Common use of Your Internal Security Clause in Contracts

Your Internal Security. You agree to establish, implement, maintain and update (as appropriate) policies, procedures, equipment and software (“Internal Security Controls”) that, with respect to the initiation, processing and storage of ACH, wire and other transactions, will: (a) protect the confidentiality and integrity of non-public personal information, including financial information, of a natural person used to create or contained within an ACH or other Order and any related addenda record (“Protected Information”) until its destruction, (b) protect against anticipated threats or hazards to the security or integrity of Protected Information until its destruction, (c) protect against unauthorized use of Protected Information that could result in harm to a natural person, and (d) comply with all applicable regulatory guidelines on access to and security for the systems you use to initiate, process, and store ACH, wire and other transactions. Your Internal Security Controls must also safeguard the security and integrity of your computer system and information from unauthorized use, intrusion, takeover or theft, and prevent your Password from unauthorized discovery or use (collectively “Internal Security Breaches”). You bear all risk of fraudulent transfers and other losses arising from your Internal Security Breaches or from the interception of your communications prior to their receipt by us (collectively “Internal Security Losses”). We will not reimburse you in connection with Internal Security Losses. You agree that we are authorized to execute, and it is commercially reasonable for us to execute, any instruction received by us with your Password. You are encouraged to consider purchasing insurance to cover your Internal Security Losses. To protect your system from Internal Security Breaches, your Internal Security Controls should consider including: a. Limiting and controlling who has access to your computer systems; b. Protecting and frequently changing your internal passcodes and Service Access Credentials; c. Adopting default setting of “return” for Payee Positive Pay and ACH Positive Pay exception items; d. Adopting Dual Control and/or transaction-based authentication procedures for financial transfers and templates where available; e. Employing up-to-date security software such as anti-virus, anti-malware and anti-spyware programs, as well as up-to-date software patches for all your software programs, internet browsers, email programs, and the like; f. Using effective, up-to-date firewalls; g. Maintaining procedures to avoid infection by malicious software, such as: controlling what websites are visited by your computers; controlling the connection of other devices (e.g., flash drives) to your computers; controlling what documents, email attachments, programs and other files are opened or installed on your computers; and limiting which of your computers are used for online banking;

Your Internal Security. You agree to establish, implement, maintain and update (as appropriate) policies, procedures, equipment and software (“Internal Security Controls”) that, with respect to the initiation, processing and storage of Automated Clearing House (“ACH”), wire and other transactions, will: (a) protect the confidentiality and integrity of non-public personal information, including financial information, of a natural person used to create or contained within an ACH or other Order payment order and any related addenda record (“Protected Information”) until its destruction, (b) protect against anticipated threats or hazards to the security or integrity of Protected Information until its destruction, (c) protect against unauthorized use of Protected Information that could result in harm to a natural person, and (d) comply with all applicable regulatory guidelines laws, regulations, or rules on access to and security for the systems you use to initiate, process, and store ACH, wire and other transactions. Your Internal Security Controls must also safeguard the security and integrity of your computer system and information from unauthorized use, intrusion, takeover or theft, and prevent your Password from unauthorized discovery or use (collectively “Internal Security Breaches”). You bear all risk of fraudulent transfers and other losses arising from your Internal Security Breaches or from the interception of your communications prior to their receipt by us (collectively “Internal Security Losses”). We will not reimburse you in connection with Internal Security Losses. You agree that we are authorized to execute, and it is commercially reasonable for us to execute, any instruction received by us with your Password. You are encouraged to consider purchasing insurance to cover your Internal Security Losses. To Please see your User Guides and Treasury Management Services Security Procedure Supplement, if applicable, for suggestions on the Internal Security Controls that you should consider to protect your system from Internal Security Breaches, . You remain solely responsible at all times for your Internal Security Controls should consider including: a. Limiting Controls, Internal Security Breaches and controlling who has access Internal Security Losses. Although we may employ various systems and procedures from time to your computer systems; b. Protecting and frequently changing your internal passcodes and Service Access Credentials; c. Adopting default setting of “return” time to prevent losses to us, we assume no obligation for Payee Positive Pay and ACH Positive Pay exception items; d. Adopting Dual Control Internal Security Breaches or Internal Security Losses, provided we have acted in accordance with this Agreement and/or transaction-based authentication procedures for financial transfers and templates where available; e. Employing up-to-date security software such as anti-virus, anti-malware and anti-spyware programs, as well as up-to-date software patches for all your software programs, internet browsers, email programs, and the like; f. Using effective, up-to-date firewalls; g. Maintaining procedures to avoid infection by malicious software, such as: controlling what websites instructions that are visited accompanied by your computers; controlling Password. SECURITY INCIDENTS. YOU AGREE TO IMMEDIATELY NOTIFY US, ACCORDING TO NOTIFICATION PROCEDURES PRESCRIBED BY US, IF YOU BELIEVE THAT ANY INTERNAL SECURITY CONTROLS OR PASSWORD HAVE BEEN STOLEN, COMPROMISED, OR OTHERWISE BECOME KNOWN TO PERSONS OTHER THAN YOU OR YOUR AUTHORIZED REPRESENTATIVE(S) OR IF YOU BELIEVE THAT ANY TRANSACTION OR ACTIVITY IS UNAUTHORIZED OR IN ERROR. We may offer the connection following Services to you separately or as part of other devices (e.g., flash drives) to your computers; controlling what documents, email attachments, programs and other files are opened or installed on your computers; and limiting which a suite of your computers are used for online banking;Services.