ▇▇▇▇▇▇ ▇▇▇▇▇ ESG ETF | |
| ▇▇▇▇▇▇ Crypto Thematic ETF | |
| ▇▇▇▇▇▇ Municipal Bond ETF | |
| ▇▇▇▇▇▇ Ultra-Short Income ETF | |
| ▇▇▇▇▇▇ Mortgage-Backed Securities ETF |
ATTACHMENT NO 1 TO AMENDMENT
SCHEDULE C
Accounting Agent Information Security Schedule
All capitalized terms not defined in this Accounting Agent Information Security Schedule (this “Security Schedule”) will have the meanings given to them in each Agreement, as applicable.
Accounting Agent implements data security measures consistent in all material respects with applicable prevailing industry practices and standards as well as laws, rules and regulations applicable to Accounting Agent. As of the Amendment Effective Date, Accounting Agent aligns with the National Institute for Standards and Technology (NIST) cybersecurity framework. However, as information security is a highly dynamic space where threats are constantly changing, Accounting Agent reserves the right to make changes to its information security controls and/or to align with one or more recognized industry standards, other than NIST, at any time in a manner that does not materially reduce its protection of ▇▇▇▇▇▇ Funds Confidential Information.
Accounting Agent will use commercially reasonable efforts to cause any delegates and other third parties to whom Accounting Agent provides ▇▇▇▇▇▇ Funds Confidential Information to implement and maintain security measures that Accounting Agent reasonably believes are at least as protective as those described in this Security Schedule. For delegates or other third parties who collect, transmit, share, store, control, process or manage ▇▇▇▇▇▇ Funds Confidential Information, Accounting Agent is responsible for assessing their control environments. Notwithstanding the foregoing, Accounting Agent shall be responsible for any such delegate’s or other third party’s protection of ▇▇▇▇▇▇ Funds Confidential Information, which if done by Accounting Agent, would be a breach of its commitment under this Security Schedule.
| 1. | Security Objectives. Accounting Agent uses commercially reasonable efforts to: |
a. protect the privacy, confidentiality, integrity, and availability of ▇▇▇▇▇▇ Funds Confidential Information;
b. protect against accidental, unauthorized, unauthenticated or unlawful access, copying, use, processing, disclosure, alteration, corruption, transfer, loss or destruction of ▇▇▇▇▇▇ Funds Confidential Information;
c. comply with applicable governmental laws, rules and regulations that are relevant to the handling, processing and use of ▇▇▇▇▇▇ Funds Confidential Information by Accounting Agent in accordance with each Agreement; and
d. implement customary administrative, physical, technical, procedural and organizational safeguards.
2. Risk Assessments. The results of Accounting Agent’s risk assessments are internal to Accounting Agent and will not be provided to ▇▇▇▇▇▇ Funds.
a. Risk Assessment - Accounting Agent will perform risk assessments annually that are designed to identify material threats (both internal and external), the likelihood of those threats occurring and the impact of those threats upon the Accounting Agent organization
to evaluate and analyze the appropriate level of information security safeguards (“Risk Assessments”).
b. Risk Mitigation - Accounting Agent will use commercially reasonable efforts to manage, control and remediate any threats identified in the Risk Assessments that are likely to result in material unauthorized access, copying, use, processing, disclosure, alteration, transfer, loss or destruction of ▇▇▇▇▇▇ Funds Confidential Information, consistent with the Objective, and commensurate with the sensitivity of the ▇▇▇▇▇▇ Funds Confidential Information and the complexity and scope of the activities of Accounting Agent pursuant to the Agreement.
c. Vulnerability Management Program – Accounting Agent maintains a vulnerability management program that includes processes for: being made aware of newly announced vulnerabilities; discovering vulnerabilities within the infrastructure and applications; risk rating vulnerabilities consistent with industry standards; and defining timeframes for remediating vulnerabilities (other than medium or low risk vulnerabilities) consistent with industry standards and taking into account any mitigation efforts taken by Accounting Agent with respect to such vulnerabilities.
3. Patch Management - Accounting Agent will patch all system end points, such as workstations, and servers with all current operating system, database and application patches deployed in Accounting Agent’s computing environment according to a schedule predicated on the criticality of the patch. Accounting Agent must perform appropriate steps so that patches do not compromise the security of the information resources being patched.
4. Security Controls. Upon ▇▇▇▇▇▇ Funds’ reasonable request, no more frequently than annually, Accounting Agent will provide ▇▇▇▇▇▇ Funds’ Chief Information Security Officer or his or her designee with a copy of its Corporate Information Security Controls manual, a completed Standardized Information Gathering (SIG) questionnaire, Accounting Agent’s Global Information Security (GIS) SOC 2 (Type II) report, and an opportunity to discuss Accounting Agent’s Information Security measures with a qualified member of Accounting Agent’s Information Technology management team. In no event will any such discussions require Accounting Agent to reveal any details or information that could reasonably be expected to jeopardize the security or integrity of any Accounting Agent system or the confidentiality or security of any other client’s data. Accounting Agent reviews its Information Security Policy approximately annually and reserves the right to change the frequency to meet regulatory requirements (which in no event will be less frequent than every eighteen (18) months).
| 5. | Organizational Security. |
a. Responsibility - Accounting Agent will assign responsibility for information security management to senior personnel only.
b. Access - Accounting Agent will have controls designed to permit only those personnel performing roles supporting the provision of services under this Agreement to access ▇▇▇▇▇▇ Funds Confidential Information.
c. Confidentiality - Accounting Agent personnel who have accessed or otherwise been made known of ▇▇▇▇▇▇ Funds Confidential Information will maintain the confidentiality of such information in accordance with the terms of this Agreement.
d. Training - Accounting Agent will provide information security training to its personnel on approximately an annual basis.
e. Screening –Accounting Agent employees, and personnel of delegates or other third parties who access Accounting Agent’s facilities, networks or systems, are subject to certain credit and criminal checks conducted by Accounting Agent or its agents applicable to banks pursuant to applicable laws, rules and/or regulations. If any person does not meet the requirements of such Accounting Agent checks, such person may not be permitted to be employed by Accounting Agent or, in the event of a delegate or other third party, Accounting Agent requires that such person be removed from any assignment for Accounting Agent. In addition to the foregoing, Accounting Agent requires its delegates and other third parties to conduct, as part of its standard hiring and vendor due diligence practices, pre-employment background investigations consistent with industry standards with respect to any personnel that are assigned to perform services for Accounting Agent or otherwise have access to confidential information of Accounting Agent or its clients.
6. Physical Security.
a. Securing Physical Facilities - Accounting Agent will maintain systems located in Accounting Agent facilities that host ▇▇▇▇▇▇ Funds Confidential Information or provide services under this Agreement in environments that are designed to be physically secure and to allow access only to authorized individuals. A secure environment includes the availability of onsite security personnel on a 24 x 7 basis or equivalent means of monitoring locations supporting the delivery of services under this Agreement.
b. Physical Security of Media - Accounting Agent will implement controls, consistent with applicable prevailing industry practices and standards, that are designed to deter the unauthorized viewing, copying, alteration or removal of any media containing ▇▇▇▇▇▇ Funds Confidential Information. Removable media on which ▇▇▇▇▇▇ Funds Confidential Information is stored (including thumb drives, CDs, and DVDs, and PDAS) by Accounting Agent must be encrypted using at least 256-bit AES (or equivalent).
c. Media Destruction - Accounting Agent will destroy removable media and any mobile device (such as discs, USB drives, DVDs, back-up tapes, laptops and PDAs) containing ▇▇▇▇▇▇ Funds Confidential Information or use commercially reasonable efforts to render ▇▇▇▇▇▇ Funds Confidential Information on such physical media unintelligible if such media or mobile device is no longer intended to be used. All backup tapes that are not destroyed must meet the level of protection described in this Security Schedule until destroyed.
d. Paper Destruction - Accounting Agent will cross shred all paper waste containing ▇▇▇▇▇▇ Funds Confidential Information and dispose in a secure and confidential manner.
e. Risk based approach: A risk-based approach should be used in determining site security levels as well as periodic site security assessments.
f. Access controls: Accounting Agent personnel are required to use their individually assigned corporate ID badges programmed to provide various levels of access control based on their role. Authorized door access lists are reviewed on a quarterly basis by the authorized area owner(s) to ensure access remains appropriate.
g. Video and recordings – Security Video: Video systems monitor and record access to and from our buildings and high-security areas, including critical IT areas. Recordings are maintained for a minimum of 30 days and a maximum of 120 days or as otherwise required or permitted by local law or regulation.
7. Communications and Operations Management.
a. Network Penetration Testing - Accounting Agent will, on approximately an annual basis but in no event less frequently than every eighteen (18) months, contract with an independent third party to conduct a network penetration test on its network having access to or holding or containing ▇▇▇▇▇▇ Funds Confidential Information. If penetration testing reveals material deficiencies or vulnerabilities, the findings will be risk rated consistent with industry standards and timeframes will be defined for remediating vulnerabilities (other than medium or low risk vulnerabilities) consistent with industry standards and taking into account any mitigation efforts taken by Accounting Agent with respect to such vulnerabilities.
b. Data Protection During Transmission - Accounting Agent will encrypt, using an industry recognized encryption algorithm, personally identifiable ▇▇▇▇▇▇ Funds Confidential Information when in transit across public networks.
c. Data Loss Prevention - Accounting Agent will maintain a data leakage program that is designed to identify, detect, monitor and document data leaving Accounting Agent’s control without authorization in place.
d. Wireless Security - If Accounting Agent deploys a wireless network, Accounting Agent will maintain written policies governing the use, configuration and management of wireless networks. All wireless network devices shall be protected using appropriate physical controls to minimize the risk of theft, unauthorized use, or damage. Network access to wireless networks shall be restricted only to those authorized.
e. Firewalls. Accounting Agent will maintain current industry appropriate firewall technology in the operation of Accounting Agent’s environments.
f. Source Code Review - Accounting Agent must have a documented program for secure code reviews and maintain documentation of secure code reviews performed for all Internet-facing applications that store or process ▇▇▇▇▇▇ Confidential Information.
8. Access Controls.
a. Authorized Access - Accounting Agent will have controls that are designed to maintain the logical separation such that access to systems hosting ▇▇▇▇▇▇ Funds Confidential Information and/or being used to provide services to ▇▇▇▇▇▇ Funds will uniquely identify each individual requiring access, grant access only to authorized personnel based on the principle of least privileges, and prevent unauthorized access to ▇▇▇▇▇▇ Funds Confidential Information. Accounting Agent reviews user access rights to systems and applications storing or allowing access to ▇▇▇▇▇▇ Funds Confidential Information on a periodic basis.
b. User Access - Accounting Agent will have a process to promptly disable access to ▇▇▇▇▇▇ Funds Confidential Information by any Accounting Agent personnel who no
longer requires such access. Accounting Agent will also promptly remove access of ▇▇▇▇▇▇ Funds personnel upon receipt of notification from ▇▇▇▇▇▇ Funds.
c. Authentication Credential Management - Accounting Agent will communicate authentication credentials to users in a secure manner, with a proof of identity check of the intended users. Accounting Agent requires its personnel and any personnel of its delegates or other third parties that have access to Accounting Agent’s networks or systems to maintain the confidentiality of system passwords, keys, and passcodes. Accounting Agent has a secure and documented process to reset passwords that requires verification of user identity prior to password reset.
d. Multi-Factor Authentication for Remote Access - Accounting Agent will use multi factor authentication and a secure tunnel, or another strong authentication mechanism, when remotely accessing Accounting Agent’s internal network.
9. Use of Laptop and Mobile Devices in connection with this Agreement.
a. Encryption Requirements - Accounting Agent will encrypt any laptops or mobile devices (e.g., tablets and smartphones) containing ▇▇▇▇▇▇ Funds Confidential Information used by Accounting Agent’s personnel using an industry recognized encryption algorithm with at least 256 bit encryption AES (or equivalent).
b. Secure Storage - Accounting Agent will require that all laptops and mobile devices be securely stored whenever out of the personnel’s immediate possession.
c. Inactivity Timeout - Accounting Agent will employ access and password controls as well as inactivity timeouts of no longer than thirty (30) minutes on laptops, desktops and mobile devices managed by Accounting Agent and used by Accounting Agent’s personnel.
d. Remote Management – Accounting Agent will maintain the ability to remotely remove ▇▇▇▇▇▇ Funds Confidential Information promptly from mobile devices managed by Accounting Agent. Accounting Agent has policies requiring personnel to maintain the security of devices managed by Accounting Agent.
| 10. | Information Systems Acquisition Development and Maintenance. |
▇. ▇▇▇▇▇▇ Funds Data – ▇▇▇▇▇▇ Funds Confidential Information will only be used by Accounting Agent for the purposes specified in this Agreement.
b. Virus Management - Accounting Agent will maintain a malware protection program designed to identify, detect, protect, respond and recover from malware infections, malicious code and unauthorized execution of code within the Accounting Agent environment.
c. Change Control – Accounting Agent implements and maintains change control procedures to manage changes to information systems, supporting infrastructure, and facilities. Certain Accounting Agent’s system and application changes undergo testing prior to implementation, which may include relevant security controls, as determined by Accounting Agent on a risk basis and taking into account the type and/or impact of the change and the infrastructure and/or network components in place with respect to such change,.
11. Incident Event and Communications Management.
a. Incident Management/Notification of Breach - Accounting Agent will maintain an incident response plan that specifies actions to be taken when Accounting Agent or one of its subcontractors suspects or detects that a party has gained unauthorized access to ▇▇▇▇▇▇ Funds Confidential Information or systems or applications containing any ▇▇▇▇▇▇ Funds Confidential Information (the “Response Plan”). Such Response Plan will include an escalation procedure that includes notification to senior managers and reporting to regulatory and law enforcement agencies, when and if applicable. Accounting Agent will use commercially reasonable efforts to investigate, remediate and mitigate such unauthorized access.
b. Accounting Agent will notify ▇▇▇▇▇▇ Funds within forty-eight (48) hours after it has determined that unauthorized access to ▇▇▇▇▇▇ Funds Confidential Information has occurred, unless otherwise prohibited by applicable law. In such an event, and unless prohibited by applicable law, Accounting Agent will provide information, to the extent available to Accounting Agent, sufficient to provide a reasonable description of the general circumstances and extent of such unauthorized access, and will provide reasonable cooperation to ▇▇▇▇▇▇ Funds:
i. in the investigation of any such unauthorized access;
ii. in ▇▇▇▇▇▇ Funds’ efforts to comply with statutory notice or other applicable laws applicable to ▇▇▇▇▇▇ Funds or its customers; and
iii. in litigation and investigations brought by ▇▇▇▇▇▇ Funds against third parties, including injunctive or other equitable relief reasonably necessary to protect ▇▇▇▇▇▇ Funds’ proprietary rights.
For the avoidance of doubt, Accounting Agent will not be required to disclose information that Accounting Agent reasonably determines would compromise the security of Accounting Agent's technology or premises or that would impact other Accounting Agent clients.
12. Offshore Work - Specific to work performed by Accounting Agent from India, Accounting Agent will only access ▇▇▇▇▇▇ Funds Confidential Information via a Virtual Desktop Interface (“VDI”) with controls in place to protect ▇▇▇▇▇▇ Funds Confidential Information from data loss at a minimum in accordance with the terms of the Security Schedule and protections of ▇▇▇▇▇▇ Funds Confidential Information set forth herein. The VDI must be configured to disallow the ability to download data to the host machine or external device.