Common use of Subcontractor Services Clause in Contracts

Subcontractor Services. (i) Except as expressly provided otherwise under this Agreement, Provider will remain responsible for obligations, services and functions performed by, and other acts or omissions of, its Subcontractors and their employees to the same extent as if these obligations, services and functions were performed by Provider, regardless of whether a BFA Recipient has exercised its right to reject Provider’s use of any proposed Subcontractor, as applicable. (ii) Provider will be the sole point of contact for each BFA Recipient with respect to Subcontractors. (iii) Provider represents and warrants that, with respect to each existing or proposed Subcontractor of a material portion of the Services, it has (or will have) a due diligence and third party oversight program that meets regulatory requirements under Provider Laws and that Provider, acting reasonably, has determined is appropriate in light of the nature of the services performed by the Subcontractor and the nature of the information relating to Provider’s customers or a BFA Recipient’s customers that the Subcontractor is Processing or expected to be Processing. This due diligence includes and shall include, but not be limited to, matters relating to data security, technology recovery, and personnel background screening appropriate to the nature of sub-contracted Services, and Provider shall take appropriate action with respect to adverse findings arising out of its due diligence and other oversight. Provider shall, upon request, meet with BFA to discuss its due diligence and oversight program, both in general and, subject to any confidentiality provisions in the relevant subcontract, with respect to any given Subcontractor of a material portion of the Services. (iv) Provider will require that all Subcontractors, Permitted Delegations and Sub-Custodians maintain policies and procedures with regard to confidentiality, data protection, compliance with Law, and security that are reasonably designed in light of the services being performed or information being Processed (including hosting, maintaining or accessing BFA Data). The Subcontractor, Permitted Delegations and Sub-Custodian will be required to meet reasonably designed standards that are substantially similar in the aggregate to the policies and procedures required for Provider hereunder and applicable to Provider Personnel to the extent appropriate given the Services being performed and BFA Data being processed. (v) Provider will be responsible for providing BFA, each BFA Recipient, and their respective regulators with copies of records relating to the Subcontractor’s, Permitted Delegation’s and Sub-Custodian’s performance of its services with respect to the Services as may be reasonably necessary for BFA, the BFA Recipients and the regulators to exercise the audit and oversight rights contemplated by this Agreement. Subject to applicable Law and to the extent practicable and appropriate, in the context of the Services being subcontracted, Provider also shall use Commercially Reasonable Efforts upon request to obtain the Subcontractor’s, Permitted Delegation’s, and Sub-Custodian’s consent to allow BFA and its regulators direct (with Provider involvement) review and audit rights of such Subcontractors, Permitted Delegations and Sub-Custodians.

Subcontractor Services. (i) Except as expressly provided otherwise under this Agreement, Provider will remain responsible for obligations, services and functions performed by, and other acts or omissions of, its Subcontractors and their employees to the same extent as if these obligations, services and functions were performed by Provider, regardless of whether a BFA Recipient has exercised its right to reject Provider’s use of any proposed Subcontractor, as applicable. (ii) Provider will be the sole point of contact for each BFA Recipient with respect to Subcontractors.. Master Services Agreement CONFIDENTIAL (iii) Provider represents and warrants that, with respect to each existing or proposed Subcontractor of a material portion of the Services, it has (or will have) a due diligence and third party oversight program that meets regulatory requirements under Provider Laws and that Provider, acting reasonably, has determined is appropriate in light of the nature of the services performed by the Subcontractor and the nature of the information relating to Provider’s customers or a BFA Recipient’s customers that the Subcontractor is Processing or expected to be Processing. This due diligence includes and shall include, but not be limited to, matters relating to data security, technology recovery, and personnel background screening appropriate to the nature of sub-contracted Services, and Provider shall take appropriate action with respect to adverse findings arising out of its due diligence and other oversight. Provider shall, upon request, meet with BFA to discuss its due diligence and oversight program, both in general and, subject to any confidentiality provisions in the relevant subcontract, with respect to any given Subcontractor of a material portion of the Services. (iv) Provider will require that all Subcontractors, Subcontractors and Permitted Delegations and Sub-Custodians maintain policies and procedures with regard to confidentiality, data protection, compliance with Law, and security that are reasonably designed in light of the services being performed or information being Processed (including hosting, maintaining or accessing BFA Data). The Subcontractor, Subcontractor and Permitted Delegations and Sub-Custodian will be required to meet reasonably designed standards that are substantially similar in the aggregate to the policies and procedures required for Provider hereunder and applicable to Provider Personnel to the extent appropriate given the Services being performed and BFA Data being processed. (v) Provider will be responsible for providing BFA, each BFA Recipient, and their respective regulators with copies of records relating to the Subcontractor’s’s and , Permitted Delegation’s and Sub-Custodian’s performance of its services with respect to the Services as may be reasonably necessary for BFA, the BFA Recipients and the regulators to exercise the audit and oversight rights contemplated by this Agreement. Subject to applicable Law and to the extent practicable and appropriate, in the context of the Services being subcontracted, Provider also shall use Commercially Reasonable Efforts upon request to obtain the Subcontractor’s, ’s and Permitted Delegation’s, and Sub-Custodian’s consent to allow BFA and its regulators direct (with Provider involvement) review and audit rights of such Subcontractors, Subcontractors and Permitted Delegations and Sub-CustodiansDelegations.

Subcontractor Services. (i) Except as expressly provided otherwise under this Agreement, Provider will remain responsible for obligations, services and functions performed by, and other acts or omissions of, its Subcontractors and their employees to the same extent as if these obligations, services and functions were performed by Provider, regardless of whether a BFA Recipient has exercised its right to reject Provider’s use of any proposed Subcontractor, as applicable. (ii) Provider will be the sole point of contact for each BFA Recipient with respect to Subcontractors. (iii) Provider represents and warrants that, with respect to each existing or proposed Subcontractor of a material portion of the Services, it has (or will have) a due diligence and third party oversight program that meets regulatory requirements under Provider Laws and that Provider, acting reasonably, has determined is appropriate in light of the nature of the services performed by the Subcontractor and the nature of the information relating to Provider’s customers or a BFA Recipient’s customers that the Subcontractor is Processing or expected to be Processing. This due diligence includes and shall include, but not be limited to, matters relating to data security, technology recovery, and personnel background screening appropriate to the nature of sub-contracted Services, and Provider shall take appropriate action with respect to adverse findings arising out of its due diligence and other oversight. Provider shall, upon request, meet with BFA to discuss its due diligence and oversight program, both in general and, subject to any confidentiality provisions in the relevant subcontract, with respect to any given Subcontractor of a material portion of the Services.. Master Services Agreement (iv) Provider will require that all Subcontractors, Subcontractors and Permitted Delegations and Sub-Custodians maintain policies and procedures with regard to confidentiality, data protection, compliance with Law, and security that are reasonably designed in light of the services being performed or information being Processed (including hosting, maintaining or accessing BFA Data). The Subcontractor, Subcontractor and Permitted Delegations and Sub-Custodian will be required to meet reasonably designed standards that are substantially similar in the aggregate to the policies and procedures required for Provider hereunder and applicable to Provider Personnel to the extent appropriate given the Services being performed and BFA Data being processed. (v) Provider will be responsible for providing BFA, each BFA Recipient, and their respective regulators with copies of records relating to the Subcontractor’s’s and , Permitted Delegation’s and Sub-Custodian’s performance of its services with respect to the Services as may be reasonably necessary for BFA, the BFA Recipients and the regulators to exercise the audit and oversight rights contemplated by this Agreement. Subject to applicable Law and to the extent practicable and appropriate, in the context of the Services being subcontracted, Provider also shall use Commercially Reasonable Efforts upon request to obtain the Subcontractor’s, ’s and Permitted Delegation’s, and Sub-Custodian’s consent to allow BFA and its regulators direct (with Provider involvement) review and audit rights of such Subcontractors, Subcontractors and Permitted Delegations and Sub-CustodiansDelegations.