U.S. SECURITIES AND EXCHANGE COMMISSION

Washington, D.C. 20549

 

FORM 8-K

 

CURRENT REPORT

 

PURSUANT TO SECTION 13 OR 15(d) OF

THE SECURITIES EXCHANGE ACT OF 1934

 

Date of Report (Date of earliest event reported): July 1, 2019 (June 27, 2019)

 

Cuentas Inc.

(Exact name of registrant as specified in its charter)

 

Florida   333-148987   20-3537265
(State or other jurisdiction of   (Commission   (I.R.S. Employer
incorporation or organization)   File Number)   Identification Number)

 

19 W. Flagler St., Suite 902

Miami, FL

(Address of principal executive offices)

 

33130

(Zip Code)

 

(800) 611-3622

(Registrant’s telephone number, including area code)

 

Cuentas Inc.

(Former name or former address, if changed since last report)

 

Check the appropriate box below if the Form 8-K filing is intended to simultaneously satisfy the filing obligation of the Company under any of the following provisions:

 

Written communications pursuant to Rule 425 under the Securities Act (17 CFR 230.425)

 

Soliciting material pursuant to Rule 14a-12 under the Exchange Act (17 CFR 240.14a-12)

 

Pre-commencement communications pursuant to Rule 14d-2(b) under the Exchange Act (17 CFR 240.14d-2(b))

 

Pre-commencement communications pursuant to Rule 13e-4(c) under the Exchange Act (17 CFR 240.13e-4(c))

 

Indicate by check mark whether the registrant is an emerging growth company as defined in Rule 405 of the Securities Act of 1933 (§230.405 of this chapter) or Rule 12b-2 of the Securities Exchange Act of 1934 (§240.12b-2 of this chapter).

 

Emerging growth company ☐

 

If an emerging growth company, indicate by check mark if the registrant has elected not to use the extended transition period for complying with any new or revised financial accounting standards provided pursuant to Section 13(a) of the Exchange Act.  ☐

 

Securities registered pursuant to Section 12(b) of the Act:

 

Title of each class   Trading Symbol(s)   Name of each exchange on which registered
         

  

 

 

 

Item 1.01 Entry into a Definitive Material Agreement.

 

On June 27, 2019, Cuentas, Inc. entered into a Prepaid Card Program Management Agreement (PCPMA) with Sutton Bank (“Sutton”), an Ohio chartered bank Corporation.

 

The PCPMA establishes that Sutton Bank operates a prepaid card service and is an approved issuer of prepaid cards on the Discover, Mastercard, and Visa Networks and provides services in connection with Card Transactions processed on one or more Networks.

 

The PCPMA designates Cuentas to become Manager of the “Cuentas Mastercard Prepaid Card” Management Program, a General Purpose Reload (GPR) debit card program, subject to the terms and conditions of the PCPMA.

 

The terms and conditions of the PCPMA are attached herein. For security reasons, we have redacted the BIN from the attached copy of the PCPMA since it is a highly sensitive and confidential information.

 

A Press Release issued on July 1, 2019 is also included as an exhibit.

 

Item 9.01 Exhibits.

 

Exhibit No.     Description
     
99.1  

Prepaid Card Program Management Agreement (PCPMA) between Cuentas, Inc. and Sutton Bank (“Sutton”)-REDACTED.

     
99.2   Press release

 

1

 

  

SIGNATURE

 

Pursuant to the requirements of the Securities Exchange Act of 1934, the Registrant has duly caused this report to be signed on its behalf by the undersigned hereunto duly authorized.

 

  CUENTAS INC.
     
Date: July 1, 2019 By: /s/  Arik Maimon
    Arik Maimon
    Chief Executive Officer

 

 

2

 

Exhibit 99.1

 

CONFIDENTIAL AND PROPRIETARY

 

 

 

 

 

 

  

 

  

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

PREPAID CARD PROGRAM MANAGEMENT AGREEMENT

May 28, 2019

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

CONFIDENTIAL AND PROPRIETARY

 

TABLE OF CONTENTS

 

ARTICLE I. – RULES OF INTERPRETATION; DEFINITIONS   1
1.1.   Certain Interpretive Matters   1
1.2.   Definitions   2
         
ARTICLE II. – PURPOSE; MANAGER’S ROLE; INCORPORATION OF AND COMPLIANCE WITH PROGRAM DOCUMENTS     12
2.1.   Purpose   12
2.2.   Manager’s Role   12
2.3.   Operating Regulations   12
2.4.   General   12
2.5.   Bank Determination of Applicable Law   13
2.6.   Manager’s Right to Offer Programs; Statutory Authority of Regulatory Authority   13
2.7.   Bank Discretion Regarding Clients   14
2.8.   Use of Distributors by Manager    
         
ARTICLE III. – PARTIES’ RESPONSIBILITIES   14
3.1.   Manager’s Responsibilities   14
3.2.   Processing Services   22
3.3.   Processor System Access   24
3.4.   Sutton Bank Responsibilities   24
3.5.   Intellectual Property   26
         
ARTICLE IV. – REPRESENTATIONS AND WARRANTIES     27
4.1.   Manager Representations and Warranties   27
4.2.   Sutton Bank Representations and Warranties   29
         
ARTICLE V. – PROGRAM COMPLIANCE   30
5.1.   Compliance with Applicable Law   30
5.2.   Compliance Counsel   30
5.3.   Operating Policies and Procedures   31
5.4.   BSA/AML/OFAC Compliance   31
5.5.   Disclosure of Key Card Terms   32
5.6.   Privacy Notices   32
5.7.   Escheat   33
5.8.   Identity Theft Prevention Program (“ IDTP ”)   33
5.9.   Unlawful Gambling   33
5.10.   Regulation E Compliance (12 C.F.R. 1005)   33
5.11.   Criticisms, Complaints and Legal Actions   34
5.12.   Manager State and Federal Licensing and Registration Requirements     35
5.13.   Network Membership/Registration   35
5.14.   Network Obligations   36
5.15.   FDIC Pass-Through Coverage   36
         
ARTICLE VI. – DISTRIBUTOR, MARKETER AND THIRD PARTY SERVICE PROVIDER AGREEMENTS   36
6.1.   Development of Distributor and Marketer Group     36

 

i

 

 

CONFIDENTIAL AND PROPRIETARY  

 

6.2.   Third Party Service Provider Agreement and Critical Services   37
6.3.   Changes to Agreements   39
6.4.   Compliance by Distributors, Marketers and Third Party Service Providers   39
6.5.   Denial or Termination of Distributor, Marketer or Third Party Service Provider   39
6.6.   Distributor and Third Party Service Provider Due Diligence, Training and Monitoring   40
6.7.   Existing Distributors, Marketers and Third Party Service Providers   41
6.8.   Access to Third Party Service Providers   42
6.9.   Expenses and Liability   42
         
ARTICLE VII. – CARDHOLDER INFORMATION   42  
7.1.   Ownership of Accounts, Cardholder Data and Program Materials   42  
7.2.   Sharing of Cardholder Data and Program Materials   42  
7.3.   Data Obtained Independently by Manager   43
         
ARTICLE VIII. – INFORMATION SECURITY AND CONFIDENTIALITY   43
8.1.   Cardholder Data Security   43
8.2.   Confidential Information   46
8.3.   Required Disclosures   47
         
ARTICLE IX. – SECURITY BREACHES; DISASTER RECOVERY   47
9.1.   Security Program   47
9.2.   SSAE Report   47
9.3.   Testing   48
9.4.   Security Contact   48
9.5.   Storage of Information   48
9.6.   Notification   48
9.7.   Expense Reimbursement   49
9.8.   Disaster Recovery Plan   49
         
ARTICLE X. – TERM AND TERMINATION   50
10.1.   Term   50
10.2.   Termination for Cause   51
10.3.   Effect of Termination or Expiration   53
10.4. Cessation of Card Sale and Distribution after Termination or Expiration   54
10.5.   Wind Down Period; Orderly Transition   54
         
ARTICLE XI. – INDEMNIFICATION AND LIABILITY   56
11.1.   Indemnification Obligation By Manager   56
11.2.   Limited Exception and Conditions   57
11.3.   By Sutton Bank   57
11.4.   Limited Exception and Conditions   58
11.5.   Defense of Claims   58
11.6.   No Special Damages   59
11.7.   Disclaimers of Warranties   59

 

ii

 

 

CONFIDENTIAL AND PROPRIETARY

 

ARTICLE XII. – RISK MANAGEMENT   60
12.1.   Insurance   60
12.2.   Reserve Account   61
         
ARTICLE XIII . – GENERAL   61
13.1.   Assignment   61
13.2.   Dispute Resolution; Governing Law   61
13.3.   Entire Agreement; Amendments   62
13.4.   Counterparts   62
13.5.   Third Party Beneficiaries   62
13.6.   Survival   63
13.7.   Force Majeure   63
13.8.   Specific Performance   63
13.9.   Representation   63

 

EXHIBIT A PROGRAM APPLICATION FORM   1
     
EXHIBIT B SUTTON BANK PREPAID CARD SERVICES     1
     
EXHIBIT C REVENUE SHARE AND EXPENSE   1
     
EXHIBIT D MANAGER SERVICES   1
     
EXHIBIT E  APPROVED THIRD PARTY SERVICE PROVIDERS   1
     
SCHEDULE 1.1 APPROVED PROGRAMS   1

 

iii

 

 

CONFIDENTIAL AND PROPRIETARY

 

PREPAID CARD PROGRAM MANAGER AGREEMENT

 

This Prepaid Card Program Management Agreement, including all schedules, exhibits, attachments, appendices and addenda attached hereto (collectively, the “Agreement”) is entered into as of May 28, 2019 (the “Effective Date”), by and between Cuentas, Inc., a Florida corporation, whose address is 19 W. Flagler St., Suite 902, Miami, FL 33130 (“Manager”), and Sutton Bank, an Ohio chartered bank corporation, its subsidiaries and affiliates, whose main address is 1 South Main St. Attica, OH 44807 (“Sutton Bank”).

 

WHEREAS, Sutton Bank operates a prepaid card service and is an approved issuer of prepaid cards on the Discover, Mastercard, and Visa Networks;

 

WHEREAS, Sutton Bank provides services set forth in Exhibit B (the “Sutton Bank Prepaid Card Services”) and the other Program Documents in connection with Card Transactions processed on one or more Networks;

 

WHEREAS, Manager desires to manage one or more Cards pursuant to one or more Programs, subject to the terms and conditions of the Program Documents;

 

WHEREAS, Sutton Bank desires to designate Manager as the program manager for such Cards and Programs;

 

NOW THEREFORE, in consideration of the foregoing promises and the mutual agreements, provisions, covenants and conditions contained in this Agreement, Sutton Bank and Manager agree as follows:

 

ARTICLE I. – RULES OF INTERPRETATION; DEFINITIONS

 

1.1. Certain Interpretive Matters

 

As used herein, (i) the terms “include” and “including” are meant to be inclusive and shall be deemed to mean “include without limitation” or “including without limitation”; (ii) the word “or” is disjunctive, but not necessarily exclusive; (iii) references to “dollars” or “$” shall be to United States dollars; (iv) the term “his” applies to both genders; (v) any Article, Section, Subsection, Paragraph or Subparagraph headings contained in this Agreement and the Preamble at the beginning of this Agreement are for reference purposes only and shall not affect in any way the meaning or interpretation of this Agreement (other than with respect to any defined terms contained in the Preamble); (vi) any reference made in this Agreement to a statute or statutory provision shall mean such statute or statutory provision as it has been amended through the date as of which the particular portion of the Agreement is to take effect, or to any successor statute or statutory provision relating to the same subject as the statutory provision so referred to in this Agreement, and to any then applicable rules or regulations promulgated thereunder, unless otherwise provided; (vii) the words “herein,” “hereof,” “hereunder” and words of like import shall refer to this Agreement as a whole (including its Schedules and Exhibits), unless the context clearly indicates to the contrary (for example, that a particular Section, Schedule or Exhibit is the intended reference); (viii) words used herein in the singular, where the context so permits, shall be deemed to include the plural and vice versa; (ix) a reference in this Agreement contemplating certain action by Sutton Bank “after consultation with” or “in consultation with” or “in cooperation with” Manager does not mean that the consent or approval of Manager is required or contemplated in connection with such action; and (x) unless the context otherwise requires or unless otherwise provided herein, the terms defined in this Agreement that refer to a particular agreement, instrument or document also refer to and include all renewals, extensions, modifications, amendments and restatements of such agreement, instrument, or document.

 

- 1 -

 

 

CONFIDENTIAL AND PROPRIETARY

 

1.2. Definitions

 

Terms not defined in this Agreement shall have the meanings given to them in the applicable Network Rules. Except as otherwise specifically indicated, the following terms shall have the following meanings in this Agreement (such meanings to be equally applicable to both the singular and plural forms of the terms defined):

 

Activate ”, “ Activated ” or “ Activation ” means, with respect to a Card, the process separate from funding of the Card by which the Cardholder causes the Card to be usable for Transactions as provided by and subject to the applicable Cardholder Agreement. The Parties acknowledge that two types of Activation may occur with respect to Cards: some Cards may be Activated by Distributors when they are first sold so that the Card may be used for Transactions immediately upon its purchase or distribution, and other Cards may be distributed to Cardholders in an un- activated state and need to be Activated by the Cardholder, usually via telephone or online, each as provided in the Program Due Diligence Application.

 

Additional Products ” includes any other products and services of Sutton Bank that may be offered to a Cardholder in connection with the Program(s), as mutually agreed upon by the Parties.

 

Affiliate ” means, with respect to any Person, any other Person that directly or indirectly controls, is controlled by or is under common control with such Person. For the purposes of this definition, “control” means the power to direct the management and policies of a Person, directly or indirectly, whether through the ownership of voting securities, by contract or otherwise; and the terms “common control” and “controlled” have meanings correlative to the foregoing.

 

Agreement ” has the meaning set forth in the Preamble.

 

AML ” means anti-money laundering.

 

Applicable Law ” means the (i) Network Rules, (ii) the laws, court opinions, attorney general opinions, rules and regulations of the United States or of any State or the various agencies, departments or administrative or governmental bodies thereof, and any regulatory guidance, determinations of (or agreements with) any arbitrator or Regulatory Authority and directions or instructions from (or agreements with) any arbitrator or Regulatory Authority, as the same may be amended and in effect from time to time during the Term, including, without limitation, (1) the EFTA; (2) the GLBA; (3) the Bank Secrecy Act; (4) federal and state MSB laws; (5) the prohibition against unfair and deceptive trade practices in the Federal Trade Commission Act; (6) state data security laws; (7) the Telephone Consumer Protection Act; (8) any and all sanctions or regulations enforced by OFAC; and (9) statutes or regulations of any State relating to banks, banking, prepaid cards, money transmission or unclaimed property, to the extent applicable to the issuance, sale, authorization or usage of the products and services offered under the Programs or as otherwise applicable to any of the Parties, as all the same may be amended and in effect from time to time during the Term, and (iii) the published policies and procedures of Sutton Bank, as promulgated from time to time by Sutton Bank’s Board of Directors in good faith to ensure the continued safety and soundness of Sutton Bank.

 

- 2 -

 

 

CONFIDENTIAL AND PROPRIETARY

 

Applicant ” means any Person who submits a completed application for a Card.

 

Approved Programs ” has the meaning given in Section 2.2.

 

Audit Corrective Action Plan ” has the meaning given in Section 3.1(N)(v)(a).

 

Audit Findings ” has the meaning given in Section 3.1(N)(v).

 

Auditing Party ” has the meaning given in Section 3.1(N)(ii).

 

Authorized Users ” has the meaning given in Section 3.4(D)(i).

 

Bank BSA/AML/OFAC Requirements ” has the meaning given in Section 5.4(C).

 

Bank Indemnified Parties ” has the meaning given in Section 11.1.

 

Bank Secrecy Act ” or “ BSA ” means the federal Bank Secrecy Act (12 U.S.C. §§ 1951 etseq.), as amended by the USA Patriot Act or otherwise from time to time, and all regulations thereunder and any successor regulations.

 

BIN ” means collectively the Bank Identification Number assigned to Bank by Visa, the Interbank Card Association number assigned to Sutton Bank by Mastercard, or similar identifier assigned to Sutton Bank by other Networks for the purposes of identifying and routing electronic payment transactions.

 

BSA/AML/OFAC Procedures ” has the meaning set forth in Section 5.4(A).

 

Business Day ” means any day other than a Saturday, Sunday or legal holiday, on which Sutton Bank is open to the public for carrying on substantially all of its banking functions.

 

Breakage ” means, with respect to Cardholder-Funded Cards, any Cardholder Funds remaining on the Card upon the earlier to occur of (a) the Card’s expiration date (provided the Cardholder Funds expire on such date per the Cardholder Agreement), or (b) the date the Cardholder Funds are presumed to be abandoned under applicable state unclaimed property laws, to the extent such amounts are not otherwise required to be escheated under state unclaimed property laws pursuant to Section 5.7. With respect to Corporate-Funded Cards, “Breakage” means any Corporate Funds remaining on the Card upon the Card expiration date or the disclosed redemption period for such Corporate Funds, provided the Cardholder Agreement discloses that such funds will revert to the owner of such Corporate Funds following such data, to the extent such amounts are not otherwise required to be escheated under state unclaimed property laws pursuant to Section 5.7.

 

- 3 -

 

 

CONFIDENTIAL AND PROPRIETARY

 

Card ” means a reloadable or non-reloadable prepaid card or other prepaid access device or number issued by Sutton Bank as a product of Sutton Bank in connection with any Program implemented pursuant to this Agreement and under authority from a Network.

 

Card Program ” means a system of services and features, as mutually agreed by Manager and Sutton Bank, relating to a particular type of Card provided by Manager and Sutton Bank pursuant to this Agreement.This Agreement contemplates that multiple Card Programs may be offered hereunder.

 

Cardholder ” means an individual who (i) applies for a Card and is issued a Card or is otherwise provided a Card by Sutton Bank, (ii) uses a Card to effect a Transaction, or (iii) purchases or uses any Additional Products offered under the Programs.

 

Cardholder Account ” means (i) the prepaid account which is associated with a Card, and includes the record of debits and credits with respect to Transactions originated by a Cardholder as detailed on the Processor’s Network, and (ii) such other accounts for Additional Products.

 

Cardholder Agreement ” means the agreement between Sutton Bank and a Cardholder governing the terms and use of a Card.

 

Cardholder Complaint ” has the meaning given in Section 5.11(B)(i).

 

Cardholder Data “means information that is provided to or obtained by either Party in the performance of its obligations under this Agreement or otherwise regarding Applicants and current or former Cardholders, including without limitation (i) name, postal address, e-mail address, telephone number, date of birth, taxpayer identification numbers, Cardholder Account numbers, security codes, service codes (i.e., the three or four digit number on the magnetic stripe that specifies acceptance requirements and limitations for a magnetic stripe read transaction), valid to and from dates, as well as information and data related to payment instruments and Transactions, or Transactions data using payment instruments and methodologies (e.g., charge, credit, debit, prepaid) and regardless of whether or not a physical card is used in connection with such transactions, demographic data, data generated or created in connection with Cardholder Account processing and maintenance activities, Cardholder Account statementing and Cardholder service, telephone logs and records and other documents and information necessary for the processing and maintenance of Cardholder Accounts, (ii) business name, business address, business tax identification number, and certain information on owner or officer, if the Cardholder is a business, (iii) all “Nonpublic Personal Information” and “Personally Identifiable Financial Information” (as defined in 12 C.F.R. §§ 573.3(n) and (o), respectively), and, (iv) with respect to the disposal of such information, any record containing “Consumer Information,” as that term is defined in the regulations implementing 15 U.S.C.§ 1681.

 

Cardholder Funds ” means the funds provided by or on behalf of the Cardholder in connection with a requested Load to the Cardholder’s Card and that are legally owed to or owned by the cardholder.

 

Cardholder-Funded Card ” means a card funded solely with Cardholder Funds.

 

- 4 -

 

 

CONFIDENTIAL AND PROPRIETARY

 

Claim ” means any and all threats, actions, demands, investigations, proceedings, claims, counterclaims, defenses, or allegations (whether formal or informal, individual or in a representative capacity) made by or on behalf of any Person, including the other Party, any consumer, Cardholder, Regulatory Authority, Network and any attorney general, district attorney or other law enforcement authority, that would not have arisen but for the Program. The term includes disputes based upon contract, tort, consumer rights, fraud and other intentional torts, constitution, statute, regulation, ordinance, common law and equity (including any claim for injunctive or declaratory relief) and includes disputes based on alleged violations of any Applicable Law.

 

Client ” means a business customer of Manager’s that retains Manager to issue Cards for use by Client’s employees, customers, enrollees, subscribers and/or members (collectively, the “Client Customers”), and that sells or distributes such Cards to the Client Customers as Manager’s agent.

 

Client Agreement ” means all agreements entered into with Clients by Manager.

 

Client Materials ” shall mean all material documents, and any material amendments or updates thereto, in written format, generated in connection with the administration and servicing of the Program pursuant to the Agreement or which promote the Program or Program services, that are provided to Clients, including the forms of Client Agreement (including forms of Application and associated Addenda, which comprise part of the Client Agreement), change in terms announcements, adverse action letters, Client service form letters and any information or disclosures relating to Client Agreements or Clients, direct mail solicitations, promotional materials, television advertising, telemarketing scripts, internet advertising, websites, links and social media sites (whether or not operated by Manager) which make any reference to the Program, solicitations and any other materials used to induce applications for Client Agreements or Program Services or used to induce the use of the Program Services.

 

Complaint Summary ” has the meaning given in Section 5.11(D).

 

Complaints ” has the meaning set forth in Section 5.11(D).

 

Compliance Counsel ” has the meaning set forth in Section 5.2.

 

Confidential Information ” has the meaning set forth in Section 8.2(A).

 

Corrective Action Plan Deadline ” has the meaning set forth in Section 3.1(N)(v)(a).

 

Critical Services ” shall mean services that (i) are Processor Services, (ii) require a third party to access, store, transmit or process Cardholder Data in connection with the Program, (iii) involve significant bank functions or other activities that could cause Sutton Bank to face significant riskif the third party fails to meet expectations, (iv) could have significant customer impacts, or (v) could have a major impact on Sutton Bank operations if Sutton Bank has to find an alternate third party or if the outsourced activity has to be brought in-house.

 

Criticism ” has the meaning set forth in Section 5.11(A).

 

- 5 -

 

 

CONFIDENTIAL AND PROPRIETARY

 

Customer Identifying Information ” means, collectively, the name, address(es), email address(es), telephone number(s), cell phone number(s), date of birth, and Social Security Number or Tax Identification Number of each Applicant or Cardholder.

 

Disaster Recovery Plan ” has the meaning set forth in Section 9.8.

 

Discover ” means DFS Services LLC and its successors and assigns.

 

Dispute ” has the meaning set forth in Section 13.2(A).

 

Distribution and Service Agreement ” means the written agreement between Manager and a Distributor (and, if applicable, Sutton Bank) pursuant to the provisions of this Agreement.

 

Distributor ” means any marketer, seller of goods and/or services, or other business that has executed a Distribution and Service Agreement to distribute Cards under a Program.For avoidance of doubt, a “Distributor” does not include a Marketer who solely markets but does not distribute or service Cards under a Program.

 

Effective Date ” has the meaning set forth in the Preamble.

 

EFTA ” means the Electronic Fund Transfer Act (15 U.S.C. §§ 1693, et seq.) and Regulation E thereunder (12 C.F.R. Part 1005), each as may be amended from time to time.

 

Executive Complaints ” means (i) any complaints received by a Party from any Network relating to the Programs and (ii) any material written complaints received by or elevated to senior management of any Party relating to the Programs other than a Regulatory Communication.

 

FDIC ” means the Federal Deposit Insurance Corporation.

 

FFIEC ” means the Federal Financial Institutions Examination Council.

 

FFIEC Handbook ” has the meaning set forth in Section 6.6(A).

 

Financial Information ” has the meaning set forth in Section 4.1(D).

 

FinCEN ” means the Financial Crimes Enforcement Network.

 

Force Majeure Event ” has the meaning set forth in Section 12.7.

 

Funding Account ” has the meaning set forth in Section 3.1(J).

 

GLBA ” means, collectively, the Gramm-Leach-Bliley Act, 15 U.S.C. §§ 6801, et. seq., the Privacy Regulations, and the standards for safeguarding customer information set forth in 12 C.F.R. Part 1016 and 16 C.F.R. Part 314 or such corresponding regulations as are applicable to the Programs and the Parties.

 

IDTP ” has the meaning given in Section 5.8.

 

- 6 -

 

 

CONFIDENTIAL AND PROPRIETARY

 

Independent Sales Organization ” means a third party service provider sponsored by Sutton Bank pursuant to the Network Rules.

 

Information Security Requirements ” has the meaning set forth in Section 8.1(F).

 

Initial Term ” has the meaning set forth in Section 10.1(A).

 

Intellectual Property ” means any and all (a) patents, patent disclosures, ideas and inventions (whether patentable or not), (b) Marks, trade dress, trade names, logos, corporate names and domain names, and other designations of source, sponsorship, affiliation or origin, together with all related goodwill, (c) copyrights, copyrightable works and other works of authorship (including computer programs), mask works, data, data collections and databases, (d) trade secrets, know-how and other confidential or proprietary information, (e) moral rights, and (f) any and all other intellectual property rights arising in the United States or any other jurisdiction throughout the world, in each case whether registered or unregistered and including all related rights of priority under international conventions, all pending and future applications and registrations and continuations, divisions, continuations-in-part, reissues, extensions, substitutions, re-examinations and renewals thereof, and all similar or equivalent rights or forms of protection in any part of the world as may be further set forth and addressed in Section 3.5.

 

Interchange ” means the revenue paid to Sutton Bank by acquiring financial institutions for Transactions, as established by a Network.

 

Joint Cardholder Data ” has the meaning set forth in Section 7.1.

 

Legal Documents ” has the meaning given in Section 5.11(C).

 

Losses means any and all actual losses, assessments, damages, indemnities, liabilities, obligations, deficiencies, adjustments, judgments, settlements, dispositions, awards, offsets, penalties, fines and interest, and reasonable attorneys’, accountants’ and experts’ fees and expenses, including any such fees and expenses incurred in any investigations, proceedings, counterclaims, defenses or appeals that could reasonably result in incurring or avoiding any Losses.

 

Manager ” has the meaning set forth in the Preamble.

 

Manager Contractors ” has the meaning set forth in Section 11.1(C).

 

Manager Indemnified Parties ” has the meaning set forth in Section 11.3.

 

Manager’s System ” has the meaning set forth in Section 3.4(D).

 

Mark ” means the service marks, trademarks and copyrights of Manager, the Networks, or Sutton Bank, including the names and other distinctive marks or logos, which identify Manager, the Networks, or Sutton Bank, respectively.

 

Marketer ” means any marketer, seller of goods and/or services, or other business that has executed a Marketing Agreement with Manager solely to assist in the development of Marketing Materials and Marketing Campaigns in connection with a Program or to enable its branding to be marketed in connection with a Program and to not distribute or service Cards under a Program.For avoidance of doubt, a “Marketer” does not include a Person who, at the direction of a Marketer, merely posts advertising or provides Marketing Materials developed by Marketer to potential Cardholders, provided such Person is affiliated with the Marketer through common ownership or control, a franchising relationship with the Marketer, or such other arrangement described in the approved Program Due Diligence Application for a Program.

 

- 7 -

 

 

CONFIDENTIAL AND PROPRIETARY

 

Marketing Agreement ” means the written agreement between Manager and a Marketer pursuant to the provisions of this Agreement.

 

Marketing Campaigns ” means all marketing methods intended to generate requests for the Cards by targeting a population using specific advertising mediums, such as Internet marketing, blogging, tweeting, e-mailing, texting, direct mail marketing, telemarketing, radio or television commercial airtime, print advertising, billboard advertising, or other recognized methods of selling goods or services or acquiring sales leads.

 

Marketing Materials ” shall mean all media of any kind or nature, including without limitation, email solicitation messages, published advertising (such as newspaper and magazine advertisements), Internet media, Card art, Card carriers, Card displays, Facebook/MySpace posts, blogs, tweets, texts, banner ads, RSS feeds, telemarketing scripts, television or radio advertisements, brochures, postcards, posters, direct mailings, signage, frequently asked questions, interview or public speaking scripts and talking points, sales materials, and press releases intended for public dissemination or to promote, advertise and/or market a Program.

 

Mastercard ” means Mastercard International Incorporated and its successors and assigns.

 

Merchant ” has the meaning set forth in Section 3.1(K).

 

Merchant Rewards Account ” has the meaning set forth in Section 3.1(K).

 

Monthly Minimum Fee ” means the minimum monthly payment amounts due to Sutton Bank from Manager, as described in Exhibit C.

 

MSB ” means the Money Services Business.

 

NACHA ” means the National Automated Clearing House Association and its successors and assigns.

 

Network ” means any Discover, NACHA, Visa, Mastercard, or any other card association or payment network selected by Bank and agreed to by Manager for the Settlement of Transactions contemplated by this Agreement.

 

Network Rules ” means the bylaws, operating rules and regulations of any applicable Network, including the PCI-DSS.

 

OFAC ” means the United States Department of Treasury’s Office of Foreign Assets Control.

 

- 8 -

 

 

CONFIDENTIAL AND PROPRIETARY

 

Party ” or “ Parties ” means, as applicable, Manager and/or Sutton Bank.

 

PCI-DSS ” means the Payment Card Industry Data Security Standards established and implemented by the various payment card associations.

 

Person ” means any legal person, including any individual, corporation, limited liability company, partnership, joint venture, association, joint-stock company, trust, unincorporated organization, governmental entity or other entity of any nature.

 

Prepaid Access Rule ” has the meaning given in Section 5.4(B).

 

Privacy Notices ” means all privacy policy disclosure statements required by Applicable Law, including without limit GLBA, in connection with the use of any Cardholder Data by Sutton Bank or Manager, any of Sutton Bank’s or Manager’s Affiliates or any third party engaged by Manager or Sutton Bank.

 

Privacy Regulations ” means those regulations or related interagency guidelines promulgated by federal Regulatory Authorities implementing Title V of GLBA.

 

Processing Services Agreement ” means the contract between Manager and Processor governing the Processing Services to be performed pursuant to this Agreement.

 

Processor ” means Manager in its capacity as the Processor of record for a Program, or such otherThird Party Service Provider retained by Manager and approved by Sutton Bank to provide Processing Services.

 

“Processor Services” means the services described in Section 3.2 and/or Exhibit D performed by the Processorand set forth in the Processing Services Agreement. For avoidance of doubt, Processor Services constitute Critical Services under this Agreement.

 

Processor System shall mean the system owned and operated by a Processor that integrates with Sutton Bank to facilitate the issuance of Cards.

 

Program ” means a system of services approved by Sutton Bank under which a Cardholder may utilize a Card to conduct Transactions pursuant to the Cardholder Agreement.The Parties acknowledge that multiple Programs may exist under this Agreement based on meaningful differences, including but not limited to, Card terms and functionality, distribution locations, and Cardholder characteristics.All Programs shall be subject to the terms hereof and the prior written approval of Sutton Bank.

 

Program Accounts ” means thevarious deposit accounts established by Sutton Bank for purposes of facilitating the flow of funds, receiving Program reserve amounts, Cardholder Funds and Corporate Funds and the payment of Settlement Transactions to the Network.

 

Program Documents ” means all agreements and documents between Sutton Bank orManager and any Network relating to each Program, including without limitation this Agreement, any issuer agreements or issuer processor agreements, as applicable, license agreements, Network Rules, operating regulations, trademark guidelines, dispute rules, technical specifications, issuer fee schedules, and all product guides, documents, rules and procedures incorporated herein or therein, together with all documents, rules and procedures of any Network that are applicable to a Program.

 

- 9 -

 

 

CONFIDENTIAL AND PROPRIETARY

 

Program Due Diligence Application ” means a description and explanation of the parameters and features of a Program using the application provided by Sutton Bank, together with any accompanying exhibits or schedules.

 

Program Fraud ” has the meaning given in Section 3.1(M)(ii).

 

Program Materials ” means all written and electronic materials relating to each Program utilized by Manager, including, but not limited to, Marketing Materials, training materials, policies and procedures, including without limitation, Cardholder Agreements, Cardholder service letters, any website established by Manager in connection with the Programs, customer service scripts, interactive voice response messaging, any information, notices or disclosures relating to Cards provided to Cardholders, including, but not limited to, Privacy Notices, error-resolution notices, change-in-terms notices, and disclosures required by the EFTA, and documents and any material amendments or updates thereto.

 

Program Records ” has the meaning given in Section 3.1(O)(i).

 

Program Schedule ” means a written addendum to this Agreement, substantially in the form attached hereto as Schedule 1.1 and executed by each Party, which sets forth the Parties’ respective duties and obligations with respect to a particular Card Program.

 

Regulatory Authority ” means any federal, state or local governmental, regulatory or self- regulatory authority, agency, court, tribunal, commission or other entity having jurisdiction over Sutton Bank, Manager or the Programs, including, but not limited to, the Office of the Comptroller of the Currency, FDIC, Federal Reserve, Federal Trade Commission, and Consumer Financial Protection Bureau. It may also include, as the circumstances dictate, any non-U.S. authority having or exercising jurisdiction related to the issuance, sale, authorization or usage of the Cards, Programs or services provided under this Agreement.

 

Regulatory Communication ” means all communications from any Regulatory Authority concerning the Programs.

 

Renewal Term ” has the meaning set forth in Section 10.1(A).

 

Response to Audit Letter ” has the meaning given in Section 3.1(N)(v).

 

SEC ” means the U.S. Securities and Exchange Commission.

 

Security Contact ” has the meaning set forth in Section 9.4.

 

Security Guidelines ” means the Interagency Guidelines Establishing Standards for Safeguarding Customer Information, the FFIEC Information Technology Examination Handbook, PCI-DSS, Section 501 of GLBA and any other guidance or directives issued by a Regulatory Authority or Networks pertaining to the security of Cardholder Data.

 

- 10 -

 

 

CONFIDENTIAL AND PROPRIETARY

 

Security Program ” has the meaning set forth in Section 9.1.

 

Sensitive Customer Information ” has the meaning set forth in Section 8.1(E).

 

Services ” means those services specifically described in Exhibit D and otherwise described in this Agreement.

 

Settle ” and “ Settlement ” mean the movement of funds tendered for or Loaded to Cards among Sutton Bank, other financial institutions and the Networks in accordance with Applicable Law to settle Transactions on such Cards.

 

SSAE ” has the meaning given in Section 9.2.

 

Standard Terms ” has the meaning set forth in Section 6.1(D).

 

Successor Bank ” has the meaning set forth in Section 10.5(A).

 

Sutton Bank ” has the meaning set forth in the Preamble.

 

Sutton Bank Prepaid Card Services ” has the meaning set forth in the Recitals.

 

Switchover Date ” has the meaning set forth in Section 10.5(D).

 

Term ” has the meaning set forth in Section 10.1.

 

Third Party Service Provider ” means a service provider which Manager utilizes to provide Critical Services in connection with the Program(s).

 

Transaction ” means using a Card to do any of the following: (i) make a purchase or otherwise make a payment to or for the benefit of a third party; (ii) obtain a credit for a previous purchase; (iii) make a cash withdrawal at an automated teller machine, bank teller or via other means; (iv) transfer value to another Card or account; (v) initial loading of funds on a Card; (vi) adding additional funds to “reload” a Card; or (vii) without duplication of any of the foregoing, any other transaction involving use of a Card.

 

Visa ” means Visa U.S.A. Inc. and its successors and assigns.

 

Wind Down Period ” means the period from the date of termination or expiration of the Agreement through the date that the Parties have completed the Wind-Down Plan for the Programs entirely pursuant to Section 10.5.

 

Wind-Down Plan ” has the meaning set forth in Section 10.5(D).

 

- 11 -

 

 

CONFIDENTIAL AND PROPRIETARY

 

ARTICLE II. – PURPOSE; MANAGER’S ROLE; INCORPORATION OF AND COMPLIANCE WITH PROGRAM DOCUMENTS

 

2.1. Purpose

 

The purpose of this Agreement is to describe the terms and conditions under which the Parties will operate Card Programs and to define the distribution of Card Program Revenue Share and Expenses in respect of such Programs.

 

2.2. Manager’s Role

 

Manager and Sutton Bank acknowledge that Manager is providing services with respect to the Card Programs developed by Manager that have been reviewed and approved by Sutton Bank and for which Sutton Bank has approved Manager to provide the services described in this Agreement (each as specifically identified by Program description on Schedule 1.1 hereto, as the same may be amended from time to time) (the “ Approved Programs ”) as an agent and representative of Sutton Bank, who has primary responsibility for each Program’s compliance with Applicable Law and the Program Documents. Notwithstanding the foregoing, Manager acknowledges that (i) it will comply with the Program Documents as such are provided to Manager by Sutton Bank; (ii) it has received and thoroughly examined the Program Documents as provided by Sutton Bank, and (iii) each Card Transaction that Manager or Sutton Bank sends to or receives from any Network constitutes Manager’s ratification of the Program Documents, as then in effect and provided to Manager by Sutton Bank.

 

2.3. Operating Regulations

 

Manager acknowledges that as a “permitted Agent” of Sutton Bank, the terms of the Network Rules governing an issuer’s relationship with the applicable Network also govern Manager’s relationship with the applicable Network, to the extent applicable, including, for: cardholder obligations, responsibility for fraud, collections and other risks,data security, indemnity and liability, and confidentiality. Manager represents that it has read, agreed and will comply with all terms of the applicable Network Rules, including the foregoing specifically identified provisions as such are provided to Manager by Sutton Bank.

 

2.4. General

 

Sutton Bank and Manager hereby each acknowledge and agree that (a) Sutton Bank has established the Programs; (b) Sutton Bank shall have full control and continued principal oversight over the Programs, including without limitation all policies, activities and decisions with respect to each Program; (c) the products and services offered under the Programs pursuant to this Agreement are products of Sutton Bank; and (d) Manager shall serve as Sutton Bank’s administrator and servicer for the Programs, to which Sutton Bank has delegated specific responsibilities relating to the marketing and servicing of the Programs, including the marketing and sale of the Cards.

 

- 12 -

 

 

CONFIDENTIAL AND PROPRIETARY

 

2.5. Bank Determination of Applicable Law

 

As between Sutton Bank and Manager with respect to each of their respective rights and obligations under this Agreement, to the extent there is a dispute between Sutton Bank and Manager with respect to the applicability of certain provisions of the Network Rules or Applicable Laws to one or more Program(s), Sutton Bank shall have the sole and exclusive right to determine (i) which of the Network Rules, Federal, State and local laws, court opinions, attorney general opinions, rules and regulations, and regulatory guidance, regulatory determinations of (or agreements with) or written directions of any arbitrator or Regulatory Authority, and modifications thereto, apply to each Program or the Parties hereto and thus are Applicable Laws; (ii) how such Applicable Laws apply to each Program; and (iii) how and to what extent pending, settled or decided lawsuits or enforcement actions affecting Sutton Bank or any other company, and legal and regulatory developments and trends, should be addressed in each Program; provided, however, that in making such determinations, Sutton Bank shall consult with Manager, shall exercise reasonable and professional judgment, and shall consult with legal counsel as appropriate. Notwithstanding the forgoing, Manager is expected and required to comply with all Applicable Laws that apply to Manager and the performance of its obligations under this Agreement.

 

2.6. Manager’s Right to Offer Programs; Statutory Authority of Regulatory Authority

 

Sutton Bank grants Manager the right to offer the Programs on behalf of Sutton Bank, and hereby appoints Manager as Sutton Bank’s agent for the sole and limited purpose of providing the services described herein with respect to the Programs.As an authorized delegate and representative of Sutton Bank, Manager acknowledges and agrees to the following:

 

(A) any Regulatory Authority has and shall have the statutory authority to regulate, examine and initiate an enforcement action against Manager with respect to the activities performed by Manager as agent or representative of Sutton Bank;

 

(B) Sutton Bank and Manager, in its capacity as Sutton Bank’s authorized delegate and representative, are both subject to control and supervision by the appropriate Regulatory Authority;

 

(C) the Regulatory Authority may require both Sutton Bank and Manager, in its capacity as Sutton Bank’s authorized delegate and representative, to (and, if required, the Parties shall) submit periodic reports to the Regulatory Authority;

 

(D) the Regulatory Authority may require the Parties to (and, if required, the Parties shall) modify the terms of this Agreement or terminate Sutton Bank’s relationship with Manager at any time; and

 

(E) the Regulatory Authority may institute any other requirements or conditions that the Regulatory Authority deems appropriate for a particular purpose in connection with this Agreement and the rights and responsibilities set forth herein, in which case the Parties agree to comply with such requirements or conditions.

 

- 13 -

 

 

CONFIDENTIAL AND PROPRIETARY

 

2.7. Bank Discretion Regarding Clients.

 

At any time, if Sutton Bank, in its reasonable judgment, deems it necessary to avoid loss, damage or adverse exposure to Sutton Bank, Sutton Bank shall provide to Managerto the extent possible not less than thirty (30) days’ advance written notice of its desire to terminate a Client Agreement and shall work in good faith with Manager to identify approaches to mitigate risk factors prior to terminating such Client; provided, however, if Sutton Bank determines in good faith that such prior notice or mitigation efforts will increase risk to Sutton Bank or violate Network Rules or Applicable Law, Sutton Bank may terminate the Client immediately.

 

2.8. Use of Distributors by Manager

 

Manager may market Cards through qualified and Sutton Bank-approved Distributors and may engage the services of other qualified and Sutton Bank-approved Third Party Service Providers in accordance with the terms of this Agreement. Sutton Bank acknowledges that the Third Party Service Providerslisted in Exhibit E attached hereto have been reviewed and approved by Sutton Bank as of the Effective Date of this Agreement.

 

ARTICLE III. –PARTIES’ RESPONSIBILITIES

 

3.1. Manager’s Responsibilities

 

As Sutton Bank’s agent and representative, Manager will develop, promote, market and sell, and operate Approved Programs on Sutton Bank’s behalf in accordance with this Agreement and the Program Documents. In addition, Manager further agrees to do the following:

 

(A) Execution of Agreements . It is Manager’s responsibility to execute any and all necessary agreements with (i) Clients that will be distributing or selling the Cards or distributing any of the Sutton Bank Prepaid Card Services;and (ii) any of Sutton Bank’s Networks.

 

(B) Due Diligence.

 

(i) Program Due Diligence Application .Manager will complete a Program Due Diligence Application for each Program proposed to be offered under this Agreement and will submit such Program Due Diligence Application in advance to Sutton Bank for Sutton Bank’s prior written approval.Manager shall ensure that each Program is offered in accordance with the Program Due Diligence Application approved by Sutton Bank. Sutton Bank shall have the right to conduct a risk assessment for each Program, which may include an assessment of any features of any Program product.

 

(ii) Client Due Diligence .Manager acknowledges that prior to signing or authorizing any Client to distribute Cards hereunder, each Client must be subject to Manager’s and Sutton Bank’s reasonable due diligence, and be approved by Sutton Bank in its sole discretion.

 

- 14 -

 

 

CONFIDENTIAL AND PROPRIETARY

 

(C) Marketing .Manager, at its own expense, shall solicit prospective Clients for participation in the Program using Client Materials. Manager and Sutton Bank have jointly developed Client criteria to be used for selection of Clients to participate in the Program, and such Client criteria shall only be amended in the manner provided in Section 3.1(G). Manager shall review the prospective Client’s application package to determine whether the prospective Client meets the Client criteria and if the prospective Client meets the Client criteria, is approved by Manager and executes the Client Agreement, such Client may participate in the Program. Upon request of Sutton Bank, Company shall promptly provide to Bank a copy of a Client’s Application Package and a copy of an executed Client Agreement.Manager will also ensure that (1) the design of each Card meets the applicable Network’sdesign specifications, (2) Card terms and conditions, the Cardholder Agreement, packaging, and any other associated materials comply with all requirements of the Program Documents and, where required, are approved by Sutton Bank in its reasonable discretion, (3) all communications which display a Network’s name, logo, bug or marks are pre-approved by that Network, and (4) all Card shipping and storage practices comply with applicable Network Rules, including but not limited to card inventory management controls. Manager further agrees that the services it provides hereunder shall be of professional quality and in accordance with industry standards and practices.Manager shall be responsible for the conduct and active monitoring and training of its employees, sales representatives, sales offices and agents with respect to all aspects of Manager’s performance under this Agreement and the Programs, including without limitation their respective compliance with this Agreement and Applicable Law.

 

(D) Background Checks and Employee Responsibility .Without limiting the Manager’s obligations in Section 3.1(C), Manager shall (a) conduct background checks on each of its employees engaged in providing the Services on Manager’s behalf, (b) provide to Sutton Bank, upon Sutton Bank’s request, the name, signature, and, if available under Applicable Law, Social Security Number or similar government-issued identifying number, of each Manager employee and sales representative, and maintain such information for a period of three (3) years after the end of any such employee’s employment for any reason, and (c) comply with the provisions of Section 19 of the Federal Deposit Insurance Act, as amended by the Financial Institutions Reform, Recovery, and Enforcement Act of 1989 (12 U.S.C. § 1829). Manager shall be liable for all actions or failure to act by such employees. Manager shall exercise commercially reasonable efforts to promptly rectify any non-compliant activity or other activity that, in Sutton Bank’s commercially reasonable discretion, could cause harm to Sutton Bank’s reputation or business. In the event an employee or potential employee’s background check does not meet the standards of the Act cited in this Section 3.1(D), Manager may consult with Sutton Bank to determine if an exception is allowable under Sutton Bank’s “Employment Guidelines” or similar policies or procedures.

 

(E) Manager Training .Manager shall provide appropriate training for its officers, employees, agents and representatives with respect to their duties, if any, related to the Program, and shall appropriately supervise all such Persons. Sutton Bank shall have the right to (a) periodically review and audit Manager’s training program to ensure Manager’s compliance with Sutton Bank’s training program and (b) at the request of Sutton Bank, monitor and participate in any such training program.

 

(F) New Approved Programs . Manager must obtain Sutton Bank’s prior approval to serve as program manager for each Program. Manager will submit a Program Due Diligence Application Form, attached hereto as Exhibit A, for each proposed Program for which Manager and Sutton Bank wish Manager to serve as the program manager. If the Program Due Diligence Application Form is approved and accepted by Sutton Bank, Schedule 1.1 to this Agreement will be amended to include such Program as an Approved Program. Upon Sutton Bank and Manager’s agreement to offer a Program to prospective Cardholders, Manager shall develop a marketing program to promote Cards to prospective Cardholders and Sutton Bank shall issue Cards within a designated BIN range assigned by the applicable Network for the Program.

 

- 15 -

 

 

CONFIDENTIAL AND PROPRIETARY

 

(G) Program Modifications .Manager may suggest changes to a Program or the Cardholder Agreements, Program Materials, Marketing Campaigns, or Program Due Diligence Application at any time, subject to the prior written consent of Sutton Bank.Manager shall be responsible for all costs associated with any such changes suggested by Manager and approved by Sutton Bank.Changes to a Program or the Cardholder Agreements, Program Materials, Marketing Campaigns, or Program Due Diligence Application, including a determination that certain Program Materials or Marketing Campaigns are no longer authorized, may be made by Sutton Bank upon one hundred eighty (180) calendar days’ notice to Manager, provided, however, that such notice shall not be required if such change (i) is appropriate to respond to any concern from a Regulatory Authority, (ii) is necessary in order to cause the Program to remain in compliance with Applicable Law, or (iii) is necessary to alleviate safety and soundness concerns or manage risk for Sutton Bank in connection with the Program and providing one hundred eighty (180) days’ prior notice is not feasible, in which case Sutton Bank shall provide notice as soon as commercially practicable.Sutton Bank shall take reasonable steps to prevent undue expense for Manager when changing any Cardholder Agreements, Program Materials and Marketing Campaigns that are already in production.Unless otherwise mutually agreed upon by the Parties, upon Manager’s receipt of written notice from Sutton Bank of any such changes to a Program or Program Documents or the Cardholder Agreements, Program Materials, Marketing Campaigns, or Program Due Diligence Applications or receipt of new Program Documents, Manager shall implement such changes as soon as commercially practicable but in no event later than one hundred eighty (180) days from Manager’s receipt of notice of such change, determination or new Program Document.Alternatively, if the modification would result in a materially adverse change to one or more Programs or if the modification would require Manager to devote significant resources, significantly amend material agreements or incur significant cost and expense, Manager shall provide Sutton Bank with written notice and reasonable detail of Manager’s concerns.Promptly following Sutton Bank’s receipt of such notice, the Parties shall meet in good faith to resolve Manager’s concerns in a mutually agreeable manner.If the Parties are unable to so resolve Manager’s concerns within one hundred eighty (180) days of Sutton Bank’s receipt of such written notice, Manager may elect to terminate the affected Program or Programs or transition such Program or Programs to a Successor Bank, upon prior written notice to Sutton Bank and subject to the provisions for such termination or transition as provided in Section 10.5. Manager shall take all actions deemed necessary by Sutton Bank, in Sutton Bank’s reasonable discretion, taking into account any legally-binding effective date with respect to any change in Applicable Law and the legal, compliance and reputation risks to the Parties, to implement the modification of and/or terminate the affected Program(s) in the manner and time period specified by Sutton Bank. Sutton Bank may seek specific performance under this Section.Manager shall bear all reasonable costs related to any changes requested by Sutton Bank pursuant to the circumstances set forth in clauses (i), (ii) or (iii) of this Section 3.1(G).

 

(H) Obligation of Manager to Provide Information . Manager must provide reports of Program activity to Sutton Bank in a mutually agreed electronic format.

 

- 16 -

 

 

CONFIDENTIAL AND PROPRIETARY

 

(I) Sales and Settlement . All funds received from customers in connection with the loading and reloading of value on Cards shall be handled in accordance with the terms of the Program Documents and this Agreement (Manager acknowledges and agrees that the requirements under the Program Documents shall supersede any conflicting obligations or restrictions in this Agreement); provided that Manager agrees that all such funds shall be held on behalf of Cardholders and as provided in the Program Documents and the Cardholder Agreement and Manager shall ensure (and cause all Clients to ensure) that no claims, liens nor any actions of ownership or possession of such funds will be permitted by any party other than the Manager, Cardholder, the Networks or Sutton Bank.

 

(J) Maintenance of Funding Accounts at Sutton Bank . A “ Funding Account ” is defined as a Program Account consisting of a demand deposit account to hold adequate funds to cover the amounts owing to Cardholders as determined by Manager and in accordance with Program Documents. Sutton Bank shall, at all times during the duration of this Agreement, establish and maintain a separate Funding Account for each Program. Manager will assist Sutton Bank in establishing the Funding Accounts.Sutton Bank will notify the Manager of the account numbers and any other information necessary for the Manager to transfer funds to such accounts.

 

(K) Merchant Payments to Sutton Bank . A “ Merchant ” is defined as a customer of Manager that provides funds to Cardholder accounts for rewards, promotional, incentive, loyalty and other similar purposes, in accordance with the applicable Approved Program. From time to time Manager shall cause its Merchants, by timely, irrevocable wire transfer, to deposit into the appropriate Merchant Rewards Account held at Sutton Bank adequate funds to cover the amounts owing to Cardholders as determined by the Manager and its Merchants (the “ Merchant Rewards Account ”). The total liability to Cardholder for a given program is equal to the sum of the Funding Account and the Merchant Rewards Account. Manager agrees that any funds deposited in the Funding Accounts and Merchant Rewards Accounts shall be for the sole purpose of satisfying claims on the Funding Accounts as provided in this Agreement and the applicable Approved Program.

 

(L) Revenue Sharing . Sutton Bank and Manager will share revenues from Programs subject to the terms and conditions set forth in Exhibit C (“ Revenue Share and Expense ”).

 

(M) Fraud Monitoring, Recovery and Liability.

 

(i) Fraud Monitoring . Manager shall monitor usage of Program products and services by Cardholders, and the provision of Program products and services by Distributors, to track, review and report on fraudulent use of Program products and services, and the Parties shall cooperate to reduce fraud. Manager also shall adopt such fraud monitoring practices in accordance with Sutton Bank’s internal procedures (as provided to Manager by Sutton Bank from time to time), standard industry practices and any Applicable Laws, as such industry practices or Applicable Laws may change over time. Manager shall provide to Sutton Bank a summary report of findings from Manager’s fraud monitoring upon request.

- 17 -

 

 

CONFIDENTIAL AND PROPRIETARY

 

(ii) Fraud Reporting . Each Party shall immediately notify the other Party if a Party (or, in the case of Manager, any of its Distributors or Third Party Service Providers) becomes aware of any attempt by any Person to obtain or use a Card by fraud, including, but not limited to, value Load fraud, provisional credit fraud, unauthorized Card use, under floor limit processing, merchant fraud, or fraud committed by an employee of Manager or any of its Distributors or Third Party Service Providers which is material (“ Program Fraud ”).

 

(iii) Fraud Investigation and Recovery . Manager shall cooperate fully with Sutton Bank and engage in any commercially reasonable efforts to locate and prosecute the perpetrator of any Program Fraud, and each Party shall bear the costs of its efforts in prosecuting same to the extent it deems commercially reasonable.In the event Sutton Bank has reasonable suspicion to believe that Program Fraud is taking place, Sutton Bank may in its sole discretion: (a) require Manager to halt the sale of Cards and/or Loads of Cards within a particular Card distribution channel or channels, (b) block the BIN associated with a specific Program offering or offerings, (c) freeze or suspend the suspicious Card Transactions, and (d) freeze or suspend any additional use of the remaining Cardholder Funds on such Cards, to the extent the actions described in clauses (a) through (d) above are in compliance with Applicable Law.

 

(iv) Liability for Fraud . Manager agrees that it shall be responsible for and liable to Sutton Bank for all commercially reasonable expenses associated with and any losses attributable to Program Fraud, unless such expenses and losses were proximately caused by the negligence or willful misconduct of Sutton Bank. Manager shall reimburse Sutton Bank for any such losses and expenses associated with Program Fraud within 24 hours of receivingwritten notice by Sutton Bank of such Program Fraud Following Manager’s exhaustion of operational and legal recourse in recovering such amounts attributable to the Program Fraud (e.g. chargeback process, etc.) any expenses and losses which were determined in a commercially reasonable manner to be proximately caused by the negligence or willful misconduct of Sutton Bank shall be reiumbursed to Manager within a reasonable time frame after receipt of written notice of same

 

(N) Program Audits and Examination Cooperation.

 

(i) Manager Audit Plans . Manager shall establish and maintain an internal audit plan for the Programs and its obligations under this Agreement as approved by the audit committee of Manager’s Board of Managers. Manager shall also establish and maintain an audit plan applicable to each Distributor’s, Marketer’s and Third Party Service Provider’s compliance with Applicable Laws in the performance of their obligations related to the Programs, and the Distribution and Service Agreements, the Marketing Agreements and Third Party Service Provider agreements, as applicable. Manager shall provide a copy of its audit plans to Sutton Bank, and shall respond in good faith to address any concerns raised by Sutton Bank, including with respect to the frequency, content and scope of the audits. Without limiting the foregoing, Sutton Bank may require that Manager perform an audit of any specified Distributor or Third Party Service Provider, pursuant to an audit plan and scope acceptable to Sutton Bank in its commercially reasonable discretion. Manager shall submit a written audit report to Sutton Bank in connection with each audit, and provide Sutton Bank with any additional information requested with respect to any material issues of concern identified in the audit or by Sutton Bank. Manager warrants that, as of the date of the submission of each such audit report to Sutton Bank that, to the best of Manager’s knowledge, such report is true, correct, complete, and not misleading. Upon Manager’s determination that any information contained in any such audit report is materially incorrect, incomplete or misleading in any way, Manager shall promptly notify Sutton Bank of the same.

 

- 18 -

 

 

CONFIDENTIAL AND PROPRIETARY

 

(ii) Program Audits . Manager agrees that Sutton Bank, its authorized representatives and agents, and any Regulatory Authority or Network (“ Auditing Party ”) shall have the right, at any time during normal business hours and upon reasonable prior written notice, or at any other time required by Applicable Law or by a Regulatory Authority, to inspect, audit, and examine all of Manager’s facilities, records, personnel, books, accounts, data, reports, papers and computer records relating to the activities contemplated by this Agreement including, but not limited to, financial records and reports, the Security Program, associated audit reports, summaries of test results or equivalent measures taken by Manager and/or any Third Party Service Provider to ensure that the Security Programs meet the objectives of the Security Guidelines in accordance with Applicable Law and this Agreement and that Manager is otherwise in compliance with the terms of this Agreement and Applicable Law. Only one such audit a year will be at Manager’s expense, unless a material breach of the Agreement by Manager has occurred and is continuing. Manager shall, and shall contractually require its Distributors and Third Party Service Providers to, make all such facilities, records, personnel, books, accounts, data, reports, papers, and computer records available to the Auditing Party for the purpose of conducting such inspections and audits, and the Auditing Party shall have the right to make copies and abstracts from Manager’s or a Distributor’s or Third Party Service Provider’s books, accounts, data, reports, papers, and computer records directly pertaining to the subject matter of this Agreement, provided such Auditing Party shall be bound by terms of confidentiality in accordance with and no less strict then those contained in this Agreement as respects the treatment of any Confidential Information.Sutton Bank shall pay for its authorized representatives and agents own expenses during any such audit.

 

(iii) BSA/AML/OFAC Audits . Manager shall engage a qualified, external, independent third party auditor to conduct a complete annual audit of Manager’s compliance with Manager’s approved BSA/AML/OFAC Procedures, which shall include, without limitation, a review of Manager’s compliance with Sutton Bank’s policies and procedures in place with respect to identifying the number of sales of Cards at any one Distributor location in one day, limiting the number of registered Cards activated by any one individual with the same social security number, limiting the number of registered Cards activated by individuals at any one physical address, and limiting the Loads to each Card.Manager will be responsible for all of the cost of these BSA/AML/OFAC audits.

 

(iv) Manager Cooperation . Manager agrees to cooperate, and shall contractually require all Distributors, Marketers, and Third Party Service Providers to cooperate, with any examination, inquiry, audit, information request, site visit or the like, which may be required by any Regulatory Authority or Network with audit examination or supervisory authority over Sutton Bank, to the fullest extent requested by such Regulatory Authority, Network or Sutton Bank. Manager shall also provide to Sutton Bank any information which may be required by any Regulatory Authority or Network in connection with their audit or review of Sutton Bank or any Program and shall reasonably cooperate with such Regulatory Authority or Network in connection with any audit or review of Sutton Bank or any Program.Manager shall also provide, at its sole cost and expense, such other information as Sutton Bank, Regulatory Authorities or Network may from time to time reasonably request with respect to the financial condition of Manager and such other information as Sutton Bank may from time to time reasonably request with respect to third parties who have contracted with Manager relating to or in connection with this Agreement.

 

- 19 -

 

 

CONFIDENTIAL AND PROPRIETARY

 

(v) Corrective Action Plans . Manager shall prepare a written response to Sutton Bank (a “ Response to Audit Letter ”) to all criticisms, recommendations, deficiencies, and violations of Applicable Law identified in reviews conducted by Sutton Bank, any Regulatory Authority or Network (“ Audit Findings ”). The Response to Audit Letter shall be delivered to Sutton Bank within twenty (20) Business Days of Manager’s receipt of such Audit Findings, unless directed otherwise by a Regulatory Authority or a Network.The Response to Audit Letter shall include, at a minimum, a detailed discussion of the following:

 

(a) the planned corrective action to address the Audit Findings (“ Audit Corrective Action Plan”);

 

(b) employee(s) of Manager tasked to remedy the Audit Findings;

 

(c) remedial actions proposed to be directed to current or past Cardholders negatively impacted by the Audit Findings (provided no such action shall be taken without express written approval from Sutton Bank);

 

(d) steps to be taken to prevent any recurrence of the Audit Findings;

 

(e) a specific timeframe, not to exceed forty (40) Business Days, unless otherwise approved by Sutton Bank in advance, to implement the Audit Corrective Action Plan (“ Corrective Action Plan Deadline ”);

 

(f) documentation evidencing that the Audit Corrective Action Plan has been implemented;

 

(g) if additional time is needed to implement the Audit Corrective Action Plan or deviations from the Audit Corrective Action Plan are necessary, a written request shall be submitted to Sutton Bank detailing the extenuating circumstances that necessitate an extension of the Corrective Action Plan Deadline and such extension request shall be subject to the reasonable approval of Sutton Bank; and

 

(h) identification of any Audit Findings disputed by Manager or where corrective action is not possible or necessary, supported by a detailed explanation of Manager’s position.

 

- 20 -

 

 

CONFIDENTIAL AND PROPRIETARY

 

(O) Recordkeeping and Reporting.

 

(i) Recordkeeping . Unless otherwise agreed, Manager will keep, or cause to be kept, current and accurate records relating to each Program, including, but not limited to: (a) the identity of each Cardholder and the steps taken to verify such identity, if applicable to the Program; (b) all information received by Processor in each daily Settlement file; and (c) other information as may be required by Applicable Law (“ Program Records ”). With respect to each Card, Manager shall retain all Program Records for the time period required by Applicable Law, and in any event, for no less than five (5) years after the termination of any Cardholder Agreement or Program, whichever is later.

 

(ii) Reports and Access to Program Records . Sutton Bank shall be provided with access to any Program Records and any other information and documents it reasonably requests from time to time from Manager or any Distributor, Marketer or Third Party Service Provider retained by Manager with regard to any activity contemplated by or relating to this Agreement, and such information shall be provided in accordance with Sutton Bank’s specifications and requirements, including, but not limited to, the timeframe and format in which such information and documents must be provided.Manager shall ensure that it has ready access to all Program Records, including those maintained by its Distributors and Third Party Service Providers, in order to comply with any request from Sutton Bank pursuant to this Section.

 

(iii) All Program Records generated by Manager and its Third Party Service Providers in connection with the Program(s) shall be the property of Sutton Bank, subject to each Party’s (or a Marketer’s or Distributor’s) ownership interest in Joint Cardholder Data as defined in Section 7.1.

 

(P) Customer Service

 

(i) Manager shall (i) establish and maintain an internet website that performs customer service functions as directed by Sutton Bank; and (ii) administer and maintain a dedicated toll-free phone number, which number shall be printed on the Cards, for providing live and interactive voice response telephonic customer service. Manager shall perform monthly quality monitoring of the customer service functions in accordance with Sutton Bank requirements.

 

(ii) To ensure the integrity of the Program, Sutton Bank may periodically elect in its sole discretion to conduct random call sampling and/or mystery calls (“ Call Monitoring ”). Call Monitoring is intended to assess the abilities of live agents on a quality scorecard, including their range of knowledge and their skills (including “soft skills”) used to govern the approach to delivering accurate information and reliable services with effective communication. If Sutton Bank conducts Call Monitoring, Sutton Bank may request from Manager a minimum of ten (10) randomly selected recordings of calls from Cardholders to live agents, which minimum may be increased in Sutton Bank’s sole discretion.

- 21 -

 

 

CONFIDENTIAL AND PROPRIETARY

 

3.2. Processing Services

 

(A) Manager shall, at its sole expense, enter into a Processing Services Agreement with a Sutton Bank-approved Processor, in form and substance acceptable to Sutton Bank in its sole discretion, and the contents of which shall bind Processor to ensure all provisions of this Section are met in addition to other provisions of this Agreement that are specifically required to be in the Processing Services Agreement. The Processing Services Agreement shall provide the following Processing Services for the Program(s):

 

(i) Transaction authorization, processing, clearing and settlement and all accounting relating to Cards;

 

(ii) helpdesk and technical support;

 

(iii) data capture and reporting and information management services;

 

(iv) Cardholder account and Transaction dispute processing and resolution, and any other informal disputes or resolutions as needed from the Cardholder, as promptly as commercially reasonable, and not later than full resolution within applicable legal, regulatory, and Network required timeframes;

 

(v) fraud prevention and security; and

 

(vi) any other services necessary or desirable to effectuate the Program or as requested by Sutton Bank or a Network from time to time.

 

(B) Manager, at its sole expense, shall also provide the following additional services to support each Program (the “ Ancillary Services ”), either directly or through a Third Party Service Provider. Ancillary Services shall include, but not be limited toprocessing all applications and establishing all accounts in the Program on behalf of Sutton Bank, including, but not limited to:

 

(i) providing Cardholder Agreements;

 

(ii) submitting to Bank applications for approval;

 

(iii) providing information to Processor to establish the accounts;

 

(iv) collecting and maintaining Cardholder identification;

 

(v) screening Clients or Cardholder applicants for compliance purposes;

 

(vi) conducting initial review of all Client and Cardholder accounts to ensure compliance with OFAC directives, as applicable; and

 

(vii) authorizing Card activation;

 

(viii) Card creation, production and shipment, including:

 

- 22 -

 

 

CONFIDENTIAL AND PROPRIETARY

 

(ix) Card design;

 

(x) purchase and safekeeping of plastic stock; (xi) embossing and encoding of Cards;

 

(xii) printing of Card carriers;

 

(xiii) mailing or other delivery of Cards; and

 

(xiv) preparation and mailing of PIN mailers, as applicable;

 

(xv) preparation and mailing of all other documents required or otherwise to be sent to Cardholders, as applicable;

 

(xvi) providing monthly and other periodic account statementsor electronic transaction records, as required by Applicable Law;

 

(xvii) customer service in accordance with the terms of this Agreement;

 

(xviii) all other Program-related mailings to Cardholders including shipping costs and postage; and

 

(xix) any other services necessary or desirable to effectuate the Program or as agreed upon by Bank and Manager from time to time.

 

(C) Manager shall be responsible for the reporting and handling of any Cardholder Funds that constitute unclaimed, abandoned or similar property under Applicable Law based upon the Cardholder records maintained and provided by Manager. Manager either directly or through a contracted third party shall be responsible for any obligations under Applicable Law to contact the owner of funds under escheatment or unclaimed property laws.

 

(D) Manager shall ensure that any Processor or other Third Party Service Provider complies with all Applicable Law and Sutton Bank Policies in providing Processing Services or Ancillary Services.

 

(E) Manager shall at no time fail to fulfill any of its obligations under this Agreement, including the provision of Processing Services, Ancillary Services, or customer service to Cardholders for any Program, due to a dispute between Manager and a Processor or subcontractor.

 

(F) Notwithstanding anything to the contrary contained in this Agreement, Sutton Bank shall have the right (but not the obligation), at any time as determined in its reasonable discretion (including during any wind-down period contemplated by Section 10.5), to assume responsibility for the Processing Services and to perform, either directly or through the Processor or another third party designated by Sutton Bank, all services in connection therewith, in the event that Sutton Bank determines, in its reasonable discretion, that a Processor’s actions or failure to act has resulted or could result in (i) a breach of the obligations of Processor to Manager or Sutton Bank; (ii) material reputational harm to Sutton Bank or a material threat to the safety and soundness of Sutton Bank; (iii) a material adverse impact to Cardholders; or (iv) a material risk of a data security breach. In the event of any such action or failure to act by Processor, Sutton Bank shall provide written notice to Manager, and Manager and Processor shall have thirty (30) days from the date of such notice to cure the actions or failure to act on behalf of Processor that resulted in the notice, unless immediate action is required due to direction from a Regulatory Authority or such other extenuating circumstances that prevent the giving of advance notice and such a cure period. Any fees and expenses reasonably incurred by Sutton Bank in connection with the exercise of its rights set forth in this Section 3.2(e) shall be paid by the Manager and Sutton Bank shall have the right to deduct all such fees and expenses from the compensation and other amounts payable to Manager hereunder.

 

- 23 -

 

 

CONFIDENTIAL AND PROPRIETARY

 

3.3. Processor System Access

 

(A) Manager shall ensure through the Processing Services Agreement that Sutton Bank at all times has access to data files delivered to a location and in a format acceptable to both parties.

 

(B) Manager shall ensure through the Processing Services Agreement that Sutton Bank’s access to the Processor Systems, at all times during the Term and any wind down period, permits Sutton Bank to:

 

(i) Adjust Cardholder or account information, including but not limited to, the closing or suspension of a Card at any time for any reason in Bank’s sole discretion, and the adjustment of account balances;

 

(ii) File suspicious activity reports (“SAR”) with FinCEN as required by Applicable Law.

 

(C) Sutton Bank shall provide notice of any adjustment or modification made within the Processor System as soon as practicable after making such adjustment or modification. Any adjustments or modifications made by Sutton Bank within the Processor Systems in accordance with this Section 3.3 may not thereafter be altered or reversed without Sutton Bank’s prior written approval.

 

3.4. Sutton Bank Responsibilities

 

In addition to any other obligations of Sutton Bank set forth in this Agreement:

 

(A) Sutton Bank Prepaid Card Services . Sutton Bank shall be responsible for providing the Sutton Bank Prepaid Card Services.

 

(B) Sutton Bank System Security . Sutton Bank shall implement and will comply with its security procedures designed to (i) prevent unauthorized access to Sutton Bank’s systems through computer hardware and software systems which are owned or controlled by Sutton Bank, and (ii) prevent unauthorized access to or use of Sutton Bank’s systems by Sutton Bank’s current and former personnel.When on site at Manager’s premises, Sutton Bank personnel shall observe and adhere to Manager’s policies and procedures generally applicable to visitors of Manager’s premises as provided to Sutton Bank by Manager.

 

 

- 24 -

 

 

CONFIDENTIAL AND PROPRIETARY

 

(C) Sutton Bank Personnel . Sutton Bank shall be responsible for any acts or omissions of Sutton Bank employees, subcontractors and authorized agents acting with Sutton Bank’s authorization on Sutton Bank’s behalf, which, if performed by Sutton Bank, would constitute a breach of this Agreement.For the avoidance of doubt, Sutton Bank shall in no way be responsible for the acts or omissions of Manager or its employees, subcontractors, authorized agents, Distributors, Marketers or Third Party Service Providers.

 

(D) System Access .Sutton Bank acknowledges that it may receive access to Manager’s system, network components, or electronic databases (“ Manager’s System ”) in order to monitor Program activity. In such event, Sutton Bank will be responsible for the administration of Sutton Bank’s access to Manager’s System as follows:

 

(i) Sutton Bank will provide Manager with the names and contact information of the Sutton Bank employees who are authorized to access Manager’s System in order to monitor Program activity (“ Authorized Users ”);

 

(ii) Sutton Bank will instruct Manager to disable access to Manager’s System for terminated Authorized Users or Authorized Users who no longer have a need to access Manager’s System; and

 

(iii) Sutton Bank will comply with Manager’s reasonable and industry standard security procedures provided to Sutton Bank with respect to maintaining secure access to Manager’s System. Notices of Changes .Except as such is limited by Applicable Law or the actions or requirements of a Regulatory Authority, Sutton Bank shall notify Manager as far as reasonably possible in advance of any:(a) change in the name or form of business organization of Sutton Bank or change in the location of its chief executive office; or (b) any material adverse change in Sutton Bank’s financial condition or operations that might materially and adversely affect Sutton Bank’s ability to perform its obligations under this Agreement. Notice of Proceedings .Except as such is limited by Applicable Law or the actions or requirements of a Regulatory Authority, Sutton Bank shall promptly notify Manager of any action, suit, litigation, proceeding, consent order, directive, sanction, facts and circumstances, and of all tax deficiencies and other proceedings before governmental bodies or officials, including any Regulatory Authority, affecting Sutton Bank, and the threat of reasonable prospect of same, which (i) relate to a Program or this Agreement, (ii) might give rise to any indemnification obligation pursuant to Article XI or (iii) might materially and adversely affect Sutton Bank’s ability to perform its obligations under this Agreement.

 

(G) Sutton Bank’s Capitalization . Sutton Bank shall use reasonable efforts to (i) maintain sufficient capital to support its deposits and assets and (ii) remain a well-capitalized institution, as defined under the prompt corrective actions provisions of the Federal Deposit Insurance Act, 12 U.S.C. § 1831o and 12 C.F.R. Part 6.

 

- 25 -

 

 

CONFIDENTIAL AND PROPRIETARY

 

(H) True and Correct Information . Sutton Bank covenants that all information furnished by Sutton Bank to Manager for purposes of or in connection with this Agreement shall be, to the best of Sutton Bank’s knowledge, as of the date provided, true and correct in all material respects and does not omit any material fact necessary to make the information so furnished not misleading. Except as disclosed to Manager, there is no fact known to Sutton Bank (including threatened or pending litigation) that is reasonably likely to materially and adversely affect the financial condition, business, property, or prospects of Sutton Bank.

 

(I) Cooperation . Sutton Bank covenants that it shall use commercially reasonable efforts to cooperate with Manager in the operation of the Programs and its obligations under the Agreement, including in respect of the settlement of disputes with Cardholders.

 

(J) Sutton Bank shall promptly notify Manager in writing in the event that Sutton Bank, together with its Affiliates, accumulates in excess of $9 billion in assets at any given date.

 

3.5. Intellectual Property

 

(A) Limited Grant . Each Party (“Grantor”) grants no rights in its Intellectual Property to the other Party, and such other Party’s Third Party Service Providers, other than a limited, royalty-free, non-exclusive, non-transferable, and restricted license to use any Marks and other Intellectual Property of the other Party as mutually agreed to in writing by the Parties from time to time and only for such use as specifically approved in each instance of use on websites, Cards, Card applications, and other communications and documents relating to any Program.

 

(B) Standards of Use . Each Party’s use of the Marks and other similar Intellectual Property of Grantor shall conform to the specific permissions and standards established by Grantor in its applicable graphic standards as provided to the licensed Party.

 

(C) No Title or Ownership . Each Party acknowledges that it will not acquire any right, title or interest in or to the other Party’s Marks, website names, or any other Intellectual Property owned by the other Party, except as specifically granted in Section 3.5(A). All goodwill generated in use of a Grantor’s Marks shall inure solely to the benefit of Grantor. Each Party further acknowledges that any license granted under Section 3.5(A) will terminate upon termination of this Agreement, and that, following such termination, that Party will discontinue all use of Marks licensed to such Party pursuant to this Agreement except as otherwise described in the wind-down or transition plan for the Programs pursuant to Section 10.5.

 

(D) Program Marks . All rights in any name, mark, symbol, logo, slogan, dress, or like identifier that is (i) not a Mark of Sutton Bank, Network, Processor, or any Third Party Service Provider as of the date hereof and (ii) created by Manager during the Term for use in connection with the Programs (each a “ Program Mark ”) shall belong exclusively to Manager.

 

(E) In the event Manager provides any software or hardware to Sutton Bank, Manager represents and warrants that it has the legal right to such software or hardware and the right to permit Sutton Bank to use such software or hardware, and such use shall not violate any intellectual property rights of any third party. Manager will obtain and at all times maintain appropriate licenses with respect to any intellectual property owned by a third party and utilized in connection with this Agreement. Manager shall ensure that the Cards and any Program Documents or other aspects of the Program(s) will not violate any intellectual property rights of any third party and shall be liable for all fees associated with licensing any such intellectual property rights.

 

- 26 -

 

 

CONFIDENTIAL AND PROPRIETARY

 

(F) Indemnification . Each Party (“ Indemnitor ”) shall indemnify and hold the other Party harmless from and against any claim made against the other Party based on any infringement of any intellectual property rights of any Person with respect to Indemnitor’s Intellectual Property, names, marks, logos, or any other materials supplied to the other Party pursuant to this Agreement. This indemnity shall not be limited by any provisions to the contrary in this Agreement.

 

(G) No Waiver of Rights . By entering into this Agreement, neither Party in any way implies that it is waiving any property rights it has in its Marks or any other Intellectual Property belonging to it or its Affiliates, including but not limited to rights accruing by virtue of applicable federal, state, or common law protections for copyright, patent, trade secret, trademark and/or service mark rights. In the event either Party discovers a violation of such proprietary rights, that Party, for itself and on behalf of its Affiliates, expressly reserves the right to seek in an appropriate state or federal court all available remedies for the infringement of such rights.

 

(H) Third Party Marks . In the event that the Cards or any Marketing Materials are to contain any Marks of a third party, Manager shall include in its written agreement with such Person, a license granted to Manager and to Sutton Bank from such person to use such Person's Marks (the “Third Party Marks”), with the same limitations and obligations set forth in Section 3.5 of this Agreement. The license to use such Third Party Marks shall terminate no less than ninety (90) days after the expiration of such Person's agreement with Manager or at the end of any wind- down or transition period, to allow for the orderly transition of the Programs to a Successor Bank, where appropriate. Neither the Cards nor the Marketing Materials will contain any Third Party Mark unless agreed to in writing by Sutton Bank.

 

ARTICLE IV. – REPRESENTATIONS AND WARRANTIES

 

4.1. Manager Representations and Warranties

 

Manager represents and warrants to Sutton Bank, as of the Effective Date, as follows:

 

(A) Existence . Manager is duly organized, validly existing and in good standing under the laws of the state of Kansas and has its principal office in Kansas City, Missouri.

 

(B) Authority . Manager has the corporate and legal authority and power to enter into this Agreement and to perform the obligations set forth in the Program Documents.

 

(C) Ownership; No Infringement . Manager owns, has licensed, or otherwise has the right to use any trademarks, service marks, patents and other intellectual property necessary for it to use in the operation of each Approved Program referenced herein, and to the best of Manager's knowledge any such use will not infringe upon the rights of any third party.

 

- 27 -

 

 

CONFIDENTIAL AND PROPRIETARY

 

(D) Accuracy of Financial Information . Manager has delivered to Sutton Bank complete and accurate copies of its balance sheets and related statements of income and cash flows. All financial statements and information that have been furnished to Sutton Bank are accurate in all material respects and fairly represent, in all material respects, (i) the financial condition of Manager, including contingent liabilities of every type, which financial condition has not changed materially or adversely as of the date of this Agreement, and (ii) the terms, conditions and other information related to Manager's Programs, which terms, conditions and other information havenot changed materially or adversely as of the date of this Agreement. Additionally, Manager agrees to provide Sutton Bank, within ten (10) days of Sutton Bank's request therefore, with copies of Manager's then-most current unaudited financial statements and/or Manager’s parent company’s then-most current annual audited financial statements, prepared in accordance with the requirements of the immediately preceding sentence, and such information concerning Manager's Programs as Sutton Bank may request. The financial statements, terms, conditions and other information referred to in this Section 4.1(D) are referred to collectively as the “ Financial Information .”

 

(E) Claims and Litigation . Neither Manager nor any of its Affiliates is the subject of any litigation, infringement, or enforcement action, and to the knowledge of Manager, neither manager nor any of its Affiliates is the subject of any investigation by any Person or governmental body which, if determined adversely to Manager or the Affiliate, would have a material adverse effect on (i) the business, financial condition or operations of Manager, (ii) the ability of Manager to operate each Approved Program referenced herein, or (iii) the ability of Manager to perform its obligations under the Program Documents. Neither Manager nor any Affiliate or principal of Manager has been or is subject to (i) any criminal conviction (other than for minor traffic offenses and other petty offenses), (ii) any unpaid federal or state tax lien, (iii) administrative or enforcement proceedings commenced by the Securities and Exchange Commission, any state securities regulatory authority, the Federal Trade Commission, any federal or state banking regulator or any other federal or state regulatory agency, or (iv) any restraining order, decree, injunction or judgment in any proceeding or lawsuit alleging fraud or deceptive practice on the part of Manager or any principal or Affiliate of Manager. For the purposes of this Section 4.1(E), the term "principal" includes (i) any Person who directly or indirectly owns ten percent (10%) or more of Manager, (ii) any officer or director of Manager, and (iii) any Person actively participating in the control of Manager's business.

 

(F) Consents . Manager has obtained all material licenses, consents or permissions needed from any applicable governing authority or other Person to perform its duties set forth in the Program Documents and this Agreement.

 

(G) Compliance . Manager adheres to all applicable Applicable Law, and has completed and implemented an anti-money laundering compliance program, a copy of which has been provided to Sutton Bank.

 

(H) Resources . Manager has and will maintain all staffing, operational, and financial resources that are necessary or appropriate to perform its obligations under this Agreement and its agreements with Client(s).

 

(I) Each time that Manager submits a report of information regarding a Program or a particular Card to Sutton Bank, Manager represents and warrants that such report is true, accurate and complete in all material respects as of the date of such report.

 

- 28 -

 

 

CONFIDENTIAL AND PROPRIETARY

 

(J) All due diligence materials furnished to Suton Bank relating to Manager or completed by Manager with respect to a Third Party Service Provider were accurate and complete in all material respects and complete insofar as completeness may be necessary to give Sutton Bank a true and accurate knowledge of the subject matter.

 

(K) Each location of Manager material to the performance of its obligations has been disclosed in writing to Sutton Bank prior to the date of this Agreement and Manager will promptly notify Sutton Bank in writing of any changes in such locations or opening of new locations that are material to the performance of Manager's obligations.

 

(L) Manager's Marks do not infringe upon any intellectual property rights of any third party, and Manager has the requisite authority to license the use of its Marks as contemplated under this Agreement.

 

4.2. Sutton Bank Representations and Warranties

 

Sutton Bank represents and warrants to Manager, as of the Effective Date, as follows:

 

(A) Organization and Qualification . Sutton Bank is a state chartered bank duly organized, validly existing and in good standing under the laws of the state of Ohio. Sutton Bank is duly qualified and in good standing to do business in all jurisdictions where such qualification is necessary for it to carry out its obligations under this Agreement, except where the failure to so qualify would not have a material adverse effect on Sutton Bank’s business, or where the failure to so qualify would not have a material adverse effect on Manager’s or Sutton Bank’s ability to continue operation of the Programs. Sutton Bank is (i) a member in good standing with each Network necessary to the operation of the Programs, and (ii) in good standing with each Regulatory Authority with jurisdiction over it, including the Federal Deposit Insurance Corporation.

 

(B) Corporate Authority.

 

(i) Corporate Power . Sutton Bank has all necessary corporate power and authority to enter into this Agreement and to perform all of the obligations to be performed by it under this Agreement.

 

(ii) Authorization . This Agreement has been duly authorized by all necessary proceedings, has been duly executed and delivered by Sutton Bank and is a valid and legally binding agreement of Sutton Bank duly enforceable in accordance with its terms (except as such enforcement may be limited by bankruptcy, insolvency, reorganization, moratorium and other laws relating to or affecting creditors’ rights generally and by general equity principles).

 

(iii) Approvals . No consent, approval, authorization, order, registration or qualification of or with any court or Regulatory Authority or other governmental body having jurisdiction over Sutton Bank is required for, and the absence of which would materially adversely affect, the legal and valid execution and delivery of this Agreement, and the performance of the transactions contemplated by this Agreement.

 

- 29 -

 

 

CONFIDENTIAL AND PROPRIETARY

 

(iv) No Conflicts . The execution and delivery of this Agreement by Sutton Bank hereunder and the compliance by Sutton Bank with all provisions of this Agreement shall not:(i) conflict with, result in the breach of, constitute a default under or accelerate, terminate, modify or cancel or require any notice or consent under any agreement, contract, lease, license, instrument or other arrangement to which Sutton Bank is a party or by which it is bound or to which any of its assets is subject, except for such violations, conflicts, breaches, defaults, accelerations, terminations or modifications that would not have a material adverse effect on its ability to fulfill its obligations under this Agreement; or (ii) violate the charter, bylaws, or any other equivalent organizational document of Sutton Bank.

 

(C) Litigation . There is no pending, nor to the knowledge of Sutton Bank, threatened, suit, action, arbitration or other proceedings of a legal, administrative or regulatory nature, or any governmental investigation, against Sutton Bank or any of its Affiliates or any officer, director or employee which has not been previously disclosed to Manager in writing and which would materially and adversely affect Sutton Bank’s financial condition or Sutton Bank’s ability to perform its obligations under this Agreement.

 

(D) Sutton Bank Marks . Sutton Bank has the legal right to use and to permit Manager to use, to the extent set forth herein, the Sutton Bank Marks.

 

(E) Intellectual Property Rights . In the event Sutton Bank provides any software or hardware to Manager, Sutton Bank has the legal right to such software or hardware and the right to permit Manager to use such software or hardware, and such use shall not violate any intellectual property rights of any third party.

 

(F) FDIC Insurance . Sutton Bank’s deposits are insured by the Federal Deposit Insurance Corporation to the full extent permitted by and available under Applicable Law, and no proceeding has been instituted to revoke such insurance.

 

ARTICLE V. – PROGRAM COMPLIANCE

 

5.1. Compliance with Applicable Law

 

Each Party acknowledges and agrees that it shall comply with Applicable Law in the performance of its obligations under this Agreement. Manager agrees that it shall contractually obligate its Distributors, Marketers, and Third Party Service Providers to comply with Applicable Law in the performance any services provided in connection with the Program. Sutton Bank may, if directed by a Regulatory Authority or for continued non compliance terminate this Agreement by giving written notice of termination to Manager, in which case the date of termination shall be as set forth in such notice.

 

5.2. Compliance Counsel

 

Sutton Bank may exercise its discretion to obtain legal counsel (“ Compliance Counsel ”) with expertise in the field of payment instruments to assist Sutton Bank in reviewing, and to advise Sutton Bank with regard to, the compliance with all Applicable Law, and all Program Materials, policies, procedures and guidelines pertaining to the Program.Such Compliance Counsel shall be employed solely by Sutton Bank and retained in that capacity so long as Sutton Bank deems advisable.Manager shall promptly reimburse Sutton Bank for such Compliance Counsel’s actual fees and disbursements for the review and advice beginning after such Compliance Counsel has provided five (5) hours of billable time so advising Sutton Bank, as provided in this Section 5.2, upon presentation by Sutton Bank of statements therefore setting forth such fees and disbursements in reasonable detail; provided, however, that Sutton Bank will notify Manager prior to beginning any individual project or matter after the Effective Date if Sutton Bank believes that the fees and disbursements for such individual project or matter will exceed $2,500.

 

- 30 -

 

 

CONFIDENTIAL AND PROPRIETARY

 

5.3. Operating Policies and Procedures

 

Each Party shall develop written policies and procedures associated with fulfilling its responsibilities and obligations contained herein and required by Applicable Law.

 

5.4. BSA/AML/OFAC Compliance

 

(A) Manager’s BSA/AML/OFAC Procedures . Manager shall comply with the applicable provisions of the Bank Secrecy Act (“ BSA ”) and shall implement the comprehensive Bank Secrecy Act, customer identification, AML, OFAC program (the “ BSA/AML/OFAC Procedures ”) approved by Sutton Bank from time to time, designed specifically to address the BSA/AML/OFAC risks associated with each Program. Manager shall maintain the BSA/AML/OFAC Procedures, and such other compliance measures, including a system of internal controls, to ensure ongoing compliance with the Bank Secrecy Act, independent annual testing of the BSA/AML/OFAC Procedures, the designation of an individual or individuals responsible for coordinating and monitoring the BSA/AML/OFAC Procedures and periodic training of appropriate personnel. Manager and Sutton Bank shall coordinate complete reviews of the BSA/AML/OFAC Procedures and any other BSA/AML/OFAC guidelines of Manager as it relates to the Programs at least annually, and more frequently when new enforcement trends, regulatory guidance, or changes to Applicable Law suggest that such reviews are advisable in Sutton Bank’s reasonable determination.

 

(B) Provider of Prepaid Access . Manager shall ensure that each Distributor,and Third Party Service Provider shall register as a MSB as and to the extent required by Applicable Law, including, but not limited to, 31 CFR Parts 1010 and 1022 (“ Prepaid Access Rule ”). Regardless of whether Manager is required to register as a provider of prepaid access, Manager shall further ensure that Manager and any Distributors deemed to be “sellers” of prepaid access (as defined by the Prepaid Access Rule) comply with the Prepaid Access Rule, the BSA and any other applicable regulations promulgated by FinCEN, including, but not limited to, ensuring that Manager and all sellers of prepaid access comply with suspicious activity reporting, currency transaction reporting, anti-money laundering, and sales monitoring requirements, and maintain all records required under the Prepaid Access Rule and other Applicable Laws.Manager shall promptly accomplish all acts necessary to comply with FinCEN obligations under the Prepaid Access Rule, and shall indemnify and hold Sutton Bank harmless from any fines, penalties or sanctions of any nature resulting from Manager’s not complying with the rule.

  

- 31 -

 

 

CONFIDENTIAL AND PROPRIETARY

 

(C) Bank BSA/AML/OFAC Requirements . Manager shall further comply with any requirements established by Sutton Bank and provided to Manager to ensure BSA/AML/OFAC compliance by Sutton Bank (“ Bank BSA/AML/OFAC Requirements ”), as the same may be amended from time to time by Sutton Bank.At a minimum, the Bank BSA/AML/OFAC Requirements include the following:

 

(i) prior to Activation, with respect to Programs that allow for reloadsby the cardholder or a third party other than the Client, Manager shall obtain, record and verify customer identification information regarding each such Cardholder in accordance with Applicable Law, and shall be responsible for ensuring that each such Cardholder meets Sutton Bank’s Customer Identification Program as required by Applicable Law and the Bank BSA/AML/OFAC Requirements;

 

(ii) Manager shall comply with all OFAC regulations, including, but not limited to: (1) ensuring that all registered Cardholders are screened at time of registrationin accordance with Applicable Law and the Bank BSA/AML/OFAC Requirements and periodically thereafter as required by Applicable Law through a screening system implemented to comply with OFAC regulations and the Bank BSA/AML/OFAC Requirements, and (2) complying with all OFAC and Sutton Bank directives regarding the prohibition or rejection of unlicensed trade and financial transactions with OFAC specified countries, entities and individuals; and

 

(iii) Manager shall monitor the usage of products and services offered under each Program to track, review and report any suspicious activity in accordance with Applicable Law and the Bank BSA/AML/OFAC Requirements, including, but not limited to, all obligations to report such suspicious activity to Sutton Bank in accordance with applicable timeframes contained within the Bank BSA/AML/OFAC Requirements, or take such other actions as shall be requested from time to time by Sutton Bank.

 

(D) To the extent any of Manager’s obligations under this Section are performed by a third party, such third party shall be considered a Third Party Service Provider.

 

5.5. Disclosure of Key Card Terms

 

The Parties understand that the fees and substantive terms associated with a Card should be readily available for review by any Person inquiring about a Card.Each Party shall take commercially reasonable steps to ensure that prospective Cardholders have an opportunity to review the Cardholder Agreement if they desire to do so prior to submitting an application for a Card.Manager shall also ensure that customer service representatives and Manager staff and its Distributors are knowledgeable of the fees and substantive terms of each Program.The Parties shall each ensure that the Cardholder Agreement is available on any website administered by the respective Party to support a Program.Manager shall also clearly and conspicuously disclose to the Cardholder and any Applicant for a Card any dormancy fee that may be assessed against each Card, how often such fees may be assessed, the conditions under which a fee may be assessed and that such fee may be assessed for inactivity.

 

- 32 -

 

 

CONFIDENTIAL AND PROPRIETARY

 

5.6. Privacy Notices

 

Sutton Bank will prepare and approve a Privacy Notice to be provided to Cardholders on behalf of Sutton Bank that meets Sutton Bank’s privacy policy and otherwise reflects the terms of this Agreement related to ownership and use of Cardholder Data, including Customer Identifying Information, and Manager shall be responsible for providing this Privacy Notice to each Cardholder at Manager’s expense in accordance with Applicable Law, including providing the Privacy Notice in any foreign language through which Cardholders are being solicited via Sutton Bank approved Marketing Materials. In addition, Manager is responsible for preparing and delivering, at its expense, any Privacy Notice that Manager is separately required to provide to Persons under Applicable Law. Manager may choose to support the technological and disclosure requirements necessary to permit the electronic delivery of disclosures upon Cardholder consent consistent with Applicable Law, subject to Sutton Bank’s prior written approval.

 

5.7. Escheat

 

Manager shall provide escheat recordkeeping services on Sutton Bank’s behalf for the Programs in compliance with all state unclaimed property laws. Sutton Bank shall remit such unclaimed funds to the appropriate jurisdiction as required under Applicable Law. Manager shall be solely liable for any costs and fines related to any challenge by any Regulatory Authority with respect to escheat or unclaimed property laws, regardless of whether such cost is incurred by or such fines are assessed to Sutton Bank or Manager unless such challenge is related to Sutton Bank’s failure to remit to the appropriate jurisdiction any unclaimed funds following the receipt of accurate records from Manager.Manager shall be liable to Sutton Bank for any amounts claimed by states under unclaimed property laws that represent Breakage that has been previously paid to Manager by Sutton Bank.

 

5.8. Identity Theft Prevention Program (“IDTP”)

 

Manager shall develop and implement an IDTP designed to detect, prevent, and mitigate identity theft in connection with the Programs. The IDTP shall be designed to comply with the provisions of 12 CFR 334.90-334.91 and 571.90-571.91 as well as the Interagency Guidelines on Identity Theft Detection, Prevention, and Mitigation set forth at Appendix J to 12 CFR Part 334. Manager shall submit the proposed IDTP to Sutton Bank for its prior review and approval.

 

5.9. Unlawful Gambling

 

Manager shall adopt policies and procedures to reasonably identify and block transactions related to participation of a Cardholder in illegal internet gambling as provided by the Unlawful Gambling Enforcement Act of 2006 and Regulation GG.

 

5.10. Regulation E Compliance (12 C.F.R. 1005)

 

Manager shall adopt policies and procedures to ensure that neither Manager nor any Distributor, Marketer, or Third Party Service Provider participating in the Program markets, labels, displays or otherwise makes, represents or suggests to the public that a Card is or may be used as a “gift card” or “gift certificate” as such terms are defined by 12 C.F.R. 1005.20 if such Cards were not intended for gifting purposes pursuant to the Program Due Diligence Application approved by Sutton Bank.Manager shall further ensure that all Cards that may be are extended the protections under Regulation E to the extent applicable.

 

- 33 -

 

 

CONFIDENTIAL AND PROPRIETARY

 

5.11. Criticisms, Complaints and Legal Actions

 

(A) Receipt of Criticism . In the event that a Party receives criticism or complaint in a Regulatory Communication or report of examination or in a related document or specific oral communication from, or is subject to formal or informal supervisory action by, or enters into an agreement with any Regulatory Authority or any Network with respect to any matter whatsoever relating to (including omissions therefrom) the Programs (any such event a “ Criticism ”), such Party, as applicable, shall advise the other Party in writing of the Criticism received within five (5) Business Days of receipt and share with the other Party relevant portions of any written documentation, or for oral communications, provide a detailed summary in writing, received from the relevant Regulatory Authority or Network, as applicable, to the extent not specifically prohibited by Applicable Law or the Regulatory Authority or Network. Following receipt of such Criticism, the Parties shall in good faith consult as to the appropriate action to be taken to address such Criticism. Manager shall take all actions deemed necessary by Sutton Bank, in its commercially reasonable discretion, to address the Criticism in the manner and time period specified by Sutton Bank. In the event the Criticism relates to the Programs and any such Criticism requires a written response to any Regulatory Authority with jurisdiction over Sutton Bank, Sutton Bank shall have final approval over the form and content of such response. Sutton Bank may seek specific performance under this Section. In the event the Criticism is directed only to Manager or is from a Regulatory Authority with jurisdiction over Manager, Manager shall have final approval over the form and content of any response required to any Regulatory Authority after consulting in good faith with Sutton Bank.

 

(B) Complaints and Resolution .

 

(i) All complaints received by a Party from a Cardholder relating to a Card or its use (“ Cardholder Complaint ) that are materialshall be promptly (i)reported to the other Party, and (ii)promptly addressed and resolved by Manager in accordance with Applicable Law and Manager’s complaint procedures, which procedures must be approved in advance by Sutton Bank.

 

(ii) Upon request, Manager agrees to promptly advise Sutton Bank of the results of any investigation relating to a Cardholder Complaint and provide an audit trail of information pertinent to the matter, all within any timeframes required by Applicable Law, but in no event later than ten (10) Business Days after notice of the Cardholder Complaint.The audit trail of information shall be sufficiently detailed to allow Sutton Bank to fully respond to a Regulatory Authority if such Regulatory Authority inquires about a Cardholder Complaint.

 

(iii) Each shall provide the other Party with notice and copies of any Executive Complaint within two (2) Business Days of receipt of such Executive Complaint.Manager shall promptly investigate each Executive Complaint and any similar complaints received by Sutton Bank that are forwarded to Manager and propose an appropriate response.Manager and Sutton Bank shall jointly approve the final responses for all Executive Complaints.

 

- 34 -

 

 

CONFIDENTIAL AND PROPRIETARY

 

(C) Legal Actions and Requests . Each Party shall promptly notify the other Party of any legal action brought by a third party that may have a material effect on the Program(s).Each Party shall further provide the other Party with prompt notice and copies of all subpoenas, levies, garnishments or other legal requests received by the Party which require the assistance of the other Party in order to provide an accurate response, or which otherwise have a material effect on the Program(s), whether from a governmental authority, Regulatory Authority, private attorney, court or otherwise, relating to a Cardholder, a Card, a Program or this Agreement (“ Legal Documents ”).Either Party shall provide any assistance reasonably requested by the other Party in order to timely meet the response deadline of any Legal Document.

 

(D) Records of Program Complaints and Responses . Manager shall catalog and maintain copies of all Criticisms, Regulatory Communications, Legal Documents, Executive Complaints and Cardholder Complaints received by Manager (collectively, “ Complaints ”), and responses thereto for the period required by Applicable Law or such longer period as specified by Sutton Bank in a written notice to Manager.Manager shall provide Sutton Bank with a quarterly summary of all Complaints in the form and manner determined by or acceptable to Sutton Bank (each, a “ Complaint Summary ”).Sutton Bank (i) shall have access at all times to pending and closed Complaints and responses, and (ii) in Sutton Bank’s sole discretion, may audit a reasonable number of such Complaints.

 

5.12. Manager State and Federal Licensing and Registration Requirements

 

Manager shall obtain and maintain, and shall ensure that each Distributor ,and Third Party Service Provider obtains and maintains, all licenses, registrations, permits and approvals necessary to perform their respective obligations in connection with the Programs in compliance with Applicable Law, including without limitation any state money transmitter licenses. In addition, Manager shall ensure that each Distributor and Third Party Service Provider shall register as a MSB as and to the extent required by federal law. For purposes of compliance with state money transmitter licensing laws, Manager shall ensure that each Distributor is either (i) sponsored by Manager as an authorized delegate pursuant to appropriate agency agreements with Manager, or (ii) appropriately licensed as a money transmitter or check seller or registered as a MSB, as applicable, to the extent required by federal or state MSB, money transmitter or sale of checks laws or the Bank Secrecy Act.

 

5.13. Network Membership/Registration

 

Sutton Bank shall (i) remain a member in good standing in the Networks associated with the Programs marketed by Manager on behalf of Sutton Bank, (ii) provide such BINs and similar identifiers necessary in conjunction with such products and services, (iii) register Manager with the Network(s) as a third-party provider (e.g., an Independent Sales Organization with Visa or as a Member Service Provider with Mastercard);(iv) timely pay all normal fees, dues and assessments associated with its membership, and (v) abide in all material respects with the Network Rules.Manager shall fully comply with the terms of any documents and agreements executed with any Network. Manager and Sutton Bank shall deliver to each other, within five (5) Business Days of receipt, a copy of all notices or correspondence (other than Confidential Information) received from the Networks relating to the Programs marketed by Manager on behalf of Sutton Bank unless such communication is time-sensitive, in which case, such communication shall be delivered as soon as reasonably practicable.

 

- 35 -

 

 

CONFIDENTIAL AND PROPRIETARY

 

5.14. Network Obligations

 

Each Party shall take all actions as may be reasonably required from time to time by any Network in connection with maintaining the Programs’ compliance with the Network Rules. Additionally, (i) Manager shall be responsible for all fees, charges, fines, penalties or other costs assessed from time to time by any Network in connection with any Program related to Manager’s acts or omissions, and, if such fees, charges, fines, penalties or other costs are paid by Sutton Bank, then Manager shall reimburse Sutton Bank for all such amounts, and (ii) Sutton Bank shall be responsible for all fees, charges, fines, penalties or other costs assessed from time to time by any Network in connection with any Program related to Sutton Bank’s acts or omissions, and, if such fees, charges, fines, penalties or other costs are paid by Manager, then Sutton Bank shall reimburse Manager for all such amounts.

 

5.15. FDIC Pass-Through Coverage

 

With respect to all Cards eligible for pass-through federal deposit insurance coverage, Sutton Bank shall structure the Program Accounts in which Cardholder Funds and Corporate funds are deposited in a manner sufficient to afford Cardholder Funds and Corporate Funds the benefits of pass-through federal deposit insurance coverage under Federal Deposit Insurance Corporation regulations, including taking steps to maintain the Sutton Bank’s books and records in a manner that reflects that such Program Accounts and the Cardholder Funds contained therein are held in a fiduciary capacity on behalf of the relevant Cardholders. Manager shall maintain books and records of Cardholders and Cardholder Funds balances so as to permit the Cardholder Funds on deposit in the applicable Program Accounts to qualify for pass-through federal deposit insurance coverage.In the event the Cardholder Funds in the applicable Program Accounts are no longer eligible for pass-through federal deposit insurance coverage due to a change in Applicable Law or a directive from a Regulatory Authority, Sutton Bank will promptly notify Manager of same.

 

ARTICLE VI. – DISTRIBUTOR, MARKETER AND THIRD PARTY SERVICE PROVIDER AGREEMENTS

 

6.1. Development of Distributor and Marketer Group

 

(A) New Distributor and Marketer Selection . Subject to this Article VI, Manager may from time to time select new Distributors and Marketers to participate in the Programs, following which Manager shall enter into Distribution and Service Agreements with such Distributors and a Marketing Agreement with such Marketers. Manager is hereby authorized to enter into agreements with each Distributor and Marketer which set forth the terms by which such Distributors and Marketers shall be compensated for its marketing and sale of Cards, as applicable.Manager shall be responsible for administering the business relationships with its Distributors and Marketers.

 

(B) Distributor Approval . No Distributor may participate in the Programs as a Distributor unless:(i) Sutton Bank approves the Distributor’s application; and (ii) Manager and the Distributor (and if applicable, Sutton Bank) execute a Distribution and Service Agreement with Standard Terms that have been approved by Sutton Bank pursuant to Section 6.1(D).

 

- 36 -

 

 

CONFIDENTIAL AND PROPRIETARY

 

(C) Marketer Approval . Manager shall be entitled to retain Marketers to market the Programs provided that:(i) each such Marketer meets the underwriting guidelines mutually agreed upon by the Parties, as may be amended from time to time; and (ii) Manager and the Marketer execute a Marketing Agreement with Standard Terms that have been approved by Sutton Bank pursuant to Section 6.1(D).

 

(D) Distributor and Marketing Agreements . Manager will provide to Sutton Bank the following standard terms to be incorporated into its Distribution and Service Agreements and Marketing Agreements for Sutton Bank’s review and approval prior to use: confidentiality and data security obligations, settlement obligations, compliance obligations, Card security obligations, and obligations to obtain Sutton Bank approval for Programs and marketing materials and cooperate in Sutton Bank audits, as and to the extent applicable to Distributors or Marketers (the “ Standard Terms ”). Any material deviations from the Standard Terms shall require the prior written consent of Sutton Bank, and any such modifications to any Standard Terms after it has been executed by the Distributor or Marketer must be approved by Sutton Bank;such approval shall not be unreasonably withheld or conditioned, and Manager and Sutton Bank agree that it shall not be unreasonable for Sutton Bank to refuse a deviation from the Standard Terms or modification to the Standard Terms of an existing Distribution and Service Agreement or Marketing Agreement if Sutton Bank determines in its commercially reasonable judgment that such deviation or modification could expose Sutton Bank to legal or reputational risk, risk of lawsuit or regulatory action, or otherwise would be inconsistent with Sutton Bank’s risk policies. Manager shall provide to Sutton Bank copies of all executed Distribution and Service Agreements and Marketing Agreements, including all amendments, supplements and modifications thereof, promptly upon Sutton Bank’s written or e-mail request.

 

6.2. Third Party Service Provider Agreement and Critical Services

 

A Third Party Service Provider shall not provide services for the Programs unless such Third Party Service Provider is approved by Sutton Bank, nor shall Manager permit or direct a Third Party Service Provider to integrate or communicate with any other third party to provide Critical Services in connection with the Program(s) (with the exception of the Third Party Service Provider’s customary subcontracting relationships maintained in the ordinary course of business) without Sutton Bank’s prior written approval. Manager shall notify Sutton Bank in writing of any changes in Third Party Service Providers at least thirty (30) days prior to entering into a contractual relationship with a new Third Party Service Provider and at least sixty (60) days (or such shorter time or promptly following termination in the event of termination for cause) prior to terminating any contractual relationship with any existing Third Party Service Provider.No material change in the scope of responsibilities of an approved Third Party Service Provider agreement may be made without Sutton Bank’s prior written approval.For avoidance of doubt, except for Distributers, Marketers and Third Party Service Providers providing Critical Services in connection with this Agreement, Manager may engage a third partyto assist Manager in performing its obligations hereunder without obtaining Sutton Bank’s approval, provided Manager enters into a written agreement with such third party and provides Sutton Bank with the names and services performed by such third parties, as and to the extent reasonably requested by Sutton Bank from time to time.

 

- 37 -

 

 

CONFIDENTIAL AND PROPRIETARY

 

If Manager engages any Third Party Service Provider, Manager represents, warrants and covenants to Sutton Bank as follows with respect to each such Third Party Service Provider:

 

(A) It has entered into or will enter into a written agreement with the Third Party Service Provider setting forth the terms of the services to be provided. Such written agreements shall also include the following:

 

(i) The Third Party Service Provider shall secure and maintain the confidentiality of any Confidential Information such third party obtains from Manager or Sutton Bank consistent with the provisions of this Agreement, and the Third Party Service Provider shall provide Sutton Bank the right to audit compliance with, and indemnify Sutton Bank for, any breach of such provisions.

 

(ii) The Third Party Service Provider shall submit to any examination which may be required by any Network or Regulatory Authority, to the fullest extent of such Network or Regulatory Authority's authority. The Third Party Service Provider shall also provide to Sutton Bank and/or Manager, as applicable, any information that may be required by any Network or Regulatory Authority in connection with their audit or review of Sutton Bank, Manager, or a Program and shall reasonably cooperate with such Regulatory Authority or Network in connection with any audit or review of Sutton Bank, Manager or such Program. The Third Party Service Provider shall also provide such other information as Sutton Bank, Manager, a Regulatory Authority, or a Network may from time to time reasonably request in connection with its services provided for the Programs. The Third Party Service Provider shall specifically acknowledge that any Regulatory Authority with supervisory authority over Sutton Bank and/or Manager has authority to examine the Third Party Service Provider pursuant to Applicable Law, including the FDIC and such other state and federal Regulatory Authority pursuant to the Bank Service Company Act, and to assess the Third Party Service Provider's ability to perform its contractual obligations. All such information provided by the Third Party Service Provider pursuant to this Agreement shall be treated by Sutton Bank and Manager as Confidential Information pursuant to this Agreement.

 

(B) Such other provisions as are necessary and appropriate to require the Third Party Service Provider to comply with any provisions of this Agreement that are applicable to the services provided by the Third Party Service Provider.

 

(C) Any additional provisions required by any Sutton BankProgram Document.

 

(D) As more fully set forth in Section 3.5 of this Agreement, Manager shall not have the right or permit any Third Party Service Provider to use Sutton Bank's Marks, except to the extent approved in writing in advance by Sutton Bank and then only to provide the services with respect to the Cards in accordance with Sutton Bank's graphic standards.

 

(E) Notwithstanding Manager's use of a Third Party Service Provider, Manager will remain primarily liable to Sutton Bank for the actions or inactions of any Distributor, Marketer, or Third Party Service Provider in connection with this Agreement. Manager will exercise and document oversight over its Distributor, Marketers, and Third Party Service Provider and shall be responsible for all expenses and compensation amounts owing to such Distributors, Marketers, and Third Party Service Providers. A dispute between Manager and a Distributor, Marketer, or Third Party Service Provider shall not relieve Manager from performing any of its obligations hereunder.

 

- 38 -

 

 

CONFIDENTIAL AND PROPRIETARY

 

6.3. Changes to Agreements

 

Sutton Bank may in its commercially reasonable discretion require that Manager modify the Standard Terms in any Distribution and Service Agreement, or Third Party Service Provider agreement, to reflect changes in Applicable Law or in response to a Criticism. In the event such a change occurs, Manager will notify affected counterparties of such change and any related changes in procedures.If such changes will have a material adverse impact on Manager or otherwise require Manager to devote significant resources or incur significant costs or expenses, Manager shall promptly notify Sutton Bank in writing or via e-mail and Manager and Sutton Bank shall meet in good faith to mutually agree upon a resolution.If Manager and Sutton Bank cannot so agree on a resolution, then Manager or Sutton Bank may terminate the applicable Program by providing the other Party with written notice no later than thirty (30) days following such the date of such meeting or other date as mutually agreed upon by the Parties. In such case, Manager shall still be obligated to pay Monthly Minimum Fees unless Manager elects to terminate the entire Agreement pursuant to Sections 10.1 or 10.2.

 

6.4. Compliance by Distributors, Marketers and Third Party Service Providers

 

(A) Manager shall assist Sutton Bank by monitoring the conduct of Distributors, Marketers, and Third Party Service Providers and their proper compliance with respect to all aspects of their performance under the Programs, including without limitation their respective compliance with this Agreement, Applicable Laws and their respective Distributor, Marketer, and Third Party Service Provider agreements.

 

(B) Manager shall reimburse Sutton Bank for Losses incurred by Sutton Bank arising out of Manager’s, a Distributor’s, a Marketer’s, or a Third Party Service Provider’s actions, failures to act or failure to comply with Applicable Law, the Network Rules, this Agreement or the applicable Distributor, Marketer or Third Party Service Provider agreement, to the extent such actions, failures to act or failure to comply relate to the Programs, unless such action or failure results from acting in accordance any policy, procedure or instruction of Sutton Bank.

 

6.5. Denial or Termination of Distributor, Marketer or Third Party Service Provider

 

(A) Manager acknowledges and agrees that Sutton Bank’s decision whether to approve or reject any entity that is under consideration to become a Distributor or Third Party Service Provider, and whether to continue permitting any Distributor, Marketer or Third Party Service Provider to participate in the Program, shall be final and that Sutton Bank may direct Manager to terminate any Distributor, Marketer or Third Party Service Provider with respect to the Programs in the event that, in Sutton Bank’s commercially reasonable judgment, such Distributor, Marketer or Third Party Service Provider could expose Sutton Bank to legal, financial, or reputational risk, risk of lawsuit or Criticism, otherwise engages in types of businesses or conduct that is inconsistent with Sutton Bank’s corporate philosophies or risk tolerance, or, in the case of a Third Party Service Provider, fails to perform to reasonable industry standards.

 

- 39 -

 

 

CONFIDENTIAL AND PROPRIETARY

 

(B) Sutton Bank agrees to notify Manager in writing prior to the effective date of termination of any Distributor or Marketer hereunder which notice will include an explanation of the grounds for the termination. To the extent Manager disagrees with Sutton Bank’s termination decision under this Section, Manager shall have the opportunity to present countervailing facts or positions for reconsideration by Sutton Bank. Sutton Bank shall have sole final discretion on this issue, however. The notice period for termination of any Distributor or Marketer will be, in most instances, one hundred eighty (180) days’ prior notice; however, Sutton Bank may require a shorter notice period of thirty (30) days when in Sutton Bank’s reasonable judgment additional time beyond thirty days would materially increase Sutton Bank’s exposure. In instances involving criminal or illegal activity or fraud, the Distributor or Marketer may be immediately suspended pending the effective termination date.

 

(C) In the event Sutton Bank determines pursuant to the terms hereof to terminate an existing Distributor, Marketer or Third Party Service Provider, Sutton Bank shall, subject to Applicable Law, cooperate with Manager to (i) transition the applicable service(s) to another Distributor or Third Party Service Provider, approved by Sutton Bank, or Program(s) undertaken with such Distributor or Third Party Service Provider to another issuing bank,or (ii) implement such other action or plan as mutually agreed upon by Sutton Bank and Manager.

 

6.6. Distributor and Third Party Service Provider Due Diligence, Training and Monitoring

 

(A) Due Diligence . Prior to referring any entity to Sutton Bank to become, as applicable, a Distributor or Third Party Service Provider, Manager shall perform a due diligence review and document such review of the entity and, as applicable, its principal owners and management, in accordance with any requirements provided by Sutton Bank and, with respect to Third Party Service Providers, as otherwise is consistent with the FFIEC’s IT Examination Handbook (including the booklets therein entitled “Supervision of Technology Service Providers” and “Outsourcing Technology Services”), as such handbook is amended from time to time (collectively, the “ FFIEC Handbook ”).

 

(B) Financial and Other Monitoring . Manager shall perform periodic financial monitoring of all Distributors and Third Party Service Providers, such monitoring to be consistent with Applicable Law and the pre-funding risk inherent in the relationship with such Distributor or Third Party Service Provider, including, but not limited to, the Network Rules and, in the case of any Third Party Service Provider, the FFIEC Handbook. Manager shall request Distributors and Third Party Service Providers to furnish Sutton Bank with such financial and other information as Sutton Bank may from time to time reasonably request. Manager shall promptly notify Sutton Bank of any information Manager receives that is reasonably likely to have a material adverse effect on the creditworthiness of any Distributor or Third Party Service Provider or that could affect a Distributor’s, Marketer’s or Third Party Service Provider’s ability to meet its obligations under the Programs. Manager also shall promptly notify Sutton Bank in the event Manager determines that a Distributor, Marketer or Third Party Service Provider is engaged in any activities that Manager believes may be reasonably likely to result in Criticism or material legal, financial or reputational risk to Sutton Bank or Manager or risk of lawsuit against Sutton Bank or Manager.

 

- 40 -

 

 

CONFIDENTIAL AND PROPRIETARY

 

(C) Security Measures and Controls . Manager shall periodically monitor each Distributor’s and Third Party Service Provider’s operations, policies and procedures, such monitoring to be consistent with the requirements and guidance reflected in the FFIEC Handbook, and shall contractually obligate each Distributor and Third Party Service Provider (to the extent it may have access to Cardholder Data) to have proper security measures in place for the protection of Cardholder Data that are in compliance with Applicable Law, including, if applicable, the PCI- DSS as implemented by the applicable Network.

 

(D) Training . Manager shall provide to each Distributor and Third Party Service Provider that provides Cardholder-facing services (e.g., call center providers) all necessary and appropriate training and support required to implement the Programs, all in a form and substance reasonably satisfactory to Sutton Bank and in accordance with Applicable Law and standard industry practices as such industry practices may evolve during the term of this Agreement.

 

(E) Third Party Service Provider Site Certifications . If requested by Sutton Bank consistent with this Section or if required by Sutton Bank or Applicable Law, Manager shall perform periodic site certifications reasonably satisfactory to Sutton Bank of each Third Party Service Provider in order to determine that such entity has proper facilities, equipment, licenses and permits to perform its services related to the Program, in each case in accordance with the criteria established by Sutton Bank and communicated to Manager. Manager shall submit a written inspection report to Sutton Bank in connection with each such site certification in such form as Sutton Bank shall reasonably designate, and Manager warrants that, as of the date of the submission of such inspection report to Sutton Bank, to the best of Manager’s knowledge, the report is true, correct, complete and not misleading. Upon Manager’s determination that any information contained in any such inspection report is materially incorrect, incomplete, or misleading in any way, Manager shall promptly notify Sutton Bank of same.

 

(F) Secret Shopping . Sutton Bank may from time to time reasonably require Manager to conduct a secret shopper program to monitor sales or distribution of Cards by one or more Distributors in the manner mutually agreed upon by the Parties. Such secret shopping program will be designed to review the Distributor’s Card sales or distribution practices and merchandising.

 

6.7. Existing Distributors, Marketers and Third Party Service Providers

 

Manager shall provide Sutton Bank such information as reasonably requested with respect to all Distributors, Marketers and Third Party Service Providers. To the extent Manager has existing relationships with “resellers” that offer Manager’s Cards services to third parties on Manager’s behalf, Sutton Bank agrees to review such “resellers” solely for purposes of determining whether such “resellers” may become approved by Sutton Bank as Distributors hereunder.

 

- 41 -

 

 

CONFIDENTIAL AND PROPRIETARY

 

6.8. Access to Third Party Service Providers

 

Manager hereby authorizes Sutton Bank, in connection with Sutton Bank’s routine oversight for the Programs, to (i) communicate directly with any Third Party Service Provider, and (ii) obtain from such Third Party Service Provider any reports and information relating to any Program that Sutton Bank deems necessary or appropriate, and Manager hereby authorizes Third Party Service Providers to communicate directly with Sutton Bank and provide such reports and information to Sutton Bank.

 

6.9. Expenses and Liability

 

Unless agreed upon otherwise by the Parties, Manager shall be responsible for all fees and expenses payable to each Distributor, Marketer and Third Party Service Provider, and shall remain liable for any services performed by any Distributor, Marketer and Third Party Service Provider.A dispute between Manager and a Distributor, Marketer or Third Party Service Provider shall not relieve Manager from performing any of its obligations hereunder.

 

ARTICLE VII. – CARDHOLDER INFORMATION

 

7.1. Ownership of Accounts, Cardholder Data and Program Materials

 

Except as otherwise provided in this Agreement, as between the Parties, Sutton Bank shall own all Cardholder Data and Cardholder Accounts, Cardholder Agreements and Program Materials and shall have all rights, powers and privileges with respect thereto subject to Sutton Bank’s agreement hereunder to transfer such records to a new sponsor bank upon termination or expiration of this Agreement. During the Term, Manager may use Cardholder Data as expressly provided in this Agreement and in accordance with the Privacy Notices. Notwithstanding the foregoing, the Parties agree that certain aspects of Cardholder Data shall be deemed to be the joint property and Confidential Information of both Parties (or a Marketer or Distributor, as applicable), to the extent Manager (or the applicable Marketer or Distributor) collects such information from Cardholders in the ordinary course of business and not solely in connection with the Program(s)(“ Joint Cardholder Data ”). Sutton Bank shall not, directly or indirectly, use, or sell or otherwise transfer any right in or to, the Joint Cardholder Data other than as provided herein or as mutually agreed by the Parties.

 

7.2. Sharing of Cardholder Data and Program Materials

 

Notwithstanding anything to the contrary in this Agreement, sharing of any information between Manager and Sutton Bank and the use thereof shall be subject to their respective privacy policies, Security Guidelines and Applicable Law.Subject to the limitations in this Section, upon Manager’s reasonable request, Sutton Bank shall provide Cardholder Data or segments for use by Manager in connection with the discharge of Manager’s obligations or exercise of Manager’s rights under this Agreement or in accordance with the Privacy Policy. Except as provided in Section 7.1, neither Manager nor its Affiliates, Distributors, Marketers, or Third Party Service Providers may without the prior written consent of Sutton Bank disclose Cardholder Data or any segment thereof to any third party or Affiliate, except to the extent permitted by this Agreement or required under Applicable Law. To the extent that Manager discloses Cardholder Data to one or more of its Affiliates, Third Party Service Providers, or Distributors or permits such Affiliate(s), Third Party Service Provider(s), or Distributor(s) to use Cardholder Data in accordance with this Section, Manager agrees to cause such parties to comply with the provisions of this Article VII.

 

- 42 -

 

 

CONFIDENTIAL AND PROPRIETARY

 

7.3. Data Obtained Independently by Manager

 

Nothing contained in this Article VII or elsewhere in this Agreement shall apply to, limit or prohibit the use in any manner of, any information or data owned or held by Manager or its Affiliates, or any Third Party Service Provider, Marketer or Distributor, or any of their respectiveAffiliates to the extent such information or data has been independently obtained by Manager or its Affiliates from a source other than Sutton Bank, even if such information or data is duplicative of Cardholder Data.

 

ARTICLE VIII. – INFORMATION SECURITY AND CONFIDENTIALITY

 

8.1. Cardholder Data Security

 

(A) Each Party acknowledges and agrees that this Agreement constitutes an agreement for Manager to perform services for Sutton Bank as contemplated in Title V of GLBA and the Privacy Regulations. Without limiting the generality of the terms of this Agreement, Manager and Processor each agree that they shall protect the privacy of Cardholder Data to at least the same extent that Sutton Bank must maintain that confidentiality under GLBA and the Privacy Regulations.Without limiting the generality of the foregoing sentence, except as otherwise provided in any Program Schedule, neither Manager nor Processor shall:

 

(i) use any Cardholder Data except to perform its obligations under this Agreement (unless such Cardholder Data is used for Manager’s internal business purposes), or

 

(ii) disclose any Cardholder Data other than to:

 

(a) any Network or any other entity to which disclosure is necessary in connection with the processing a Transaction;

 

(b) a Third Party Service Provider in connection with a permitted use of such Cardholder Data under this Section 8.1, provided that each such Third Party Service Provider agrees in writing to maintain all such Cardholder Data as strictly confidential in perpetuity and not to use or disclose such information to any person other than Sutton Bank, Manager or Processor, except as required by Applicable Law or any Regulatory Authority (after giving Sutton Bank, Manager or Processor, as applicable, prior notice and an opportunity to defend against such disclosure) or as permitted under Sutton Bank’s Privacy Policy; provided, further, that each such Third Party Service Provider maintains, and agrees in writing to maintain, an information security program that is designed to protect Cardholder Data and information related to Transactions, and which complies with the requirements under the Network Rules, including but not limited to the requirement for such Third Party Service Provider, upon termination of any of its associated Card Programs, to securely destroy all Cardholder Data in its possession associated with such Card Program as quickly as circumstances permit in accordance with best industry practices and provide a written notice to Sutton Bank that the destruction of the Cardholder Data has been completed;

 

- 43 -

 

 

CONFIDENTIAL AND PROPRIETARY

 

(c) its employees, consultants, attorneys and accountants with a need to know such Cardholder Data in connection with a permitted use of such Cardholder Data under this Section 8.1; provided that (1) any such person is bound by terms substantially similar to this Section 8.1 as a condition of employment or of access to Cardholder Data or by professional obligations imposing comparable terms; and (2) such Party shall be responsible for the compliance by each such person with the terms of this Section 8.1; or

 

(d) any Regulatory Authority (1) in connection with an examination of any Party; or (2) pursuant to a specific requirement to provide such Cardholder Data by such Regulatory Authority or pursuant to compulsory legal process; provided that such Party seeks the full protection of confidential treatment for any disclosed Cardholder Data to the extent available under Applicable Law governing such disclosure, and with respect to clause (2), to the extent permitted by Applicable Law, such Party (x) provides at least ten (10) Business Days’ prior notice of such proposed disclosure to the other Parties if reasonably possible under the circumstances, and (y) seeks to redact the Cardholder Data to the fullest extent possible under Applicable Law governing such disclosure.

 

(B) During the Term of this Agreement, the Cardholder Data shall be owned by Sutton Bank and shall be subject to Sutton Bank’s privacy policy set forth in each Privacy Notice, and the manner in which such Cardholder Data may be used, shared and disclosed by the Parties during the Term shall be as set forth herein or as addressed in the Program Schedule for each particular Card Program, all in accordance with the Privacy Regulations and Applicable Law.Sutton Bank shall not, directly or indirectly, use, or sell or otherwise transfer any right in or to, the Cardholder Data other than as provided herein or as mutually agreed by the Parties in a Program Schedule.Sutton Bank shall ensure that its privacy policy and each Privacy Notice permits, subject to Applicable Law, (i) Sutton Bank to share Cardholder Data with Manager, Processor, and their respective Third Party Service Providers, and (ii) Manager and Processor to use Cardholder Data in the manner described herein or as permitted by Applicable Law.

 

(C) With respect to the sharing, use and disclosure of Cardholder Data following the expiration or termination of this Agreement in its entirety or any Program Schedule, Manager shall securely destroy all Cardholder Data in its possession associated with such terminated Program Schedule(s) as quickly as circumstances permit in accordance with best industry practices and provide a written notice to Sutton Bank that the destruction of the Cardholder Data has been completed.

 

- 44 -

 

 

CONFIDENTIAL AND PROPRIETARY

 

(D) Manager shall establish commercially reasonable administrative, technical and physical safeguards for Cardholder Data in its control or possession from time to time. Such safeguards shall be designed for the purpose of: (i) insuring the security of such records and information, (ii) protecting against any known threats or hazards to the security or integrity of such records and information; and (iii) protecting against unauthorized access to or use of such records and information that would result in substantial harm or inconvenience to any Cardholder; (iv) ensuring the proper disposal of Cardholder Data.Such safeguards shall be established in accordance with Applicable Law, including, without limitation, Section 501 of GLBA and the Interagency Guidelines Establishing Standards for Safeguarding Customer Information adopted pursuant to Section 501 of GLBA.

 

(E) Subject to any obligations placed upon Manager or Processor by a law enforcement agency, such Party agrees to fully disclose to Sutton Bank any actual or suspected breach in security which results in unauthorized intrusions into such Party's computer and other information systems that may materially affect Sutton Bank and the Cardholders or otherwise may involve the potential unauthorized disclosure, access to, acquisition of, or other loss or use of Cardholder Data, including “sensitive customer information.”As soon as such Party has reason to believe that it has a security breach, and in no event later than twenty-four (24) hours after the discovery of any such breach, it shall notify Sutton Bank in writing and provide (to the extent Manager or Processor has the following information):(i) a description of the breach or loss, including the data it occurred, (ii) the number of individuals or accounts affected and their states of residence, (iii) the information accessed, acquired, lost, or misused; (iv) whether the breach or loss was computerized in nature or a paper loss, (v) whether such information was encrypted or unencrypted, (vi) whether encryption keys or passwords may have been compromised,and (vii) a description of the steps taken to investigate the incident, secure systems or recover lost information, and prevent the recurrence of further security breaches or losses of the same type.For purposes of this subsection (E), “ Sensitive Customer Information ” includes a consumer’s name, address, or telephone number in conjunction with the consumer’s social security number, driver’s license number, account number, credit or debit card number, or a personal identification number or password that would permit access to the customer’s account, or any combination of components of customer information that would allow someone to log onto or access a customer’s account, such as a username and password, or password and account number.In addition, in the event of an actual or suspected breach in security of Manager’s or Processor’s computer or other information systems, such Party agrees to permit an independent qualified third party auditor to perform an investigation (including the installation of monitoring or diagnostic software or equipment) to locate the source and scope of the breach and provide Sutton Bank with any material Sutton Bank–related information that such independent auditor discovers with respect to the breach, all at the expense of Manager or Processor respectively.

 

(F) Each Party has designed and implemented an information security program that is designed to protect Cardholder Data and information related to Transactions that complies with the requirements under the Network Rules.At all times during the term of the Agreement, each Party shall be in compliance with all information and data security requirements promulgated by the Network and applicable to card issuers (as set forth in the Network Rules) and the Interagency Guidelines Establishing Standards for Safeguarding Customer Information (collectively the “ Information Security Requirements ”), as the same may be revised from time to time.Each Party shall provide the other Parties with copies of all reports on compliance, quarterly and annual status forms and other reports filed by such Party with the Network in accordance with the Network Rules.

 

- 45 -

 

 

CONFIDENTIAL AND PROPRIETARY

 

8.2. Confidential Information

 

(A) Each Party acknowledges that it may receive Confidential Information of the other Parties.For purposes of this Agreement, “ Confidential Information ” includes the terms of this Agreement, any customer information (other than Cardholder Data), financial data and budgetary or proprietary business information, income or sales data or projections, customer lists, business operations, policies, procedures and techniques, advertising summary or tracking reports or other reports generated in accordance with this Agreement, schematics, ideas, techniques, know how, concepts, development tools and processes, procedures, computer printouts, computer programs, design drawings and manuals, and improvements, patents, copyrights, technology, source codes, business methods, trade secrets (including all intellectual property contained in the forgoing, or other intellectual property of any kind or nature, plans for future development and new product concepts, contemplated products, research, development, and strategies. Cardholder Data shall not be Confidential Information, but rather shall be subject to the provisions of Section 8.1 above.The term “Confidential Information” shall not include information which, prior to delivery, (i) wasalready in the recipient Party’s possession; (ii) is or becomes generally available to the public through lawful means, other than as the result of a disclosure by the recipient Party or its representatives; (iii) becomes available to a recipient Party without confidential or proprietary restriction by a third party who rightfully possesses the information without confidential or proprietary restrictions; or (iv) the recipient Party can demonstrate that it was independently developed by such recipientParty.Except as otherwise specifically provided in this Agreement, each Party agrees that it will not, publish, communicate, divulge, or disclose to any person, firm, or corporation any Confidential Information of any other Party, except in the performance of the terms of this Agreement. No Party shall distribute any material labeled as “Visa Confidential” to outside parties without written authorization from Visa. Each Party shall comply with all Applicable Law, including the PCI-DSS, in regards to all Confidential Information and Cardholder Data.

 

(B) Each Party agrees that it will not use any Confidential Information of any other Party except (i) for the benefit of any other Party, and (ii) as necessary to fulfill its obligations or exercise its rights under this Agreement, and only for such purposes and only for the time that it is necessary to do so, except to the extent it is otherwise permitted under this Agreement.Each Party will take commercially reasonable security precautions, at least as great as the precautions it takes to protect its own Confidential Information and as may be required by Applicable Law, with respect to the Confidential Information of any other Party which it receives and will disclose such Confidential Information only on a need to know basis and only to its subsidiary, agent or subcontractor who is obligated to treat such Confidential Information in a manner consistent with all the obligations of this Agreement.Liability for damages due to disclosure of the Confidential Information by any such third party shall be with the Party that disclosed the Confidential Information to the third party.Each Party shall promptly notify the other Parties upon discovery of any loss or unauthorized disclosure of the Confidential Information of any Party.This Section 8.2 supplements any separate written confidentiality agreement or non–disclosure agreement between any of the Parties, and in the event any such agreement conflicts with the terms hereof, this Agreement shall control.

 

- 46 -

 

 

CONFIDENTIAL AND PROPRIETARY

 

8.3. Required Disclosures

 

In the event that the recipient of Confidential Information is requested or becomes legally compelled to disclose any Confidential Information of any other Party) pursuant to a subpoena or court order; a summons, order, demand or other judicial or governmental process issued by a Regulatory Authority; or in connection with any regulatory report, audit, inquiry or other request for information from such a Regulatory Authority; or as required by Applicable Law, it is agreed that such recipient Party will provide the disclosing Party with prompt written notice of such request(s) to enable the disclosing Party to seek a protective order to protect and preserve the confidential nature of the Confidential Information.In such event, each Party agrees that it will furnish only that portion of the Confidential Information which is legally required and will exercise reasonable efforts to obtain reliable assurance that confidential treatment will be accorded to that portion of the Confidential Information and other information which is being disclosed.To the extent the recipient Party is prohibited from notifying the disclosing Party of a subpoena, order, summons or demand, by the terms of same, the recipient Party shall exercise its reasonable efforts to narrow the scope of disclosure as provided in the forgoing sentence. Each Party shall immediately notify the other upon discovery of any loss or unauthorized disclosure of the Confidential Information of any other Party.

 

ARTICLE IX. – SECURITY BREACHES; DISASTER RECOVERY

 

9.1. Security Program

 

In the event that Manager or any Third Party Service Provider accesses, stores, transmits or processes Cardholder Data, Manager shall, and shall require any Third Party Service Providers to, as applicable, establish and maintain appropriate administrative, technical and physical safeguards designed to (i) protect the security, confidentiality and integrity of the Cardholder Data, (ii) ensure against any anticipated threats or hazards to its security and integrity, (iii) protect against unauthorized access to or use of such information or associated records which could result in substantial harm or inconvenience to any Cardholder or applicant, and (iv) ensure the proper disposal of Cardholder Data (collectively, the “ Security Program ”).At all times during the Term, (i) Manager shall use the same degree of care in protecting the Cardholder Data against unauthorized disclosure as it accords to its other confidential customer information, but in no event less than a reasonable standard of care, and (ii) the Security Program shall be in compliance with Applicable Law, the Security Guidelines and all information and data security requirements promulgated by the Networks and applicable to card issuers (as set forth in the Network Rules), as the same may be revised from time to time.Any material change to the Security Program by Manager shall be approved in advance by Sutton Bank.

 

9.2. SSAE Report

 

Manager shall provide to Sutton Bank, and shall cause Processor to provide to Sutton Bank, on an annual basis the Statement on Standards for Attestation Engagements (“ SSAE ”) No. 18, Reporting on Controls at a Service Organization .Manager shall also provide Sutton Bank with copies of all other reports on compliance, quarterly and annual status forms and other reports filed by Manager with any Network in accordance with the Network Rules, if applicable.

 

- 47 -

 

 

CONFIDENTIAL AND PROPRIETARY

 

9.3. Testing

 

Manager’sSecurity Program shall be reviewed and tested internally at least annually, at Manager’sexpense, in order to demonstrate compliance with all Applicable Law, including documented policies and procedures and an internal audit and quality assurance program.Manager shall further cause, at its expense, independent testing of Manager’s or Third Party Service Provider's Security Program, which testing shall include, but is not limited to, penetration testing, vulnerability scans, and a PCI-DSS assessment performed by a qualified security assessor approved by the PCI Security Standards Council.The schedule of such testings, audits and quality reviews shall be provided to Sutton Bank at least annually and results from each such tests, audits or reviews shall be promptly provided to Sutton Bank in writing in accordance with the schedule or upon the request of Sutton Bank.Such testing and review shall be performed by a qualified security assessor approved by the PCI Security Standards Council (a “ QSA ”). Manager and any Third Party Service Provider will submit to Sutton Bank for approval the name of the QSA engaged to perform the PCI-DSS assessment no later than thirty (30) days prior to each annual assessment.

 

9.4. Security Contact

 

Each of the Parties has provided to the other party the name and contact information of such Party’s designated primary and secondary “ Security Contact ” appointed for the purpose of being contacted in connection with (i) any security breach or failure requiring immediate notification to a Party with respect to the unauthorized use or disclosure of Cardholder Data or (ii) any use or disclosure of a Party’s Confidential Information except in the manner permitted by Article VIII.A Party may from time to time change its primary and secondary Security Contact by providing written notice of such change in accordance with the notice requirements herein.In the event a named Security Contact is no longer in the employ of the applicable Party, or is otherwise unable or unwilling to perform the duties of a Security Contact as set forth herein, then a replacement Security Contact shall be named by such Party as soon as possible but in no event later than ten (10) days after the Security Contact has ceased employment with such Party or the occurrence of the event giving rise to such Security Contact’s inability or unwillingness to perform such duties.Each Party shall further ensure that either the primary Security Contact or the secondary Security Contact is available at any given time to fulfill the purposes of this Section, unless otherwise approved in advance in writing by the other Party.

 

9.5. Storage of Information

 

Manager will only store Cardholder Data and Program Records at its data center locations which have been approved by Sutton Bank (or in the case of approved Distributors or Third Party Service Providers, the third party address approved by Sutton Bank).Any change of the location of a data center must be approved by Sutton Bank at least one hundred and twenty (120) days in advance of Cardholder Data or Confidential Information being stored at such new location.

 

- 48 -

 

 

CONFIDENTIAL AND PROPRIETARY

 

9.6. Notification

 

Manager agrees that in the event there is a breach of security of Manager or any Third Party Service Provider resulting in unauthorized disclosure of Cardholder Data or other Confidential Information of Sutton Bank, Manager will promptly, and in no event later than twenty-four (24) hours after the discovery of any such breach, notify the primary, or if unreachable, the secondary Security Contact of Sutton Bank (as identified in Section 9.4) of such breach, the nature of such breach, and the corrective action taken to respond to the breach and shall take all steps at its own expense to immediately limit, stop or otherwise remedy such misappropriation, disclosure or use, including, but not limited to, notification and cooperation and compliance with Regulatory Authority. Manager acknowledges and agrees that in the event of a security breach, Sutton Bank shall engage an assessor to determine the extent of the breach.Manager shall give the assessor access to Manager’s facilities, records and personnel, as requested by the assessor, and shall be responsible for all costs, expenses and fees of the assessor.Manager shall provide to Sutton Bank, upon receipt, any and all reports or documents prepared by or received from the assessor.

 

9.7. Expense Reimbursement

 

(A) Manager Reimbursement . If Manager or any Third Party Service Provider suffers a data security breach that results, in Sutton Bank’s sole discretion, in the engagement of Sutton Bank resources to investigate and/or correct the breach Manager shall reimburse Sutton Bank for Sutton Bank’s reasonable expenses with respect to the following, except to the extent that such breach was proximately caused by Sutton Bank’s gross negligence, or willful misconduct or fraud, or breach of Sections 3.4(B) or 3.4(D) of this Agreement:

 

(i) providing notices and information regarding unauthorized access to Cardholder Data which results in the misuse of such information, or the reasonable possibility that misuse of such information shall occur, involving any Cardholder Data which is attributable, in whole or in part, to Manager or any Distributor, Third Party Service Provider or Manager Affiliate to (i) appropriate law enforcement agencies, Regulatory Authorities and Networks, and (ii) affected Applicants and Cardholders to the extent Sutton Bank deems such notices required by Applicable Law or as Sutton Bank otherwise deems necessary or appropriate in the exercise of its commercially reasonable judgment;

 

(ii) providing fraud monitoring and consumer report (credit report) monitoring services to affected Applicants and Cardholders to the extent Sutton Bank deems such services to be necessary or appropriate in the exercise of its commercially reasonable judgment; and

 

(iii) replacing Cards or other access devices if Sutton Bank reasonably determines replacement is necessary as a result of such unauthorized access to Cardholder Data which is attributable to Manager, its Affiliates or Distributors or Third Party Service Providers. Manager shall pay any such undisputed amounts within thirty (30) days of its receipt of Sutton Bank’s documentation supporting such expense. Without limiting the foregoing, Manager shall reimburse Sutton Bank for any Losses incurred by Sutton Bank as a result of unauthorized access to Cardholder Data or Confidential Information through Manager or a Distributor or Third Party Service Provider.

 

- 49 -

 

  

CONFIDENTIAL AND PROPRIETARY

 

9.8. Disaster Recovery Plan

 

At all times during the Term and for so long as this Agreement remains in effect, Manager shall, and shall require all Third Party Service Providers to, prepare and maintain disaster recovery, business resumption, and contingency plans (“ Disaster Recovery Plans ”) appropriate for the nature and scope of the activities of and the obligations to be performed by Manager or any Third Party Service Providers hereunder.Manager shall ensure that such plans are sufficient to enable Manager or the Third Party Service Provider to promptly resume, without giving effect to the Force Majeure provisions herein, the performance of its obligations hereunder in the event of a natural disaster, destruction of facilities or operations, utility or communication failures or similar interruption in operations and shall ensure that all material records, including, but not limited to, Cardholder Data, are backed up in a manner sufficient to survive any disaster or business interruption.These plans shall ensure that, without giving effect to the Force Majeure provisions herein, such resumption takes place no later than the timelines set forth in the aforementioned plans.Manager shall make available to Sutton Bank copies of all such Disaster Recovery Plans and shall obtain Sutton Bank’s prior written approval before making any material modifications to such plan.Manager and any Third Party Service Provider shall periodically, and no less than annually, test such Disaster Recovery Plans as may be appropriate and prudent in light of the nature and scope of the activities and operations of Manager and its obligations hereunder.Manager shall further facilitate and cooperate with any requests by Sutton Bank to participate in, monitor or audit the annual testing process of Manager or a Third Party Service Provider under this Section.A complete report of the results of such annual testing shall be promptly provided to Sutton Bank upon request.

 

ARTICLE X. – TERM AND TERMINATION

 

10.1. Term

 

(A) Term . The initial term of this Agreement shall commence on the Effective Date and terminate at midnight on the )five (5) year anniversary of the Effective Date (the “ Initial Term ”), unless sooner terminated in accordance with the terms hereof.This Agreement shall be automatically renewed on the same terms and conditions for successiveone(1) year terms (each a “ Renewal Term ”) (the Initial Term, collectively with anyRenewal Term(s), the “ Term ”) thereafter, unless any Party provides written notice to the other Parties of its intent not to renew at least one hundred eighty (180) days prior to the expiration of the Initial Term or any Renewal Term then in effect.

 

(B) Mutual Consent . This Agreement may be terminated at any time during the Term, without cost or penalty, by mutual consent of Sutton Bank and Manager.

 

(C) Convenience ; Early Termination . lf Manager terminates the Agreement or reduces (other than as a result of account attrition or volume fluctuation in the ordinary course of business) the overall volume of the program for any reason other than pursuant to Section 10.2(B) of the Agreement, Manager shall pay a termination fee based on the time remaining in the Term. Such fee shall be determined by multiplying the average of the monthly _________ received by Sutton Bank during the 6-month period preceding the effective date of termination (or if no monthly invoice has been received, the estimated monthly billing for each Service to be received hereunder) by the percentage set forth in the table below times the remaining months of the term, plus any unamortized fees or third party costs existing on Sutton Bank's books on the date of termination. Upon request by Manager, Sutton Bank shall disclose to Client the amount of any such unamortized fees or third party costs.

 

- 50 -

 

 

CONFIDENTIAL AND PROPRIETARY

 

Terminated During Year Following Effective Date   Percentage
Year 1   90%
Year 2   80%
Year 3   70%
Year 4   60%
Year 5 and any renewal thereafter   50%

 

(D) Liquidated Damages . The parties agree that Sutton Bank damages incurred as a result of early termination would be difficult or impossible to calculate as of the Effective Date. Accordingly, the amounts set forth in Sections 10.1(C) of the Agreement represent a reasonable pre-estimate of damages and are not a penalty.

 

10.2. Termination for Cause

 

(A) By Sutton Bank . In addition to the termination rights set forth elsewhere in this Agreement, Sutton Bank shall have the right to terminate this Agreement, in whole or in part with respect to one or more impacted Programs, prior to the expiration of the Initial Term or any Renewal Term by giving written notice to Manager upon occurrence of one or more of the following events:

 

(i) Immediately upon notice in the event of a breach or series of breaches by Manager of the Program Documents that are material either individually or in the aggregate, if such breach or breaches are not cured within thirty (30) days after receipt by Manager of a written notice from Sutton Bank alleging breach and requiring Manager to cure such breach or breaches;

 

(ii) Immediately upon notice in the event Manager has failed to pay any amounts to Sutton Bank when due as set forth in the Program Documents, and such amount is not paid within ten (10) Business Days after Manager receives notice of such nonpayment;

 

(iii) Immediately upon notice in the event (1) Manager is placed into conservatorship or receivership or proceedings are commenced and remain unstayed for a period of at least thirty (30) days to wind up, dissolve, liquidate or reorganize Manager, (2) proceedings are instituted against Manager by or before any Regulatory Authority to terminate Manager's license or other regulatory approval or to cause any of Manager's officers or directors to cease and desist from any alleged unsafe or unsound practice, (3) Sutton Bank, in its reasonable discretion, determines that there exists an imminent and material threat to the security of the Sutton Bank Prepaid Card Services or any Network accessed or operated by Sutton Bank, if applicable, as a result of any act or omission by Manager or an agent of Manager, including, without limitation, Manager's failure to comply with any Network Rules with respect to the issuer’s responsibilities for data security verification and certification, which could result in a substantial detriment to Sutton Bank, if applicable; or (4) Sutton Bank, in its reasonable discretion, determines that Manager's failure to comply with any provision of Applicable Law or any other state governmental authority has resulted in or may reasonably be expected to result in an imminent and material threat to Manager's legal capacity to materially comply with Manager's duties and obligations under the Program Documents; or

 

- 51 -

 

 

CONFIDENTIAL AND PROPRIETARY

 

(iv) Immediately upon notice in the event that Manager creates circumstances giving rise to a substantial risk of loss and/or harm to the goodwill of any Network if such circumstances are not eliminated within thirty (30) days after receipt by Manager of a written notice from Sutton Bank alleging such circumstances and requiring Manager eliminate such circumstances.

 

(v) Immediately upon direction from any Regulatory Authority or Network to cease or materially limit the exercise or performance of Sutton Bank's rights or obligations under this Agreement.

 

(vi) Immediately if Manager's practices, any event or circumstance arising, in whole or in part, by Manager creates a substantial risk of loss or harm to Sutton Bank, including but not limited to illegal criminal activity.

 

(vii) If Manager has failed to maintain the required balances in the Reserve Accounts or a Settlement Failure has occurred in accordance with this Agreement and Sutton Bank has brought the failure to Manager's attention but Manager has not rectified the failure within five (5) Business Days of receiving notice, provided that in the case of a Settlement Failure where Sutton Bank reasonably determines that insufficient amounts exist in the Reserve Accounts, Sutton Bank may terminate this Agreement if Manager has not deposited sufficient amounts to cure the Settlement Failure and replenish the balance required in the Reserve Accounts within (1) Business Day after Manager's receipt of written notice specifying such failure.

 

(B) By Manager . Manager may terminate this Agreement at any time during the Term immediately upon notice in the event: (1) of a breach or series of breaches by Sutton Bank of the Program Documents that are material either individually or in the aggregate, if such breach or breaches are not cured within 30 days after receipt by Sutton Bank of a written notice from Manager alleging breach and requiring Sutton Bank to cure such breach or breaches; (2) Sutton Bank is placed into conservatorship or receivership or proceedings are commenced and remain unstayed for a period of at least thirty (30) days to wind up, dissolve, liquidate or reorganize Sutton Bank; (3) proceedings are instituted against Sutton Bank by or before any Regulatory Authority to terminate Sutton Bank's ability to issue prepaid cards or other regulatory approval or to cause any of Sutton Bank's officers or directors to cease and desist from any alleged unsafe or unsound practice and such proceedings remain unstayed for a period of at least thirty (30) days; (4) Sutton Bank is no longer an approved issuer of prepaid cards on any Network with respect to which a Card Program exists;(5) Sutton Bank has failed to pay any amounts to Manager when due as set forth in this Agreement or the Program Documents, and such amount is not paid within fifteen (15) Business Days after Sutton Bank receives notice of such nonpayment; (6) Manager, in its reasonable discretion, determines that Sutton Bank's failure to comply with any provision of Applicable Law or any other requirements imposed upon Sutton Bank by any federal or state governmental authority has resulted in or may reasonably be expected to result in an imminent and obligations under the Program Documents or this Agreement if such failure is not cured within 30 days after receipt by Sutton Bank of a written notice from Manager describing the failure in commercially reasonable detailand requiring Sutton Bank to cure the failure;(7) Sutton Bank is determined to be in “troubled condition” (as such term is defined in or interpreted in accordance with Applicable Law); (8) Sutton Bank, together with its Affiliates, accumulates assets that, in the aggregate, are equal to, or greater than, $10 billion, which will have the effect of removing Sutton Bank from the small issuer exemption under 12 CFR Part 235.5(a)(1) or any successor provision; or (9)Sutton Bank is prohibited from adding volume to the Programs or adding new Programs in order to gain the volume necessary to achieve the Monthly Minimum Fees due to a directive from a Regulatory Authority rendered against Sutton Bank provided such directive is not attributable to the Program(s) or the actions or omissions of Manager or any Manager Contractor;provided such directive remains unstayed for a period of at least thirty (30) days; and provided Sutton Bank has not agreed to suspend the Monthly Minimum Fees so long as the directive is outstanding.

 

- 52 -

 

 

CONFIDENTIAL AND PROPRIETARY

 

(C) Change in Law . In the event that any material change in any Applicable Law, or in the interpretation of such Applicable Law, makes continued performance by any party under the then-current terms and conditions of the Program Documents illegal and the Parties, using their reasonable best efforts, are unable to agree upon modifications to the Program Documents to avoid such illegality, then any Party may terminate this Agreement, without penalty, by written notice to the other Party, which notice will be effective upon the earlier to occur of (i) the 90th day following delivery of the notice to the other Party or (ii) the effective date of such change in Applicable Law. To be effective, any written notice terminating this Agreement pursuant to this Section 10.2(C) must include a detailed explanation and evidence of the illegality created as a result of such change in Applicable Law.

 

(D) Other Remedies . In the event of any occurrence giving rise to a termination right under Section 10.2(A) above, or if Sutton Bank determines, in its reasonable discretion, that such action is necessary to prevent undue harm to Sutton Bank or Cardholders, Sutton Bank may at its election, without exercising, waiving or limiting such termination right in connection with, such occurrence, elect to require that Manager cease selling or distributing new Cards and entering into new Programs and/or cease issuing new Cards for a Program. In addition, in the event that any Client(s) fails to make any Settlement payment or to maintain a required balance in the Settlement account, Sutton Bank may suspend performance of any Sutton Bank obligations under the Program Documents if such Client fails to make the Settlement payment or maintain the required balance in the Settlement account within two (2) Business Days after Client receives notification of such failure.

 

10.3. Effect of Termination or Expiration

 

(A) Actions to Give Effect to Termination . Upon any termination of this Agreement or expiration of the Term, subject to Section 10.4, Sutton Bank and Manager will, as soon as reasonably practicable, execute such documents and do such things as may be reasonably necessary to give effect to the termination provisions of this Agreement.

 

(B) Survival of Obligations . Each Party will continue to be responsible for any obligations incurred under this Agreement or the other Program Documents prior to any termination of this Agreement or expiration of the Term, including but not limited to the obligation to pay any amounts that accrued prior to termination or expiration of this Agreement that remain owed to the other party(ies) after such termination or expiration.

 

- 53 -

 

 

CONFIDENTIAL AND PROPRIETARY

 

10.4. Cessation of Card Sale and Distribution after Termination or Expiration

 

Subject to Section 10.5, upon any expiration or termination of this Agreement or expiration of any Approved Program, Manager will immediately cease selling or distributing (including the cessation of both direct sales and third party sales through Clients) Cards under this Agreement or the Approved Program, as applicable.

 

10.5. Wind Down Period; Orderly Transition

 

(A) General Obligations .Upon the expiration or termination of this Agreement, (i) Manager may elect to either transition one or more Programs to an alternative card issuer designated by Manager (any such institution, a “ Successor Bank ”) in accordance with Applicable Law and pursuant to Section 10.5(B) or (ii) one or more Programs may be wound down in accordance with Applicable Law and pursuant to Section 10.5(C). Written notice of Manager's decision to exercise this option shall be given within ten (10) business days of the date of the notice giving rise to termination hereunder. Each Party acknowledges that the main goals of the Wind Down Period are (in order or priority) (i) to benefit the Cardholders by minimizing any possible burdens or confusion and (ii) to protect and enhance the names and reputations of the Parties, both of whom have invested their names and reputations in the Programs, the Programs and Cards issued hereunder. Unless otherwise required by Applicable Law or any Regulatory Authority, upon the expiration or termination of this Agreement for any reason, the Parties agree to cooperate in good faith to wind down or transition each Program in a commercially reasonable way as soon as reasonably possible to provide for a smooth and orderly transition or wind-down. Such cooperation will include continued acceptance of Cards presented for payment until such Cards expire or are cancelled as set forth below, and continued provision of customer service to all outstanding Cardholders in accordance with the terms of this Agreement up until the Cards expire or are terminated.

 

(B) Manager Transition Election .In the event that Manager elects to transition one or more Programs to a Successor Bank pursuant to Section 10.5(A), Sutton Bank’s obligations shall include:(i) executing and delivering a transfer agreement containing terms and conditions generally consistent with banking industry practice (including customary representations, warranties and obligations) for the transfer of the Programs and related BINs to the Successor Bank; and (ii) taking all other actions necessary to transfer the Programs and BINs to such Successor Bank.Manager shall reimburse Sutton Bank for all documented out-of-pocket commercially reasonable costs incurred by Sutton Bank in connection with the transfer of the Programs, including, but not limited to, any conversion costs or termination fees payable to any Processor with respect to the Programs, Network fees and charges, Sutton Bank's reasonable attorneys’ fees incurred in connection with the transfer (including attorney's fees incurred with respect to the negotiation, execution and deliverance of a transfer agreement satisfactory to Sutton Bank), the cost of printing and postage for any notifications to Cardholders, and all other out-of- pocket costs and expenses incurred by Sutton Bank in connection with the transfer of the Programs.

 

- 54 -

 

 

CONFIDENTIAL AND PROPRIETARY

 

(C) In the event the Agreement is terminated in whole or in part by Sutton Bank for cause pursuant to Sections 10.2 above,due to Manager's actions or inactions, Sutton Bank reserves the right to decline Manager's request to transition the Programs to a Successor Bank in Sutton Bank's good faith and sole discretion, and in such event such Programs shall be wound- down in accordance with this Article 10.

 

(D) Wind-Down Plan . As soon as reasonably practicable after expiration of this Agreement, or receipt of delivery of a termination notice with respect to this Agreement or one or more Programs, Manager shall provide to Sutton Bank in writing a proposed transition or wind- down plan, detailing (i) whether the affected Program(s) are to be wound down or transferred to a Successor Bank; and (ii) a proposed timeline, which shall designate a date as of which the affected Programs shall be wound down or transferred from Sutton Bank to a Successor Bank (“ Switchover Date ”). Sutton Bank and Manager shall meet promptly thereafter to review such proposed plan and to determine a mutually acceptable transition or wind-down plan (a “ Wind-Down Plan ”); provided , however , that if Sutton Bank and Manager fail to reach mutual agreement on the Wind- Down Plan within thirty (30) days, Sutton Bank shall establish a Wind-Down Plan that is appropriate for the affected Program(s) and that is, to the extent practicable, substantially similar to other wind-down plans used by Sutton Bank for other programs similar to the affected Program(s) hereunder, in which case such Wind-Down Plan shall be deemed to be approved by Manager.The wind-down or transition of any affected Program(s) shall occur as soon as reasonably possible and in no event later than one (1) year after expiration of this Agreement; provided, however, that such time period may extended by mutual written agreement of the Parties.Except as specifically set forth in this Agreement or the agreed upon plan for wind-down, each Party shall bear its own out-of-pocket costs and expenses associated with the wind-down of the Programs, except that Manager shall bear any costs and expenses charged by the Networks in connection with the termination of the BIN(s). Notwithstanding the foregoing, if Sutton Bank terminates this Agreement for cause pursuant to Section 10.2 prior to expiration and a wind-down of any Program is required, Manager shall pay or Sutton Bank may withhold from any amounts due to Manager all costs associated with notifying impacted Cardholders, issuing refund checks, and any amounts payable to Processor or other Third Party Service Providers to ensure the provision of their services continue through the end of the wind-down period, and all other out of pocket costs and expenses reasonably incurred by Sutton Bank in connection with the wind-down activities described in this Section. Such costs shall be paid by Manager no later than ten (10) days of receipt of Sutton Bank's invoice therefore.

 

(E) Wind Down Period General Obligations .During the Wind Down Period, the Parties shall continue to be bound by and comply with the terms of this Agreement and perform all of their obligations hereunder and shall remain liable for the representations and warranties, covenants and indemnification obligations under this Agreement.If Sutton Bank determines in its sole discretion that Manager has failed to continue to provide customer service to the affected Cardholders during the wind-down period in accordance with the terms of this Agreement, Manager shall take all necessary steps to either (i) effect the transfer to Sutton Bank of control of the toll free telephone numbers and websites used by Manager with respect to such Program or (ii) re-direct Cardholders using such telephone numbers and websites to such toll-free telephone numbers and websites as designated by Sutton Bank.

 

- 55 -

 

 

CONFIDENTIAL AND PROPRIETARY

 

(F) Manager shall ensure that all aspects of the transfer are accomplished in compliance with Applicable Law. Manager shall remain in compliance with all provisions of this Agreement, and the timely payment of all other fees and sums called for under this Agreement through the completion of the Transition Plan.

 

(G) Further Assurances .Each Party shall; (i) give such further assurances to the Successor Bank and shall execute, acknowledge and deliver all such acknowledgments, assignments and other instruments and take such further action as may be reasonably necessary and appropriate to effectively vest in the Successor Bank the full legal and equitable title to Sutton Bank’s rights in any affected Program(s) being transitioned to the Successor Bank and (ii) make commercially reasonable efforts to assist the Successor Bank in the orderly transition of the sponsorship of the Program. The Parties agree to work in good faith to assure a smooth transition of the Program and continuity of operations with respect to the Program.

 

(H) Media Notices . Except as required by Applicable Law (including applicable securities laws and the rules promulgated thereunder), in no event will any Party make any public statement or customer communication regarding the termination or wind-down of this Agreement or any Cards or Programs without the express prior written approval of both Sutton Bank and Manager, which approval shall not be unreasonably withheld or delayed. Notwithstanding the foregoing, Manager agrees that Sutton Bank may communicate the termination or expiration of this Agreement with any party with which Manager has contracted to provide any Processing Services, marketing or other service with regard to the Program.

 

ARTICLE XI. – INDEMNIFICATION AND LIABILITY

 

11.1. Indemnification Obligation ByManager

 

Manager covenants and agrees to indemnify and hold Sutton Bank, its Affiliates, and their respective officers, directors, employees, agents, successors and permitted assigns (“ Bank Indemnified Parties ”) harmless against any Losses, arising out of third party Claims in connection with:

 

(A) any failure on the part of Manager to perform or comply with any covenant or obligation required to be performed or complied with by Manager under or pursuant to this Agreement,

 

(B) any inaccuracy, breach or untruthfulness of any representation or warranty made by Manager under or pursuant to this Agreement,

 

(C) any noncompliance with or violation of any Applicable Laws (including without limitation with respect to Program Materials and Marketing Campaigns), the gross negligence or willful misconduct of Manager, or any of Manager’s Affiliates, employees, officers, directors, Distributors, Marketers, Third Party Service Providers or agents, representatives or independent contractors (all such contractors, agents and representatives, including Distributors, Marketers and Third Party Service Providers, the “ Manager Contractors ”),

 

- 56 -

 

 

CONFIDENTIAL AND PROPRIETARY

 

(D) any wrongful acts or omissions of Manager or Manager Contractors in connection with the improper use of Cardholder Data or in connection with the transfer of the Program(s) to a Successor Bank,

 

(E) any failure on the part of Manager or any Manager Contractor to comply with or discharge any of its or their obligations, liabilities or other amounts due or owing by Manager or such Manager Contractor to any third party, including, in the case of Manager, due or owing to any Manager Contractor,

 

(F) any unauthorized or fraudulent access to or use of Cardholder Data caused by the action or inaction, or intentional misconduct of an employee of Manager or Manager Contractors, or arising from a security breach to computer systems maintained by Manager or maintained by Manager Contractors on behalf of Manager.

 

(G) any Losses arising solely from Sutton Bank's failure to comply with the Applicable Law or a direction or requirement from a Regulatory Authority or Network where such failure arose out of Manager’s failure to meet its obligations under this Agreement or to obtain and provide all information to Sutton Bank needed for Sutton Bank to comply, unless Sutton Bank failed to inform Manager of the need for such actions or the need to cease taking such actions; or

 

(H) any misrepresentation or false or misleading statement made by Manager or Manager Contractors to any Person, Regulatory Authority or legislative body regarding Sutton Bank, a Program, this Agreement or the terms or conditions hereof.

 

11.2. Limited Exception and Conditions

 

Manager’s indemnification obligations under Section 11.1 shall exclude any Losses, to the extent such Losses arise directly from (A) an act of fraud, embezzlement or criminal activity by a Bank Indemnified Party, (B) the gross negligence, willful misconduct or bad faith by a Bank Indemnified Party, (C) failure of the Sutton Bank to comply with, or to perform its obligations under, this Agreement, or (D) Losses arising from noncompliance with or violation of any Applicable Law by Manager or a Manager Contractor solely to the extent that such Parties acted in good faith in accordance with Sutton Bank’s written instructions and/or requirements regarding Applicable Law.

 

11.3. By Sutton Bank

 

Sutton Bank covenants and agrees to indemnify and hold Manager, Manager Contractors, and each of their respective Affiliates, and their respective officers, directors, employees, agents, and permitted assigns (the “ Manager Indemnified Parties ”) harmless against any Losses, arising out of third party Claims in connection with:

 

(A) any failure on the part of Sutton Bank to perform or comply with any covenant or obligation required to be performed or complied with by Sutton Bank under or pursuant to this Agreement,

 

(B) any inaccuracy, breach or untruthfulness of any representation or warranty made by Sutton Bank under or pursuant to this Agreement,

 

- 57 -

 

  

CONFIDENTIAL AND PROPRIETARY

 

(C) the gross negligence or willful misconduct of Sutton Bank or its employees, officers, directors, vendors, agents, representatives or independent contractors (excluding Manager or Manager Contractors),

 

(D) any wrongful acts or omissions of Sutton Bank in connection with the improper use of Cardholder Data or in connection with the transfer of Network responsibilities hereunder to a Successor Bank, in each case excluding any Losses to the extent such Losses arise from the acts or omissions of Manager, including any failure to comply with the terms of this Agreement,

 

(E) any unauthorized or fraudulent access to or use of Cardholder Data caused by the gross negligence or intentional misconduct of an employee of Sutton Bank or of its Affiliates, or arising from a security breach to computer systems maintained by Sutton Bank or maintained by third parties (other than Manager or a Manager Contractor) on behalf of Sutton Bank; or

 

(F) any misrepresentation or false or misleading statement made by Sutton Bank or its Affiliates to any Person, Regulatory Authority or legislative body regarding Manager, a Program, this Agreement or the terms or conditions hereof.

 

11.4. Limited Exception and Conditions

 

Sutton Bank’s indemnification obligations under Section 11.3 shall exclude any Losses to the extent such Losses arise directly from (A) an act of fraud, embezzlement or criminal activity by a Manager Indemnified Party, (B) the gross negligence, willful misconduct or bad faith by a Manager Indemnified Party, or (C) failure of the Manager to comply with, or to perform its obligations under, this Agreement.

 

11.5. Defense of Claims

 

(A) Notice. If any Claim is commenced that may give rise to a right of indemnification, or any knowledge is received of a state of facts which, if not corrected, may give rise to a right of indemnification, the indemnified Party shall give prompt written notice to the indemnifying Party. The failure to give such notice shall not, however, relieve the indemnifying Party of its indemnification obligations except to the extent that the indemnifying Party is actually harmed thereby.

 

(B) Right to Defend Claim .The indemnifying Party shall have the right to defend any such Claim in its name and at its expense, shall select the counsel for the defense of such Claim as approved by the indemnified Party, which approval shall not be unreasonably withheld or delayed, and shall cooperate with the indemnified Party in the conduct of the defense against such Claim; provided , however, that the indemnifying Party shall not have the right to defend any such Claim if (i) it fails to employ appropriate counsel approved by indemnified Party to assume the defense of such Claim or refuses to replace such counsel upon the indemnified Party’s reasonable request; (ii) the indemnified Party advises the indemnifying Party that there are issues which could raise possible conflicts of interest between the indemnifying Party and the indemnified Party or that the indemnified Party has claims or defenses that are separate from or in addition to the claims or defenses of the indemnifying Party; or (iii) such Claim seeks an injunction or cease and desist order; provided further, that Manager may not, as an indemnifying Party or otherwise, defend against a Claim or select the counsel for the defense of a Claim if the Claim was brought by a Regulatory Authority. If the Parties are unable to resolve the issue, then the matter will be resolved in accordance with Section 12.2. In each such case set forth in this Section 11.5, the indemnified Party shall have the right to direct the defense of the Claim and retain its own counsel, and the indemnifying Party shall pay the cost of such defense, including reasonable attorneys’ fees and expenses.

 

- 58 -

 

 

CONFIDENTIAL AND PROPRIETARY

 

(C) Indemnifying Party Election . If the indemnifying Party elects and is entitled to compromise or defend such Claim it shall within thirty (30) days (or sooner, if the nature of the Claim so requires) notify the indemnified Party of its intent to do so, and the indemnified Party shall, at the expense of the indemnifying Party, cooperate in the defense of such Claim. In such case, the indemnified Party shall have the right to participate in the defense of any Claim with counsel selected by it. Except as provided in this Article, the fees and disbursements of such counsel shall be at the expense of the indemnified Party.

 

(D) Indemnifying Party Obligation . The indemnifying Party shall have no obligation to pay the monetary amount of the settlement of any Claim entered into by the indemnified Party without the prior written consent of the indemnifying Party (which consent shall not be unreasonably withheld or delayed). Notwithstanding the indemnifying Party’s right to direct the defense against any Claim, the indemnifying Party shall not have the right to compromise or enter into an agreement settling any claim, suit, demand or action without the prior written consent of the indemnified Party (which consent shall not be unreasonably withheld or delayed).

 

11.6. No Special Damages

 

UNLESS OTHERWISE AGREED, IN NO EVENT SHALL EITHER PARTY BE LIABLE TO THE OTHER WHETHER IN CONTRACT, TORT, EQUITY OR OTHERWISE FOR ANY INDIRECT, INCIDENTAL, CONSEQUENTIAL, SPECIAL, PUNITIVE OR EXEMPLARY DAMAGES, INCLUDING, BUT NOT LIMITED TO, LOST PROFITS, EVEN IF SUCH PARTY HAS KNOWLEDGE OF THE POSSIBILITY OF SUCH DAMAGES ARISING FROM OR RELATED TO THIS AGREEMENT; PROVIDED, HOWEVER, THAT THE LIMITATIONS SET FORTH IN THIS SECTION SHALL NOT APPLY TO OR IN ANY WAY LIMIT THE INDEMNITY OBLIGATIONS UNDER THIS AGREEMENT.

 

11.7. Disclaimers of Warranties

 

ALL SERVICES PROVIDED BY THE PARTIES HEREUNDER ARE PROVIDED ON AN “AS IS” AND “AS AVAILABLE” BASIS, AND EXCEPT AS EXPRESSLY STATED IN THIS AGREEMENT EACH PARTY SPECIFICALLY DISCLAIMS ALL WARRANTIES OF ANY KIND, EXPRESS OR IMPLIED, ARISING OUT OF OR RELATED TO THIS AGREEMENT, INCLUDING WITHOUT LIMITATION, ANY WARRANTY OF MARKETABILITY, FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT, AND IMPLIED WARRANTIES ARISING FROM COURSE OF DEALING OR COURSE OF PERFORMANCE, EACH OF WHICH IS HEREBY EXCLUDED BY AGREEMENT OF THE PARTIES.

 

- 59 -

 

 

CONFIDENTIAL AND PROPRIETARY

 

ARTICLE XII. – RISK MANAGEMENT

 

12.1. Insurance

 

(A) Manager shall maintain (and shall require each Third Party Service Provider to maintain), throughout the Term, an appropriate insurance policy in the name of Manager (or any Third Party Service Provider), the limit of which shall be no less than one million dollars ($1,000,000) per occurrence and two million dollars ($2,000,000) aggregate, for each of the following categories:

 

(i) a comprehensive general liability policy, including, but not limited to, contractual liability, bodily injury, death and/or property damage;

 

(ii) a comprehensive crime policy, including employee dishonesty/fidelity coverage, with respect to the work or operations done in connection with this Agreement;

 

(iii) a comprehensive errors and omissions policy; and

 

(iv) a workers’ compensation policy in at least the minimum amounts required by any applicable statute or regulation.

 

(B) In the event Manager stores, transmits or processes Cardholder Data, Manager shall maintain (and regardless shall require each Third Party Service Provider to maintain), throughout the term of this Agreement, an appropriate data security insurance policy in the name of Manager (or any Third Party Service Provider) and naming Sutton Bank as an additional insured, the limit of which shall be, in the case of a Processor, no less than five million dollars ($5,000,000) per occurrence and ten million dollars ($10,000,000) aggregate and, in the case of Manager or any Third Party Service Provider other than a Processor, no less than two million dollars ($2,000,000) per occurrence and five million dollars ($5,000,000) aggregate, providing coverage in the event of loss of confidential data by Manager (or any subcontractor), including:

 

(i) theft, dissemination and/or unauthorized disclosure or use of Confidential Information and Cardholder Data (including, but not limited to, account information, social security numbers, and confidential corporation information). Such insurance shall also include coverage for credit monitoring, notification expenses and other related costs associated with mitigating a data security or privacy breach; and

 

(ii) (introduction of a computer virus into, or otherwise causing damage to, a computer, computer system, network or similar computer-related property and the data, software and programs used thereon.

 

(C) Each policy required by Section 12.1.(A) and 12.1.(B) must:

 

(i) be written by insurance carriers that have an A.M. Best rating of “A” or better or are otherwise acceptable to Sutton Bank;

 

- 60 -

 

 

CONFIDENTIAL AND PROPRIETARY

 

(ii) provide that such policy may not be terminated or materially modified without thirty (30) days prior written notice to both Sutton Bank and Manager (or subcontractor); and

 

(iii) not include any exclusions that would adversely affect coverage regarding any of the obligations of Manager hereunder.

 

(D) A copy of each policy (including such endorsement) and any certificates of insurance evidencing the existence of such policy, or any other documentation related to the requirements of this Section 12.1 reasonably requested by Sutton Bank, shall be provided to Sutton Bank upon request.

 

(E) Manager shall promptly provide notice to Sutton Bank in the event Manager receives any notice of nonrenewal or cancellation, lapse, termination or reduction in any insurance coverage required to be maintained pursuant to this Section 12.1.

 

12.2. Reserve Account

 

Manager agrees to establish and maintain a Sutton Bank owned, Sutton Bank controlled demand deposit account, which account shall be maintained at Sutton Bank (the “ Reserve Account ”), as security for all obligations of Manager under this Agreement. The minimum balance in such Reserve Account as of the first day of any month shall be as Sutton Bank may in its discretion reasonably require from time to time, but shall at no time be less than the sum of $25,000. The balance in the Reserve Account shall be adjusted on the first Business Day of each month unless Sutton Bank requires that the balance be updated on additional dates during the month due to unexpected or excessive growth of Manager expenses. The funds may be used by Sutton Bank to pay for any Manager obligations associated with the Programs. Manager shall replenish the Reserve Account on a monthly basis for any debits pursuant to this Section 12.2 to maintain the minimum balance. If Manager does not replenish the Reserve Account, Sutton Bank will prevent further funds from being credited to net revenues until such time that the Reserve Account has been replenished. All funds in the Reserve Account shall be returned to Manager as soon as commercially practicable after the termination of this Agreement once all Cards have been terminated or have expired, and any outstanding invoices from Sutton Bank and all amounts due to Sutton Bank have been paid.

 

ARTICLE XIII. – GENERAL

 

13.1. Assignment

 

No Party may assign this Agreement without the express written consent of the other Party, which consent will not be unreasonably conditioned, withheld or delayed.

 

13.2. Dispute Resolution; Governing Law

 

(A) In the event of any dispute, controversy, or claim arising out of or relating to this Agreement or the construction, interpretation, performance, breach, termination, enforceability or validity thereof (hereinafter, a “ Dispute ”), the Party raising such Dispute shall notify the other promptly and no later than sixty (60) days from the date of its discovery of the Dispute. In the case of a Dispute relating to account or Transaction statements or similar matter, the failure of a Party to notify the other Party of such Dispute within sixty (60) days from the date of its receipt shall result in such matter being deemed undisputed and accepted by the Party attempting to raise such Dispute.

 

- 61 -

 

 

CONFIDENTIAL AND PROPRIETARY

 

(B) The Parties shall cooperate and attempt in good faith to resolve any Dispute promptly by negotiating between persons who have authority to settle the Dispute and who are at a higher level of management than the persons with direct responsibility for administration and performance of the provisions or obligations of this Agreement that are the subject of the Dispute.

 

(C) This Agreement shall be governed by, construed and enforced in accordance with the laws of the State of Ohio, without regard to that state's conflict of laws principles.Jurisdiction and venue for the formal resolution of any disputes relating to this Agreement shall lie exclusively in the Federal and State Courts of Ohio any such claims shall be governed by Ohio law without giving effect to any choice of law rules. Each Party agrees that service of process in any action or proceeding hereunder may be made upon such Party by certified mail, return receipt requested, to the address for notice set forth herein.

 

(D) EACH PARTY ALSO, KNOWINGLY AND WILLINGLY, AND FOLLOWING CONSULTATION WITH COUNSEL, HEREBY UNCONDITIONALLY AND IRREVOCABLY WAIVES ANY RIGHT TO A TRIAL BY JURY IN CONNECTION WITH ANY DISPUTE ARISING UNDER THIS AGREEMENT.

 

13.3. Entire Agreement; Amendments

 

This Agreement and the other Program Documents constitute the entire agreement of the Parties with regard to the specific subject matter thereof and supersede all prior written and/or oral understandings between the Parties. Except as otherwise expressly provided herein, this Agreement may not be amended, modified or changed in any way except by a written instrument executed by an authorized representative of each Party. Notwithstanding any other term or provision of this Section 13.3, in the event Sutton Bank and Manager agree to establish an additional Approved Program under this Agreement, as described in Section 3.1(F), the terms and conditions of the applicable exhibits to this Agreement will be updated to reflect the terms of the new Approved Program (as reflected in the Sutton Bank approved Program Application Form and on Schedule 1.1 hereto) without further execution by any Party, and such additional Approved Program shall be governed by the terns of this Agreement and the other Program Documents.

 

13.4. Counterparts

 

This Agreement may be executed in counterparts, each of which will be deemed an original and both of which together will constitute one instrument.

 

13.5. Third Party Beneficiaries

 

This Agreement is for the sole and exclusive benefit of the Parties and nothing in this Agreement will be construed to grant to any Person (other than the Parties, and their respective successors and permitted assigns) any right, remedy or claim under or in respect of this Agreement or any provision hereof; provided however that Sutton Bank's subsidiaries and affiliates used by Sutton Bank in connection with any Program are each intended third party beneficiaries of all rights and protections, including limitations of liability and indemnification, to which Sutton Bank is entitled under theProgram Documents.

 

- 62 -

 

 

CONFIDENTIAL AND PROPRIETARY

 

13.6. Survival

 

Upon later of any termination of this Agreement, Switchover Date or any Wind Down Period, the Parties will retain any rights or remedies available to such Party under this Agreement or in law or at equity. Subject to any specific limitations on survival set forth herein, the following Articles and Sections of this Agreement will survive the termination or expiration of this Agreement in accordance with their terms: Sections 13.2 and 13.3, Sections 13.5 through 13.8, Article I, Article IV, Article VII, Article VIII, Article X and Article XI.

 

13.7. Force Majeure

 

No Party shall be liable for any failure or delay on its part to perform, and shall be excused from performing any of its non-monetary obligations hereunder if such failure, delay or non- performance results in whole or in part from any cause beyond the absolute control of the Party, including any act of God, act of war, riot, actions of terrorists, earthquake, fire, explosion, natural disaster, flooding, embargo, or sabotage (each a “ Force Majeure Event ”); provided , however , that the Party suffering the Force Majeure Event shall immediately implement its Disaster Recovery Plan. A Party desiring to rely upon any of the foregoing as an excuse for failure, default or delay in performance shall, when the cause arises, give to the other Party prompt notice in writing of the facts which constitute such cause, and, when the cause ceases to exist, give prompt notice thereof to the other Party. This Section 13.7 shall in no way limit the right of a Party to this Agreement to make any claim against third parties for any damages suffered due to said cause.

 

13.8. Specific Performance

 

The Parties acknowledge and agree that the remedy at law for any breach by either Party of its confidentiality covenants and obligations under Article VIII of this Agreement is inadequate and that the non-breaching Party, in addition to any other relief available to it, will be entitled to specific performance by the breaching Party to the extent permitted by Applicable Law.

 

13.9. Representation

 

Each Party acknowledges that it has been duly represented by counsel of its choice and fully understands all terms of this Agreement. No assumption or inference will be made or granted based on drawer or drafter of this Agreement, theNetwork Rules, and all other Program Documents.

 

[Signatures on Following Page]

 

- 63 -

 

 

CONFIDENTIAL AND PROPRIETARY

  

IN WITNESS WHEREOF, with the intention to be bound by the terms of this Agreement, the Parties have executed this Agreement as of the day and year first above written by causing their respective authorized representatives to sign where indicated below.

 

Sutton Bank   CUENTAS, INC.
         
By: /s/ J. Anthony Gorrell   By: /s/ Arik Maimon
Name:  J . Anthony Gorrell   Name:  Arik Maimon
Title: EVP & CFO   Title: CEO
  27-Jun-2019 | 1:36 PM PDT     26-Jun-2019 | 2:50 PM PDT
         
Address for Notices:   Address for Notices:
     
Sutton Bank   Cuentas, Inc.
1 s. Main st., p o b ox 505   19 w. Flagler s t ., Suite 902
Attica, ohio 44807   Miami, Fl 33130
Attn: j. Anthony Gorrell, evp & cfo   Attn: Michael De Prado – Pres & COO
Facsimile: (419) 426-3041    
         
Attn: Clint Heyworth - Legal      

 

 

 

CONFIDENTIAL AND PROPRIETARY

 

EXHIBIT A

PROGRAM APPLICATION FORM

 

[Separately provided]

 

 

 

- A- 1 -

 

 

CONFIDENTIAL AND PROPRIETARY

 

EXHIBIT B

SUTTON BANK PREPAID CARD SERVICES

 

1. Sponsor Programs with Networks, including obtaining all required Network approvals

 

2. Comply with all Network Rules pertaining to issuing financial institution

 

3. Oversee and review all aspects of Programs with respect to compliance with all Applicable Law pertaining to issuing prepaid cards

 

4. Manage Program Accounts

 

5. Implement new programs with Networks

 

6. Issuing Cards for Approved Programs in accordance with the applicable Program Schedule and Cardholder Agreement

 

7. Approving each Program and Additional Products that may be provided under each Program or any non-financial products or services requiring Sutton Bank approval that may be offered to Cardholders in accordance with the terms of this Agreement

 

8. Approving all new Program Due Diligence Application Forms,Program Schedules, Cardholder Agreements, Program Materials and Marketing Campaigns and any changes to such documents in accordance with Sections3.1(B), 3.1(C), 3.1(F) and 3.1(G) of the Agreement

 

9. In accordance with Section 5.4, approving Manager’s BSA/AML/OFAC Procedures

 

10. Providing Manager with any notifications received from a Network (other than PCI Standards) with respect to any Program or any changes in Network Rules

 

11. Working closely with Manager to develop and enhance the Programs to meet Sutton Bank’s strategic objectives and goals, including by reviewing, assessing and approving in its commercially reasonable discretion, any modifications proposed by Manager

 

12. Upon reasonable request by Manager, providing Manager with any reconciliation reports for each Program Account maintained by Manager at Sutton Bank, and, to the extent Program funds flow through a non-Manager Program Account at Sutton Bank, reconciliation reports for each such Account

 

- B- 1 -

 

 

CONFIDENTIAL AND PROPRIETARY

 

EXHIBIT C

REVENUE SHARE AND EXPENSE

 

[Separately provided]

 

- C- 1 -

 

 

CONFIDENTIAL AND PROPRIETARY

 

EXHIBIT D

MANAGER SERVICES

 

The following is a general description of the Services to be provided by ManageronSutton Bank’s behalf, either in-house or through Third-Party Service Providers.Where an inconsistency exists between the general descriptions of Services to be provided to Sutton Bank under this Agreement and the specific descriptions contained in any other documentation, including correspondence, operations manuals, procedures manuals, or implementation manuals (other than an inconsistency consisting solely of a greater degree of detail in such documentation than in this Agreement), the provisions of this Agreement shall control.No such material change to the Services shall be effective without Sutton Bank’s prior written consent.

 

Processing all applications and establishing all Cardholder Accounts on behalf of Sutton Bank, including, but not limited to:

 

providing Cardholder Agreements, as applicable;
application of Sutton Bank’s rules to incoming Card applications
submitting to Sutton Bank applications for approval
providing information to Processor to establish the Cardholder Accounts
collecting and maintaining Cardholder identification, as applicable
screening Cardholder applicants for compliance purposes, as applicable
conducting initial review of all Cardholder Accounts to ensure compliance with BSA/AML/OFAC laws and directives, as applicable
authorizing Card Activation
setting of PIN, as applicable

 

Card creation, production and shipment, including:

Card design
purchase and safekeeping of plastic stock
embossing and encoding of Cards
printing of Card carriers
mailing or other delivery of Cards
preparation and mailing of all other documents required or otherwise to be sent to Cardholders
providing monthly and other periodic account statements, as applicable
customer service in accordance with the terms of this Agreement
all other Program-related mailings to Cardholders including shipping costs and postage
any other services necessary or desirable to effectuate the Program or as agreed upon by Sutton Bank and Manager from time to time

 

Back office support functions, including:

individual Cardholder Account maintenance
Transaction and payment authorization, decline, processing, clearing and settlement and all accounting relating to Cards
statement preparation and issuance, as applicable
clearing and Settlement

 

- D- 1 -

 

 

CONFIDENTIAL AND PROPRIETARY

 

balancing and reconciling
fraud prevention and security control
data capture and reporting and information management services
providing Sutton Bank with reports detailing transactions and servicing with respect to each Program or Additional Product marketed by Manager on behalf of Sutton Bank as may be mutually agreed upon by the Parties from time to time at no additional cost to Sutton Bank within the reasonable capacity of Manager;
exercising commercially reasonable efforts to monitor changes in Applicable Law related to the Programs and notifying Sutton Bank of any such changes of which Manager becomes aware that may impact Sutton Bank and the Programs in a material manner
providing appropriate notices to Sutton Bank as required hereunder
helpdesk and technical support for Sutton Bank

 

Customer Service, including:

Cardholder account and Transaction dispute processing and resolution, and any other informal disputes or resolutions as needed from the Cardholder, as promptly as commercially reasonable, and not later than full resolution within applicable legal, regulatory, and Network required timeframes
Lost and stolen Card reporting
Processing and disbursing Cardholder refunds on behalf of Sutton Bank for each Program in accordance with Applicable Law

 

- D- 2 -

 

 

CONFIDENTIAL AND PROPRIETARY

 

EXHIBIT E

APPROVED THIRD PARTY SERVICE PROVIDERS

 

- E- 1 -

 

 

CONFIDENTIAL AND PROPRIETARY

 

SCHEDULE 1.1

APPROVED PROGRAMS

 

Program 1

 

Program Name/Description

 

Cuentas Mastercard Prepaid Card

Issuer

 

SUTTON BANK

Client

 

CUENTAS, INC.

Program Expiration Date

 

TBD

 

Program 2

 

Program Name/Description
Issuer Client Program Expiration Date

 

IN WITNESS WHEREOF, each of Manager and Sutton Bank hereby acknowledges and agrees that this Schedule 1.1, executed as of this 28th day of May, 2019, is intended to supplement and be incorporated into that certain Agreement entered into by the Parties as of May 28, 2019.

 

Sutton Bank   Manager
         
  /s/ J. Anthony Gorrell     /s/ Arik Maimon
By: Tony Gorrell J. Anthony Gorrell   By: Arik Maimon
Title: EVP, CFO   Title:   CEO
  27-Jun-2019 | 1:36 PM PDT     26-Jun-2019 | 2:50 PM PDT

 

- F- 1 -

 

 

Exhibit A

 

 Program Name: Cuentas Program

 

Program Manager: Cuentas

 MC Consumer Funded GPR Prepaid

Processor: InComm

Date: 1/15/2019

 

PROGRAM FACT SHEET

 

The purpose of this document is to define the scope of an individual prepaid card program. This is for reference only and in no way represents the Bank’s or the applicable network’s formal approval of the program manager, co-brander or program.

 

SECTION 1 – PROGRAM MANAGER AND COMPANY BACKGROUND INFORMATION

 

Company Name Cuentas, Inc.  

13

 
  Legal Name   Years in Business  
  20-3537265 Florida    
  Tax ID Number State Incorporation    
  19 W. Flagler St., Suite 902      
  Street      
Corporate Address Miami FL 33130  
  City State Zip  
Corporate Phone

800-611-3622

Phone Number

Extension    
Corporate Web site

www.cuentas.com

Web site

     
Primary Contact Michael A. De Prado   President and COO  
  Full Name   Title  
  Operations      
  Department      
         
  Street Address (if different from above)    
  City State

Zip                    Direct Phone

 
  954-870-2032      
  Cell Phone Fax Number    
  michael@cuentas.com   Approval  
  Email   Role in Implementation Process  

Current Business Type

(Not program type)

Business-to-Business Business-to-Consumer  
Is Program Manager currently a registered MSB? Yes No  

General Business Description

(Not program type)

Financial Technology (FinTech) and Telecommunications service provider.  

 

This document is confidential to Sutton Bank and may not be used, copied or disclosed without express prior written consent of Sutton Bank

 

Page 1

 

 

Program Name: Cuentas Program

 

Program Manager: Cuentas

MC Consumer Funded GPR Prepaid

Processor: InComm

Date: 1/15/2019

 

SECTION 2 – COMPLIANCE

 

Card Type

Prepaid GPR

Source of Funds

Customer funded via bank transfer, other payment card, or Sutton supported cash load networks.

Cash Access

Yes No

Reloadable

Yes No

International

Yes

☐ No

Blocked countries: Cuba, Iran, Iraq, Papua New Guinea, Korea Democratic Peoples Republic, Sudan, Syrian Arab Republic, Zimbabwe, Afghanistan, Bosnia and Herzegovina, Belarus, Côte d'Ivoire, Democratic Republic of the Congo, Guyana, LAO Peoples Democratic Republic, Uganda, Yemen, Burundi, Central African Republic, Libya, Lebanon, Somalia, South Sudan, Ukraine, Venezuela, Vanuatu, Sudan, Democratic Republic of the Congo, Algeria, Angola, Panama, Myanmar, Liberia, Albania, Argentina, Azerbaijan, Balkans, Bangladesh, Belize, Bolivia, Brunei Darussalam, Cambodia, Cyprus, Dominica, Ecuador, Ethiopia, Ghana, Haiti, Herzegovina, Honduras, Indonesia, Kenya, Korea, Kuwait, Kyrgyzstan, Latvia, Liberia, Mongolia, Morocco, Namibia, Nepal, Nicaragua, Nigeria, Pakistan, Panama, Papua New Guinea, Paraguay, Philippines, Qatar, Sao Tome and Principe, Sierra Leone, Sri Lanka, Suriname, Syria, Tajikistan, Tanzania, Thailand, Trinidad and Tobago, Turkey, Turkmenistan, Uzbekistan, and Vietnam
CIP Required Yes

☐ No

  If answer is No, provide reason for CIP not being required.
FDIC Insurance ☒ Yes ☐ No
Regulation E ☒ Yes No
Overdraft Yes No
Credit Feature Yes No

Yes

☐ No Funds are the Cardholder’s

Card Functionality Yes

☒ No Funds are a Corporation’s

  Yes No Cardholders can access funds after expiration?

 

This document is confidential to Sutton Bank and may not be used, copied or disclosed without express prior written consent of Sutton Bank

 

Page 2

 

 

Program Name: Cuentas Program

 

Program Manager: Cuentas

MC Consumer Funded GPR Prepaid

Processor: InComm

Date: 1/15/2019

 

SECTION 3 – PROGRAM SCOPE

 

Program Name

Cuentas

Program Name as it will appear on card

Cuentas Mastercard Prepaid Card

Full Program Name (as it appears on collateral)

Program Web site

www.cuentas.com

Web site

 
Program Launch Date 4/1/19  

Program BIN & ICA

(If known)

REDACTED

 

REDACTED

BIN or Sub BIN Range

(If applicable)

REDACTED

BIN Range

REDACTED

Sub BIN Range

Executive Summary (Provide summary of Cardholder experience from application to receipt of card.) This will be a mobile app acquired product. Consumers will download the Cuentas mobile app to their phone. Using a menu option on their application they can request a new Cuentas account. The app will collect their details including scanning documentation for the KYC verification as well as allowing the consumer to set a registration PIN. The app will send the KYC information directly to IDology to be verified and upon successful verification will then request a new account be created. Consumers will be notified in app that they will receive their card within 7-10 business days. Once the card is received, consumers will then call into the IVR to activate their card using the activation code they set at registration. If successfully activated this activation code will then become the consumers PIN for ATM and PIN POS transactions. All account maintenance and consumer access to the account will be done through the Cuentas mobile app, IVR, or call center. There will be no secure account access through the cuentas.com website. The website will only be a marketing website.
   
  Additional phases of the program will have starter cards being sold in retail stores. Consumers who purchase starter cards will have the ability to register their cards through the mobile app and receive a personalized card as described above.
Issuer Processor (Processor must have existing relationship with Sutton Bank. Program Manager must contract directly with processor). InComm  

Cardholder Data

☒ Yes

☐ No

(Will the program manager or any other third-party affiliated store, transmit or receive cardholder data? All Third Parties must be registered.) InComm and IDology. Cuentas will not store, transmit or receive cardholder data other than through the InComm customer management system.
Cash Reload Network Yes ☐ No

International

Transactions

Yes ☐ No

 

This document is confidential to Sutton Bank and may not be used, copied or disclosed without express prior written consent of Sutton Bank

 

Page 3

 

 

Program Name: Cuentas Program

 

Program Manager: Cuentas

MC Consumer Funded GPR Prepaid

Processor: InComm

Date: 1/15/2019

 

SECTION 4 – CO-BRANDER INFORMATION (If Applicable)

 

A co-brander is a third party that brands their name on the Program Manager’s existing card program. Some co-branders elect not to be a Program Manager because of inadequate funding, little or no experience in the card space, and no interest in investing in a formal processor/bank relationship or not wanting to take the financial risk associated with card programs. All co-branded programs will be submitted to Sutton Bank by the Program Manager. Co-branders must be approved by Sutton Bank. The Program Manager is responsible for all cardholder losses associated with the cardholder’s actions, inactions or omissions. The co-brander is responsible for losses associated with the co-brander’s actions, inactions or omissions.

 

Company Name

Legal Name   Years in Business

Corporate Address

City State Zip

Corporate Phone

Phone Number Extension  

Corporate Web site

Web site    
Primary Contact Full Name   Title
  Department   Phone
  Cell   Fax Number
  Email   Role in Implementation Process

Current Business Type

(Not program type)

Business-to-Business Business-to-Consumer

Business Description

(Provide a brief business description including background information).

Yes

☒ No

 
  If yes, complete the information below.  
  Company Name   Years in Business
Multiple Co-Branders (Will multiple Co-Branders appear on the card)? Business Type   Primary Contact

Street

   
  City State Zip                                    Phone
  Additional Information    

 

This document is confidential to Sutton Bank and may not be used, copied or disclosed without express prior written consent of Sutton Bank

  

Page 4

 

 

Program Name: Cuentas Program

 

Program Manager: Cuentas

MC Consumer Funded GPR Prepaid

Processor: InComm

Date: 1/15/2019

 

SECTION 5 – PROGRAM TYPE

 

 

 

 

 

Product Type

 

Card functionality, such as money sharing and direct deposit, does not determine the program type.

 

Program types are defined by 1) source of initial funds 2) reloadable or non-reloadable and 3) if the funds are the cardholder’s or a corporation’s.

 

 

Product Type

Personal Use (General Purpose Reloadable)

 

Source of Funds

Consumer

 

Funds Ownership

Consumer

 

 

 

 

 

Network Marks

(Desired signature and Pin networks.)

☒ MasterCard

 

☐ Discover

 

☒ Pulse

 

☒ Maestro

 

☐ Other

☐ Visa

 

☐ Interlink

 

☐ NYCE

 

☐ None

 

☐ PLUS

  List any proprietary marks and their significance.  
Instant Issuing ☒  Yes  No
(Does this program involve instant issuing at retail/distributor locations?) If yes, the Card Fulfillment Process (Section 10) must be completed in detail and a security plan must be submitted.
Does program create an “account” relationship with Sutton Bank? (Interagency Guidance to Issuing Banks on Applying Customer Identification Program Requirements to Holders of Prepaid Cards) ☒  Yes

☐ No

If no, explain why.

 

This document is confidential to Sutton Bank and may not be used, copied or disclosed without express prior written consent of Sutton Bank

Page 5

 

 

Program Name: Cuentas Program

 

Program Manager: Cuentas

MC Consumer Funded GPR Prepaid

Processor: InComm

Date: 1/15/2019

 

SECTION 6 – PROJECTED VOLUMES, CARD VALUE AND CARD USAGE

 

    No. Accounts No. Active Cards US Dollar
  Year 1 50,000 50,000 $100,000,000
         
Projected Annual Volumes Year 2 150,000 150,000 $300,000,000
         
  Year 3 300,000 300,000 $600,000,000
         
Average Card Balance $ 100
Estimated average card balance
Maximum Card Balance $ 10,000
Load Values

Minimum / Maximum Initial Value Load

Min: $20 / Max: $2,500/day

 

Minimum / Maximum Reload

Min: $20 / Max: $9,999

Load Frequency Allowance # Loads/Day: 5; # Loads/Week: TBD; # Loads/Month: TBD
International Use Yes

 

Cash Reload Networks Maximum Reload per Transaction Maximum Reloads per Day Maximum Reload per Day Maximum Reload per Month
Vanilla Direct $ 500 5 $ 2,500 $

 

Transaction Type Maximum $ Amount/ Transaction Daily Maximum $ Amount Monthly Maximum $ Amount
POS $ $ 2,500 $
ATM $ $ 400 $ 2,500
International ATM $ $ 750 $
Card-to-CardTransfer $ $ 500 $ 2,000

 

This document is confidential to Sutton Bank and may not be used, copied or disclosed without express prior written consent of Sutton Bank

Page 6

 

 

Program Name: Cuentas Program

 

Program Manager: Cuentas

MC Consumer Funded GPR Prepaid

Processor: InComm

Date: 1/15/2019

 

SECTION 7 – CARD LOADING

 

Important: Distributors or locations providing for the means to reload a card must be a registered MSB with the appropriate states or an agent of a registered MSB in accordance to the individual state laws. It is the responsibility of the Program Manager to work with a bank-approved load network that has the appropriate licenses and BSA/AML policies. Since a load network is accepting loads on the Bank’s behalf, Sutton Bank requires a direct agreement with the load network.

 

  Purchase/Payment Load Reload
       
  ☒  Cash  Cash  Cash
       
  ☐  Check Check  Check
       
  ☒  Debit Debit  Debit
Payment/Load Methods      
(Check all that apply) ☒  Credit Card Credit Card  Credit Card
       
  ☐  ACH ACH  ACH
       
   Direct Deposit Direct Deposit  Direct Deposit
       
   Other  Funded by Other  Government Check
      Other
Cash Load Networks
(Will load networks be utilized to reload the card? List all applicable load networks).
 Green Dot ☒  Vanilla  MoneyGram
     
 Western Union ☐  Other  
Direct Deposit Account #  Card Number  Pseudo DDA  
Special considerations in regards to funding & settlement.  

 

This document is confidential to Sutton Bank and may not be used, copied or disclosed without express prior written consent of Sutton Bank

Page 7

 

 

Program Name: Cuentas Program

 

Program Manager: Cuentas

MC Consumer Funded GPR Prepaid

Processor: InComm

Date: 1/15/2019

 

SECTION 8 – CARD FUNCTIONALITY AND ATTRIBUTES

  

  Transaction Type(s) Distribution Method(s)
  ☒  POS (Signature) Transactions  Mailed to Cardholder
     
   PIN Transactions at POS  Instant Issued from Bank Approved
    Distribution Point or Retail Location
   ATM Transactions  
    Personal Identification Number (PIN)
  Embossing  Obtained through IVR
  Embossed Account Number  
     Cardholder will set at activation via mobile app
  Personalized NOTE: Program Manager would like this functionality but mobile app and program manager are not PCI certified.
   
Functionality and Attributes  4th Line Embossing
(Check all that apply)    
  Explain Additional Information
     Cards are Reloadable
   Expiration Date  
     Funds are the Cardholder’s
     
     Funds are a Corporation’s
     
     Cardholders Can Access Funds After Expiration?
     Yes
     No
  'Valid Thru' - Card Expires on a Defined Date
     
Expiration Date Expiration 36 Month  
  If Other – Explain

 

This document is confidential to Sutton Bank and may not be used, copied or disclosed without express prior written consent of Sutton Bank

Page 8

 

 

  SECTION 9 – CARDHOLDER FEES

 

  Fee Name Fee Amount Per
       
  Card Issuance/Activation $3.75 One-time
       
  Monthly Fee $3.75 Month
       
  Domestic ATM Withdrawal $ 1.50 Transaction
       
       
  Intl ATM Withdrawal $3.75 Transaction
       

List All Cardholder Fees for the Program

ATM Decline Fee $0.50 Transaction

(The bank will ensure that no onerous fees

OTC Cash Withdraw $1.50 Transaction
are being charged to the cardholder with      
particular sensitivity behind the Vanilla Direct Reload $3.95 Transaction
cardholders’ free and clear access to      
obtaining information regarding their C2C Xfer Live Agent $3.75 Transaction
account or disputing charges). Bal Inquiry Live Agent $0.75 Transaction
       
  Bal Inquiry IVR $0.75 Transaction
       
  Paper Statement Fee $3.75 Transaction
       
  Replacement Card $5.00 Transaction
       
  Expedited Rpl Card $15.00 Transaction
       
  Balance Liquidation $7.00 Transaction
       
  Foreign Currency Fee $ 3.0% Transaction
       
  ☐ Check here if additional fees apply and attach fee table
   

Is there a fee to purchase the card?

☒ Yes ☐ No   
 

If yes, how will this fee be collected?

 
     
 

One-time card activation fee will be deducted from initial amount added to card

 

This document is confidential to Sutton Bank and may not be used, copied or disclosed without express prior written consent of Sutton Bank

Page 9

 

 

Program Name: Cuentas Program

Program Manager: Cuentas

MC Consumer Funded GPR Prepaid

Processor: InComm

Date:1/15/2019

  

SECTION 10 – MARKETING, SALES AND DISTRIBUTION PROCESSES

 

Target Market   Underbanked/Underserved Hispanic
     

Describe the Marketing Channels

(Identify the marketing channels that will advertise this product. Include any 3rd-party marketing relationships. Program Managers must have a direct contractual relationship with the marketer).  

 

Marketing channel #1 – SDI Next Distribution  

 

Cuentas is currently selling 3rd party gift cards and mobile phone top-ups through its 51% owned subsidiary SDI Next Distribution (“SDI Next”). The SDI Next distribution network consists of approximately 31,600 individual retail establishments known as “bodegas” that typically serve immigrant neighborhoods. A select group of 3rd party gift cards and mobile phone top- ups are currently being offered with aggressive expansion planned for 2019. Each location will have In-store electronic advertising, POP advertising materials and select giveaway products. The Cuentas GPR card will be offered starting in 2019 utilizing similar direct advertising with additional training to retailers so their employees will promote Cuentas to earn Spiffs and rewards.  

 

Marketing channel #2 – SDI Black 011 direct marketing  

 

The minority partner in SDI Next is also the parent company of SDI Black 011, a prepaid long-distance telecom company that provides services mainly to immigrants and their families. SDI Black currently has over 1 million customers who have Opted-In to receiving text messages and emails regarding third party products. This demographic is an ideal target population for all Cuentas products and service offerings.  

 

Marketing channel #3 – Tel3 direct marketing  

 

Tel3 is a wholly owned subsidiary of Cuentas and is a prepaid long-distance company that provides telecom services mainly to immigrants and their families. Tel3 had been in the market for over 20 years and currently has about 50,000 customers who have Opted-In to receiving text messages and emails regarding third-party products. This demographic is an ideal target population for all Cuentas products and service offerings.  

 

Marketing channel #4 – All American direct marketing  

 

All American is a wholly owned subsidiary of CIMA, the parent company of Kinetik, the company working to integrate the mobile wallet into the Cuentas platform. CIMA and Kinetik are scheduled to develop a “Related Party” relationship with Cuentas due to an existing Letter of Intent that represents the desire of both companies to share technology and equity positions related to the Cuentas project. All American is a prepaid long-distance company that provides telecom services mainly to immigrants and their families. All American currently has about 120,000 customers who have Opted-In to receiving text messages and emails regarding third-party products. This demographic is an ideal target population for all Cuentas products and service offerings.

  

This document is confidential to Sutton Bank and may not be used, copied or disclosed without express prior written consent of Sutton Bank

Page 10

 

 

Program Name: Cuentas Program

Program Manager: Cuentas

MC Consumer Funded GPR Prepaid

Processor: InComm

Date: 1/15/2019

 

   

Marketing channel #5 – Radio station advertising

 

Cuentas has been introduced to Spanish Broadcasting System, Inc. (SBS), a Miami- based company that owns and operates radio stations located in the top U.S. Hispanic markets of New York, Los Angeles, Miami, Chicago, San Francisco and Puerto Rico, airing the Tropical, Regional Mexican, Spanish Adult Contemporary, Top 40 and Urbano format genres. SBS also operates AIRE Radio Networks, a national radio platform of over 250 affiliated stations reaching 94% of the U.S. Hispanic audience. SBS also owns MegaTV, a network television operation with over-the-air, cable and satellite distribution and affiliates throughout the U.S. and Puerto Rico.

 

Marketing channel #6 – 3rd-party supplier advertising and promotion

 

Cuentas currently sells several 3rd-party products through SDI Next locations and will benefit from advertising and promotion from these suppliers. Amazon has recently reviewed, “scrubbed” and approved all of SDI Next’s 31,600 bodegas for distribution of Amazon Cash prepaid products and these locations will be promoted by Amazon when consumers want to find locations that sell Amazon Cash. Cuentas is currently authorized and selling Microsoft Xbox, Sony Playstation and other 3rd-party gift cards.

 

Marketing channel #7 – Internet & Social media marketing targeting Hispanics

 

Cuentas will utilize Internet & Social media marketing towards the Hispanic population wherever SDI Next locations are found.

 

Marketing channel #8 – Nationwide top-level advertising agency

 

Crispin Porter & Bogusky (CP&B) developed the branding and market strategy for Cuentas. CP&B is a 4% shareholder in Cuentas.

Describe the Sales Process

(Describe how the cardholder applies for or obtains the card).

 

Cardholders will request for a card through the Cuentas Mobile App. In a subsequent phase, starter cards (anonymous/non-reloadable) will be sold in retail locations. Cardholders then come to the mobile app and register their starter card to obtain a permanent card.

Describe Customer Identification Program (Describe what form of ID will be used to verify cardholder information prior to card issuance and the process for capturing the information. Program must comply with Sutton Bank’s CIP).  

Sutton’s standard CIP scorecard will be used to authenticate cardholders and Cuentas will use Sutton’s IDology enterprise license. Standard CIP scorecard information will be entered by the cardholder into the Cuentas mobile app, which has an API to Sutton’s IDology enterprise system. EDD will be done with IDology’s ExpectID documentary authentication system, which requires the cardholder to upload a photo of a government issued ID along with a facial picture (selfie).

Describe Cardholder Verification Method (Describe what tools will be used to verify cardholder information as well as the verification process).   IDology and the ExpectID documentary authentication system.

 

This document is confidential to Sutton Bank and may not be used, copied or disclosed without express prior written consent of Sutton Bank

Page 11

 

 

Program Name: Cuentas Program

Program Manager: Cuentas

MC Consumer Funded GPR Prepaid

Processor: InComm

Date: 1/15/2019

 

Describe Cardholder Storage Method (Describe the tools used to store and secure cardholder

information. Confirm whether a 3rd-party database contains the cardholder info).

  Stored on InComm’s platform.
     

Describe the Fulfillment

Process

(Describe how the cardholder receives the card following the application process. For retail card programs, specify the plastic storage, management and fulfillment process as well as the overall cardholder and sales representative experience).

 

For daily fulfillment, the card fulfillment file is transmitted by secure FTP to the fulfiller each business day by 8:00am CST. The respective components specific to the order are pulled from inventory held in a secure vault. The card and carrier are personalized, assembled, and staged for shipment. Shipment is either by USPS or FedEx. Plastics must be stored in a vault that has been approved by the Association. Retail cards are stored in the InComm warehouses and are shipped to retailers based upon store level inventory thresholds.

     

States of Issuance

  All 50 states.
     

Card Activation

 

☒  IVR  ☐ Web ☒  Point-of-Interaction   ☐ Other

 

POI activation only for retail starter cards

If other, explain.

     

Describe Card Activation

Process

(Describe receipt and activation of card).

 

During card registration, the cardholder will set a “registration code” to be used when activating their received card. Once the physical card has been received by the cardholder, they will call into the IVR using the number listed on the activation sticker on the card. The IVR will have an option to “Activate Card” and they will enter the card number, expiration date, and CVV from the card. They will then be prompted to enter the “Activation code” they set during the card ordering process. If all is validated, then the card will be activated. Once active, the cardholder will be told to set their transaction PIN via the IVR

     

Companion Card

(Will a companion card be available)?

 

☐   Yes  ☒  No

 

If yes, explain who is eligible to receive the card and how it will be issued to the companion.

 

This document is confidential to Sutton Bank and may not be used, copied or disclosed without express prior written consent of Sutton Bank

Page 12

 

 

Program Name: Cuentas Program

Program Manager: Cuentas

MC Consumer Funded GPR Prepaid

Processor: InComm

Date: 1/15/2019

 

SECTION 11 – CARD PROCESS

 

Provide a step-by-step process outlining how the cards are ordered, produced and fulfilled. **All parties having access to the plastics must be a certified vendor for the respective Association (Visa, MasterCard, or Discover).

 

 

This document is confidential to Sutton Bank and may not be used, copied or disclosed without express prior written consent of Sutton Bank

 

Page 13

 

 

Program Name: Cuentas Program

Program Manager: Cuentas

MC Consumer Funded GPR Prepaid

Processor: InComm

Date: 1/15/2019

 

SECTION 12 – CARD SECURITY

 

Restrict Usage of Prepaid

Funds at Anytime

 

☒  Yes       ☐  No

 

If yes, explain. Retail starter cards restrict cash access until card has been fully registered. MCC restrictions below and standard International country blocks.

     

Fraud and Velocity Monitoring

(Describe the type of fraud and velocity monitoring in place for this program. List who implements the process and what software is used).

 

The primary transaction velocities that are monitored include:

●     all instances where loads (excluding ACH) are followed by cash withdrawals within 24 hours

●     excessive card-to-card (C2C) transfers (in and out)

●     transactions that break program limits (max daily spend, etc.)

●     all merchandise returns without a prior matching spend transaction

     

Card Controls

(Describe the controls in place regarding numbers of cards issued to one person).

  The platform will only allow a maximum of 5 accounts to be issued to a single registered identification number (SSN) across all programs InComm hosts on its platform and a maximum of 3 accounts with the same identification number on the same program (i.e. Cuentas)
     

PIN Delivery

 

PIN is via a call to the IVR. The cardholder will set an activation code at registration that will be used to activate the physical card when received.

Once the card is successfully activated the cardholder is informed in the app to call the IVR number to set their transactional PIN.

 

For starter cards sold in retail, cardholders will set their transaction PIN at first use at the POS. The PIN they use on that first transaction is what is set as the PIN.

     

Card Destruction

(Describe how card are destroyed).

  Network protocol.
     

 

 

Merchant Category Code

Restrictions

(List any restrictions based on

Merchant Category Code).

 

6211: Security Brokers/Dealers

7273: Dating/Escort Services

7297: Massage Parlors

7995: Betting/Casino Gambling

6051: Non-FI, Money Orders

4829: Wires, Money Orders

7800: Government Owned Lotteries

7801: Government Licensed Online Casinos (Online Gambling)

7802: Government Licensed Horse/Dog Racing

     

ATM Usage

(List restrictions based on ATM

usage).

 

ATM access is restricted only for non-verified starter cards. For verified permenant cards ATM usage is only restricted based on velocity limits.

 

This document is confidential to Sutton Bank and may not be used, copied or disclosed without express prior written consent of Sutton Bank

Page 14

 

 

Program Name: Cuentas Program

Program Manager: Cuentas

MC Consumer Funded GPR Prepaid

Processor: InComm

Date: 1/15/2019

 

SECTION 13 – COLLATERAL MATERIALS

 

Cardholder Communication   Marketing Materials
       
  ☒  Card Stock   ☒  Radio Advertising
       
  ☒  Terms and Conditions   ☐  Television Advertising
       
  ☒  Card Carrier   ☒  Internet Advertising
       
Collateral Materials ☐  Plastic Inserts   ☒  Print Advertising
(Check all that apply)      
  ☐  Paper Statement   ☐  Cardholder Applications
       
  ☐  Statement Inserts   ☐  Sales Presentations
       
  ☒  Activation Labels   ☐ Sales Brochure
       
  ☐  Other   ☒ Sales J-Hooks
       
    ☒  Other
  If other, explain.        Mobile App Screens
         If other, explain.
       
  IVR   Web Site /Mobile App
       
  ☒  Balance Inquiries   ☒  Balance Inquiries
       
  ☒  Transaction History   ☒  Transaction History
       
Customer Service Contact ☒ Load Value Information   ☒  Load Value Information
Information (Check all that apply)      
  ☒  PIN Change   ☐  PIN Change
       
  ☒  Lost/Stolen   ☐  Add Users
       
  ☒  FAQ   ☒  FAQ
       
  Transfer to Cuentas Long Distance/App Support Other   Other

 

This document is confidential to Sutton Bank and may not be used, copied or disclosed without express prior written consent of Sutton Bank

 

Page 15

 

  

Program Name: Cuentas Program

Program Manager: Cuentas

MC Consumer Funded GPR Prepaid

Processor: InComm

Date: 1/15/2019

 

  Live Agent    
  ☒  General Inquiries   ☒  FAQ
       
  ☐  Add Users   ☒  Balance Reimbursement
       
  ☐  Load Value   ☐  PIN Change
       
  ☒  Chargeback Disputes   ☒  Lost/Stolen
       
  Other    

  

This document is confidential to Sutton Bank and may not be used, copied or disclosed without express prior written consent of Sutton Bank

 

Page 16

 

 

Program Name: Cuentas Program

Program Manager: Cuentas

MC Consumer Funded GPR Prepaid

Processor: InComm

Date: 1/15/2019

 

SECTION 14 – THIRD-PARTY RELATIONSHIPS

 

Outline below any third-party relationships associated with supporting this card program (some of the more common services are provided). The Program Manager must have a direct contractual relationship with each third-party service provider. All third-party relationships, including distributors, must be approved by and registered with Sutton Bank.

 

Issuing Transaction

Processor

 

InComm

Company Name

 

Primary Contact                                                                   Phone

 

Comments

     

IVR

 

InComm

Company Name

 

Primary Contact                                                                   Phone

 

Comments

     

Live Agent Customer

Support

 

InComm

Company Name

Jeff Sheldt                                                                   (770) 240-6128

Primary Contact                                                                   Phone

 

Comments

     

Dispute Process

 

InComm

Company Name

Skeet Rolling                                                                   (678) 921-5342

Primary Contact                                                                   Phone

 

Comments

     

Plastic Manufacturer

(If not provided by Processor)

 

Valid, CPI or Fiserv

Company Name

Chanda Wicker (InComm)                                                     678-919-7489

Primary Contact                                                                           Phone

Vendors managed by InComm. Please contact InComm

Comments

     

Fulfillment

(If not provided by Plastic

Manufacturer)

 

CPI or MT&L

Company Name

Chanda Wicker (InComm)                                                      678-919-7489

Primary Contact                                                                            Phone

Vendors managed by InComm. Please contact InComm

Comments

     

ACH Origination Services

(If not provided by Processor)

 

Company Name

 

Primary Contact                                                                   Phone

 

Comments

 

This document is confidential to Sutton Bank and may not be used, copied or disclosed without express prior written consent of Sutton Bank

 

Page 17

 

 

Program Name: Cuentas Program

Program Manager: Cuentas

MC Consumer Funded GPR Prepaid

Processor: InComm

Date: 1/15/2019

  

Cardholder Verification Services

(If not provided by Processor)

 

IDology

Company Name

 

Primary Contact                                                                   Phone

Vendor managed by Sutton Bank

Comments

     

Telemarketing

 

Company Name

 

Primary Contact                                                                   Phone

 

Comments

     

Other

(Any other third-party relationship associated with supporting this card program).

 

First Global Data

Company Name

Andre Itwaru, President & CEO                                         416-504-3813

Primary Contact                                                                      Phone

International Remittance Provider

☐  Comments Check here if any other third-party relationships are associated with supporting this card program and attach relevant information.

  

This document is confidential to Sutton Bank and may not be used, copied or disclosed without express prior written consent of Sutton Bank

 

Page 18

 

 

Program Name: Cuentas Program

Program Manager: Cuentas

MC Consumer Funded GPR Prepaid

Processor: InComm

Date: 1/15/2019

 

SECTION 15 – DISTRIBUTORS AND MARKETERS

 

List below any distributors or marketers that will be selling this product. If it is a franchise, list the franchise name and the number of locations offering the product. Program Managers are required to have a direct contractual relationship with each third-party and the distributor or marketer must be registered with Sutton Bank.

 

Knetik, Inc  Distributor   Marketer
  Company Name      
  Third-Party Michael Stewart, VP Product Development 407-221-7131      
  Primary Contact Phone    
  www.knetik.com michael@knetik.com Mobile wallet integrator Comments
         
SDI Next Distribution  Distributor    Marketer
  Company Name      
  Third-Party Primary Contact Phone    
  51% Owned Subsidiary of Cuentas, 31,600 retail locations      
  Comments      
         
SDI Black 011  Distributor    Marketer
  Company Name      
  Third-Party Primary Contact Phone    
  Prepaid Long-Distance Company. Text and Email marketing.      
  Comments      
         
Tel3  Distributor    Marketer
  Company Name      
         
Third-Party Primary Contact Phone    
  Wholly owned subsidiary of Cuentas Comments      
         
  All American  Distributor    Marketer
  Company Name      
     
Third-Party Primary Contact Phone    
  Wholly owned subsidiary of CIMA, parent of Kenetik      
  Comments      
   Check here if any other third-party relationships are associated with supporting this card program and attach relevant information.

  

This document is confidential to Sutton Bank and may not be used, copied or disclosed without express prior written consent of Sutton Bank

 

Page 19

 

 

Program Name: Cuentas Program

Program Manager: Cuentas

MC Consumer Funded GPR Prepaid

 Processor: InComm

Date: 1/15/2019

 

SECTION 16 – VERSION CONTROL

 

Original Fact Sheet Approval

 

Date Comments Author(s)
x/xx/xx   Prepaid Risk Committee

 

Revision History

 

Date Comments Author(s)
x/xx/xx    

  

This document is confidential to Sutton Bank and may not be used, copied or disclosed without express prior written consent of Sutton Bank

 

Page 20

 

 

Exhibit C

 

C uentas, Inc. – Sutton Bank Pricing Proposal

 

COMPENSATION AND EXPENSE

 

1. BANK/COMPENSATION SHARING

 

In addition to absorbing its internal costs associated with sponsorship and oversight of the card program, Sutton will incur two expenses, which will result in compensation paid to Cuentas, Inc. (“Cuentas”). These expenses are net interchange and cardholder fees:

 

Net Interchange

 

Payment made by Sutton to Cuentas of net interchange generated by the card program.

 

NET INTERCHANGE % SHARE WITH COMPANY
All Volumes & Tiers 100%

  

Cardholder Fees

 

Annual load volume targets based on aggregate funds loaded to cardholder account. Settled quarterly.

 

CARDHOLDER FEES   % SHARE WITH COMPANY  
Al Volumes & Tiers     100 %

 

2. EXPENSES OF PROGRAM MANAGER

 

This model is a step-through, tiered model whereby all volumes are calculated at the appropriate tier and then added together to arrive at the total fee. For example, Tier I calculation plus Tier II calculation plus Tier III calculation equals the total payment to Sutton Bank. Load Volume tier levels shall be calculated on an additive basis inclusive of all of Cuentas’ programs issued by Sutton Bank. cumulative basis.

 

Load Volume Fee

 

Fee leveraged on funds loaded to cardholder account. Settled monthly.

 

MONTHLY LOAD VOLUME   FEE  
Tier I: < $50,000,000     0.19 %
Tier II: $50,000,000 - $150,000,000     0.17 %
Tier III: $150,000,000 - $250,000,000     0.15 %
Tier VII - > $250,000,000     0.12 %

 

Compliance Fee

 

Fee leveraged on funds loaded to cardholder account. Settled monthly. Consumer Program is a program that requires KYC/CIP validation.

 

MONTHLY LOAD VOLUME   COMMERCIAL PROGRAM FEE     CONSUMER PROGRAM FEE  
Tier I: < $50,000,000     0.01 %     0.03 %
Tier II: $50,000,000 - $150,000,000     0.01 %     0.03 %
Tier III: $150,000,000 - $250,000,000     0.01 %     0.03 %
Tier VII - > $250,000,000     0.01 %     0.03 %

 

Program Setup Fee

 

Fee for each program initiated by Sutton for Cuentas. Settled as occurs.

 

CARD PROGRAMS   PER PROGRAM SETUP FEE  
Initial Program   $ 0  

  

Proprietary & Confidential

Page 1 of 2

 

 

Cuentas, Inc. – Sutton Bank Pricing Proposal November 25, 2018

 

All Subsequent Programs   $ 5,000  

 

Implementation Fee

 

Fee paid by Cuentas to Sutton at execution of Sponsorship Agreement:

 

IMPLEMENTATION   FEE  
Initial Implementation   $ 25,000  

 

Pass Through Expenses

 

Expenses that Sutton passes on to Cuentas as actual costs and without mark-up. Settled as occurs.

 

PASS THROUGH EXPENSE   AMOUNT
Compliance/Audit (Cuentas Specific actuals)   Direct Pass Through
Annual privacy mailing (Cuentas Specific actuals)   Electronic – Free // Paper – Pass Through
Network Assessments (Cuentas Specific actuals)   Direct Pass Through From Associations

 

1. It is Sutton’s preference that Cuentas provide cardholders with the Cuentas and Sutton privacy policies together on an annual basis.

 

 

 

 

Proprietary & Confidential

Page 2 of 2

 

 

 

Exhibit 99.2

 

 

Cuentas Partners with Sutton Bank as Issuer for Financial Card

 

Financial Technology Thought Leader to Act as Issuing Bank for Cuentas’ Breakthrough Comprehensive Financial Solution for the Unbanked U.S. Latino Community

 

MIAMI – July 1, 2019 – Cuentas, Inc. (CUENTAS) (OTCQB: CUEN), a leading FinTech provider of mobile banking and payment solutions serving Latino and Hispanic consumers, has partnered with Sutton Bank, a leading bank servicing financial technology companies nationwide, as the issuing bank for Cuentas’ soon to be launched FinTech card.

 

Sutton Bank is an Ohio Chartered FDIC insured bank, which was recently named a top 15 issuer (ranked #11) in the July 2018 Nilson Report. Sutton Bank is continuing to evolve and deliver an exceptional full suite of payment services to its clients. Beyond issuing, Sutton Bank offers a vast array of additional programs and ancillary services to aid in running a smooth, successful payments program.

 

“Sutton Bank is pleased to launch this product with Cuentas for the Latino community. Giving consumers more choices in their banking relationships, enabling millions of Americans to have a product with parity to traditional style checking accounts and more opportunities to spend and receive funds than ever before,“ said Jeff Lewis, Senior Vice President-Payments and Prepaid of Sutton Bank.

 

The Cuentas debit card is a soon to be launched, comprehensive solution for the 20 million strong unbanked U.S. Latino community, uniquely enabling access to the U.S. financial system to those without the necessary paperwork to bank at a traditional financial institution. This proprietary general-purpose reloadable card provides an FDIC insured bank account with international remittance, bill pay, ATM, direct deposit, cash reload and mobile banking capabilities, among other key features.

 

“We are pleased to announce our strategic partnership with Sutton Bank, a clear thought leader in the payments industry, as the issuing bank for our upcoming Cuentas FinTech Card,” said Arik Maimon, Chief Executive Officer of Cuentas. “The attainment of an issuing bank was a key milestone as we move towards the initial launch of the Cuentas Card in New York City in the third quarter of 2019. Our partnership with Sutton Bank is representative of our commitment to providing exceptional banking services to the underbanked and underserved Latino and Hispanic communities. I look forward to providing our investors with further updates on our progress as appropriate,” concluded Maimon.

 

About Sutton Bank

Sutton Bank is an Ohio based independent, community bank. Celebrating 140 years of serving our community, where Old-Fashioned innovation takes your Payments further.

 

Sutton Bank is a top-performing community bank, as recognized by the Independent Community Bankers of America. Sutton Bank is also is invested in payments as a core product, with strong partnerships in the prepaid payments space. One of the earliest banks in prepaid, Sutton offers flexible, customizable card programs with unique functionality, and responsiveness. For more information on Sutton Bank, please click here.

 

About Cuentas, Inc.

Cuentas, Inc. (OTCQB: CUEN) is a FinTech service provider with proprietary technology to provide solutions for the underbanked and un-bankable Hispanic and Latino population. Its’ disruptive services include, but are not limited to, mobile banking, online banking, prepaid debit, bill pay, ACH and mobile deposits, cash remittance, peer to peer money transfer, and bank accounts to customers who previously could not obtain bank accounts. The proprietary Cuentas General Purpose Reloadable (GPR) Card provides holders with digital wallets, discounts for purchases at major physical and online retailers, free telecom, and the ability to purchase digital content. The card will be available in over 31,000 bodegas. For more information, visit www.cuentas.com

 

Forward-Looking Statements

This news release contains "forward-looking statements", as that term is defined in section 27a of the United States Securities Act of 1933, as amended, and section 21e of the United States Securities Exchange Act of 1934, as amended. statements in this news release, which are not purely historical, are forward-looking statements and include any statements regarding beliefs, plans, expectations or intentions regarding the future. Except for the historical information presented herein, matters discussed in this news release contain forward-looking statements that are subject to certain risks and uncertainties that could cause actual results to differ materially from any future results, performance or achievements expressed or implied by such statements. Statements that are not historical facts, including statements that are preceded by, followed by, or that include such words as "estimate", "anticipate", "believe", "plan" or "expect" or similar statements are forward-looking statements. Forward-looking statements contained in this news release include statements relating to other publicly available information regarding the company.

 

Investor Relations:

Chris Tyson

Managing Director

MZ North America

949-491-8235

CUEN@mzgroup.us

 

Cuentas, Inc.

investor@cuentas.com

+1-800-611-3622