Menu

Apiture Service Terms

Last Updated: 01-June-2022

The Service Terms below are subject to the terms and conditions of the Master Services Agreement, SaaS Order or other agreement with Apiture (collectively, the “Agreement”) and govern the use of certain Apiture supported Services as of the Effective Date of the SaaS Order or other applicable digital banking Agreement with Apiture. By using the Services, you agree to be bound by the terms of these Service Terms. Capitalized terms used in these Service Terms but not defined below are defined in the Agreement. For purposes of these Service Terms, Institution understands and agrees that the obligations of Apiture with respect to the provision of the Services described in these Service Terms may be performed by a Third Party Provider contracted by Apiture to provide such services and Apiture disclaims any liability for the actions or omissions of its Third Party Providers; provided, however, Apiture shall use commercially reasonable efforts to enforce the terms of its agreement with the Third Party Provider in the event of a breach, failure to perform or otherwise for unsatisfactory performance. In the event of a conflict between these Service Terms and the terns of the Agreement, these Service Terms shall control with respect to the individual Service. These Service Terms may be modified by Apiture from time to time in its sole and absolute discretion, however, no modification of these Service Terms, except for those required to maintain compliance with Legal Requirements, will be binding until the Parties execute an amended or restated SaaS Order, Addendum, Schedule or Apiture otherwise provides written notice to Institution.

PART I: Institution Terms

Universal Terms
Institution will not create and will ensure no third party creates derivative works of or attempts to reverse engineer or recreate any of the products or services set out in these Service Terms by any means (whether by discovering or recreating underlying ideas, interface techniques, processes, or algorithms or by copying, modifying, translating, decompiling, or disassembling) or make any other attempt by any means to discover or obtain the source code or other proprietary information included in the Services, Apiture Systems, Software, Documentation or Third Party Provider products, systems, or any related service, other than the limited rights expressly granted in the Agreement. Institution will not and will ensure no third party directly or indirectly copies the Services, Apiture Systems, Software, Documentation or Third Party Provider products or systems, except as technically necessary to access and use the Services and Third Party Services in accordance with the Agreement and these Service Terms. Institution will not modify and will ensure no third party modifies the Services, Apiture Systems, Software, Documentation or Third Party Provider products or systems and will not remove, alter, cover, or obfuscate any proprietary rights notices therefrom. Institution will not conduct and will ensure no third party conducts penetration testing, load testing or vulnerability scans of any Third Party Provider products, systems or services without Apiture’s prior written consent. Institution will not attempt and will ensure no third party attempts to circumvent or disable any of the security features of the Apiture Systems or any Third Party Provider products or systems. Institution will not provide the Apiture Systems, Services, Software or Third Party Provider products or systems to any third party as a time-sharing service, service bureau, or consortium. Institution will neither disclose the results of any benchmarking of the Services, Apiture Systems, Software, Documentation or Third Party Provider products or system nor use such results for its own competing software development activities, without the prior written permission of Apiture.

  1. Bill Payment and Presentment Universal Terms
    1. Institution agrees, and agrees to require its Users (including business users), to use and receive the bill pay, bill presentment and related Services under this Section (Bill Pay Services) in accordance with Apiture’s and its Third Party Provider’s then-current terms and conditions, which will be presented in conjunction with the User registration process or otherwise upon written request.
    2. Institution shall indemnify Apiture and its respective Third Party Providers from, defend and hold each harmless from any loss, claim or liability incurred by Apiture or its respective Bill Pay Service Third Party Provider from Institution’s breach of its obligations to secure a User Agreement with each User in accordance with the Agreement. Compliance with Federal Reserve Bank Regulation E is the Institution’s responsibility.
    3. Institution shall provide content for any Bill Pay Service web subsite to Apiture in HTML format or will pay for such conversion of content to HTML at Apiture’s then-current hourly rate or at an otherwise agreed to, project-specific, price. Institution is responsible for providing all content in accordance with Third Party Provider development guidelines for the web subsite. Institution agrees that Institution-branded webpages for the Bill Pay Service, together with associated URLs and web addresses and the design elements and features for the webpages remain the exclusive property of Apiture and/or its Third Party Provider(s). Institution represents and warrants that it holds a valid copyright or license to any and all text and images it supplies for display on its Institution-branded webpages for the Bill Pay Service. Institution grants Apiture (and its Third Party Provider, if any) a non-exclusive, royalty-free license to display the text and images on the World Wide Web for this purpose for so long as the Agreement is in effect.
    4. Institution will provide Apiture with 90 days’ prior written notice of any material changes to its systems, and 20 days’ prior written notice for any minor changes requiring regression testing or testing of bill payment files.
    5. Subject to the terms in these Service Terms and the Agreement, Institution grants to Apiture and its Third Party Provider the non-exclusive right to use any Institution or User provided data to improve and enhance the Bill Pay Services or other services to Institution as well as develop data analytics models to produce analytics-based offerings that will be the sole and exclusive property of Apiture or Apiture’s Third Party Provider, as the case may be; provided, however, that this does not mean that Apiture or Apiture’s Third Party Provider is claiming any ownership of the underlying Institution or User provided data, which remain the property of the respective owners of such.
    1. CheckFree Bill Payment, Presentment and Fraudnet (Retail Consumer and Business)
      1. When Users initiate a bill payment or bill presentment transaction through the Services, Institution acknowledges and agrees that the User’s Account will be debited via an Automatic Clearing House (ACH) debit or draft.
      2. Institution will provide to Apiture and its Third Party Provider, for the purpose of testing, certification and other non-production services or activities solely related to the Bill Pay Services, at no charge to Apiture or the Third Party Provider and at Institution’s cost and expense, such access to the Institution’s systems as may be reasonably required to perform the Bill Pay Services or supportin activities. Institution will obtain, at Institution’s cost and expense, any necessary third party authorizations or consents necessary for Apiture and its Third Party Provider to use and execute any Institution systems to the extent reasonably required to perform the Services. Notwithstanding anything to the contrary in the Agreement, Apiture shall not be required to use or execute any Institution system if Apiture reasonably believes that the use or execution of such Institution system would constitute an infringement of the intellectual property rights of any third party.
      3. The Third Party Provider will have the right, in its sole discretion, to deny Bill Pay Services to any User that has not completed the required user registration process or indebted to the Third Party Provider in connection with other bill payment services or transactions, including, but not limited to, services provided through another financial institution. Apiture will notify Institution via e-mail the following business day of any application concluding in a denial of service.
      4. Institution shall maintain editorial control over and be solely responsible for maintaining its web site and providing access through it to the Services and shall be solely responsible for regulatory compliance of its web site and its functionalities with all applicable federal, state and local laws, rules, and regulations.
      5. Institution shall provide copyright attribution to Apiture’s Third Party Provider as creator and designer of the web subsite and graphical user interface by preserving the Third Party Provider’s copyright legends wherever appropriate based on the unique and specific nature of the web subsite.
      6. Institution shall be responsible for registering and maintaining registration of its Internet domain name address.
      7. The risk override or similar feature allows Institution to provide and to permit its Users to override Apiture’s Third Party Provider’s risk processing rules, and to assign a modified risk limit for that User, be it above, below, or the same as Apiture’s Third Party Provider default limit specified on the Third Party Provider’s system. In utilizing and allowing the risk override or similar feature, Institution acknowledges and agrees that it is financially responsible for and guarantees the full dollar amount of transactions that such User or other users transact through all impacted Bill Pay Service(s) within the risk limits selected by Institution or its User without any financial contribution from Apiture or its Third Party Provider, and agrees to fund Apiture or its Third Party Provider the full amount of transactions up to the modified risk limit regardless of the availability of funds in such User’s account. Notwithstanding the foregoing, if any risk override or similar feature has been invoked for a User for at least one transaction type, but a risk limit has not been specified for other transaction type(s), then Institution will still be financially responsible for the full amount of all transactions of all types, up to the default risk limit established by Apiture’s Third Party Provider risk processing rules regardless of the availability of funds in such User’s account.
      8. The Institution hereby accepts the risk for, as well as any fraud and chargebacks associated with, any and all User enrollments and transactions in the Bill Pay Services and shall additionally indemnify and hold harmless Apiture from any and all liability, including reasonable attorneys’ fees, arising from the failure of the User to have adequate funds available as a result of fraud or otherwise, including but not limited to any liability Apiture may incur to the Third Party Provider as a result of the User’s use of the Bill Pay Services.
      9. Institution will use commercially reasonable efforts to make corresponding changes to its systems to use the then-current release of the applicable Bill Pay Service, but in any case, will not be on any release of the applicable Bill Pay Service after such release is discontinued by Apiture’s Third Party Provider. Each release of the Bill Pay Services will be provided for at least 24 months after making such release generally available to Apiture’s clients of the applicable Bill Pay Service. Apiture will inform Institution at least 2 months prior to discontinuing a release of the Bill Pay Services, unless required to discontinue earlier for security or legal reasons. If Institution is in violation of the first sentence of this section, then Apiture and its Third Party Provider reserve the right to upgrade Institution to a release of the Bill Pay Services that complies with such sentence. All feature packs for the Bill Pay Services are mandatory and will be placed into production when made generally available to all Apiture clients for the applicable Bill Pay Services, with the sole exception of any specific functions within a feature pack that require a separate written agreement between Apiture and Institution for any fees for such function.
      10. Apiture’s Third Party Provider shall be responsible for Transaction Losses (defined below) solely to the extent that the debit of a User’s account for the transaction was returned for an insufficient available balance from the User regardless of funding method (e.g., NACHA Reason Codes R01 (Insufficient Funds) or R09 (Uncollected Funds)), but not if due to a closed or frozen User account or due to an unauthorized or fraudulent transaction. Apiture’s Third Party Provider will have the right to collect funds against such Transaction Losses for which it is responsible. Institution shall be responsible for all other Transaction Losses regardless of the amount or circumstance of the Transaction Loss. Without limiting the preceding sentence, Institution will research complaints that it receives from any User that an unauthorized transaction has occurred through the Bill Pay Services, and for funding any Transaction Losses or other amounts due Users or another party resulting from such unauthorized transaction. As part of the Bill Pay Services, neither Apiture nor its Third Party Provider is in any way responsible for authenticating User credentials for access to the Bill Pay Services. Institution acknowledges that with respect to the Bill Pay Service transactions, Institution or its User is the originator under the ACH Operating Rules. Institution, Apiture and its Third Party Provider agree to notify one another in the event of fraud being investigated by either party as it relates to the Bill Pay Services; such notification should be made within 2 business days of the party learning of the issue. In the event notice is prohibited by law enforcement or another government entity, then Institution will provide notice to Apiture as soon as practicable or permissible thereafter. “Transaction Loss” is a loss that occurs because the associated Bill Pay Services transaction was rescinded as unauthorized or has been returned and is un-collectable.
      11. Institution agrees to work in a commercially reasonable manner with Apiture’s Third Party Provider’s customer care center for first tier customer support for Bill Pay Services. Institution and Apiture’s Third Party Provider shall establish clear escalation criteria and processes whereby the Third Party Provider’s customer care may transfer, escalate, or turn over User related questions which do not directly deal with Bill Pay Services back to the Institution. These areas include, but are not limited to, technical and application support, general banking or bank account questions. Institution must use the Third Party Provider’s customer care system for any escalation by placing claim in urgent status. If expectations are still not met, Institution must contact the Apiture relationship contact. The Third Party Provider will provide management of merchant relationships; manage the Third Party Provider’s merchant database, process payments as instructed by Institution and its User, and will research payment posting discrepancies with the payees and use commercially reasonable efforts to support problem resolution in accordance with the Third Party Provider’s then-current standard practices.
      12. Neither Apiture nor its Third Party Provider is responsible for any risk (including without limitation, any User claims) associated with services which Institution requests that Apiture or its Third Party Provider copy a User account to a different account.
      13. Institution acknowledges that with respect to services transactions resulting in ACH Payments, Institution is the Originator under the NACHA Rules (defined as the National Automated Clearing House Association Operating Rules and Guidelines) for ACH payments that a subscriber submits for processing and Institution will have all responsibilities and liabilities of an Originator under the NACHA Rules for such ACH payments.
      14. Institution and Fiserv will be Third-Party Senders (as defined in the NACHA Rules) with respect to such ACH Payments and will have all of the responsibilities and liabilities of a Third-Party Sender under the NACHA Rules with respect to such ACH payments. Institution will comply with all applicable NACHA Rules and will not originate transactions in violation of any applicable law.
      15. Institution will not itself act as a Third-Party Sender on behalf of any other Originator under the Agreement without Apiture or Fiserv’s prior written consent. Apiture or Fiserv may withhold consent for any reason, including in circumstances in which the Originating Depository Financial Institution (“ODFI”) (as defined in the NACHA Rules) utilized for the Services does not provide consent.
      16. Fiserv will facilitate processing ACH Payments submitted by subscribers by transmitting ACH files to one or more ODFIs that has agreed to originate ACH payments for the Service. Institution authorizes Apiture and Fiserv and the ODFI to originate entries on behalf of Institution to the accounts designated in the Payment Instructions (defined as the information for a payment to be made for the service). When Fiserv receives a Payment Instruction, Institution authorizes Apiture and Fiserv to debit the subscriber’s account for the amount of any such Payment Instruction plus any related fees in effect (and as disclosed by Institution to the subscriber) at the time the subscriber initiates the Payment Instruction, and to remit funds on Institution’s behalf. Institution also authorizes Apiture and Fiserv to credit the subscriber’s account for the receipt of payments, including but not limited to those payments returned from receivers to whom the subscriber sent payment(s) and those payments that were cancelled and returned to the subscriber because the processing of the Payment Instruction could not be completed.
      17. During the term of Institution’s Agreement and for a period of one (1) year following termination or expiration, Apiture or Apiture’s Third Party Provider , the ODFI or an independent third party selected by Institution will be entitled, following reasonable advance written notice to Institution, but not more than once during any calendar year, to audit the books and records of Institution wih respect to verifying compliance with the terms and conditions of this Section. Any such audit will be conducted during regular business hours, and in a manner so as not to unreasonably interfere with Institution’s business operations.
      18. If Apiture or its Third Party Provider reasonably believes that any Services, or an Institution’s or any subscriber’s conduct in using the Services (including without limitation any subscriber intentionally initiating fraudulent or unauthorized transfers, account access or violating any agreement under which it has been provided access to the Services) violates these Service Terms or any applicable laws, rules, regulations or industry standards, or otherwise poses a threat to Apiture’s or its Third Party Provider’s system, security, equipment, processes, intellectual property or reputation (“Threatening Condition”) and if, in the reasonable and good faith determination of Apiture or its Third Party Provider, the Threatening Condition poses an imminent or actual threat (including without limitation regulatory investigation, inquiry or penalty), Apiture or its Third Party Provider may suspend any and all of Institution’s use of the applicable Services until such Threatening Condition is cured. Apiture will promptly notify Institution of such suspension, including the identity of the affected Subscriber(s) as needed, and both parties will use reasonable efforts to cure or cause the correction of the Threatening Condition following such notice. Apiture may terminate Institution’s and/or subscriber’s use of the Services without further requirement of notice if the Threatening Condition remains uncured more than thirty (30) calendar days after Fiserv notifies Apiture and Institution the Threatening Condition.
      19. With Fraudnet with Risk Assist, an alert will be generated for each online bill payment or consumer payment that scores as a suspect payment. The Fraudnet team will monitor and evaluate all alerts and communicate with the bill pay subscriber when required to confirm the payment was submitted by the subscriber. In the event that the Fraudnet team is unable to confirm with the subscriber, Fraudnet will send an alert notification to Apiture and the Institution when these occur.
      20. The Fiserv Checkfree bill discovery service enables the automatic searching, identification, and retrieval of information about a subscriber’s payees and bills based on matching information about the subscriber’s identity. As part of the bill discovery service, a Fiserv-approved consent is required for each subscriber to authorize the access and use of information from the subscriber’s consumer report from a credit bureau, and Fiserv’s biller network to perform the bill discovery service.
      21. Insights Assist is a self-service reporting option that offers the ability for Institution to access and run reports without engaging Apiture or its Third Party Provider. A Subject Area is a group of reporting content with similar data (such as, but is not limited to subscriber activity), presented in one dashboard containing key metrics about the Subject Area, including reports that are pre-developed by Apiture’s Third Party Provider as well as a business objects universe in the dashboard which can be used by Institution to create custom reports. To gain access to a Subject Area Institution must contact Apiture in writing. Institution will then be billed for a minimum of twelve (12) months after enabling each specific Subject Area and will continue to be billed monthly for each such Subject Area until Institution provides 30-day written notice to Apiture to discontinue access to a Subject Area.
      22. The Business Bill Pay Services shall specifically provide the following features and functionality to Business Bill Pay Service Users:
        1. The web subsite will facilitate the transfer of an encrypted account number and PIN data from the Institution’s host system for verification, if required.
        2. Business Bill Pay Service Users can pay anyone from anywhere in the U.S., twenty-four (24) hours a day, seven (7) days a week. Business Bill Pay Service Users can also schedule payments up to one (1) year in advance.
        3. Business Bill Pay Service Users can initiate and authorize payments from their accounts to payees who have selected in advance to receive payments by means of the Bill Pay Service. Business Bill Pay Service Users will have the option of setting up payments as one of two bill payment types. (1) recurring; or (2) single. Recurring payments are payments of a fixed amount paid on a regular time interval, such as, but not limited to, monthly rent or mortgage payments; once a recurring payment is set up by the Business Bill Pay Service Users, the Business Bill Pay Service will automatically execute bill payments according to the Business Bill Pay Service User’s instructions until the Business Bill Pay Service User cancels or changes those instructions. Single payments are payments that vary in amount and/or date, such as, but not limited to, utility or credit card payments. Once a single payment is set up by the Business Bill Pay Service Users individually, the Bill Pay Service will execute the bill payment instructions according to the Business Bill Pay Service User’s instructions for each individual payment.
        4. The Business Bill Pay Service User can select from a pre-defined list of billers to receive electronic bills. Once the Business Bill Pay Service Users has activated the bill delivery service for a biller, the Business Bill Pay Service User will begin to receive future bills electronically within the Bill Pay Service.
        5. Business Bill Pay Service Users are permitted to transfer funds between accounts activated for the Bill Pay Service. The Bill Pay Service will execute such account transfer requests for each individual account transfer request.
        6. The Bill Pay Service provides two-way messaging which allows Business Bill Pay Service Users to send and receive messages regarding the bill payment service from the Third Party Provider’s customer care service.
        7. The Bill Pay Service provides a list of the Business Bill Pay Service User’s payments scheduled and processed.
        8. The Bill Pay Service allows Business Bill Pay Service Users to utilize multiple accounts as activated payment accounts. When scheduling payments, the Business Bill Pay Service User may make a payment from any activated payment account.
      23. Except as set forth in Section 1.1.11 hereof, Institution will be responsible for managing all contact with Business Bill Pay Service Users. This includes but is not limited to, sales, training, implementation, customer care, system support, customer disclosures required by applicable laws, rules and regulations and communications, including but not limited to communicating then-current terms and conditions of Bill Pay Service stipulated by Apiture’s Third Party Provider.
    2. iPay Bill Payment and Presentment (Retail Consumer and Business)
      1. Apiture’s Third Party Provider may decline to provide Bill Pay Services to any Institution whose financial condition is not satisfactory to Apiture or its Third Party Provider in its/their reasonable, sole discretion; provided that should Institution believe its financial condition is suitable for providing Bill Pay Services, Institution will be required to provide a written guarantee from a documented, financially suitable third party (co-signer) of all obligations arising in connection with the Agreement, including payment of all charges for Bill Pay Services and Apiture will provide the Bill Pay Services.
      2. Prior to using the Bill Pay Services, Institution agrees that Users must enroll in the service. Institution is responsible for ensuring that the identity of Users has been authenticated pursuant to “know your customer” requirements and for OFAC screening of Users prior to making the Bill Pay Services available to them. Institution is responsible for the selection and use of user authentication techniques and other security features available through the Bill Pay Services and other sources. Neither Apiture nor its Third Party Provider shall be liable for fraudulent and otherwise unauthorized access to and use of the Bill Pay Service.
      3. The Institution agrees to install with each individual User one or more agreements, which contain, without limitation, (i) the User’s authorization to allow Institution to provide the Bill Pay Services to User; (ii) legally required disclosures; (iii) the User’s authorization for Institution to originate ACH entry debits to the User’s account; and (iv) authorization for Apiture’s and its Third Party Provider to access and retrieve information in the User’s biller accounts. Institution will deliver evidence of those authorizations to Apiture (or its Third Party Provider) upon written request.
      4. For any Institution billing files provided to Institution, Institution is responsible for the timely receipt and posting of the payment file. Cancellations must be complete before the cancellation cut off time.
      5. Payments scheduled prior to the established cut-off time on Business Days will be processed on that day. Apiture’s Third Party Provider processes these transactions and prepares debit files for the Institution to cover funds for bill payment transactions, which the Institution processes through its core system. Institution acknowledges that User payments are remitted through various partners, iPayNet (a proprietary payment gateway), ACH, or by printed check. Apiture’s Third Party Provider seeks to remit payments in the least costly, most efficient manner possible. Institution agrees the User is responsible for scheduling the payments to arrive at the payee no later than the bill’s actual due date by specifying the payment date in the payment instructions. The estimated delivery date is provided as a guide and is not guaranteed. Payments scheduled after the cutoff time or on non-Business Days will be considered entered in the Bill Pay Service on the next Business Day. Institution may cancel payments through the master site prior to the established deadlines.
      6. Whenever a User activates the eBill service for a particular biller, the User will be required to provide information necessary to access the User’s account with such biller, such as login credentials for that biller’s web site. The eBill service will use this information to regularly log into the User’s account at the biller’s site and extract information regarding the User’s most recent statement in order for the eBill Service to present this information to the User in conjunction with the Bill Pay Service. If a User does not have complete and accurate access information for a biller’s site, or if they are unwilling to provide this information to Apiture, then that User cannot use the eBill Service for that biller and Apiture and its Third Party Provider have no liability for any delays or failure to transact with that particular User’s biller. The eBill service is made available only as an integral part of the Bill Pay Services.
      7. The eBills/eBill Presentment Service includes the use of Data Analytics. “Data Analytics” means: (i) monitoring click activity (via tagging) of any eBill landing page that allows an end user to view eBills for an individual biller, and (ii) monitoring click activity (via tagging) of an embedded digital ad graphic so that biller may learn whether an eBill ad graphic appearing on its eBill landing page was clicked by an end user. No account or other personal information shall be collected and the use of the data shall be purely for collecting click events. Institution agrees to (a) provide Apiture written authorization to share anonymized Data Analytics results with iPay, iPay’s third party service providers, their permitted assigns, and their sub-contractors, agents and applicable eligible biller(s), and (b) comply with all applicable state and federal privacy, data security and user tracking laws.
      8. For as long as Apiture offers and supports a Hybrid Risk Model of funding Bill Pay Service transactions, the Institution may elect to process bill payment transactions using the Hybrid Risk Model where electronic payments are debited from the User’s account on the delivery date and all checks are drawn on the User’s account and clear when presented to the payee’s financial institution (Hybrid Risk Model). If Institution elects for the Bill Pay Services to be performed using the Hybrid Risk Model, then Institution agrees it is responsible for and shall indemnify, defend and hold Apiture harmless from claims arising from, the setting of the daily and monthly electronic processing risk limits which applies to electronic payments. Institution acknowledges that electronic payments always pay electronically unless the payment exceeds the risk limit established by the Institution and in that instance the payment is converted to a check for that specific transaction. When a User submits an electronic payment that exceeds the risk limit established by the Institution, the User must be advised by the Institution that the payment needs to be delivered as a check drawn on the User’s account. The User then has the option to either accept a conversion of the payment to check, or to cancel the payment. In addition to the existing payment limits (max transaction cap, email payment transaction cap, and the email payment processing cap), two new User limits are available: a daily maximum and monthly maximum processing dollar amount for electronic transactions. If a scheduled or edited electronic transaction causes either one of the maximums to be exceeded, the Institution acknowledges the transaction will be sent as a check. The Institution is responsible for setting daily maximum and monthly maximum dollar amount payment limits and manages those limits globally or at the individual User level. The existing global or individual User level limits for each electronic transaction and email payment (P2P) will still be validated before the new limits described above are invoked. All electronic payments are subject to the electronic risk limits established by the Institution and when any transaction exceeds the limit, the transaction is converted to a check. Users are notified of this conversion during the online session as the consumer Bill Pay interface prompts the User to provide a remittance address to use for that specific transaction. In addition, Institution may control the decision on Non-Sufficient Funds (NSF) fees and uncollected fees. The Institution is responsible for deciding its risk tolerance per User and setting limits accordingly based on its own assessment of the particular User. Real-time reporting provided by Apiture gives the Institution an opportunity to assess its risk tolerance relating to those Users exceeding established risk limits and thereby gives Institution the power to adjust its Users’ individual risk limits. In using this Hybrid Risk Model, Institution acknowledges that it retains all liability for all unfunded payments. An unfunded payment is defined, for the purpose of these Service Terms, as any electronic bill payment the Institution could not post due to any reason, including, but not limited to: insufficient funds, closed account, frozen account, etc. Check payments are drawn on the User’s account with Institution and the Institution has the option to honor the check and can also assess NSF or uncollected fees to the User. If Institution elects to operate under the Hybrid Risk Model, Institution understands that Institution will not have the opportunity to review and cancel payments.
      9. For as long as Apiture supports and Institution engages in the Good Funds Model of funding consumer/retail Bill Pay Service transactions, the Institution may elect to process bill payment transactions under the Good Funds Model where payments will be held overnight (Good Funds Model). For this funding model, the Institution has the ability to cancel electronic payments within designated timeframes but may not return any debits for electronic bill payments processed. Check payments may be drawn on accounts at Apiture (or its Third Party Provider’s) and settled with the Institution, enabling the Institution to cancel payments before they are paid. Alternately, check payments may be drawn on the User’s account enabling the Institution to clear the item once it is presented to the Institution.
      10. For as long as Apiture supports and the Institution engages in the Funds Verification Model, Apiture’s Third Party Provider is allowed to verify funds’ availability for electronic payments and hard post the debits for bill payments to the User’s account with the Institution on the same day the payment is processed (Funds Verification Model). This Funds Verification Model is only available for Institutions on a Jack Henry & Associates banking core platform (SilverLake, 20/20, or Core Director). Check payments can only be drawn on the User’s account with Institutions having the option to clear the item once it is presented to the Institution. Stop payments may be placed by the User within internet banking. Institution acknowledges that User fees for expedited payments, gift pay or bill pay do not go through the same funds verification process.
      11. Notwithstanding Apiture’s obligations in the Agreement to utilize commercially reasonable information security procedures and encrypt data and accept encrypted data, neither Apiture nor its Third Party Provider guarantees that data submitted through the Internet will be secure from unauthorized access or will be free of errors or omissions due to Internet transmission.
      12. Institution acknowledges that as of the effective date of the Agreement, the Third Party Provider’s data centers are hosted by Jack Henry & Associates, Inc. If, at any time Apiture’s Third Party Provider decides to utilize an unaffiliated service provider for that function then Apiture’s Third Party Provider has the option to do so as long as Apiture is given the opportunity to perform due diligence, including a security risk and technical and operational audit of the new service provider. If Apiture and its Third Party Provider cannot mutually agree on remediation and mitigation if Apiture determines the new service provider exposes Apiture and/or Institution to security or compliance risk, then Apiture may terminate the Bill Pay Services. Institution acknowledges that such termination will be Apiture’s sole remedy for its Third Party Providers substitution of its data center service provider.
      13. Where a User meets the requirements of this Section and a User’s bill payment transaction is not processed or is delayed as the result of an error by Apiture or its Third Party Provider, Apiture or its Third Party Provider will be responsible to the Institution for the amount of any late charges actually incurred by the User up to $50.00 in accordance with the below. Institution and/or User will otherwise be responsible as follows:
        Cause No. Reason for late payment charge Responsible party for paying late charge/penalty
        Apiture or its Third Party Provider User Institution
        1 Lost, cannot determine reason X    
        2 Not processed on date scheduled by User (except to the extent attributable to Causes below) X    
        3 Sent to location other than as provided by User or User’s payee X    
        4 U.S. Mail Delay   X  
        5 Delay by User’s Payee   X  
        6 Intervention by Institution     X
        7 Incorrect entry by Institution     X
        8 Scheduled Incorrect Number of Days Before Due Date   X  
        9 Scheduled Incorrectly   X  
        10 Incorrect Payee or Account Information supplied by User   X  
        11 Fraud   X X

        In the event Apiture or its Third Party Provider is responsible for a late charge/penalty according to the above chart, Apiture (or its Third Party Provider) will either (i) contact the payee to have the late fee/penalty waived or (ii) reimburse Institution for the late fee/penalty, up to Fifty Dollars ($50.00) for each late payment where the User provided Apiture with complete and accurate payment instructions and scheduled the payment to process at least five (5) Business Days prior to the payment due date to allow for proper and timely receipt by the payee. Late fees/penalties will not be reimbursed by Apiture or its Third Party Provider for payments not initiated at least five (5) Business Days prior to the payment due date.

      14. Institution shall be responsible for, and defend, hold harmless and indemnify Apiture, its Affiliates, and any Third Party Provider from against all claims by a User relating to the authorization of Apiture (and its Third Party Provider, if any) to provide Bill Pay Services on behalf of the User as well as the attendant results from the provision of the Bill Pay Services including but not limited to insufficient funds, repudiation of authorization for payment, fraud on the User’s account, and, except as set forth in the preceding paragraph, late fees. Apiture (and its Third Party Provider, if any) will incur no liability because of the existence of any one or more of the following circumstances: (a) if, through no fault of Apiture (or its Third Party Provider, if any), any designated User account from which funds for bill payments are deducted does not contain sufficient funds to complete the transaction and is cancelled by the Institution; (b) the Services are not working properly and the Institution knows or had been advised by Apiture (or its Third Party Provider, if any) through the communication method of its choosing about the problem before the User executes the transaction; (c) the payee to whom an User designates a bill payment to be delivered mishandles or delays processing a payment sent by Apiture (or its Third Party Provider, if any); or (d) a User has not provided Apiture (and its Third Party Provider, if any) with the correct name, address, phone number, or account information for the payee, or a User has not provided Apiture (and its Third Party Provider, if any) with accurate personal information, of a User or has otherwise provided incomplete bill payment instructions.
      15. Institution will notify Apiture as soon as commercially practicable, but in no event later than 1 Business Day, if Institution becomes aware that any user is materially breaching its terms and conditions with respect to the Bill Pay Services. Apiture reserves the right to charge for research time in connection with investigation of disputed payment transactions. Institution remains liable for all fraudulent losses, including chargebacks.
      16. On a daily basis, Apiture’s Third Party Providers’ financial institution will originate an ACH debit entry to Institution to collect the funding for the bill payments initiated by Institution’s Users. Institution may not return such ACH debit entry for any reason. As soon as notice is provided to Institution that any debited funds have been returned, Institution shall immediately wire to a designated account at Apiture’s Third Party Provider’s financial institution on that same day immediately available funds in the amount of any returned ACH debit entry. All bill payment funds held overnight will be held in overnight investment accounts and any interest on such funds will be paid to Apiture’s Third Party Provider as part of its compensation for the Bill Pay Services.
      17. Should an error occur with the Bill Pay Services, if directed by Apiture, Institution will take all steps reasonably necessary to carry out procedures for resolving errors or malfunctions within a reasonable time after such procedures have been received from Apiture and/or its Third Party Provider. Institution is responsible for assisting with returns and exception handling, without limitation, providing Apiture and/or Third-Party Provider with access to User’s information to duplicate and resolve errors. Apiture and its Third Party Providers shall not be responsible for errors caused by Institution, Users, or billers. Apiture reserves the right to charge for research time in connection with investigation of disputed payment transactions.
      18. If Institution purchases Apiture’s Third Party Providers’ Compliance Package, then a daily report of potential OFAC SDN List matches of payees is made available to Institution on the site software. Institution is responsible for reviewing the report daily and determining whether to block any payment transactions.
    3. Metavante Bill Payment and Presentment (Retail Consumer)
      1. Institution will provide any computer and communications hardware and related software required at its location(s) including its own internet access services, for Institution’s use in accessing the administrator module on Apiture’s Third Party Provider’s website via the internet in support of its User and Institution service obligations.
      2. Institution is responsible for migrating existing customer data to Apiture’s Third Party Provider database and the User is responsible for the accuracy of account and other information required for accessing User bills.
      3. Institution agrees to cooperate with Apiture or its Third Party Provider and provide Apiture or its Third Party Provider with all necessary information and assistance required for Apiture and its Third Party Provider to successfully make the Bill Pay Services operational and available to Institution. Institution agrees that Apiture or its Third Party Provider is under no obligation to provide any User with access to the Bill Pay Services unless and until Institution has provided Apiture or its Third Party Provider with all information and documentation required by Apiture or its Third Party Provider for User set-up. Apiture and its Third Party Provider will not have the contractual relationship with Users, and so must rely upon Institution to manage liability and risk issues. Institution will include appropriate provisions in its User Agreements regarding, and shall indemnify Apiture and its Third Party Provider from, defend and hold each harmless from claims arising from: (a) any User’s use of or inability to use the Bill Pay Service, specifically including, without limitation, any User’s claim for late charges or other economic loss or damages arising from the User’s use of the Bill Pay Service, (b) transactions effected with a lost, stolen, counterfeit or misused access code or identification number issued to any User; and (c) any payments initiated by a User which are not completed due to lack of funds in the User’s settlement account.
      4. Institution understands that it is fully responsible for the availability of good funds necessary to settle the bill payment activities of Users initiated through the use of the Bill Pay Services. Apiture’s Third Party Provider shall initiate debit ACH entries against each User’s designated account for bill payment activities initiated by the Use. Institution is and shall remain solely and exclusively responsible to Apiture for the entire amount of any bill payment processed for and on behalf of a User in accordance with instructions received through the Bill Pay Services and which is not funded by the User due to insufficient funds in the applicable depository account or for any other reason outside Apiture’s or its Third Party Provider’s control. A description of Apiture’s Third Party Provider’s collection procedures as of the date of these Service Terms is set out herein. Apiture’s Third Party Provider reserves the right to modify its collection procedures from time to time. Neither Apiture nor its Third Party Provider shall be responsible for losses with government payments. Institution shall be exclusively responsible for and, upon Apiture’s demand, reimburse Apiture for, the amount of any government payments which Apiture or its Third Party Provider reasonably believe it cannot collect from the User for any reason.
      5. For debits that are returned, an ACH Return File must be received from the Institution. The Debit Return area, utilizing Apiture’s Third Party Provider’s debit return process reviews each return. If the Debit Return area is not able to resend the debit, a consumer collection service request is opened. The User is contacted over the life of the service request as follows:

        Day zero – If the amount in collection is less than $100, a Day Zero letter is mailed to the User. For any collections over $100 phone call is placed to the User; if there is no contact or the phone is not in service or disconnected a “NoPhone” letter is sent to the User. If a message is left, a second call will be placed on Day 3 if Apiture’s Third Party Provider has not heard from the User by this date.

        Day 3 – a second call is placed to the User; if there is no contact or another message is left, a “NoPhone” letter is sent to the User.

        Day 15 – if a balance is still outstanding and the User has not made arrangements, a call is placed to the User.

        Day 30 – if a balance is still outstanding and the User has not made arrangements, a “D30” letter is sent to the User. A call is also made if the collection balance is $500 or greater.

        Day 45 – if a balance is still outstanding and the User has not made arrangements, a call is placed to the User.

        Day 60 – if a balance is still outstanding and the User has not made arrangements, or kept a promise to pay, a “D60” letter is sent to the User. A call is also made if the collection balance is $500 or greater.

        Day 75 – if a balance is still outstanding and the User has not made arrangements, or kept a promise to pay, a call is placed to the User.

        Day 90 – if a balance is still outstanding and the User has not made arrangements, or kept a promise to pay, a “D90” letter is sent to the User. A call is also made if the collection balance is $500 or greater.

        Day 105 – if a balance outstanding is $500 or greater and the User has not made arrangements, or kept a promise to pay, a final call is placed to the User.

        Day 120 – Any balance outstanding is charged back via Institution’s monthly invoice.

        Apiture’s Third Party Provider reserves the right to set and change its User support policies, procedures and availability as they apply to all users of its service (not just Institution’s Users) without the consent of Institution.

      6. Institution remains liable for all fraudulent losses, including chargebacks.
      7. Where a User meets the requirements of this Section and a User’s bill payment transaction is not processed or is delayed as the result of an error by Apiture or its Third Party Provider, Apiture or its Third Party Provider will be responsible to the Institution for the amount of any late charges actually incurred by the User up to $50.00 in accordance with the below. Institution and/or User will otherwise be responsible as follows:
        Cause No. Reason for late payment charge Responsible party for paying late charge/penalties
        Apiture or its Third Party Provider User Institution
        1 Lost, cannot determine reason X    
        2 Not sent as scheduled (except to the extent attributable to Causes below) X    
        3 Sent to wrong location X    
        4 U.S. Mail Delay   X  
        5 Delay by merchant   X  
        6 Intervention by Institution     X
        7 Incorrect entry by Institution     X
        8 Scheduled Incorrect Number of Days Before Due Date   X  
        9 Scheduled Incorrectly   X  
        10 Incorrect Payee or Account Information supplied by User   X  
        11 Fraud   X X

        In the event Apiture or its Third Party Provider is responsible for a late charge according to the above chart, Apiture (or its Third Party Provider) will reimburse any payee-imposed late fees, up to $50.00, incurred by any User; provided that the User provides Apiture with payment instructions 5 business days prior to the due date to allow for proper and timely receipt by the payee. Late fees or penalties not initiated at least 5 business days prior to the due date will not be reimbursed by Apiture or its Third Party Provider.

      8. Payment instructions, paper bill images and e-bill images will be available for 12 months after which they will be purged, however, Apiture’s Third Party Provider will research and provide a response to User inquiries on transaction data and bill images for a period up to 7 years after the date of the transaction.
      9. Check payments will be issued using Apiture’s Third Party Provider’s Trust Check drawn on its bank account. All U.S. Postal rate increases will be passed-through as actual costs to Institution with or without prior notice.
  2. My Spending, Apiture IQ, PULSE, IAV & ID (Instant Account Verification) and MX Wealth Management
    1. Institution, for itself and its affiliates, authorizes Apiture’s Third Party Providers for the My Spending, Apiture IQ, PULSE, IAV& ID and/or MX Wealth Management Services (My Spending Service Providers) to utilize application programming interfaces between the Apiture System and My Spending Service Providers’ systems for My Spending Service Providers to perform data extraction and retrieval services that are (a) authorized by an Institution User, and (b) independent from performing My Spending Services for Institution. These extraction and retrieval activities are in place of Apiture’s Third Party Providers using a single data script (i.e. screen scraping) to extract and retrieve data residing on the Apiture System. For purposes of these Service Terms, the term “MySpending Services” refers to any one or bundle of My Spending, Apiture IQ, PULSE, IAV& ID and Wealth Management Services.
    2. Institution authorizes Apiture to provide My Spending Service Providers direct data feeds (via OFX version 2.2 or the current version of MDX) to/from Apiture Systems.
    3. Institution will enter into an agreement with each User using, at minimum, the terms set out in the User Agreement in Part II, Section 1 of these Service Terms or as otherwise approved by Apiture in connection with the My Spending Services.
    4. Apiture will use commercially reasonable efforts to work with My Spending Service Providers that provide data aggregation services for external accounts held-away at Institution or its third party financial institution(s) to provide functioning data aggregation services. Apiture makes no warranty that data aggregation services for external accounts held-away at Institution or its third party financial institution(s) will operate uninterrupted. Apiture will not be responsible for errors associated with data aggregation services for external accounts held-away at Institution or its third party financial institution(s), except for errors, the root cause of which, is attributable to Apiture’s My Spending Service Provider.
    5. Institution will:
      1. notify Apiture as soon as reasonably practicable of any unauthorized access to or misuse of the MySpending Services.
      2. permit Apiture or its My Spending Service Provider masked user account and transactional information through the channels requested by Apiture.
      3. provide Apiture with a financial account that: (i) contains all of the financial account types offered by Institution (i.e., checking, savings, loans, credit cards, line of credit, mortgage, investments, etc.), (ii) has test transactional data for each account type updated on a monthly basis throughout the term of the Agreement to enable continuous testing of transaction functionality within the My Spending Services, and (iii) allows testing from the required testing and production environments.
      4. in order to provide proper functionality, quality control, and to ensure the best user experience for the My Spending Services, cooperate with Apiture and its My Spending Service Provider to access, whenever reasonably requested by Apiture, User account information.
    6. Institution will not (a) make the MySpending Services available to anyone other than its authorized Users; (b) intentionally interfere with or disrupt the integrity or performance of the MySpending Services or third-party data contained therein, or (c) make any legally binding commitment, representation, or warranty on behalf of the My Spending Service Provider, or any of its affiliates, subcontractors or third party providers.
  3. Hard Token and Out of Band Token Authentication
    1. Institution shall advise Users that they may incur additional charges from their telephone carriers and shall be solely responsible for such charges when sending and/or receiving any voice calls placed as part of the Hard Token and Out of Band Token Authentication Services (collectively, OoB Services). Neither Apiture nor its OoB Third Party Provider shall be responsible to reimburse Institution or its Users for such charges including, but not limited to, inter-connection, access, termination, wireless, landline or any phone charges in the provision of the OoB Service.
    2. Institution shall not use the OoB Service to transmit or authorize: (i) junk mail, spam, or unsolicited material to persons or entities that have not agreed to receive such material or to whom Institution does not otherwise have a legal right to send such material; (ii) material or data that is illegal, harassing, coercive, defamatory, libelous, abusive, threatening, obscene, harmful to minors, excessive in quantity, or the transmission of which could diminish or harm the reputation of Apiture or its Third Party Provider or any network carrier involved in the provision of the OoB Service, including but not limited to material that is related to alcoholic beverages, tobacco, guns or weapons, illegal drugs, pornography, crime, violence, death, or any other questionable subject matter. Institution will not use the OoB Service in support of or for any illegal, fraudulent, or improper purpose, and will immediately notify Apiture if Institution learns of any unauthorized use of the OoB Services.
    3. Institution acknowledges that, in provisioning the OoB Service, Apiture and its Third Party Provider depend on the facilities, networks, connectivity and other acts of parties not under their control, including wireless carriers, government entities and network operators. NEITHER APITURE NOR ITS THIRD PARTY PROVIDER SHALL BE LIABLE FOR ANY INTERRUPTION, DELAY, SUSPENSIONS, AND OTHER ACTS AND/OR OMISSION BY SUCH PARTIES THAT ARE NOT WITHIN THEIR CONTROL.
    4. Institution will be deemed to be the importer of record of for any portion of the OoB Service or security credential outside of the U.S., and shall be responsible for any related import filings, requirements, documentation, fees, taxes, duties, or other compliance obligations imposed by the applicable destination country or jurisdiction. Institution also agrees that it will not use the OoB Service or security credential for any purposes prohibited by United States law.
    5. Institution’s authentication hard token orders are offers to purchase products subject to this Section of the Service Terms. All orders are subject to Apiture’s OoB Third Party Provider’s acceptance. Apiture’s OoB Third Party Provider may decline or cancel any order for any reason at any time. Apiture’s OoB Third Party Provider’s acceptance of Institution’s order is limited to these terms without any modification or exception. Additional terms and conditions on any purchase document (e.g., order) will have no effect (i.e., will not change or add to these terms whether or not Apiture’s OoB Third Party Provider specifically objects to those terms and conditions). Institution, on behalf of itself and any end customer for whom the product is purchased, consents to the transfer of Institution’s and any end customer’s email addresses, when such transfer is required to complete a transaction. Institution represents and warrants that all of Institution’s employees and agents placing orders on behalf of Institution are duly authorized to commit Institution. All accepted orders are binding. Institution may not cancel or amend any accepted order without Apiture’s written consent, except in the event of a material default by Apiture’s OoB Third Party Provider with respect to such order which has not been cured by Apiture’s OoB Third Party Provider within a reasonable period of time (not less than ten (10) days) following receipt of written notice from Institution of such default. Any cancellation by Institution permitted hereunder must be in writing and specify in reasonable detail the nature of the default. Orders for non-standard products, including products configured to Institution’s specifications, are non-cancelable and non-returnable. Apiture’s OoB Third Party Provider’s acceptance of Institution’s order occurs at time of shipment.
    6. Notwithstanding anything in the Agreement to the contrary, hard token orders may be purchased at the prices prevailing at the time of shipment, as determined by Apiture’s OoB Third Party Provider. Quoted prices are subject to change without notice and do not include taxes, handling, shipping, transportation, duties or other charges or fees.
    7. All deliveries of products will be made EX WORKS (Incoterms 2010) Apiture’s OoB Third Party Provider’s designated location. Risk of loss or damage to products will pass upon Apiture’s OoB Third Party Provider’s surrender of the products to the transportation provider. Institution assigns all rights in the receivables resulting from sales to its Users until Apiture receives full payment of amounts owed. Transportation charges will be on a “prepay and add” basis, unless otherwise agreed in writing by an authorized signatory of Apiture. Neither Apiture nor Apiture’s OoB Third Party Provider is responsible for spotting, switching, demurrage or other transportation charges unless agreed in writing. Neither Apiture nor Apiture’s OoB Third Party Provider is liable for any delays in delivery or for partial or early deliveries. Transportation charges will be in accordance with Apiture’s OoB Third Party Provider’s shipping policy at the time of shipment. If Institution directs Apiture to charge transportation fees to a third-party account number or to ship “freight collect”, Institution is responsible for all transportation and accessorial charges associated with the order and is responsible for product loss and damage in transit claims with the transportation provider. Neither Apiture nor Apiture’s OoB Third Party Provider is liable for any Institution requirements not stated in these terms. Institution or the consignee receiving delivery must accept deliveries and must inspect the products and secure written acknowledgement from the transportation provider for any shortages, loss, damage or nonconformance. Institution must notify Apiture in writing within two (2) days of receipt of any delivery of any shortages, defects or non-conforming products. In the event Institution fails to notify Apiture with such two (2) day period of any shortages, defects or non-conforming products, the products will be deemed accepted.
    8. Institution may only return products as permitted in these terms. Products otherwise will be non-returnable and the prices and fees will be non-refundable. Institution may only return erroneously shipped products or products that were damaged prior to shipment. Products damaged after shipment may not be returned. In order to be eligible to receive credit for returned products, Institution must adhere to Apiture’s OoB Third Party Provider’s then current returns processing guidelines. Institution must obtain a valid return authorization number (RMA) from Apiture’s OoB Third Party Provider for all returns prior to returning any product. Apiture’s OoB Third Party Provider has no obligation to issue RMAs. Institution is responsible for ensuring that the RMA is clearly visible on the address label of the product packaging and for complying with all other Apiture’s OoB Third Party Provider requirements provided to Institution when the RMA is issued. Unless otherwise agreed in writing by Apiture’s OoB Third Party Provider, all product returns from Institution are DDP (Incoterms 2010) Apiture’s OoB Third Party Provider’s designated facility, and title and risk of loss will transfer to Apiture’s OoB Third Party Provider upon receipt and acceptance of returned products at Apiture’s OoB Third Party Provider’s facility. If Institution desires to return any products, Institution must initiate a new order for the replacement products. Apiture’s OoB Third Party Provider may refuse delivery of any package without a valid, clearly visible RMA. All products erroneously shipped by Apiture’s OoB Third Party Provider must be returned with the original packaging intact (including manufacturer’s shrink wrap) and otherwise in unused, resalable condition. Credit, if any, will be provided for product returned in accordance with Apiture’s OoB Third Party Provider’s return policies at the time the RMA was issued, provided Institution is not in breach of any of these terms. If Institution returns any products without Apiture’s OoB Third Party Provider’s authorization or does not comply with Apiture’s OoB Third Party Provider’s return requirements, those products may be subject to return to the shipping location and, if refused, Apiture’s OoB Third Party Provider may consider the products abandoned and dispose of them, without crediting Institution’s account. Apiture reserves the right to charge a restocking fee for handling any product that is erroneously returned. Apiture’s sole liability for any returned products will be acceptance of their return and issuance of credits pursuant to Apiture’s OoB Third Party Provider’s then current returns processing guidelines.
    9. Institution acknowledges that neither Apiture nor Apiture’s OoB Third Party Provider is the manufacturer of the products. Product warranties, if any, are provided by the manufacturer or publisher (Vendor) of the products.

      INSTITUTION WILL INDEMNIFY, DEFEND AND HOLD HARMLESS APITURE, APITURE’S OOB THIRD PARTY PROVIDER, ITS AFFILIATES, AND ITS VENDORS, AND EACH OF THEIR RESPECTIVE OFFICERS, DIRECTORS, EMPLOYEES, AND AGENTS FROM AND AGAINST ANY LIABILITIES, LOSSES, DAMAGES, COSTS OR EXPENSES OF ANY KIND (INCLUDING REASONABLE ATTORNEYS’ FEES AND DISBURSEMENTS) ARISING OR RESULTING FROM CLAIMS, DEMANDS, ACTIONS OR PROCEEDINGS OF ANY KIND ARISING FROM OR RELATING TO: (i) INSTITUTION’S USE, MARKETING, DISTRIBUTION OR SALE OF PRODUCTS IN A MANNER OTHER THAN AS SPECIFIED IN PRODUCT/SERVICE DESCRIPTIONS OR SPECIFICATIONS; (ii) APITURE OR APITURE’S OOB THIRD PARTY PROVIDER’S OR ITS VENDOR’S COMPLIANCE WITH DESIGNS, SPECIFICATIONS, OR INSTRUCTIONS PROVIDED BY INSTITUTION; (iii) INSTITUTION’S BREACH OF THESE SERVICE TERMS OR ACTS OR OMISSIONS OF INSTITUTION, ITS AFFILIATES, ITS AGENTS, OR THEIR RESPECTIVE EMPLOYEES, OFFICERS OR DIRECTORS; OR (iv) VIOLATION OR ALLEGED VIOLATION OF ANY APPLICABLE LAWS OR REGULATIONS BY INSTITUTION OR ITS AFFILIATES.

    10. Neither Apiture nor Apiture’s OoB Third Party Provider will have liability for: (i) failure to allocate or reserve any product for Institution; (ii) failure to deliver products within a specified time period; (iii) availability and/or delays in delivery of products, (iv) discontinuation of products, product lines, or any part thereof; or (v) cancellation of any orders.

      THE OBLIGATIONS OF APITURE’S OOB THIRD PARTY PROVIDER AND ANY AFFILIATE THEREOF, IF ANY, HEREUNDER ARE THE SEVERAL OBLIGATIONS OF EACH SUCH ENTITY, AND NOTHING HEREIN WILL BE DEEMED TO CREATE ANY JOINT AND SEVERAL LIABILITY BETWEEN OR AMONG APITURE’S OOB THIRD PARTY PROVIDER AND/OR ANY OF ITS AFFILIATES.

    11. Institution agrees to adhere to Apiture’s OoB Third Party Provider’s and any of its applicable Vendor’s current Product Restrictions and Obligations Policy. Institution may not alter or modify the OoB Services in any way or combine the OoB Services with any other product or material not authorized by Apiture and/or its OoB Third Party Provider or the applicable Vendor. OoB Services may have additional restrictions on their distribution or use. Institution is solely responsible for ensuring its adherence to any and all such restrictions.
    12. Apiture’s OoB Third Party Provider is a distributor of “Commercial Items” as defined in FAR 2.101. Only the clauses in the Federal Acquisition Regulation (FAR) and agency FAR supplements which Apiture’s OoB Third Party Provider has agreed to and that are required to be inserted in a subcontract for Commercial Items, as set forth in FAR 52.244-6(c)(1) or an applicable agency FAR supplement apply to these Service Terms. Institution will receive only those rights in technical data provided by Apiture’s OoB Third Party Provider. In no event will Institution receive unlimited rights in data, software, or intellectual property rights provided by Apiture’s OoB Third Party Provider or its Vendors or any other third party.
  4. Voice Authentication
    1. Voice One Time Password (OTP) Security Credentials are generated by a cryptographic algorithm that is delivered to the User’s phone through a call placed over a network carrier. The OTP value received is compared with the OTP value generated and provided to the User. If the OTP values match, the OTP security credential is authenticated before accessing and using any VA Services.
    2. Institution’s Users must register to use VA Services and accept a User Agreement which must meet the minimum requirements approved in advance in writing by Apiture and its Third Party Provider.
    3. Institution shall advise Users that they may incur additional charges from their telephone carriers and shall be solely responsible for such charges when sending and/or receiving any voice calls placed as part of the VA Service. Neither Apiture nor it Third Party Provider shall be responsible to reimburse Institution or its Users for such charges including, but not limited to, inter-connection, access, termination, wireless, landline or any phone charges in the provision of the VA Service.
    4. Institution acknowledges that, in provisioning the VA Services, Apiture and its Third Party Provider depend on the facilities, networks, connectivity and other acts of parties not under their control, including wireless carriers, government entities and network operators. NEITHER APITURE NOR ITS THIRD PARTY PROVIDER SHALL BE LIABLE FOR ANY INTERRUPTION, DELAY, SUSPENSIONS, AND OTHER ACTS AND/OR OMISSION BY SUCH PARTIES THAT ARE NOT WITHIN THEIR CONTROL.
    5. Institution will be responsible for record retention and for compliance with all applicable Legal Requirements with respect to the retention and reproduction of all documents and records related to the VA Service.
    6. In the event that Apiture’s Voice Authentication Third Party Provider discontinues general availability of any Voice Authentication Service (VA Services), Apiture will notify Institution of such discontinuance at least 60 days after Apiture’s receipt of any such notice. Institution shall thereafter cease using the VA Services.
    7. These Service Terms are expressly made subject to any laws, regulations, orders or other restrictions on the export from the United States of America of software, hardware, or technical information, which may be imposed from time to time by the government of the United States of America. Regardless of any disclosure made by Institution to Apiture of an ultimate destination of the VA Service or the security credential, and, notwithstanding anything contained in the Agreement or these Service Terms to the contrary, Institution will not export, or re-export, either directly or indirectly, any part of the VA Service, security credential or portions thereof, without first obtaining any and all necessary licenses from the United States government or agencies or any other country for which such government or any agency thereof requires an export license or other governmental approval at the time of modification, export, or re-export. Institution will be deemed to be the importer of record of for any portion of the VA Services or security credential outside of the U.S., and shall be responsible for any related import filings, requirements, documentation, fees, taxes, duties, or other compliance obligations imposed by the applicable destination country or jurisdiction. Institution also agrees that it will not use the VA Services or security credential for any purposes prohibited by United States law, including, without limitation, the development, design, manufacture or production of nuclear, missiles, or chemical or biological weapons.
    8. Institution shall not use the VA Services to transmit or authorize: (i) junk mail, spam, or unsolicited material to persons or entities that have not agreed to receive such material or to whom Institution does not otherwise have a legal right to send such material; (ii) material or data that is illegal, harassing, coercive, defamatory, libelous, abusive, threatening, obscene, harmful to minors, excessive in quantity, or the transmission of which could diminish or harm the reputation of Apiture or its VA Service Third Party Provider or any network carrier involved in the provision of the VA Services, including but not limited to material that is related to alcoholic beverages, tobacco, guns or weapons, illegal drugs, pornography, crime, violence, death, or any other questionable subject matter. Institution will not use the VA Services in support of or for any illegal, fraudulent, or improper purpose, and will immediately notify Apiture if Institution learns of any unauthorized use of the VA Services.
  5. Interactive Voice Response (IVR)
    1. Definitions:
      1. Back Office Instructions means the processes, procedures, practices, scripts, content, and other written instructions used in connection with customer call center, live agent/operator, back office (including chargeback processing), and other Services that require or permit Apiture to contact or interact with Users.
      2. Contact Criteria means written criteria for contacting Users, including Institution settings used to determine which Users to contact and when to contact them, as well as the methods for contact (including e-mail, land-line or mobile voice call, voice or text messaging, or any other electronic means).
      3. Network Rules means the mandatory rules of VISA, MasterCard, the National Automated Clearing House Association, or any other association, network, or payments organization the parties agree to that apply to Institution’s business or its Users.
      4. Restricted List means any sanctions/restricted list of any United States governmental authority, including the Bureau of Industry and Security’s Denied Persons list and the Office of Foreign Assets Control’s Specially Designated Nationals and Blocked Persons list and prohibited countries list.
    2. Institution will:
      1. be responsible for managing the relationship with Users (including obtaining all necessary consents from Users and making any necessary disclosures to Users);
      2. monitor, interpret, and comply with all Legal Requirements, Network Rules, and its agreements with third parties (including Users)
      3. decide which services and settings are needed to satisfy Institution’s business requirements and to comply with its Legal Requirements, Network Rules, and its agreements with third parties (including Users);
      4. regularly screen Users, and the transactions of Users, against all Restricted Lists and comply with any sanctions or restrictions relating to Users or the transactions of Users; and ensure that no Institution staff member or User who is confirmed as a true match to an individual identified on any Restricted List accesses or uses the IVR Services, Documentation, or software provided for loading and use of IVR Services, participates in Institution’s receipt of IVR Services, or has access to Apiture’s or its IVR Third Party Provider’s Confidential Information.
    3. For Services that involve ACH, Institution will comply with the NACHA Operating Rules, including all applicable obligations of the Originating Depository Financial Institution, and decide the Institution settings to support User payments by ACH.
    4. IVR Services that require or permit Apiture or its Third Party Provider to contact or interact with Users, Institution, must (i) provide or review all proposed Contact Criteria and all Back Office Instructions, (ii) monitor, interpret, and comply with and all Legal Requirements, Network Rules and its agreements with third parties (including Users), (iii) determine whether the Contact Criteria and Back Office Instructions agreed to by Institution and Apiture satisfy Institution’s Legal Requirements, Network Rules, and the requirements of Institution’s agreements with third parties (including Users) and meet Institution’s business requirements, and (iv) decide which services and settings are needed to satisfy Institution’s business requirements and to comply with its Legal Requirements, Network Rules, and its agreements with third parties (including Users), (v) obtain consents from Users sufficient to legally permit the contact or interaction, including ensuring that each User gives express consent for calls or text messages to mobile numbers that are provided to Apiture or its Third Party Provider on behalf of Institution or User’s behalf.
    5. If Apiture and Institution agree to change existing Back Office Instructions or Contact Criteria and supporting the change would cause Apiture’s costs to increase, then Apiture may increase the fee for any affected Service after giving Institution advance notice.
    6. Institution has no obligation to take any action that would cause Institution, in Institution’s reasonable opinion, to be in violation of its Legal Requirements or Network Rules.
    7. Neither Apiture nor its Third Party Provider will be considered an Originator, Originating Depository Financial Institution or Third Party Sender as defined in the NACHA Operating Rules.
    8. Neither Apiture nor its Third Party Provider will be responsible for: (i) providing Institution with legal or compliance advice; (ii) ensuring that Institution complies with its Legal Requirements, Network Rules, or the terms and conditions of the User accounts; or (iii) obtaining any consents from Users.
    9. Apiture will have no obligation to take any action that would cause Apiture, in its reasonable opinion, to be in violation of its Legal Requirements or its Network Rules.
    10. Help Desk. IVR Customer Support Services for the resolution of technical questions and IVR product or service errors must be directed to the Apiture Customer Success Manager (and not the Third Party IVR Provider directly). Apiture will route the support and/or maintenance obligation to its Third Party Provider, as needed. To the extent that Institution and Apiture mutually agree in writing that an IVR Service or product error was caused solely by a failure of the Institution’s systems or hardware or a breach of the Agreement or these Service Terms by Institution, then Institution shall credit Apiture for the time spent remedying the error at Apiture’s then-current rates.
    11. Institution shall promptly notify Apiture in writing of any violations, claims or proceedings involving the IVR products of which Institution is or becomes aware.
    12. Nothing contained in any agreement between Apiture and Institution shall grant or shall be deemed to grant to Institution any right, title, or interest in or to trademarks of Apiture’s Third Party IVR Provider. Institution’s use of Apiture’s Third Party IVR Provider trademarks shall cease immediately upon termination or expiration of Apiture’s Agreement with Institution for such services or otherwise upon written notice by Apiture if Apiture or its Third Party IVR Provider reasonably determines that Institution’s continued use of the Apiture Third Party IVR Provider trademarks is adverse to its business reputation. Apiture or its Third Party IVR Provider may also use the trademarks of Institution under the same conditions as above.
    13. Without incurring any liability to Institution, Apiture retains the right to update, amend, modify, upgrade or change the IVR products or features and related documentation effective upon written notice to Institution, and to end of life IVR products or features upon sixty (60) days’ prior written notice to Institution.
    14. Apiture may terminate the IVR Services and the right to use the IVR products upon five (5) days’ notice to Institution if Institution breaches its obligations under the Agreement or these Service Terms. Upon such termination, Institution shall either destroy (or permanently erase) all copies of the IVR software and any accompanying documentation or return the original IVR software and any accompanying documentation to Apiture or its designee.
    15. All intellectual property related to the IVR products and software or to any materials provided therewith is proprietary to Apiture’s IVR Third Party Provider or its licensors, and Apiture’s IVR Third Party Provider and its licensors retain all right, title, and interest therein and thereto. All rights not expressly granted are hereby reserved to Apiture’s IVR Third Party Provider and its licensors. Apiture’s IVR Third Party Provider’s licensors are intended third party beneficiaries of the Agreement and have the express right to rely upon and directly enforce the terms set forth herein.
    16. Apiture warrants the media on which the IVR product is furnished to be free from defects in workmanship under normal use for thirty (30) days from the date of receipt thereof. Apiture, its IVR Third Party Provider and its licensors’ entire liability and Institution’s exclusive remedy for a breach of the preceding limited warranty will be to repair or replace the media containing the IVR software. Any repair or replacement will be warranted for the remainder of the original warranty period or thirty (30) days, whichever is longer.
    17. APITURE, ITS IVR THIRD PARTY PROVIDER AND ITS LICENSORS PROVIDE THE SOFTWARE “AS IS.” EXCEPT AS EXPRESSLY SET FORTH ABOVE, NO OTHER WARRANTIES OR CONDITIONS, EITHER EXPRESS OR IMPLIED, ARE MADE BY APITURE, ITS IVR THIRD PARTY PROVIDER OR ITS LICENSORS WITH RESPECT TO THE IVR SOFTWARE AND THE ACCOMPANYING DOCUMENTATION (STATUTORY OR OTHERWISE), AND APITURE, ITS IVR THIRD PARTY PROVIDER AND ITS LICENSORS EXPRESSLY DISCLAIM ALL WARRANTIES NOT EXPRESSLY STATED HEREIN, INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY, NONINFRINGEMENT, AND FITNESS FOR A PARTICULAR PURPOSE, TO THE EXTENT PERMITTED UNDER APPLICABLE LAW. NEITHER APITURE NOR ITS IVR THIRD PARTY PROVIDER OR ITS LICENSORS WARRANT THAT THE FUNCTIONS CONTAINED IN THE IVR SOFTWARE WILL MEET INSTITUTION’S REQUIREMENTS, BE UNINTERRUPTED OR ERROR FREE, OR THAT ALL DEFECTS IN THE IVR SOFTWARE WILL BE CORRECTED.
    18. Pricing includes Set Up Fees. If the IVR Services are terminated for any reason prior to go-live (or Deemed Accepted, as applicable), Institution will be obligated to pay a reconciliation fee equal to Apiture’s standard Set Up Fee for the service.
  6. External Transfers, ACH Transactions and Wire Transfers
    1. Institution will take all necessary action to comply with all applicable laws necessary to enable its Users to engage in ACH transactions, wire transfers, and transfers of funds to other financial institutions (External Transfers), including the USA Patriot Act, the federal Bank Secrecy Act, federal and state laws and regulations relating to currency reporting and the prevention of money laundering and any rule or regulation issued by a regulatory body, including the U.S. Office of Foreign Assets Control. Institution shall prepare and file any necessary compliance forms or reports, including, without limitation, suspicious activity reports or currency transaction reports required to be filed in accordance with applicable law. Institution will immediately notify Apiture of instances of suspected fraud, money laundering, terrorist financing, or other illegal activities determined within Institution’s reasonable discretion and involving External Transfers, ACH transactions and wire transfers initiated or executed through the Services.
    2. If Apiture reasonably believes that Institution or Institution’s Users conduct in using External Transfers, ACH transactions and wire transfers (including, without limitation, User intentionally initiating fraudulent or unauthorized payments) violate any applicable laws, rules, regulations or industry standards, or otherwise pose a threat to Apiture’s systems, equipment, processes, or intellectual property or reputation (Threatening Condition), Apiture will provide Institution with notice of the Threatening Condition and both parties will use reasonable efforts to cure or cause the correction of the Threatening Condition. If, in the reasonable and good faith determination of Apiture, the Threatening Condition poses an imminent or actual threat (including regulatory investigation, inquiry or penalty) to Apiture or Apiture’s systems, equipment, processes, or intellectual property, Institution agrees that Apiture may suspend any and all use of External Transfers, ACH transactions and wire transfers by such User until such Threatening Condition is cured. In any event, Apiture may terminate User’s use of External Transfers, ACH transactions and wire transfers without further requirement of notice if the Threatening Condition remains uncured more than 30 days after delivery of written notice of the Threatening Condition to Institution.
    3. If any modification to External Transfers, ACH transactions and wire transfers is required by a change in applicable law or is necessary based on any payment processing requirements, Apiture will notify Institution as soon as practicable. Each party shall then use its commercially reasonable efforts to comply in a timely manner. At its expense and upon written notice to Institution, Apiture may make reasonable modifications, changes, adjustments or enhancements to External Transfers, ACH transactions and wire transfers that Apiture deems to be necessary, provided, however that such modifications, changes or adjustments shall not materially degrade the Services.
    4. Institution represents and warrants that it shall comply with all applicable laws in connection with the supply, receipt or use of the Wire Transfer products or Services.
    5. EXCEPT FOR THE EXPRESS WARRANTIES MADE HEREIN OR IN THE WIRE TRANSFER DOCUMENTATION, NEITHER APITURE NOR ITS THIRD PARTY PROVIDER MAKE ANY REPRESENTATION OR WARRANTY OF ANY KIND, INCLUDING WITHOUT LIMITATION ANY IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR ANY IMPLIED WARRANTY ARISING FROM STATUTE, COURSE OF DEALING, COURSE OF PERFORMANCE, OR USAGE OF TRADE. WITHOUT LIMITING THE GENERALITY OF THE FOREGOING NEITHER APITURE NOR ITS THIRD PARTY PROVIDER REPRESENT OR WARRANT THAT THE DATA OR ACCESS THERETO WILL BE UNINTERRUPTED. Portions of the data provided in the Wire Transfer products are derived from public sources and will be subject to source availability and content changes implemented by source. Certain content may be summarized, and all information should be considered within the full context available in the third-party sources to which source links are provided. Neither Apiture nor its Third Party Provider is responsible for the content of third-party sources. Institution and its End Users shall be responsible for its own conclusions based on relationships and categories in the information provided by third-party sources. Due to the nature of public record information, the public records and commercially available data sources used by Apiture’s Third Party Provider may be incomplete. Institution acknowledges that neither Apiture nor its Third Party Provider is a consumer reporting agency and none of the Wire Transfer products constitute a ‘consumer report’ as such term is defined in the Federal Fair Credit Reporting Act (FCRA), 15 U.S.C. sec. 1681 et seq. The data provided to Institution may not be used as a factor in consumer debt collection decisioning, establishing a consumer’s eligibility for credit, insurance, employment, government benefits, or housing, or for any other purpose authorized under the FCRA. By accessing the Wire Transfer products, Institution agrees not to use the products in relation to an adverse action relating to a consumer application.
    6. EXCEPT FOR THE EXPRESS WARRANTIES MADE IN THE WIRE TRANSFER DOCUMENTATION, APITURE AND ITS THIRD PARTY PROVIDER MAKE NO WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING WITHOUT LIMITATION ANY IMPLIED WARRANTY OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. NEITHER APITURE NOR ITS THIRD PARTY PROVIDER WARRANT THAT SOFTWARE WILL RUN WITHOUT IMMATERIAL INTERRUPTION. NEITHER APITURE NOR ITS THIRD PARTY PROVIDER PROVIDE A WARRANTY REGARDING, AND WILL HAVE NO RESPONSIBILITY FOR, ANY CLAIM ARISING OUT OF: (A) A MODIFICATION OF THE SOFTWARE MADE BY ANYONE OTHER THAN APITURE’S THIRD PARTY PROVIDER, UNLESS APITURE OR ITS THIRD PARTY APPROVES SUCH MODIFICATION IN WRITING; OR (B) INSTITUTION’S USE OF THE SOFTWARE IN COMBINATION WITH ANY OPERATING SYSTEM NOT AUTHORIZED IN THE DOCUMENTATION OR BY APITURE’S THIRD PARTY PROVIDER IN WRITING WITH HARDWARE OR SOFTWARE SPECIFICALLY FORBIDDEN BY THE DOCUMENTATION.
    7. If and to the extent that Apiture’s Third Party Provider is processing Personal Data on behalf of Institution, the terms of the LexisNexis Risk Solutions Group Data Processing Addendum, as well as any related attendant schedules and addendums, at https://risk.lexisnexis.com/group/dpa will apply.
    8. Institution acknowledges and agrees that Apiture’s Third Party Provider may use Institution information (but not that of its End Users) in alignment with its Privacy Policy available at this location: https://risk.lexisnexis.com/group/privacy-policy.
    9. Where applicable, as required of Apiture’s Third Party Provider under the transparency obligations of applicable data protection laws, Institution shall inform End Users, prospects whose Personal Data Apiture’s Third Party Provider receives as a controller, that Institution share their personal data with Apiture and its Apiture’s Third Party Provider as described in the Accuity Processing Notice at https://risk.lexisnexis.co.uk/processing-notices, and Institution shall make available to Apiture or Apiture’s Third Party Provider all information necessary to demonstrate such compliance with the foregoing.
    10. Institution acknowledges and agrees that the Wire Transfer Services provided may include (i) compiling statistical and other information related to the performance, operation and use of the Services, and (ii) using data in aggregated and/or anonymized form for security and operations management or for research and development purposes or other business purposes, provided that such information and data will not identify or serve to identify Institution or any data subject nor be combined with any publicly-available information to identify, any individual person and does not reveal the Personal Information or other Confidential Information of Institution or any data subject (Anonymized Data). All Anonymized Data will be stored in a database behind Apiture’s Third Party Provider’s firewall.
    11. Institution acknowledges that the scores, analysis and other insights supplied by Apiture’s Third Party Provider to Institution is not intended to be used as the sole basis for any decision significantly affecting a data subject and that Institution, not Apiture or its Third Party Provider, is responsible for any and all decisions or actions it takes.
    12. If required by law, Institution agrees to obtain employee consent prior to providing employee Personal Data to Apiture or its Third Party Provider where such Personal Data will be processed by Apiture or its Third Party Provider.
    13. The Wire Transfer products may contain links to third-party external sites, including but not limited to government regulators. Apiture, its Third Party Provider and their respective affiliates are not responsible for and have no control over the content of such sites and, to the extent permissible by law, disclaim all responsibility and liability in relation to information available on such sites or accessible from the products.
    14. Apiture or its Third Party Provider may provide enhancements to the Wire Transfer products or withdraw from a particular network and make the products available through any additional or alternative network(s). Institution acknowledges that its failure to promptly and adequately implement any enhancements or network changes issued by Apiture or its Third Party Provider may render certain products unusable or nonconforming. The failure by Institution to implement any enhancement to any products or network change required to maintain compatibility shall relieve Apiture and its Third Party Provider of any obligation to provide continued maintenance or support for those products.
  7. ACH Fraud Prevention
    1. Definitions
      1. ACH Fraud Prevention Services means the technology-related and support services designed to (1) alert Users of suspicious transaction activity across multiple payment channels depending on service modules purchased and (2) to support automated pay/return decisions and dispute resolution.
      2. Delivery System means all equipment, networks, systems, software, applications, interfaces, skills, know how, methods, processes, procedures, telecommunication systems and equipment, personnel, training materials, manuals, procedures and other resources (including, in each case, those of its Third Party Provider) necessary for Apiture to provide the ACH Fraud Prevention Services.
    2. Institution shall devote adequate resources to support the implementation, testing, training and ongoing maintenance of the ACH Fraud Prevention Services, including without limit, (i) network resources; (ii) hardware; (iii) communications facilities and connectivity; (iv) security resources; and (v) personnel resources. Following implementation, Institution is responsible for supporting the system testing pursuant to new release schedules. Institution will assist Apiture and its ACH Fraud Prevention Services Third Party Provider in establishing procedures for the validation of data for the testing, validation of daily or periodic input into the system and verification of the data and reports that result from processing. Institution shall train its staff in the proper use of the ACH Fraud Prevention Services and shall ensure that its Users’ access to and use of the ACH Fraud Prevention services are consistent with Legal Requirements in all respects.
    3. Apiture or its Third Party Provider will retain transaction data submitted by Institution or the Federal Reserve for a period not to exceed 12 months.
    4. Institution shall maintain a formal program for active monitoring and reporting of potential compliance issues and identification and compliance with Legal Requirements, including those associated with the ACH Fraud Prevention Services.
    5. Institution will provide Users with all required disclosures and obtain all required consents associated with use of or access to the ACH Fraud Prevention Services. Institution is solely responsible for the accuracy, completeness and legal compliance of any disclosures, descriptions, or prompts for consent it provides to Users. Institution shall be responsible for notifying Users concerning any material changes to the ACH Fraud Prevention Services arising during the term of the Agreement. Institution shall ensure the accuracy and propriety of all User processing and configuration criteria. Further, Institution shall validate the accuracy of all data entered into and retrieved from the Delivery System and promptly notify Apiture of any errors.
    6. To the extent Institution utilizes the SMS text functionality associated with the ACH Fraud Prevention Services, then Institution shall enter into an agreement with each impacted User which is consistent with Legal Requirements and which: (i) User’s consent to receive text messages; (ii) User’s ability to opt out of receipt of such text messages and the procedure for doing so; and (iii) includes a prominent notice that other charges may apply to User in connection with the receipt of such text messages.
    7. To the extent that Apiture or its Third Party Provider requires or prescribes specific language or terms in Institution’s agreements with Users, Institution will promptly update such agreements upon Apiture’s written request.
    8. Institution shall take all reasonable steps to ensure that its employees and agents maintain and protect all credentials and challenge questions utilized to access the Delivery System. If Institution determines or suspects that any unauthorized party has accessed the Delivery System, then Institution shall immediately notify Apiture in writing.
    9. Institution acknowledges and agrees that if it fails to fulfill its obligations under this Section, that it shall indemnify, defend and hold harmless Apiture and its Third Party Provider for all resulting claims asserted by any User.
    10. In the event that all or a portion of the ACH Fraud Prevention Services conclude for any reason prior to a 36-month period from the Institution’s go-live commencement of ACH Fraud Prevention Services, Institution will be obligated to pay an ACH Fraud Prevention Services reconciliation fee. This ACH Fraud Prevention Services reconciliation fee from Apiture shall be in addition to and shall not limit any other termination obligations, deconversion fees or other payments due under the Agreement.
  8. Web Connect and Direct Connect to Quicken® and QuickBooks ®
    1. Institution permits Apiture’s Third Party Provider to use its name in Intuit products in connection with Institution’s use of such Web Connect & Direct Connect Services to and Institution may only use its Third Party Provider’s trademarks in accordance with its Trademark Guidelines posted on www.intuit.com/legal/trademark.
    2. Institution must upgrade to each new version of its selected Intuit Services annually or as publicly released.
    3. Price increases for these Services may be implemented without prior written notice. Annual fees are based on asset size of Institution or holding company, if applicable.
    4. QuickBooks® is a registered trademark of Intuit, Inc. and Quicken® is a registered trademark of Intuit, Inc., used under license.
    5. Web Connect and Direct Connect for Quicken ® will only be supported in the most current version, however, the prior two versions may be supported temporarily. QIF download files will not be supported in Quicken® version years starting with 2004 and later. All prior version years (2003 and earlier) will still have QIF download capability.
    6. Apiture will bill Institution $3,000 for a conversion to/from another internet banking provider. After this initial payment, Institution will be billed in the third quarter of each year for the following year version of the software.
    7. Institution may terminate the service for the following year version by submitting written notice to Apiture Contracts Department no later than June 15th of the current year.
  9. Call Center Support and User Direct
    1. Definitions
      1. Back Office Instructions means the processes, procedures, practices, scripts, content, and other written instructions used in connection with customer call center, live agent/operator, back office (including chargeback processing), and other Services that require or permit Apiture to contact or interact with Users.
      2. Contact Criteria means written criteria for contacting Users, including Institution settings used to determine which Users to contact and when to contact them, as well as the methods for contact (including e-mail, land-line or mobile voice call, voice or text messaging, or any other electronic means).
      3. Network Rules means the mandatory rules of VISA, MasterCard, the National Automated Clearing House Association, or any other association, network, or payments organization the parties agree to that apply to Institution’s business or its Users.
      4. Restricted List means any sanctions/restricted list of any United States governmental authority, including the Bureau of Industry and Security’s Denied Persons list and the Office of Foreign Assets Control’s Specially Designated Nationals and Blocked Persons list and prohibited countries list.
    2. Apiture has developed and supports a 24×7 or After Hours Call Center Service Support and User Direct Center (collectively, Support Center) which provides support pertaining to Apiture products and services during and/or outside the normal business hours of financial institutions to Users of financial institutions who have contracted with Apiture for Call Center Support or User Direct (Call Center /User Direct).
    3. The following terms apply to Call Center/User Direct:
      1. The live agent telephone customer services provided to Institution in connection with direct interaction with an Apiture customer service representative (CSR) and Users or other third parties related to Institution’s accounts are not intended, and will not be construed, to (a) constitute telemarketing, a telephone solicitation, or up-selling within the meaning of the TCPA or the Telemarketing Sales Rule, or (b) trigger the application of any other law, regulation, or guidance relating to the offering of products or services via telephone or facsimile (including any duty to register or obtain a license to make such offers).
      2. Call Center/User Direct will be performed during hours to be mutually agreed upon by the parties in advance. If Institution desires to change the hours of operation, Apiture will review the pricing for the Call Center/User Direct and provide new pricing (if applicable). Any changes to the hours of operation and new pricing associated with such changes (including the timing of implementation of any changes to the hours of operation) for the After Hours Call Center service will be mutually agreed upon in writing by Apiture and Institution prior to the effective date of such changes.
      3. Call Center/User Direct will be provided using English language only and will not include support for any foreign language calls unless otherwise agreed upon in writing by Apiture and Institution for an additional fee, if applicable.
      4. CSR’s will utilize the 3270 application of a data system or a portal furnished by Apiture or Institution to access the Institution account information or its Users. CTI and GUI interface desktop application software are not included with Call Center/User Direct.
      5. Apiture or a third party auditor will perform quality of service call monitoring in connection with the Call Center/User Direct.
      6. Calls are recorded and case information is documented for Institution review, upon request. If reports are requested, Institution will be assessed fees at Apiture’s then current rates for the development, production and delivery of such reports.
      7. Apiture will develop a training program (including ‘train-the-trainer’ services) for CSR’s who will perform the Call Center/User Direct, using training materials developed by Apiture, based upon the Contact Criteria and Back Office Instructions, defined below.
      8. Institution agrees to designate a manager with overall program responsibility, which person will coordinate communication and implementation of the Contact Criteria and Back Office Instructions and any other servicing requirements in connection with Call Center/User Direct. Institution shall provide and identify to Apiture adequate staff resources to resolve technical, business and compliance issues in coordination with the Call Center/User Direct, as required. In addition, Institution will provide Apiture with guidance with respect to servicing requirements which are outside the scope of the Contact Criteria and Back Office Instructions.
    4. Institution acknowledges and agrees that Call Center/User Direct shall be solely for inquires and related requests for assistance pertaining to Apiture products and services from Users. Calls received outside the time period selected in the Agreement (for After Hours Call Center services) and calls that do not pertain to Apiture products and services will be referred back to Institution.
    5. User Direct shall be subject to annual increases not to exceed 2x CPI. Notwithstanding anything to the contrary, User Direct is exempt from any fee increase limitations or prohibitions that may otherwise be agreed with Institution during any Initial Term or Renewal Term.
    6. Institution acknowledges that Apiture currently operates its Support Center in the Eastern Standard Time zone on a 24 hour a day, 7 days a week, 365-day year basis for the 24×7 Call Center or User Direct Services option. Apiture currently operates its Support Center only outside normal business hours for the After Hours Call Center Services.
    7. Apiture shall utilize standardized scripts to assist in the efficient operation of Call Center/User Direct and providing services to Institution’s Users. Institution will provide opening and closing statements for scripts. Apiture shall develop, control and own all other scripts developed and used by the Support Center.
    8. Institution will provide Apiture 30 days prior written notice of changes to the Institution’s normal business hours.
    9. Apiture agrees to maintain sufficient staff to support Institution’s User calls pertaining to Apiture products and services.
    10. For Call Center/User Direct Services that require or permit Apiture to contact or interact with Users:
      1. Institution, must (i) provide or review all proposed Contact Criteria and all Back Office Instructions, (ii) monitor, interpret, and comply with and all Legal Requirements, Network Rules and its agreements with third parties (including Users), (iii) determine whether the Contact Criteria and Back Office Instructions agreed to by Institution and Apiture satisfy Institution’s Legal Requirements, Network Rules, and the requirements of Institution’s agreements with third parties (including Users) and meet Institution’s business requirements, and (iv) decide which services and settings are needed to satisfy Institution’s business requirements and to comply with its Legal Requirements, Network Rules, and its agreements with third parties (including Users), (v) obtain consents from Users sufficient to legally permit the contact or interaction, including ensuring that each User gives express consent for calls or text messages to mobile numbers that are provided to Apiture on behalf of Institution or User’s behalf.
      2. If Apiture and Institution agree to change existing Back Office Instructions or Contact Criteria and supporting the change would cause Apiture’s costs to increase, then Apiture may increase the fee for any affected Service after giving Institution advance notice.
      3. Institution will regularly screen Users and the transactions of Users, against all Restricted Lists and comply with any sanctions or restrictions relating to Users or the transactions of Users; and ensure that no Institution staff member or User who is confirmed as a true match to an individual identified on any Restricted List accesses or uses the Services, Documentation, or software provided for loading and use of User Direct, participates in the receipt of User Direct, or has access to Apiture’s Confidential Information.
    11. Institution has no obligation to take any action that would cause Institution, in Institution’s reasonable opinion, to be in violation of its Legal Requirements or Network Rules.
    12. Apiture will not be considered an Originator, Originating Depository Financial Institution or Third Party Sender as defined in the NACHA Operating Rules.
    13. Apiture will not be responsible for: (i) providing Institution with legal or compliance advice; (ii) ensuring that Institution complies with its Legal Requirements, Network Rules, or the terms and conditions of the User accounts; or (iii) obtaining any consents from Users.
    14. Apiture will have no obligation to take any action that would cause Apiture, in its reasonable opinion, to be in violation of its Legal Requirements or its Network Rules.
    15. For live agent/Customer Service Representative Services, the cost of data connectivity between the Apiture provided call center locations and one system mainframe is included. For all other telecommunications connectivity or equipment Institution uses in connection with the Services, Institution will pay fees for the purchase, installation, and management of telecommunications connectivity or equipment by Apiture on Institution’s behalf.
  10. SMS Text Message Alert Service
    1. Definitions
      1. Network Operator means a mobile network carrier that, directly or indirectly (including through SMS Aggregators), performs, enables, or otherwise supports SMS messaging.
      2. Network Rules means the mandatory rules of VISA, MasterCard, the National Automated Clearing House Association, or any other association, network, or payments organization the parties agree to that apply to Institution’s business or its Users.
      3. Restricted List means any sanctions/restricted list of any United States governmental authority, including the Bureau of Industry and Security’s Denied Persons list and the Office of Foreign Assets Control’s Specially Designated Nationals and Blocked Persons list and prohibited countries list.
      4. SMS means short message service which uses standardized communications protocols to allow short text messages to be sent from one mobile device to another mobile device or from the web to a mobile device.
      5. SMS Aggregator means a service provider that maintains direct connections to multiple Network Operators and aggregates SMS messages for delivery.
      6. SMS Content means any SMS message, or any information or data contained in an SMS message, whether sent by or on behalf of Institution or an SMS End User in connection with the SMS-related services.
      7. SMS End User means a User that uses a Network Operator’s mobile network.
    2. Institution acknowledges that SMS-related Services:
      1. are not intended for use and will not be used in, or in association with, the operation of any hazardous environments (such as operation of nuclear facilities, aircraft navigation, or any other use that may result in foreseeable risk of injury, death, or destruction of property) or critical systems. Institution or its Users are solely responsible for liability that may arise in association with such use.
      2. are not a replacement for traditional telephone or mobile phone services, including but not limited to calling, texting, or contacting emergency services, and does not function as such.
      3. do not support or carry emergency calling or messaging to any emergency services personnel or public safety answering points (Emergency Services), such as calls or texts to 911, and may not determine the physical location of the SMS End User device, which may be required when contacting Emergency Services. Institution understands and agrees that it will: (i) ensure the SMS End Users are responsible for contacting and accessing Emergency Services independently of Apiture, (ii) offer or purport to offer any Emergency Services, and (iii) inform all SMS End Users of these limitations.
      4. are not an Integrated Public Alert and Warning System (IPAWS) eligible system.
      5. may, from time to time, require upgrades, patches, bug fixes, or other maintenance (Maintenance) and Apiture agrees to use reasonable efforts to provide Institution with prior notice of any scheduled Maintenance (except for emergency Maintenance), and Institution agrees to use reasonable efforts to comply with any such Maintenance requirements.
      6. may only function if Institution and its Users comply with current technical documentation applicable to the SMS Services (including applicable developer guides) made available to Institution.
    3. Institution will:
      1. be responsible for managing the relationship with Users (including obtaining all necessary consents from Users and making any necessary disclosures to Users;
      2. monitor, interpret, and comply with all Legal Requirements, Network Rules, and its agreements with third parties (including Users);
      3. decide which services and settings are needed to satisfy Institution’s business requirements and to comply with its Legal Requirements, Network Rules, and its agreements with third parties (including Users);
      4. regularly screen Users, and the transactions of Users, against all Restricted Lists and comply with any sanctions or restrictions relating to Users or the transactions of Users; and ensure that no Institution staff member or User who is confirmed as a true match to an individual identified on any Restricted List accesses or uses the SMS-related Services, Documentation, or software provided for loading and use of SMS-related Services, participates in Institution’s receipt of SMS-related Services, or has access to Apiture’s or its SMS Third Party Provider’s Confidential Information.
      5. obtain Apiture’s prior written consent before sending SMS messages for:
        1. charitable programs (e.g., soliciting donations for a non-profit organization);
        2. sweepstakes or contests;
        3. advertisements or promotions for commercial products, goods, or services; or
        4. location-based services (e.g., where a SMS End User receives messages based on the geographical location of the SMS End User’s wireless device).
    4. For SMS-related Services that involve ACH, Institution will comply with the NACHA Operating Rules, including all applicable obligations of the Originating Depository Financial Institution, and decide the Institution settings to support User payments by ACH.
    5. Institution has no obligation to take any action that would cause Institution, in Institution’s reasonable opinion, to be in violation of its Legal Requirements or Network Rules.
    6. Neither Apiture nor its Third Party Provider will be considered an Originator, Originating Depository Financial Institution or Third Party Sender as defined in the NACHA Operating Rules.
    7. Neither Apiture nor its Third Party Provider will be responsible for: (i) providing Institution with legal or compliance advice; (ii) ensuring that Institution complies with its Legal Requirements, Network Rules, or the terms and conditions of the User accounts; or (iii) obtaining any consents from Users.
    8. Apiture will have no obligation to take any action that would cause Apiture, in its reasonable opinion, to be in violation of its Legal Requirements or its Network Rules.
    9. Institution will pay fees for any assessments or other charges that are imposed on Apiture by a third party, or that Apiture incurs on Institution’s behalf, in connection with any SMS Service, including any network or other card-related dues, fees, and assessments (for example, base access fees, INET/INAS fees, switch fees, and interchange). If the network bills Institution directly for any dues, fees, or assessments, Institution will be responsible for paying them.
    10. In the event of a wind-down or transition of SMS-related Services, Institution must pay the estimated amount in full (via wire transfer) before conversion tapes will be released.
    11. For all SMS-related Services, Institution will additionally:
      1. Ensure that SMS Content, and the collection, access, use, or disclosure of SMS End User information, including but not limited to personally identifiable information by Institution, Users, or any of their respective agents or service providers, complies with all applicable Legal Requirements and that Institution will provide legally adequate privacy notices and obtain necessary consents for the processing of such data;
      2. Obtain consent from each SMS End User to receive SMS Content from Institution, Apiture and/or its Third Party Provider. Institution may not charge SMS End Users for receiving notifications by SMS unless Institution has obtained the SMS End User’s express consent.
      3. Advise SMS End Users receiving notification by SMS that telecommunication providers may charge the SMS End User to receive notifications by SMS.
      4. Be responsible for ensuring all necessary terms are in place with push notification service providers, including terms necessary to comply with data protection laws; and
      5. Provide each SMS End User the right to opt in and opt out of receiving SMS Content from Institution, Apiture and/or its Third Party Provider.
    12. Institution will not permit any SMS-related Service to be used to transmit:
      1. Junk mail, spam, or unsolicited material to anyone who has not agreed to receive it or to whom Institution or an SMS End User does not otherwise have a legal right to send the material;
      2. any material that contains viruses, Trojan horses, worms, or any other malicious or harmful programs or code;
      3. Any material that: (1) violates any third party’s intellectual property rights or rights of confidentiality, privacy, or publicity; (2) violates the rights or obligations of any wireless service provider or any of the wireless service provider’s customers or subscribers; (3) materially violates or facilitates the material violation of any local or foreign law, rule, regulation, or order, including laws regarding the transmission of data or software; (4) is illegal, harassing, coercive, defamatory, libelous, abusive, threatening, obscene, or otherwise objectionable; (5) is harmful to minors; (6) is sexually explicit, relates to “adult services”, or contains sensitive financial or identifying information (such as social security numbers); (7) is excessive in quantity; (8) relates to alcoholic beverages, tobacco, weapons, illegal drugs, pornography, crime, violence, death, hate, gambling, or funeral services (all except to the extent that such material is relevant to the underlying transaction which is the subject of the SMS Content); (9) is false, misleading, or inaccurate; (10) could expose Apiture or its Third Party Provider any Network Operator, any SMS Aggregator, or any other third party to liability; (11) could diminish or harm the reputation of Apiture, any Network Operator, or any SMS Aggregator; (12) specifically mentions any Network Operator; or (13) copies or parodies the products or services of any Network Operator;
      4. Any signal or impulse that could cause electrical, magnetic, optical, or other harm to the equipment or facilities of Apiture, any Network Operator, any SMS Aggregator, or any other third party; or
      5. Any other prohibited material or content, as identified by a Network Operator or SMS Aggregator.
      6. SMS messages that include Premium Content (as defined in the Mobile Marketing Association Guidelines).
    13. If Apiture or its SMS Third Party Provider notifies Institution of any issues with SMS Content, and Institution does not promptly remove the SMS Content at issue, then Apiture has the right to remove or block the SMS Content at issue, suspend SMS-related Services, or terminate SMS-related Services. Institution is responsible for any liability relating to any SMS Content originated by Institution.
    14. Institution accepts the following:
      1. Institution understands and agrees that the SMS messages and the SMS Content will be transmitted over various third- party networks and systems.
      2. Once Apiture’s SMS Third Party Provider’s system sends an SMS message, Apiture cannot guarantee that the SMS message will be delivered to, received by, or opened by the SMS End User;
      3. Third party networks and systems are necessarily involved in the SMS-related Services, and Apiture is not responsible for (1) SMS messages, or any data related to SMS messages, once SMS messages have been transmitted outside of Apiture’s SMS Third Party Provider’s system or to any Network Operator, or (2) any Network Operator or SMS Aggregator’s compliance with any laws, regulations, guidance, rules (including network rules), standards, or obligations of any kind relating to the protection or use of SMS messages or data related to SMS messages. APITURE IS NOT RESPONSIBLE FOR THE SECURITY OF SMS MESSAGES AND THEIR CONTENT INCLUDING ANY DATA TO THE EXTENT THAT SUCH CONTENT OR DATA IS PROVIDED TO A MOBILE NETWORK CARRIER OR OTHER THIRD PARTY PROVIDER; and
      4. The format or content of any SMS message provided to a Network Operator may be changed by the Network Operator to conform to the Network Operator’s requirements and to the requirements of any mobile device.
    15. Apiture may, with advance notice to Institution, suspend any or all of the SMS-related Services if (i) a governmental authority, Network Operator, or SMS Aggregator instructs or asks Apiture or its SMS Third Party Provider to do so, (ii) Apiture believes in good faith that Institution has failed to comply with these SMS Service Terms or (iii) a Network Operator, SMS Aggregator, or other service provider suspends services, or ceases providing services, on which the SMS-related Services depend.
    16. Apiture (or its Third Party Provider) shall be obligated to deliver SMS messages only to Users who (a) give prior consent (Opt- In) to receiving the quantity, frequency and types of messages, as applicable, to be delivered through the Mobile Banking Service; and (b) have been informed via the Mobile Banking Service of the right to opt-out and the process of how to opt-out of receiving messages in the future (Opt-Out). Apiture (or its Third Party Provider) shall promptly honor any such Opt-Out requests. Institution must direct the User to perform all Opt-In and Opt-Out requests via the Mobile Banking Service in order to be considered a valid request. This provision may be updated by Apiture from time to time to include any reasonable additional requirements of the third-party SMS aggregator, wireless network operators, or other providers of third party services. To the extent reasonably practicable, Apiture attempt to notify Institution of changes to this provision necessitated by additional requirements of SMS aggregator, wireless network operators or other providers of third party services in writing in advance. If Institution delivers SMS alerts messages to Users via the Mobile Banking Service, Institution shall be responsible for the contents of the alert messages. Such alert messages must be directly associated with the User’s existing account and cannot include promotion or marketing of additional products or services without the written consent of Apiture and its Third Party Provider and additional Opt-In / Opt-Out terms being agreed to by the User via the Mobile Banking Service. If Apiture is notified or otherwise becomes aware that Institution’s use of the SMS-related Service violates the requirements of these Service Terms, Apiture may investigate the allegation and determine whether to remove or to request removal of Institution’s SMS Content from the SMS-related Service or upon written notice to Institution, block Institution’s SMS Content or suspend or terminate the SMS-related Service. Apiture will not be liable for any damages incurred by Institution because of any action taken pursuant to this section. In addition to the indemnification obligations set forth in the Agreement, Institution will indemnify, defend and hold Apiture (including its Third Party Providers and any wireless service providers related to the provision of the SMS-related Service) harmless from and against all claims, liabilities, damages, losses, costs and expenses, including reasonable attorney’s fees, investigation costs, expert witness fees and costs, incurred by Apiture as a result of any illegal acts, fraud or misconduct in the use of the SMS-related Service.
    17. SMS messaging and short code fees set forth in the Agreement are with respect to U.S.-based operators only and are subject to change based on rate changes by operators or the SMS Aggregator at any time. Different fees may apply with respect to international operators
    18. All U.S. short codes are subject to U.S. common short code administrator approval. All proposed messaging services are subject to each U.S. operator’s approval, which may be withheld in such operator’s sole discretion. Typical approval times are between sixty (60) and ninety (90) days. Short code monthly fees commence upon the date of application and not the date upon which the messaging services commence.
    19. Institution shall be responsible for any fees or expenses charged by the SMS Aggregator related to messaging services provided to or utilized by Institution, including but not limited to connectivity fees (VPN, SMPP, etc.) and technical support fees.
    20. Notwithstanding anything in the Agreement to the contrary, Institution understands and agrees that SMS messages and content shall be transmitted over various third party networks and systems and that Apiture and its Mobile Banking Third Party Provider shall not be responsible for the security of such information or data to the extent that such information or data is provided to a mobile network carrier or other service provider upon which the provision of the Mobile Banking Services are dependent.
    21. Like many email service providers, to increase the security and reliability of email Institution may send, attempt to send, or receive using Simple Email Service (“SES Email”), Apiture (or its Third-Party Providers) may store and scan Institution’s SES Email and Institution’s Content included in SES Email to protect Institution and SES by preventing and blocking “spam” e-mails, viruses and spyware, and other harmful or unwanted items from being sent and received over SES.
    22. Apiture may suspend or terminate Institution’s access to SES, or block or decline to send or receive any SES Email, if Apiture or its Third Party Provider determines that:
      1. the scan of SES Email or Institution’s Content included in SES Email reveals abusive or low quality email (such as “spam”),
      2. SES Email bounces back to Apiture’s Third Party Provider or abuse complaints (including complaints from third parties) are received in connection with the SES Email, or
      3. the source or ReturnPath email address Institution has provided for “address bounces” or complaints is not successfully receiving email.
    23. If Institution’s SES Emails are blocked, delayed, or prevented from delivery by reasons outside of Institution’s control, Institutin’s payment obligations continue.
    24. Neither Apiture nor its SES Email Third Party Provider is the “sender” as defined in the CAN-SPAM Act or similar applicable law.
    25. Apiture may terminate the SMS-related Service upon 60 days written notice (or such shorter period as may be imposed on Apiture by legal requirements, a governmental or regulatory body, Network Operator, or SMS Aggregator or Third Party Provider) in the event that any modification (i) to the existing contracts between a mobile network carrier and Apiture or any Apiture Third Party Provider of the SMS-related Service suspends provision of those services, (ii) to the Mobile Marketing Association Code of Conduct, or (iii) or any change in applicable law, which makes the provision of the SMS-related Service illegal, inconsistent or contrary to a law, regulation, or the Mobile Marketing Association Code of Conduct or prohibitively difficult or expensive. Nothing shall prohibit Apiture from immediately suspending the SMS-related Service if in Apiture’s reasonable judgment, Apiture is obliged or advised to comply with an order, instruction, directive or request of a governmental or regulatory body or the requirements of a mobile network carrier.
    26. The SMS-related Services are available only for US Network Operator messaging.
    27. Fees for SMS will apply regardless of whether delivery of the SMS notifications is prevented, delayed, or blocked due to reasons outside of the control of Apiture or its Third Party Provider.
    28. Apiture’s Third-Party Provider for SMS aggregation may transmit Nonpublic Personal Information consisting of phone number, account number and limited transaction data off-shore for aggregation. Support services for Third-Party Provider’s hosting and disaster recovery providers may be conducted off-shore and Nonpublic Personal Information may be accessed while these services are performed.
    29. Notwithstanding anything herein to the contrary, Apiture has the right to unilaterally change terms in connection with the SMS-related Services (Change in Terms) in response to and only as necessary to comply with changes in Legal Requirements. Institution will be notified via e-mail or other written method, of any Change in Terms before the Change in Terms take effect. Institution’s use of any SMS-related Service after that advance notice period means that Institution has accepted the Change in Terms for all SMS-related Services and has agreed to be bound by the Change in Terms for all SMS-related Services. If Institution does not wish to receive the SMS-related Services under the modified terms, Institution must give Apiture notice of termination of all SMS-related Services no later than 30 days after the date of the Change in Terms notification to Institution. Apiture may change, discontinue, or deprecate support for a third party push notification platform at any time.
  11. Mobile Banking
    1. Definitions
      1. Mobile Banking Service means the Apiture mobile banking and supported mobile services as made available to Institution.
      2. Content means the services, materials, information and products made available by Institution or its agents or affiliates for use or access by Users via the Mobile Banking Service, including but not limited to banking and financial services, financial or other data, trademarks, trade names, service marks, and iconography.
      3. Mobile Banking User Terms means the end user terms required by Institution with respect to the Mobile Banking Service, a current copy of illustrative terms are set forth in Part II, Section 2 of these Service Terms.
    2. Institution is responsible for the accuracy, applicability, updating and maintaining of all Content. Institution shall use commercially reasonable efforts to not use the Mobile Banking Service or permit the Mobile Banking Service to be used to transmit Inappropriate Content. For purposes of this Agreement, “Inappropriate Content” means any Content or other materials that: (a) are unsolicited, including without limitation, “spam,” “junk messages” or unauthorized “bulk” messages; (b) cause the introduction of “viruses,” “worms,” “Trojan horses,” “e-mail bombs,” “cancelbots” or other harmful computer programming routines into the Mobile Banking Service, or the technology of Apiture’s Third Party Providers or other third parties; (c) are unlawful (including, without limitation, obscene, defamatory or libelous) or offensive as Apiture determines in its sole discretion; (d) are misleading or inaccurate; or (e) infringe upon or violate the intellectual property rights or other rights of any person or entity.
    3. With reasonable instruction from Apiture as to the requirements of the Mobile Banking Service, Institution shall make its systems and Content available to interoperate with the Mobile Banking Service in order that the Mobile Banking Service may be tested and deployed based on technology requirements.
    4. The Mobile Banking Service is only made available to Users who have agreed to the Mobile Banking User Terms. Institution may add or modify provisions to the Mobile Banking User Terms or combine the Mobile Banking User Terms with other terms and conditions without Apiture’s prior approval, however all final Mobile Banking User Terms must be submitted to Apiture in a timely manner to enable User enrollment. Institution is responsible for making updates to the content of its Mobile Banking User Terms and conditions in continued compliance with Legal Requirements. Any post-production changes to such Mobile Banking User Terms shall be subject to additional fees at Apiture’s then-current professional fees rates.
    5. Institution acknowledges that certain functionality of the Mobile Banking Service may be provided or implemented by Apiture’s) third party service (for example, SMS Mode as enabled by the SMS aggregator, or payment processing or remote capture services as may be enabled by another third party), and that such third party services may be terminated by such providers prior to termination of Institution’s Agreement with Apiture. Apiture shall promptly notify Institution and shall use commercially reasonable efforts to implement replacement Third-Party Services as soon as reasonably practicable, however, Apiture does not guarantee a workaround or replacement Third Party Provider. Apiture does not provide any representation or warranty or indemnification regarding any Mobile Banking third party service. Such third party service providers impose requirements related to the use of the third party services, which requirements may be revised from time to time. Apiture will notify Institution of such requirements, and provision of such third party services hereunder will be subject to Institution’s compliance with such requirements.
    6. Institution should use best efforts to update its systems to accommodate new releases or versions of the Mobile Banking Service. Temporary workarounds may be feasible for a limited time, subject to additional fees. If Institution’s systems are incompatible with those of Apiture or its Third-Party Provider, then Institution shall bear any costs necessary to make such systems compatible. Institution, at its own expense, shall provide all required telecommunication circuits and any special cables or any other data transmission equipment in order to receive the Mobile Banking Services. Institution shall test and prove connectivity and interfaces.
    7. Upon request, Institution agrees to ensure its Users upgrade or update their mobile device to the supported release of the Mobile Banking Service to maintain compatibility. Apiture will have no liability arising out of or relating to a User’s use of an unsupported release. Certain Mobile Banking Service updates or upgrades may be automatically downloaded.
    8. Any open source or other software included in the Mobile Banking Service is licensed subject to the additional terms of the applicable open source or other license conditions and/or copyright notices that may be made available to Institution upon written request, or in other documentation or materials accompanying the Mobile Banking Service (Incorporated Terms), which Incorporated Terms are hereby incorporated into these Service Terms.
    9. Institution shall comply with the Code of Conduct for Mobile Marketing promulgated by the Mobile Marketing Association, as amended from time to time. The current Code is located at: www.mmaglobal.com/policies/code-of-conduct.
    10. With respect to any login or password information issued to Institution for access to the Mobile Banking Service (for example, in connection with certain functionality or usage reports), Institution shall disclose such information only to its employees and agents with a need to know such information for the purposes contemplated by its Agreement. Institution will take any reasonable security measures necessary to protect such information against unauthorized disclosure, copying or use. Logins and passwords are subject to cancellation or suspension at any time for security purposes in the sole discretion of Apiture (or its Third Party Provider). Institution shall immediately inform Apiture if Institution becomes aware of any possible or actual misuse or unauthorized use of the Mobile Banking Service.
    11. Apiture may, upon notice to Institution, suspend any or all of the Mobile Banking Service functionality or features at any time in the event that: (i) Apiture is obliged or advised to comply with an order, instruction, directive or request of a mobile network carrier which requires it to do so, in the reasonable judgment of Apiture; or (ii) one or more of the mobile network carriers or other third-party upon which the provision of the Mobile Banking Services hereunder is dependent suspends its provision of those services to Apiture.
    12. Apiture shall have the right to modify or terminate all or certain features of the Mobile Banking Services upon 60 days prior written notice (or such shorter period as may be imposed on Apiture by a regulatory or governmental body or service provider) in the event that any modification is required (i) by the existing mobile network carrier contracts of Apiture or its Third Party Provider, (ii) by the Mobile Marketing Association Code of Conduct, or (iii) pursuant to any change in applicable law makes the provision of the Mobile Banking Service illegal or contrary to a law, regulation, or the Mobile Marketing Association Code of Conduct, or prohibitively difficult or expensive for Apiture or its Third Party Provider, provided however that nothing shall prohibit Apiture from immediately suspending the Mobile Banking Services in accordance with other provisions of the Agreement. Apiture may additionally update, upgrade, enhance, change or remove certain features or functionality of the Mobile Banking Service upon 30 days prior written notice if, in Apiture’s reasonable discretion, such change is required to remain current with industry trends; provided that the material functionality of the Mobile Banking Service is not adversely impacted and no additional fees are incurred by Institution without Institution’s written consent.
    13. Apiture shall have the right to unilaterally amend or modify any service description, feature, functionality or pricing terms related to the Mobile Banking Services based on changes in applicable law and such change shall be deemed to bind Institution; provided, that (i) Apiture provides written or e-mail notification of any such change to Institution at least 30 days prior to it taking effect (unless prior written notification is not possible in which case Apiture shall provide written notice as soon as reasonably practicable), and (ii) Institution shall have the right to terminate its use of the Mobile Banking Service in the event of a change provided that notice of such termination is provided to Apiture no later than 30 days from the date of Apiture’s notice of the change to Institution.
    14. Apiture reserves the right, in its reasonable discretion, to terminate or suspend Institution or User access to the Mobile Banking Services, with or without advance notice, if Apiture has reason to believe, in its sole and reasonable discretion, that the Institution or User is in breach of applicable law or these Service Terms or the use by Institution or User of the Mobile Banking Services jeopardizes the integrity or security of the Mobile Banking Services or any supporting security network infrastructure.
    15. Apiture shall have no responsibility for fraud or correcting errors transmitted by Institution or Users.
    16. In the event implementation set up fees are waived for the Apple Watch Mobile Banking Services and it concludes for any reason prior to a 36-month period from the go-live commencement of the Apple Watch Mobile Banking Service (or Deemed Accepted date, as applicable), Institution will be obligated to pay a reconciliation fee equal to the Apple Watch Mobile Banking Service monthly fee for the remainder of the 36-month minimum committed term. This Apple Watch Mobile Banking Service reconciliation invoice from Apiture shall be in addition to and shall not limit any other termination obligations, deconversion fees or other payments due under the Agreement.
  12. Remote Deposit Capture (RDC) and Mobile Check Deposit (MCD) Services Universal Terms
    1. Remote Deposit Capture (RDC) Services enable authorized Users to initiate electronic deposits or payments, subject to limits established by Apiture, through a document scanner that meets the minimum specifications provided by Apiture and executes proprietary software provided by Apiture.
    2. The Mobile Check Deposit (MCD) Services enables Institution’s Users to initiate electronic deposits, subject to limits established by Apiture, through a document scanning software contained in a smart phone or tablet computer that: (1) meets the minimum specifications provided by Apiture; and, (2) executes proprietary software provided by Apiture.
    3. If Institution’s or User’s systems are incompatible with those of Apiture or its Third Party Provider, then Institution or Users shall bear any costs necessary to make such systems compatible. Institution and User at their own expense, shall provide all required telecommunication circuits and any special cables or any other data transmission equipment in order to receive the RDC and MCD Services. Institution (and User, if applicable) shall test and prove connectivity and interfaces.
    4. Institution will ensure that all Users receive all such disclosures the Institution deems necessary or advisable under any applicable law and regulations in accordance with Institution’s own independent judgement. Institution will be responsible for record retention and for compliance with all applicable statutes and regulations with respect to the retention and reproduction of all documents and records related to the RDC and MCD Services. Payment data used by Institution or Users for research and report will be purged after 60 days. Payment data used for transaction file re-generation will be purged after 30 days. Institution acknowledges that Apiture exercise no control whatsoever over the content of the information passing through the RDC or MCD Services and that it is the sole responsibility of Institution to ensure that the information it and its Users transmit and receive is accurate and complies with applicable law and regulation. Apiture shall have no responsibility for correcting errors or for fraud transmitted to it by Institution or Users.
    5. Institution shall be solely responsible to each User for the RDC and MCD Services. Institution will (i) contact the User to establish the installation time for RDC, specifically; (ii) provide telephone based support for installation, questions and issue escalation; (iii) provide User training, as applicable; (iv) provide project management resources for initial User installation; (v) identify primary and back-up contacts for the day-to-day operational process management; (vi) retrieve files and reports from an SFTP server in accordance with processing schedule; (vii) enter into a written agreement with RDC and MCD Users in accordance with Legal Requirements prior to granting access to the RDC and MCD Services; and (viii) ensure that authorized Users comply with the following requirements: (y) all equipment utilized for RDC and MCD Services will meet or exceed the specifications provided by Apiture; and (z) provide an internet connection.

      Institution will additionally provide detailed information to establish or update RDC Users based on a standard template, provide Tier 1 support for RDC Users questions and issue escalations, and be responsible for compliance of its legal requirements regarding retention of image and data files used to process RDC Services transactions.

    6. Users may scan checks (or payments for Business Users) and submit electronic deposits anytime, with the exception of identified system maintenance periods. Deposits (and payments for Business Users) submitted by Users will be delivered to the Institution in the next available file delivery as defined by the processing schedule. Back-end processing of deposits (or payments) received by Users, including MICR line correction, creation of an X9.37 or X9.100 (or similar) clearing file and a report showing deposit totals and transaction information can either be transmitted by Apiture to the Institution or retrieved by the Institution.
    1. Wausau RDC and MCD (Consumer Retail)
      1. Where Institution purchases the Remote Capture mobile application independently of a mobile banking application’s functionality, the Mobile Capture solution allows the Institution and Remote Capture Users of the Institution to capture and transmit single check deposits through Apiture’s Third Party Provider’s Remote Capture Services System using a supported smartphone and/or mobile application. Work captured and transmitted to the Third Party Provider’s Operations Center via the Remote Capture Services will be made available to the Institution or the Institution representative and will be made available to the Institution or the Institution representative at the agreed upon file delivery time(s). Apiture will configure Mobile Capture solution using agreed upon settings determined via questionnaires answered by Institution.
      2. The Consumer Capture solution allows the Institution and Users of Institution to capture and transmit deposits through Apiture’s Third Party Provider’s Remote Capture Services System using a simplex Twain 1.9 compatible flat bed scanner or all-in-one copy printer fax device. Work captured and transmitted to the Third Party Providers’ Operations Center via Deposit 24/7™ Remote Capture Services will be made available to the Institution or the Institution representative and will be made available to the Institution or the Institution representative at the agreed upon file delivery time(s). Apiture will configure Consumer Capture solution using agreed upon settings determined via questionnaires answered by Institution. Training of the User is the Institution’s responsibility.
      3. Deposit 24/7™ Business Mobile solution allows the Institution and Users to capture and transmit checks and payment items through Apiture’s Third Party Provider’s Deposit 24/7™ Remote Capture Services System using a supported smartphone and/or mobile banking application. Deposited items scanned, captured and transmitted to the Third Party Provider’s Operations Center via the Deposit 24/7™ Remote Capture Services will be made available to the Institution or the Institution representative in the form of an X9.37 clearing file, X9.100 clearing file, or XML file to ingest into a downstream remittance solution, and will be made available to the Institution or the Institution representative at the agreed upon file delivery time(s). Apiture grants to Institution a non-exclusive, royalty-free, fully paid-up, sublicensable license to use any software (including APIs) provided by Apiture’s Third Party Provider for the purpose of supporting the functionality of the Deposit 24/7™ Business Mobile solution.
      4. Branch Capture solution allows the Institution and Users of Institution to capture and transmit branch work through Apiture’s Third Party Provider’s Remote Capture Services System. Work captured and transmitted to the Third Party Provider’s Operations Center via Remote Capture Services will be made available to the Institution or the Institution representative and will be made available to the Institution or the Institution representative at the agreed upon file delivery time(s). Depending on the Image Processing and Data Entry option selected by Institution, Apiture’s Third Party Provider may perform MICR repair, transaction balancing, internal general ledger adjustment creation, and reporting. Apiture will configure Branch Capture solution using agreed upon settings determined via questionnaires answered by Institution.

        Option 1: With “Capture and Go” Institution captures and transmits work as captured without having to do any keying or balancing. Courtesy Amount Recognition (CAR), the amount of check written in numbers, will be configured to identify MICR fields if CAR / Image friendly documents are used. Transaction file is created by the Third Party Provider’s Operations Center as it was captured and transmitted by the Institution.

        Option 2: With “Institution Keys and Balances” Institution is responsible for capture, keying and balancing batches of work prior to transmitting work to the Application Service Provider environment. Institution will be configured to require entry of all MICR fields and present balanced batches of work. CAR will be configured to identify all MICR fields if CAR/Image friendly documents are used. The transaction file is created by the Operations Center as it was captured and transmitted by the Institution.

        Option 3: With “Third Party Provider’s Operations Center Keys, balances and transmits balances file back to Institution” the Operations Center keys, balances and transmits balanced file back to the Institution. The Operations Center provides MICR repair of branch captured and transmitted work. Branch will not be required to repair or balance batches. CAR will be configured to identify MICR fields. The Operations Center will repair MICR lines and populate missing fields. Institution must be using CAR/Image friendly documents. Items with unreadable values, whether internal docs, money orders, onus checks, transit checks, will all be modified to be general ledger tickets that Institution will research. Out of balance transactions will have a balancing debit or credit entered to “force balance” after the Operations Center verifies all amounts are correct.

        Centralized duplicate checking will be performed. Items considered possible duplicates will be substituted for suspense general ledger tickets to be researched by the Institution. If adjustments need to be made they will be internal general ledger adjustments only. Apiture’s Third Party Provider operations staff will not contact Institution for adjustment verification. Adjustment notices will be made available to the Institution.

        These assumptions are applicable regardless of which option Institution selects:

        1. Apiture’s Third Party Provider’s Operations Center will have no communication with the branches on a daily basis. No outages will be researched. Unreadable items will be replaced with a suspense general ledger entry.
        2. Institution must use Image/CAR friendly documents. These must be in place when the Institution goes live with Branch Capture.
        3. The option selected will depend on the Institution’s item processing solution — if Institution has back office department to receive the transaction file and make adjustments or does the file go directly to a host processor who expects it clean. If Institution expects it clean, then the Institution will need to select option 3 or option 2 with the assumption that Apiture’s Third Party Provider’s Operations Center will not be doing any double checking of the data presented.
        4. If Institution transmits a batch and needs it deleted, Institution will be responsible for doing so within its own item processing system:
          1. If the file is being transmitted directly to a 3rd party processor
          2. Institution must submit deletion request to Apiture’s Third Party Provider at least 1 hour before scheduled file delivery time.
      5. Risk Monitoring allows the Institution and its risk management teams to better monitor and control risks associated with remote deposit capture. One of the key features allows for rule-based flags. If any items coming into the system fit a rule designated by Institution, a flag will be assigned to that item or transaction. Once the item has been flagged, it can be personally reviewed by the Institution and a decision can be made as to whether to move forward with the transaction, contact the User to alleviate risk or reject the item/transaction. If the item/transaction is rejected, a notification is sent back to the User and a correction item is automatically inserted into the transaction to balance it. "Must act" items require the Institution to review and either accept or reject the item/transaction before it can be processed and allowed to be included in the clearing file. Institution must decision all "must act" items ½ hour before the scheduled output file delivery time(s). If the "must act" items are not decisioned ½ hour before the scheduled output file delivery time(s), Apiture’s Third Party Provider will create the X9.37 (or similar) file with the "must act" items included.
      6. Location Awareness is additional functionality and an additional service that is made available through the Risk Monitoring application. Location Awareness provides the ability to track Remote Capture User IP addresses and/or proxy servers that transmissions pass through on their way to the central site for processing. It will also tell the Institution if a workstation has moved from its original (and expected) physical location, thus providing greater visibility to possible fraudulent activities. These changes in capture locations will be reported within new functionality available within Risk Monitoring so those suspect transactions can be reviewed and properly decisioned before downstream processing takes place. "Must act” items require the Institution to review and either accept or reject the item/transaction before it can be processed and allowed to be included in the clearing file. Institution must decision all "must act" items 1/2 hour before the scheduled output file delivery time(s). If the "must act" items are not decisioned 1/2 hour before the scheduled output file delivery time(s), Apiture’s Third Party Provider will create the clearing file with the "must act" items included in it.
      7. Integrated Mobile Capture can be integrated into the Apiture mobile banking application. This integrates the Mobile Check Deposit Solution with the Mobile Banking Service (the Application). Apiture will integrate the Mobile Check Deposit Solution with the Application. The Integrated Solution will allow the Institution and the Users of Institution to capture and transmit a check deposit through the Remote Check Deposit Solution using a smartphone supported by Apiture. Files containing the captured check images will be provided to the Institution or the designated Institution representative in the form of an X9.37 or X9.100 clearing file and will be made available to the Institution or the Institution representative at the agreed upon file delivery time(s). The Mobile Check Deposit Solution will be configured using agreed upon settings determined via questionnaire(s) answered by Institution.
      8. NEITHER APITURE NOR ITS THIRD PARTY PROVIDER CAN CONTROL THE FLOW OF DATA TO OR FROM APITURE’S THIRD PARTY PROVIDER’S NETWORK AND OTHER PORTIONS OF THE INTERNET. SUCH FLOW DEPENDS IN LARGE PART ON THE PERFORMANCE OF THE INTERNET SERVICES PROVIDED OR CONTROLLED BY THIRD PARTIES. AT TIMES, ACTIONS OR INACTIONS OF SUCH THIRD PARTIES CAN IMPAIR OR DISRUPT INSTITUTION’S OR USERS’ CONNECTIONS TO THE INTERNET (OR PORTIONS THEREOF). ALTHOUGH APITURE WILL USE COMMERCIALLY REASONABLE EFFORTS TO TAKE ALL ACTIONS IT DEEMS APPROPRIATE TO REMEDY AND AVOID SUCH EVENTS, NEITHER APITURE NOR ITS THIRD PARTY PROVIDER CAN GUARANTEE THAT SUCH EVENTS WILL NOT OCCUR. ACCORDINGLY, APITURE AND ITS THIRD PARTY PROVIDER DISCLAIM ANY AND ALL LIABILITY RESULTING FROM OR RELATED TO SUCH EVENTS.
    2. Ensenta (Jack Henry) RDC and MCD (Consumer Retail and Business)
      1. Institution will communicate with the EnsentaNet Service via a VPN or leased line connection to be determined and mutually agreed. Institution will make the deposit images, magnetic code line (MICR) data, and transaction tracing data available to the EnsentaNet Service through mutually agreed connection and transmission. The EnsentaNet Service will enable the Institution to consolidate deposit item images and information from deposit transactions acquired at Institution’s Remote Capture.
      2. The Institution’s security obligations may be reviewed by Apiture’s Third Party Provider at any time. Institution hereby permits Apiture’s Third Party Provider to discuss directly with Institution any changes to Institution’s security obligations during the term of the Agreement and potential solutions, potential target dates for completion of such changes and solutions, and the fees, if any, to be paid to Apiture’s Third Party Provider for such additional efforts. In the event Apiture’s Third Party Provider and Institution cannot mutually agree to the proposed changes and the appropriate fees within a 60-day period, Apiture may, within 10 days after such period, terminate the RDC or MCD Service with the Institution. In the event of such termination, all deconversion fees and other termination fees set out in the Agreement will be due.
      3. MITEK MiSnap™ is a mobile device software developer kit that allows Users to integrate MITEK MiSnap™ with mobile device image capture applications in order to provide automatic image capture, document imaging, intelligent character and image recognition and document analysis. The Institution acknowledges the following if purchasing MITEK MiSnap™:

        The MITEK MiSnap™ Service feature set will be provided as an additional service under the limited license to provide the mobile device software developer kit that allows users to integrate MITEK MiSnap™ with mobile device image capture applications to provide automatic image capture, document imaging, intelligent character and image recognition, and document analysis. New features rendered through the MITEK MiSnap™ platform, such as multiple check capture, drivers’ license capture and other optional services, will be subject to additional fees. As a condition to the implementation and use of the MITEK MiSnap™ Service, Institution shall be required to complete a certification process, which will be conducted at Apiture’s Third Party Provider’s direction, addressing and encompassing the implementation training and use of MITEK MiSnap™. When Institution purchases the MITEK MiSnap™ Service , in addition to the licenses granted in the Agreement, the Institution is granted a limited, non-transferable , non-exclusive, non-sublicensable right to sublicense MlTEK MiSnap™ to Institution subcontractors who provide product integration and support services to Institution; provided , however, that: (i) such sublicense may only be used in connection with accessing and using the SmartPay Ensenta Remote Deposit Capture Service including MITEK MiSnap™ for the Institution in accordance with the license rights conferred under the Agreement ; (ii) the subcontractors must agree to be bound by the terms of these Service Terms and the Agreement, to the extent applicable; and (iii) use of MITEK MiSnap™ as granted herein shall only be in conjunction with the SmartPay Ensenta Remote Deposit Capture Service. Institution be responsible for the breach of any terms these Service Terms by its subcontractors.

      4. The SmartPay Ensenta Smart Alerts for Real-time Fraud MonitoringSM Service is available only in connection with Institution’s purchase of SmartPay Ensenta Consumer RDC-MobileSM Service, SmartPay Ensenta Consumer RDC-DesktopSM Service, SmartPay Ensenta Business RDC-MobileSM Service, SmartPay Ensenta Business RDC-DesktopSM Service and/or SmartPay Ensenta ATM Risk Management and Check Image ProcessingSM Service. Third party services provided by Institution’s designated fraud monitoring vendor (Institution’s Fraud Monitoring Vendor and Fraud Monitoring Third Party Services) are integrated into this Service for Apiture’s Third Party Provider to provide web service notifications to Institution’s Fraud Monitoring Vendor that a deposit has been submitted by a User of Institution (along with related check images). In order to acquire and use the Fraud Monitoring Third Party Services, and in addition to this solution section, Institution is also required to execute a separate agreement between Institution’s Fraud Monitoring Vendor and Institution (Fraud Monitoring Vendor Agreement). Institution acknowledges and agrees that, with regard to this SmartPay Ensenta Smart Alerts for Real-time Fraud Monitoring Service, Apiture’s Third Party Provider is only transmitting a notification that a deposit has been submitted by a User of Institution (along with related check images) to Institution’s Fraud Monitoring Vendor (Fraud Monitoring Vendor Required Data). Institution’s Fraud Monitoring Vendor is solely responsible for completing and communicating with Institution regarding Institution’s Fraud Monitoring Vendor’s deposit fraud analytics on Institution’s User’s deposits. Institution hereby authorizes and directs Apiture’s Third Party Provider to provide the Fraud Monitoring Vendor Required Data to Institution’s Fraud Monitoring Vendor. The Fraud Monitoring Third Party Services will be governed by the Fraud Monitoring Vendor Agreement executed between Institution’s Fraud Monitoring Vendor and Institution. Neither Apiture nor its Third Party Provider makes or extends any separate product warranties, guarantees, indemnities or liabilities with respect to the Fraud Monitoring Third Party Services. Without limiting the foregoing, upon transmission by Apiture’s Third Party Provider of the Fraud Monitoring Vendor Required Data to Institution’s Fraud Monitoring Vendor, Institution’s Fraud Monitoring Vendor is solely responsible for the protection and security of the Fraud Monitoring Vendor Required Data after the Fraud Monitoring Vendor Required Data is transmitted by Apiture’s Third Party Provider.
      5. If the Institution is a non-bank or otherwise uses a third party as the ‘depository bank’, as such term is defined in the Check for the 21st Century Act, Institution will facilitate, at Apiture’s request, a separate cash letter agreement directly between Apiture’s Third Party Provider and Institution’s depository bank prior to certain remote deposit capture services being made available to Institution. Institution additionally authorizes Apiture’s Third Party Provider to send the data files generated in connection with the remote deposit capture services on behalf of Institution to the respective depositary bank.
  13. Pay Someone P2P Service
    1. Definitions
      1. AML Requirements means the Bank Secrecy Act, the USA PATRIOT Act, each of the statutes administered by OFAC and the rules and regulations implementing each of the foregoing, each as amended from time to time.
      2. Network means VISA, MasterCard, the National Automated Clearing House Association, or any other association, network, or payments organization the parties agree to.
      3. Network Rules means the mandatory rules of any Network.
      4. Originator Bank means a financial institution selected by Apiture’s Third Party Provider for P2P Services to process electronic funds transfers on behalf of Institution pursuant to applicable Network Rules.
      5. Portal means the web portal provided by Apiture’s Third Party Provider for access to P2P Service-related data and management tools.
      6. Site means the website owned, operated, developed, maintained, and hosted by Apiture or its P2P Third Party Provider for the purpose of providing and otherwise supporting the P2P Service.
    2. Using the P2P Service, a User (Sender) can send funds to another person via an on-line link to the Site from one or more web sites operated by Institution (together, the Client Web Site) or other interface provided through the P2P Service. To participate in the P2P Service, each Sender must authorize his or her account to be debited to fund the transfer to each designated recipient, and the transfer will be consummated via an ACH payment or a funds transfer in a debit network or other means in accordance with these Service Terms and the Documentation. The P2P Service will be provided to Institution on a white label basis, which will be provided to Senders on behalf of, and in the name of, Institution.
    3. Institution will comply with all Network Rules applicable to the P2P Service.
    4. Institution acknowledges and agrees that it is responsible for ensuring the use of the P2P Service complies with AML Requirements and the Institution’s Anti-Money Laundering Program, OFAC program and any other policies and procedures the Institution has implemented in support of Institution’s compliance with AML Requirements.
    5. Institution will offer its Users in the United States the ability to make payments via the P2P Service only in accordance with these Service Terms. The Institution will maintain a hyperlink to the Site at the Client Web Site to enable Users to access the P2P Services, which will be presented to account holders.
    6. Institution authorizes Apiture and its P2P Third Party Provider to initiate a P2P Service transaction (Transaction) in which the funds are sent by a Sender who holds a payment card issued by Institution, as provided in the following sub-sections:
      1. In all cases, Institution agrees (a) the Transaction will be funded by a debit to one of such Sender’s accounts and a credit to an internal Settlement Account at the Institution or other account held in the name of, or for the benefit of, the Institution by another insured depository institution designated or approved by Apiture’s or its P2P Third Party Provider from time to time (the Settlement Account) into which such funds will be credited each day, (b) that such debit is subject to the rules of the relevant debit network, and (c) such funds will be held by the Institution for the benefit of the Sender pending completion of the Transaction.
      2. For Transactions in which: (i) the recipient’s financial institution participates in a payment network and has not entered into an agreement to receive the P2P Service; and (ii) the recipient’s account is eligible to receive funds via an electronic funds transfer in such other payment network, Institution agrees that (A) Apiture’s P2P Third Party Provider may complete such a Transaction by initiating, or directing the Originator Bank to initiate, a transfer in such other payment network, (B) Institution’s rights and obligations with respect to such transfer, including with respect to exception processing in connection with any Sender claim of error or fraudulent receipt, will be as contained in these Service Terms and the Documentation, and (C) Apiture’s P2P Third Party Provider may debit the Settlement Account via ACH, or utilize any other funding mechanism agreed with Apiture and/or the Institution, in order to obtain the funds to settle such transfers; and
      3. In all cases, Institution agrees that (a) Apiture’s P2P Third Party Provider may complete a Transaction by initiating, or directing the Originator Bank to initiate, an ACH credit to the recipient’s account, (b) the Institution’s rights and obligations with respect to such transfer, including with respect to exception processing in connection with any Sender claim of error or unauthorized or fraudulent receipt will be as contained in these Service Terms and the Documentation, and (c) Apiture’s P2P Third Party Provider may debit the Settlement Account via ACH, or utilize any other funding mechanism agreed with Apiture and/or the Institution, in order to obtain the funds to settle such transfers. Institution authorizes Apiture and its service providers and Originator Bank to debit and credit the Settlement Account for each Transaction and correction thereto, as provide above.
    7. Institution agrees that it is solely responsible and liable for any Transaction including chargeback fees that is (a) later disputed as unauthorized by the Sender, or (b) credited in error to a person other than the person provided by the Sender, except in the case of fraud or intentional misconduct by an officer, employee or agent of the recipient financial institution or Apiture.
    8. Institution agrees that neither Apiture nor its P2P Third Party Provider will incur any liability for damages or injury caused by (i) commencement of a bankruptcy, insolvency, receivership or similar proceeding (whether voluntary or involuntary) of Originator Bank, or any default or failure to pay debts as they become due by Originator Bank, (ii) the provision of any incorrect information by the Sender in a Transaction, including with respect to information regarding the recipient’s identity, the identity of a recipient’s financial institution, the amount of the transfer or the recipient’s card or bank account number, (iii) unauthorized receipt of funds, or (iv) any error by Apiture or its Third Party Provider or the Originator Bank in processing Transactions; provided that Apiture will use reasonable efforts, as determined by Apiture in its sole discretion, to enforce its rights against the Originator Bank in the event of such an error by the Originator Bank but does not guarantee that Institution or its User will be reimbursed.
    9. Institution agrees it will provide its account holders, in addition to a User Agreement with all required disclosures in accordance with Applicable Law, including Regulation E and the TCPA, a clear, readily understandable description of the P2P Service. Institution may make use of Documentation and sample language provided by Apiture or its P2P Third Party Provider from time to time for such purposes, but Institution agrees that it is solely responsible for the accuracy, completeness and legal compliance of any disclosures or descriptions it provides. Institution also agrees to obtain any authorizations, consents, agreements and representations required for each Sender’s interaction with the P2P Service, including without limitation, (i) consent to the receipt of email, SMS, or other form of electronic communication, (ii) consent to be contacted by telephone, (iii) representations that any recipient to be contacted by telephone, email, SMS, or other form of electronic communication has consented to such mode of communication, and (iv) authorization to debit Sender’s account and transmit funds on behalf of the Sender.
    10. Institution agrees to provide Apiture and its P2P Third Party Provider access to its platform to the extent necessary to provide, implement, set-up and maintain the P2P Service. Institution agrees to provide Apiture and its P2P Third Party Provider access to Institution’s personnel and systems for purposes of training the Institution personnel on use of the Portal for purposes of the P2P Service, customer service and Apiture’s P2P Third Party Provider operations and support for processing, reporting and reconciliation.
    11. Institution will be responsible for first line customer services to Users and will use commercially reasonable efforts to resolve its Users’ inquiries and disputes including unauthorized Transactions or fraudulent activity by using the information and features available through the Apiture web portal. If Institution is unable to resolve such matters on its own, Institution may contact Apiture’s customer service for assistance.
    12. Institution agrees to execute any agreements necessary for Institution to participate in the P2P Service, including forms to access the Portal and an ACH Settlement Agreement to (i) to establish the Settlement Account, and (ii) authorize Apiture’s P2P Third Party Provider to debit and credit the Settlement Account daily in connection with the Transactions and make corrections.
    13. Institution agrees to provide Apiture with complete and accurate information as prescribed by the Documentation.
    14. Institution appoints Apiture and its P2P Third Party Provider as an agent of Institution for the limited purpose providing the P2P Service, including without limitation for the purpose of handling funds and payment orders on behalf of the Institution in order to consummate Transactions in accordance with these Service Terms and the Documentation.
    15. Institution authorizes Apiture and its P2P Third Party Provider and Originator Bank to debit and credit the Settlement Account for each Transaction and correction thereto, as provided above.
  14. My Credit Score
    1. Definitions
      1. “Co-Branded Website” means the portion of Apiture’s Third Party Credit Score Provider website, from which Users can access and use the My Credit Score Services.
      2. “Offer” means a financial offer, such as an offer to obtain a new or refinanced car loan, credit card, personal loan, mortgage or other type of financing.
      3. “Prequalify” means identifying Users who appear to qualify for Offers based on soft inquires of such Users’ credit reports, provided that final credit approval will be subject to Institution’s underwriting requirements and a hard inquiry of such Users’ credit reports.
    2. Institution shall comply with all applicable law (including all applicable export laws, rules and regulations of the United States) in Institution’s use of the My Credit Score Services and in Institution’s making available the My Credit Score Services to Users. Institution will not import or export any My Credit Score Services in violation of any applicable law.
    3. Institution hereby grants to Apiture and its Third Party Credit Score Provider a worldwide, non-exclusive, royalty-free, fully paid up, sublicenseable right and license, during the term of Institution’s agreement with Apiture, to:
      1. use, reproduce and display Institution trademarks, service marks, logos and other branding (“Institution Branding”) in connection with Apiture and its Third Party Credit Score Provider ’s performance of the My Credit Score Services, including without limitation within the Co-Branded Website. The foregoing license includes the right to make modifications to size, format or other aspects of the Institution Branding solely as necessary to incorporate or include such Institution Branding within the My Credit Score Services and the Co-Branded Website;
      2. use, reproduce and modify any content provided by Institution to appear within the Co-Branded Website and display such content within the Co-Branded Website; and
      3. establish and maintain one or more links from the Co-Branded Website to Institution’s website(s).
    4. Single Sign-On Provisions. If Institution wishes to implement a single sign-on functionality (“SSO”) whereby Users of the Institution Site or Institution App, after having initially registered with Apiture’s Third Party Credit Score Provider via the Co-Branded Website, will thereafter have access to some (but not all) of the My Credit Score Services after signing on to the Institution Site or Institution App, without having to separately sign-on through their login credentials at the Co-Branded Website, then Institution agrees as follows:
      1. Institution will (and will require its authorization partner, if any, to) cooperate with Apiture’s Third Party Credit Score Provider in the implementation of the SSO. Neither Apiture nor Apiture’s Third Party Credit Score Provider will not be responsible for any costs incurred by Institution in implementing the SSO.
      2. Institution will provide to Apiture’s Third Party Credit Score Provider any and all User data and other information reasonably required by Apiture’s Third Party Credit Score Provider to permit Users to access the My Credit Score Services through the Co-Branded Website and Institution App via SSO. Such User data includes, without limitation: name, user name (or user ID number), home address (at which such User currently resides), date of birth, social security number, email address and phone number.
      3. Institution agrees that Users may continue to access the My Credit Score Services directly through the Co-Branded Website, even if SSO has been implemented in the Institution Site.
    5. Right to Provide User Data. Institution represents and warrants that it has obtained all requisite permissions and consents from Users in compliance with applicable law and Institution’s stated privacy policy in order to provide User data to Apiture and Apiture’s Third Party Credit Score Provider.
    6. Disclaimers and Limitations and Liability. Institution acknowledges that Apiture and Apiture’s Third Party Credit Score Provider disclaim any and warranties of any kind, express, implied, statutory or otherwise, including any warranties of merchantability, fitness for a particular purpose, title, non-infringement, freedom from computer viruses and all warranties arising from a course of dealing course of performance or usage of trade. Institution agrees that Apiture’s Third Party Credit Score Provider shall have no obligation or liability directly to Institution.
    7. Third Party Beneficiary. Institution Agrees that Apiture’s Third Party Credit Score Provider is the intended direct third party beneficiary of the Institution Terms in this My Credit Score Section of these Service Terms, and that Apiture’s Third Party Credit Score Provider shall have the right to enforce the Institution Terms directly against Institution and seek damages and remedies directly from Institution for any breach by Institution of the Institution Terms.
    8. Offers Made Available by Institution; Follow Up.
      1. Offers. As part of the My Credit Score Services, Institution may (but is not required to) enable the offer engine which displays Offers to Users through the My Credit Score Services, based on credit score and/or other criteria determined by Institution in its sole discretion. Offers may be made for the type of products and services of Institution which are supported by Apiture’s Third Party Credit Score Provider and may be posted within the Branded Website. If Institution has enabled the offer engine, then for each Offer made through the Branded Website, Institution will provide the information and criteria below, which may be provided via a link to a page within the Institution Site(s) that contains such information. Institution represents and warrants that all criteria used in establishing Offers and evaluating Users to determine their qualifications for Offers shall comply with applicable law.
        1. Product/ Service information: type of product, applicable APRs,
        2. Credit Score or range of Credit Score for each lending product
        3. Applicable credit or demographic eligibility criteria
        4. Transition links from product recommendation on Apiture’s Third Party Credit Score Provider website to Apiture website
        5. Applicable disclaimers or disclosures, if required
      2. User Offer Data. For each User who (a) has indicated (either by filling out and/or transmitting an application in response to an Offer, by affirmatively indicating that he/she is interested in obtaining additional information about an Offer, or by affirmatively taking any such other action in response to an Offer) that he/she would like to be contacted about an Offer for which he/she appears to qualify, or (b) has otherwise granted unrevoked permission to Apiture’s Third Party Credit Score Provider to provide personal information about such User to Institution relating to Offers, Apiture’s Third Party Credit Score Provider will provide the following contact information (to the extent Apiture’s Third Party Credit Score Provider has such information) to Institution: specified offer, name, username (or member ID number), home address (at which such User currently resides), email address, phone number and any other mutually agreed information about such User (“User Offer Data”). User Offer Data may be transmitted by Apiture’s Third Party Credit Score Provider either (i) immediately through a loan origination services provider and/or via a file which is transmitted to Institution on a daily/weekly/monthly basis, as agreed by the parties. Apiture’s Third Party Credit Score Provider shall not be required, and shall not, provide the credit score, financial account numbers or other financial information about such Users to Institution. Additionally, neither Apiture nor Apiture’s Third Party Credit Score Provider does or can guarantee that Users who appear to be qualified for Offers made available by Institution (based on information obtained by Apiture’s Third Party Credit Score Provider from Institution, Users, credit bureaus or other third parties) do in fact qualify or will in fact be approved for such Offers after having formally applied with Institution for such Offers. Institution hereby agrees that it shall use the User Offer Data solely for purposes of communicating with Users about the specified Offer, that it shall not further disclose or distribute such User Offer Data, and that it shall not contact any Users who have subsequently requested not to be contacted by checking all User Offer Data against the most recent scrub list prior to communications to such Users.
      3. User Follow Up Data. For each User who has affirmatively indicated that he/she would like to be contacted by Institution regarding such User’s income, expenses and/or spending or about programs or promotions offered by Apiture, Apiture’s Third Party Credit Score Provider will provide the following contact information (to the extent Apiture’s Third Party Credit Score Provider has such information) to Institution: name, item about which the User wishes to be contacted, username (or member ID number), home address (at which such User currently resides), email address, phone number and any other mutually agreed information about such User (“User Follow Up Data”). Apiture’s Third Party Credit Score Provider shall not be required, and shall not, provide the credit score, financial account numbers or other financial information about such Users to Institution. Institution hereby agrees that it shall use the User Follow Up Data solely for purposes of communicating with the User about the specific issue for which the User requested to be contacted, that it shall not further disclose or distribute such User Follow Up Data, and that it shall not contact any Users who have subsequently requested not to be contacted by checking all User Follow Up Data against the most recent scrub list prior to communications to such Users.
      4. Minimum Number of Offers. Institution agrees, that in order for Apiture’s Third Party Credit Score Provider to provide the offer engine portion of the My Credit Score Services, Institution must make available no less than one (1) Offer, so that all Users may be evaluated by Apiture’s Third Party Credit Score Provider based on the criteria for such Offer to determine if they appear to be qualified for such Offer.
      5. Use of User Credit Score. Institution agrees that it may not use Users’ credit scores provided to Institution through an API or otherwise (or any implied credit data of such Users) for the purpose of extending any credit approval to Users. For purposes of clarity, Institution may use Users’ credit scores and other information obtained from Users’ credit reports to Prequalify such Users.
    9. Cooperation. Institution acknowledges that Institution’s timely provision of (and Apiture’s Third Party Credit Score Provider’s access to) assistance, cooperation, and complete and accurate information and data from Institution’s officers, agents and employees as is reasonably requested by Apiture’s Third Party Credit Score Provider and Apiture (collectively, “Cooperation”) is essential to the performance of the My Credit Score Services, and that Apiture and Apiture’s Third Party Credit Score Provider will not be liable for any deficiency, delay or failure in performing the My Credit Score Services if such deficiency, delay or failure results from Institution’s failure to provide full Cooperation as required hereunder. Cooperation includes, but is not limited to, designating a project manager to interface with Apiture’s Third Party Credit Score Provider during the course of Apiture’s Third Party Credit Score Provider’s performance of the My Credit Score Services, and providing all necessary review and feedback if requested by Apiture’s Third Party Credit Score Provider. Apiture’s Third Party Credit Score Provider and Apiture shall have the unrestricted right use or incorporate into the My Credit Score Services any suggestions, enhancement requests, recommendations or other feedback provided by Institution and/or Users, without any obligation or liability to Institutions and/or Users. Institution and its Users shall have no obligation to provide any such suggestions, enhancement requests, recommendations or other feedback to Apiture’s Third Party Credit Score Provider.
    10. Analytics Data. “Analytics Data” means any data provided by Apiture’s Third Party Credit Score Provider as part of the Analytics services portion of the My Credit Score Services and includes User Offer Data and User Follow Up Data. Institution agrees that with respect to Analytics Data, in addition to the requirements in Section 14.8.1 above, (a) Institution may use Analytics Data for the sole purpose of Prequalifying Users and marketing and following up on Offer(s) made to Users; (b) Institution may not use Analytics Data (or any implied credit data of such Users) for the purpose of extending credit approval to Users, but may use the data obtained from a hard inquiry of a User’s credit report, based on Institution’s underwriting requirements, to determine whether to extend credit approval to a User; (c) Institution may use the Analytics Data for only a period of thirty (30) days after the date on which the Analytics Data was generated (thereafter, new Analytics Data may be used, but the Analytics Data which is older than thirty (30) days from the date it was generated may not be used, even if combined with other data); and (d) Analytics Data may no longer be used by Institution for an individual who ceases to be an User of Institution.
    11. Access to Data; Analytics Portal. Apiture’s Third Party Credit Score Provider will make available Analytics Data on its Analytics services portal (“Analytics Portal”) provided by Apiture’s Third Party Credit Score Provider as part of the Analytics services. Institution agrees that access to the Analytics Portal will be given solely to current employees of Institution who will be assigned unique usernames and passwords (“Login Credentials”) by Apiture’s Third Party Credit Score Provider. If Institution wishes to provide access to the Analytics Portal to a contractor or any other third party, Institution must obtain Apiture’s Third Party Credit Score Provider’s prior written consent and a separate Login Credential for each such approved third party (“Approved Third Party”). Institution will be fully responsible and liable for all storage, use and disclosure of all the Analytics Data (by Institution, its authorized employees and Approved Third Parties) and agrees to manage and, where appropriate, revoke access to the Analytics Data from such employees and Approved Third Parties. Institution will be responsible for maintaining the confidentiality of all such Login Credentials and agrees not to (and to require such employees and Approved Third Parties) who are provided with unique Login Credentials not to) transfer, share, disclose or resell such Login Credentials to any third party. Institution will immediately notify Apiture’s Third Party Credit Score Provider of any unauthorized use of any of any of such Login Credentials, unauthorized access to the Analytics Portal through its account, or any other breach of security related to its account or the Analytics Portal. Institution will be liable and responsible (and Apiture’s Third Party Credit Score Provider will not be liable) for any loss or damage arising from Institution’s failure to comply with any of the foregoing obligations.
    12. User Authentication. Upon Institution’s request, and subject to Apiture’s approval, Institution may elect to authenticate the identity of Users who are provided access to the My Credit Score Services, provided that: (a) Institution represents and warrants that it is a regulated financial institution and that the protocol used by Institution to verify the identities of Users (“Authentication Protocol”) has been accepted or permitted by its regulators and is in compliance with applicable law; (b) within ten (10) business days after request of Apiture’s Third Party Credit Score Provider, Institution will provide written verification of Institution’s Authentication Protocol; (c) Institution will comply with any current and future additional requirements of Apiture’s Third Party Credit Score Provider’s credit bureaus pertaining to Institution’s authentication of Users; and (d) Apiture’s Third Party Credit Score Provider may reasonably discontinue Institution’s authentication of Users by written notice to Institution and/or Apiture. Institution will indemnify and hold harmless Apiture and Apiture’s Third Party Credit Score Provider from and against any claims, expenses, costs and liabilities arising from Institution’s breach of this Section 14.12.
    13. Institution will promptly notify Apiture and Apiture’s Third Party Credit Score Provider in the event of a merger involving Institution, sale of substantially all of Institution’s stock or assets, the acquisition by Institution of the stock or assets of third party, or similar transaction. Institution will certify the updated number of online banking users, if any, resulting therefrom and acknowledges that any updated number of online banking users may result in a recalculation of fees.
    14. Institution acknowledges and agrees that Apiture’s Third Party Credit Score Provider may modify the terms and conditions of this My Credit Score Section of the Service Terms from time to time, with no less than thirty (30) days’ written notice to Institution, which modified terms will become effective upon the stated effective date of such notice to Institution. If Institution, acting reasonably, objects to any such modified terms, Institution will have the right to terminate the My Credit Score Services by written notice to Apiture and My Credit Score at any time up to the effective date of the modified terms.
    15. Aggregated Data. Institution agrees that during and after the term of the Institution Agreement, Apiture’s Third Party Credit Score Provider shall have the right to use Aggregated Data for Apiture’s Third Party Credit Score Provider’s internal business purposes (such as improvement, enhancement, diagnostic, forecasting, planning and corrective purposes and to further develop the My Credit Score Services) and to disclose Aggregated Data in Apiture’s Third Party Credit Score Provider’s public statements and marketing materials describing and/or promoting the My Credit Score Services. “Aggregated Data” means any data or information (including data and information derived from Personal Data) that has been fully anonymized and does not identity an individual, cannot be used to identify an individual, Apiture, its Institutions or Users with or without the combination of other publicly-available information, and is neither attributable to Apiture, Institution or a User nor reveals any Confidential Information of Apiture, its Institutions or Users. Aggregated Data may be combined with other data.
    16. Right to Terminate. Institution understands that Apiture shall have the right to terminate the My Credit Score Services, upon one hundred eighty (180) days prior written notice to Institution in the event that, notwithstanding Apiture’s Third Party Credit Score Provider’s commercially reasonable good faith efforts, Apiture’s Third Party Credit Score Provider is not able to renew the term of its existing agreement(s) with at least one credit bureau on commercially reasonable terms, without having to pay Institution any termination fees or wind-down costs or credit any fees to Institution as a result of such termination. My Credit Score Services cannot be cancelled or terminated by Institution during the initial twelve (12) months.
  15. Zelle®
    1. Definitions
      1. “Account” means a checking, savings or money market account from which Services transactions are initiated.
      2. “Payee” means a party to whom a Subscriber has initiated and authorized a payment from its Account through the Services.
      3. “Receiver” means a natural, individual person who receives a Request Money request through the Zelle Services.
      4. “Recipient” a person other than the designated Subscriber to whom Subscriber transfers funds and provides the required account information to allow such transfer.
      5. “Requestor” means a natural, individual person who sends a Request Money request to a Receiver through the Zelle Services.
      6. “Subscriber” means Institution’s members or customers, as applicable.
      7. “Transaction Loss” means a loss that occurs because the associated transaction was rescinded as unauthorized or has been returned and is uncollectable.
      8. “User Data” shall mean: (a) the Subscriber’s, Recipient’s, Receiver’s or Requestor’s name, e mail address, zip or postal code; and (b) Account information (e.g. financial data, user identification, login and password and personal information (including without limitation birth date, IP address and social security number), as well as the ABA Routing and Transit Number that are specific to an Account).
    2. Apiture, through its Third Party Providers, Fiserv and Early Warning Services, LLC, will provide payment services that allow payments to accounts owned by individual persons other than the designated Subscriber (“Zelle Services”). Institution and its Subscribers shall follow Apiture’s and its Third Party Provider’s standard operating procedures, including without limitation security procedures, with respect to use of the Zelle Services. Apiture shall make available to Institution, and the Zelle Services shall include, technical and administrative tools consistent with Fiserv Risk Procedures and supporting risk management, decisioning and investigation. Institution shall reasonably cooperate with Fiserv’s Risk Procedures, including (i) promptly responding to reasonable requests to verify account ownership or any fraud investigation with respect to a Deposit Account held at Institution, regardless of the transaction origin; (ii) promptly sending returns information to Fiserv via an ACH returns file, chargeback process, or daily batch feeds, as mutually agreed; (iii) requesting and obtaining a Written Statement of Unauthorized Debit signed and completed by its claimant or Subscriber prior to initiating a debit return pursuant to the ACH Rules; and (iv) in the event that Fiserv has to provide a Letter of Indemnity, hold harmless letter or related documentation (each an LOI) to another financial institution to recover Transaction Losses and there is a claim made under the LOI, then Institution shall be responsible for all amounts relating to such claim, including without limitation, the settlement amount and attorneys’ fees.
    3. Institution shall only make the Zelle Services available to Subscribers for use with U.S.-based accounts subject to the terms of the Agreement. Account holders are required to have U.S. domestic addresses and U.S. domestic mobile numbers for use with the Service. Service payments via Debit Card Networks are only available in the 50 states of the United States and the District of Columbia.
    4. Institution acknowledges that with respect to Zelle Services transactions, the Subscriber or Institution is the Originator under the ACH Operating Rules.
    5. Neither Apiture nor Apiture’s Third Party Providers for the Zelle Services shall have liability or further obligations relating to any delays, inaccuracies or incomplete Zelle Services caused by the failure of Institution to properly or timely meet its obligations or requirements.
    6. Institution shall comply with all laws, rules, regulations, statutes, regulations (and any interpretations thereof and rules promulgated thereunder) and industry requirements applicable to receiving and using the Zelle Services, including without limitation the USA Patriot Act, Regulation E of the Electronic Fund Transfer Act, the federal Bank Secrecy Act, the NACHA rules, the ACH rules, federal and state laws and regulations and industry requirements relating to electronic funds transfers, federal and state laws and regulations relating to money transmission, currency reporting and the prevention of money laundering and any applicable rule or regulation issued by a regulatory body, including the U.S. Office of Foreign Assets Control and the bylaws and operating regulations of any payment network or organization through which transactions are being processed, to enable it to offer and provide any payment or money transfer-related services to Subscribers, and to otherwise register and activate Subscribers to make use of any such services, including, but not limited to, any necessary pre-registrations, consents and authorizations from and notices to its Subscribers. Institution shall maintain all records and prepare and file any necessary forms, reports or other documentation, including without limitation, suspicious activity reports or currency transaction reports required to be filed in accordance with laws applicable to Institution. Institution will immediately notify Apiture and Fiserv of instances of suspected fraud, money laundering, terrorist financing, or other illegal activities determined within Institution’s reasonable discretion and involving the Zelle Services. Fiserv is relying on Institution’s performance as described in this Section in the performance of the Zelle Services.
    7. Institution shall obtain any necessary consents or provide any necessary notices and disclosures to Subscribers in accordance with such laws, rules, regulations and requirements, including consents with respect to the use of any data regarding Subscribers including without limitation a Subscriber’s name, e mail address, zip or postal code, account information (e.g. financial data, user identification, password and/or personal information number, as well as the ABA Routing and Transit Number that are specific to a Subscriber’s account) and usage statistics. As part of the Zelle Services, neither Apiture nor its Third Party Providers shall be responsible for authenticating Subscriber credentials for access to the Zelle Services.
    8. Institution will enter into a written agreement regarding the Zelle Services with Subscribers (Terms of Service). Institution acknowledges that the Terms of Service are between Institution and its Subscribers, not Apiture or its Third Party Providers. In its Terms of Service, Institution will include (i) disclaimers of incidental, indirect, consequential, special, punitive, and exemplary damages; and (ii) quantified limitations on direct damages that, with respect to both (i) and (ii), may be claimed or alleged by such Subscribers arising out of or relating to the Zelle Services. Such disclaimers and limitations must extend to Institution’s third-party suppliers or providers (but do not need to specifically reference Apiture or its Third Party Providers by name). Institution will enforce such disclaimers and limitations in claims, lawsuits and proceedings brought by its Subscribers. Institution shall disclose in the Terms of Service that (i) Institution is the sole party liable to Subscribers for transfers conducted using the Zelle Services; and (ii) as between the Institution and the Subscribers, Institution is solely liable to Subscribers, Recipients and Receivers to the extent any liability attaches in connection with the Zelle Services. Apiture’s and its supplier’s obligations under the Agreement and at law to Institution are not diminished by this Section. Any terms that are required by Fiserv to be present in such Terms of Service without substantial modification will be marked as such; provided that, Institution and Fiserv will collaboratively review and revise the Terms of Service to ensure that they address all of Institution’s Regulation E compliance requirements and any other enforceability concerns.
    9. Institution shall not make any representation, warranty, or other legally binding commitments on behalf of Apiture’s Third Party Providers, any of its respective affiliates or any of their respective third-party providers.
    10. Institution shall obtain the right for Apiture’s Third Party Providers to conduct standard credit screening as permitted under applicable law and regulations on Subscribers for purposes of authentication, conducting risk assessments, setting risk parameters and transaction limitations in connection with a Subscriber’s use of the applicable Zelle Services.
    11. Institution shall provide the right for Apiture and its Third Party Providers to use any Institution trademarks, internet domain names, web addresses, telephone numbers, trade dress, service marks and/or trade names (including, without limitation, logos and slogans) for the purposes of providing the applicable Zelle Services. In addition, Institution hereby permits Apiture’s Third Party Providers to display Institution’s name and any logos or similar brand features made available to Apiture’s Third Party Providers in a list of Institutions for the Zelle Services that Apiture’s Third Party Providers makes available on the Zelle Web site or any successor personal payments service Web site. Institution shall be responsible for registering and maintaining the registration and legal compliance of its respective Internet address(es) and websites.
    12. Institution and/or any Subscriber shall not: (a) transfer or otherwise sublicense the right to use the Zelle Services; (b) attempt to copy or otherwise reproduce the Zelle Services; (c) attempt to access, decompile, reverse engineer or otherwise derive the source code for the Zelle Services; (d) resell or use the Zelle Services for the benefit of any other U.S. Financial Institution or other such entity other than that Institution or any third party that is not a Subscriber; or (e) alter, remove or fail to include any copyright notice or other proprietary rights notices that appear on any user interfaces related to the Zelle Services or authorized reproductions thereof.
    13. For any credentials provided to Institution to enable Institution to access data within the Apiture’s Third Party Provider systems, Institution agrees to, (a) take reasonable steps to safeguard the confidentiality and security of the credentials; (b) limit access to credentials to persons who have a need to know such information; (c) establish and monitor internal procedures which limit one (1) user ID to an authorized Institution representative and otherwise prevent the sharing of credentials; (d) notify Apiture immediately if Institution has any reason to believe the security or confidentiality required by this provision has been or may be breached; and (e) change any passwords that are part of the credentials immediately if Institution knows or suspects that the confidentiality of the credentials has been compromised in any way.

      Subject to Institution’s compliance with the obligations in this Section, Apiture can provide Institution with access to an online database containing recipient information (e.g., name and bank name) in connection with the Zelle Services. Institution agrees to access the database only: (a) to effect, administer, or enforce transactions that result from the Zelle Services; (b) to protect against or prevent actual or potential fraud, unauthorized transactions, claims, or other liability related to the Zelle Services; (c) for internal audit and regulatory examination purposes; (d) to resolve consumer disputes or inquiries involving transactions that result from the Zelle Services, or (e) as permitted to access certain customer and transaction information in Apiture’s possession and shall only use the recipient information of non-Institution users within such database to complete Service transactions and for regulatory purposes. Institution will limit access to such database to its trusted employees and shall closely and regularly monitor such employees’ use of such database to ensure compliance with this provision. Institution will protect the database from security breaches at Institution by establishing, maintaining and updating policies, procedures, equipment and software that are designed to safeguard the security and integrity of the Institution computer systems used to access the database.
    14. Institution shall not sue Apiture for the Zelle Services or name Apiture’s Third Party Providers as a party of any kind in any arbitration, proceeding or court action (including without limitation any and all lawsuits) instituted in connection with the products and Zelle Services. If Apiture’s Third Party Provider is named in any such arbitration, proceeding or court action, Institution shall cooperate in the removal of the Third Party Provider from each such arbitration, proceeding and court action, including without limitation through petitioning the arbitrator or applicable court. In the event of any dispute arising between Institution and Apiture from Institution’s use of a product or service from an Apiture Third Party Provider, Institution hereby (i) agrees and covenants that its only recourse shall be a claim against Apiture; and (ii) releases and holds Apiture’s Third Party Provider harmless from any claims, losses and damages of any kind (including, without limitation, actual, special, indirect, exemplary, incidental and consequential), known and unknown, disclosed and undisclosed, arising out of or in any way connected with such dispute regardless of whether such Third Party Provider was advised of the possibility or likelihood of such damages or costs occurring, and whether such liability is based on contract, tort, warranty, negligence, strict liability, products liability or otherwise (provided that the preceding release in no way limits or diminishes Institution’s right to recover losses and damages from Apiture; which shall be subject to any limitations of liability in Institution’s agreement with Apiture and in no way limits or diminishes Apiture’s right to recover losses and damages from its Third Party Provider arising out of or in any way connected to such dispute (such losses and damages are subject to the liability limitations in the agreements between Apiture and its Third Party Providers). Institution further agrees to waive, release and relinquish all rights, benefits and protections under the provisions of any state law limiting or prohibiting a general release under the law governing its Agreement, or in the event a court does not enforce the governing law clause in its Agreement with Apiture, under applicable state law, including without limitation California Civil Code § 1542 and any similar statutes.
    15. Institution shall determine and be responsible for the completeness, authenticity and accuracy of all such information submitted to Apiture’s Third Party Providers’ systems and shall update such information promptly as applicable.
    16. Institution will perform duties reasonably necessary to be on the then-current commercially-available release of the Zelle Services.
    17. Fiserv and its service providers may use the User Data for the performance of the Zelle Services, as permitted by the Gramm-Leach-Bliley Act, its implementing regulations and other applicable laws, including (without limitation) any use to effect, administer or enforce a transaction or to protect against or prevent actual or potential fraud, unauthorized transactions, claims, or other liability. If Recipients, Receivers or Requestors enter into direct contractual relationships with Fiserv, then Fiserv shall also have the right to use the User Data of such parties pursuant to such relationships. Provided that the source of the information is not disclosed and the information is used in conjunction with other independent information, Fiserv may use User Data for the performance of the Zelle Services and may use, store and disclose User Data and other such information acquired in connection with the Zelle Services in statistical form in aggregate form solely for pattern recognition, modeling, enhancement and improvement, system analysis and to analyze the performance of the Zelle Services. Fiserv may supply User Data to any law enforcement agency if Fiserv or any Fiserv client has suffered or may reasonably be expected to suffer a loss as a result of fraudulent or suspicious activity performed by the Subscriber, Recipient, Receiver or Requestor. Institution will identify a representative as a point of contact or a subject matter expert if such law enforcement agency requires supplementary information on such Subscriber, Recipient, Receiver or Requestor. In accordance with applicable law, Apiture’s Third Party Providers may also retain all User Data during and after termination of the Agreement for audit, regulatory compliance, risk management purposes or as otherwise permitted by applicable law and regulations and/or to the extent it is required to do so in connection with payment network or organization rules and regulations or similar applicable industry requirements. Institution will obtain sufficient authority and consent from Subscribers to transmit and disclose their User Data to Apiture’s Third Party Providers for the purposes set forth herein. Without limiting anything herein or any provisions of the Agreement, for the avoidance of doubt, the parties hereby agree that the User Data of Subscribers is information of the Institution for purposes of the Gramm-Leach-Bliley Act and its implementing regulations.
    18. Institution additionally consents to Fiserv’s disclosure of the User Data to certain Fiserv supplier(s) solely in connection with the verification and authentication of the Subscribers and subject to the terms and conditions of these Service Terms. Institution acknowledge that such verification and authentication services are proprietary and confidential and shall be treated as Confidential Information under the Agreement. Institution grants to Fiserv and Fiserv’s applicable supplier(s) a non-exclusive, non-transferable, except as provided herein, right to use, copy, store, modify and display the User Data solely to the extent necessary to provide the Zelle Services pursuant to its Agreement. Institution will obtain all necessary Subscriber agreements or consents as may be reasonably required to grant such license rights to Fiserv and its suppliers. 15.19 Institution shall at all times remain responsible for making any consumer whole in connection with any failure to transmit money through the Zelle Services, subject to any rights of recovery Institution may have against Subscriber or Apiture, Apiture’s Third Party Provider, or any other party. As between the Institution and Subscribers, Institution will be solely liable to Subscribers for completion of Zelle Services transfers by payment of good funds in the correct amount and in a timely manner to the Recipient’s bank account (regardless of whether the bank account information was provided by Subscriber or collected from the Recipient) and the Institution is the “financial institution” for purposes of compliance with the Electronic Fund Transfer Act (EFTA), as implemented by Regulation E, including with respect to obligations under Section 910 of the EFTA.
    19. Institution will promptly work with Apiture to analyze the cause of any Transaction Losses and to take appropriate measures to remedy their cause. If Apiture or its Third Party Provider (a) identifies a sudden unanticipated increase in Transaction Losses and believes it prudent to take immediate action to reduce Limits; or (b) identifies an unanticipated risk increase as to an individual Subscriber, then as to each of the preceding cases, Apiture or its Third Party Provider shall have the right at any time but not the obligation to (x) reduce Limits in an amount and for a duration determined by Fiserv in its sole discretion, (y) process transactions using a “good funds only” model, and/or (z) suspend the Zelle Service.
    20. Institution shall promptly cooperate with Apiture and provide all reasonable assistance to Apiture regarding recovery of any Transaction Loss or any other investigation related to the Zelle Services.
    21. Neither Apiture nor Fiserv shall be liable for any Transaction Losses incurred by Institution or its Subscribers for the Zelle Services, including but not limited to fraud losses or risk of loss, arising out of the use of the Zelle Services; liability for Transaction Losses is addressed in Early Warning’s Zelle Network® Participation Rules (“Network Rules”). Notwithstanding anything to the contrary in the Agreement, these Service Terms, or the Network Rules, Fiserv shall be liable to Institution for Transaction Losses caused by Fiserv’s gross negligence, Fiserv’s fraud or its willful misconduct. Further, none of Institution’s other rights against Fiserv at law or equity are excluded, limited or diminished by this section. Fiserv’s Risk Procedures only apply to Zelle transactions that are initiated via Subscriber interfaces hosted by Fiserv or APIs provided by Fiserv (e.g., not transactions that are processed by Early Warning via ZellePay.com).
    22. If pursuant to the Zelle Services a credit is released and the debit or a portion of any such debit has failed, Apiture’s Third Party Provider reserves the right to resubmit for the uncollected portion of such debit. If following resubmission, the debit side remains in a failed status (or is returned for any reason), and the credit side cannot be reversed, Apiture’s Third Party Provider shall issue a new debit transaction in the amount of the uncollected portion of such debit. If Apiture’s Third Party Provider is unable to recover the uncollected portion of the debit, then Apiture’s Third Party Provider may additionally debit any of the Subscriber’s other accounts that are accessible via the Zelle Services to the extent necessary to offset the uncollected portion.
    23. Institution acknowledges and agrees that Apiture’s Third Party Provider has the right to collect the applicable amount from the Subscriber underlying a Transaction Loss and agrees that Apiture’s Third Party Provider may (a) collect or attempt to collect directly from the applicable Subscriber any Transaction Loss, and (b) report the circumstances and amounts associated with such Transaction Losses to any credit bureau in accordance with applicable law. If Apiture’s Third Party Provider is unable to recover the Transaction Loss from the Subscriber, then Institution shall pay the pass-through cost from Fiserv for such loss, including chargebacks, upon receiving notice from Fiserv or Apiture, as the case may be.
    24. Institution will at all times be solely liable to Subscribers for completion of the Zelle Services transactions by payment of good funds in the correct amount and in a timely manner to the Recipient’s bank account (regardless of whether the bank account information was provided by Subscriber or collected from the Recipient) and is the “financial institution” for purposes of Zelle and Known Third Party transfer transactions and their compliance with applicable laws. Without limiting the preceding sentence, Institution will at all times remain responsible for making any consumer whole in connection with any failure to transmit money through the Zelle Services. Institution will indemnify, defend, and hold harmless and release Apiture and its Third Party Providers and their officers, directors, and employees from and against any claims, actions and other proceedings by a Subscriber to the extent arising out of Institution’s breach of its obligation to make any consumer whole as set forth in this Section. The foregoing indemnification obligation shall not be subject to any limitations on Institution’s liability otherwise set forth in the Agreement.
    25. Institution understands that all Payee contact is Apiture’s Third Party Providers’ responsibility, and Institution will not contact Payees at any time on behalf of Subscribers.
    26. Institution shall obtain the right for Apiture’s Third Party Providers to use data gathered from confirmed cases of fraud to detect fraud for its other customers.
    27. Apiture’s Third Party Service Provider Marks means any and all trademarks, service marks, tradenames, insignias, symbols and logos that are owned or exclusively licensed by Apiture’s Third Party Providers and that are designated to Institution for use in (or in relation to) the Zelle Services and/or the documentation provided for the Zelle Services. Apiture grants to Institution a limited, non-exclusive, nontransferable license during the term to reproduce, use and display the Apiture’s Third Party Providers’ Marks only in connection with Institution’s promotion, marketing and distribution of the Zelle Services under its Agreement. Institution will adhere to any guidelines regarding the Apiture’s Third Party Provider Marks that Apiture provides, the most recent copy of which Apiture will provide promptly to Institution upon request. Institution will publish any notices, including any notice of ownership of the Apiture’s Third Party Provider Marks, proprietary notice, copyright notice or restricted rights legend as directed by Apiture. The Apiture’s Third Party Provider Marks and all goodwill associated with the Apiture’s Third Party Provider Marks are and shall remain the exclusive property of Apiture’s Third Party Provider and these Service Terms give Institution no rights therein except for a limited license as described in this Section. Institution’s reproduction and use of the Apiture’s Third Party Provider Marks inures to the benefit of Apiture’s Third Party Provider. Apiture’s Third Party Provider may review Institution’s use and display of the Apiture’s Third Party Provider Marks and its marketing and promotional materials for the Zelle Services, and Institution shall comply forthwith upon receipt of any request from Apiture’s Third Party Provider for such review. In the event that Apiture’s Third Party Provider or Apiture (1) in its reasonable discretion, determines that Institution’s marketing or promotional material or use of the Apiture’s Third Party Provider Marks dilutes or diminishes the Apiture’s Third Party Provider Marks or the goodwill, quality or services associated with Apiture’s Third Party Provider or with any of the Apiture’s Third Party Provider Marks or is not in accordance with Apiture’s Third Party Provider’s direction or guidelines regarding the Apiture’s Third Party Provider Marks; and (2) notifies Institution of such determination; then (3) Apiture or Apiture’s Third Party Provider may revoke the license in this Section, unless Institution has resolved Apiture’s Third Party Provider’s or Apiture’s concerns identified in the preceding subsection (1) in a manner satisfactory to Apiture’s Third Party Provider within five (5) business days after Institution’s receipt of such notice. Institution shall cease to use the Apiture’s Third Party Provider Marks or any other marks or names of Apiture’s Third Party Provider upon the termination or expiration of its Agreement. Institution shall use the appropriate registered or common law trademark symbols in connection with the Apiture’s Third Party Provider Marks. Institution must not during the term of its Agreement or after its termination, apply for any registration as a trademark, service mark, domain name, business or company name, any word or logo that is the same as or substantially identical with or deceptively similar to any of Apiture’s Third Party Provider ‘s Marks, domain names or business or company names.
    28. Institution must, at all times, comply with the NOW Network Rules and the Zelle Network Rules, as well as any other applicable payment network rules (e.g., Debit Card Network Rules). “NOW Network Services” means the Zelle Services that utilize the NOW Network, which include without limitation Zelle Real-Time Payments. Use of the NOW Network Services is subject to Institution’s participation in the NOW Network. Institution will execute a Real-Time Participation Agreement in connection with Institution’s use of the NOW Network Services, prior to commencement of the Zelle Services. If Institution holds more than $8 Billion in assets in its depository accounts, Institution will also execute a Reseller Participant Agreement – Person to Person (P2P) Payments Service (or the equivalent successor document required by Early Warning) with Early Warning prior to utilizing the Zelle Services. In all cases, Institution will comply with the bylaws and operating rules of the applicable payment networks that Institution utilizes with the NOW Network, which may include without limitation the NOW Network and Debit Card Networks. Neither Apiture nor Fiserv is responsible for the performance, speed, or other acts or omissions of third parties that use the NOW Network or interoperate with the NOW Network, such as Debit Card Networks.

      Notwithstanding anything to the contrary in Institution’s Agreement, NOW Network and Debit Card Network settlements are final except as set forth in the applicable NOW Network and Debit Card Network rules and recovery may not be possible; however, if such applicable rules allow for reversal of funds, Fiserv will attempt to recover such funds from the destination account. Fiserv shall not be obligated to comply with the Automated Clearinghouse (ACH) Rules in such recovery efforts or otherwise in connection with NOW Network Services. Fiserv will choose the method of delivery of NOW Network Service payment via the NOW Network in its sole discretion based on available end points for delivery of such payment. Other than Early Warning, third party operators of networks that connect to the NOW Network, such as Debit Card Networks, shall not be considered to be subcontractors for purposes of the Zelle Services. Fiserv will choose the Debit Card Networks in which Fiserv will participate in its sole discretion.

      For purposes of the Network Rules, Institution agrees that Fiserv is Institution’s agent as to the Zelle Services. Early Warning may direct Fiserv to terminate the Zelle Services if Institution is in breach of these Service Terms or its Agreement or if Early Warning determines that Institution does not meet the on-going vetting or due diligence requirements of the Network Rules. If Early Warning does so and Institution is unable to reasonably address Early Warning’s concerns, then Fiserv may be required to suspend or terminate the provision of the Zelle Services. Institution acknowledges and agrees that such suspension and termination may disrupt and interfere with the ability to use Zelle Services and may harm Institution. All such termination obligations will be exercised in such a way to minimize the disruption and harm that such Institution may suffer, which may involve reasonable extensions to cure periods and post-termination provision of the Zelle Services to Institution until Institution is in a position to receive the Zelle Services through other means or receive alternative services.
    29. Fiserv is acting as an agent of the Institution with regard to the Zelle Services and shall not be held responsible for any outcome or decision that is rendered in accordance with the Rules. “Rules” means the business requirements and scoring thresholds provided by Institution in accordance with Fiserv’s Global Risk Administration System (currently accessible through the Compass Support Tool). For the avoidance of doubt, all services indicated as provided by Fiserv on behalf of Institution to Subscribers (including the collection of required account information of a Receiver or Recipient, whether from the Subscriber, Receiver or Recipient) are provided by Fiserv solely in its capacity as a service provider for, and on behalf of, Institution. Fiserv is authorized to rely on data provided by third parties and is not responsible for the accuracy of such data in connection with its performance of the Zelle Services, including without limitation application of the Rules. Institution acknowledges and agrees that: (a) third party data is obtained from databases whose accuracy, timelines and coverage are not guaranteed; (b) the data used to verify an Subscriber is obtained from third parties; (c) Fiserv does not warrant or guarantee the identity of the Subscriber, but merely receives a result from a third party provider (“Result”) which is derived, in part, from information entered by the Subscriber; (d) Fiserv will use the Result together with the Institution’s Rules to attempt to verify the identity of the Subscriber; and (e) the Result and related verification and authentication services will be only used for the purpose of verifying the identity of the Subscriber and will not be used, in whole or in part, as a basis for determining the eligibility of an Subscriber for credit, insurance or employment or to take ‘adverse action,’ as defined in the Fair Credit Reporting Act or similar laws. Institution agrees not to copy or retain any authentication questions or the Subscribers’ answers to such questions or use such questions for purposes other than identity verification and Subscriber authentication, except (i) as required by law and (ii) that Institution shall be permitted to use and retain the pass/fail indication returned by the Zelle Services along with any related explanatory information/codes for risk management or other internal purposes permitted by law. Finally, Institution agrees not to reverse engineer or create derivative works based on the identity verification and authentication elements of the Zelle Services (or the technology used to provide such Zelle Services).
    30. Apiture or its Third Party Provider may suspend or deny access to Subscribers, Requestors (if applicable), Receivers (if applicable) and/or accounts associated with such Subscribers, Requestors, Receivers and/or any counterparties if it receives any returns from an account associated with them whether with Institution or another financial institution, if Apiture or its Third Party Provider is owed Transaction Losses in connection with the applicable Subscriber, or if Apiture or its Third Party Provider anticipates any potential losses arising from any such account(s), including without limitation due to concerns regarding fraud.
    31. If Apiture or its Third Party Provider reasonably believes that any Zelle Services, or an Institution’s or any Subscriber’s conduct in using the Zelle Services (including without limitation an Subscriber intentionally initiating fraudulent or unauthorized transfers, account access or violating any agreement under which it has been provided access to the Zelle Services) violates these Service Terms or any applicable laws, rules, regulations or industry standards, or otherwise poses a threat to Apiture’s or its Third Party Provider’s system, security, equipment, processes, intellectual property or reputation (Threatening Condition) and if, in the reasonable and good faith determination of Apiture or its Third Party Provider, the Threatening Condition poses an imminent or actual threat (including without limitation regulatory investigation, inquiry or penalty), Apiture may suspend any and all of Institution’s use of the applicable Zelle Services until such Threatening Condition is cured. Apiture will promptly notify Institution of such suspension, including the identity of the affected Subscriber(s) as needed, and both parties will use reasonable efforts to cure or cause the correction of the Threatening Condition following such notice. Apiture may terminate Institution’s and/or Subscriber’s use of the Zelle Services without further requirement of notice if the Threatening Condition remains uncured more than thirty (30) calendar days after Fiserv notifies Apiture and Institution the Threatening Condition.
    32. If Apiture’s agreement with its Third Party Providers, Fiserv, Inc. or Early Warning Services, LLC or their successors (Early Warning), terminates and Apiture thereafter no longer receives services from Early Warning in support of the Zelle Services, then the Zelle Services and supporting agreements with Apiture will automatically terminate. Apiture will use commercially reasonable efforts to provide Institution with six (6) months prior written notice of cessation of service. If Apiture is not able to provide six (6) months’ prior written notice of termination, then Apiture will (i) provide as much notice as is commercially reasonable; and (ii) use commercially reasonable efforts to provide a comparable replacement service; and (iii) unless and until a replacement service is made available, suspend the Zelle Services. In the event that Institution, in its reasonable discretion, is not satisfied with the replacement service provided by Apiture, then Institution may terminate the applicable agreements with Apiture upon prior written notice. In no event shall Institution have any obligation to Apiture for any termination fees in the event that its Zelle Services or its replacement is terminated pursuant to the previous sentence.
    33. In the event of termination or non-renewal of the Zelle Services with Institution, Institution shall (a) comply with all applicable laws, including laws governing notification of Subscribers prior to discontinuation of the use of the Zelle Services; and (b) remain financially responsible for any transactions returned on any of its Subscribers’ Deposit Accounts after the termination date, whether or not the returns are proper and timely. Following receipt of Institution’s written certification of compliance with the foregoing, Apiture and its Third Party Providers will, for a period not to exceed sixty (60) days, continue to process transactions on behalf of Institution that were initiated prior to the effective date of termination (e.g., returns).
    34. Institution’s use of the Zelle Services is subject to approval of Institution by Early Warning. Institution will ensure that the Subscriber terms required by Early Warning Services, LLC, are incorporated into its Subscriber terms of service for the Zelle Services.
    35. Institution will include the following provision in its Subscriber terms of service for the Zelle Services, without substantial modification unless agreed otherwise by Fiserv in writing:
      “Subscriber authorizes Subscriber’s wireless carrier to disclose information about Subscriber’s account, such as name, billing address, email, phone number, location information, subscriber status, payment method and device details, if available, to Institution and Institution’s third party providers to support identity verification, fraud avoidance and other uses in support of transactions for the duration of Subscriber’s business relationship with Institution. This information may also be shared with other companies to support Subscriber’s transactions with Institution and for identity verification and fraud avoidance purposes.”
      If mobile telephone carriers require that the preceding provision in this Section be revised, then Institution will update such provision and require Institution’s Subscribers to agree to such updated provision within a commercially reasonable period of time.
    36. Institution will include the following provision in its Subscriber terms of service for the Zelle Services, without substantial modification unless agreed otherwise by Fiserv in writing:
      “Institution may share certain personal information and device-identifying technical data about Subscriber and Subscriber’s devices with third party service providers, who will compare and add device data and fraud data from and about Subscriber to a database of similar device and fraud information in order to provide fraud management and prevention services, and identify and block access to the applicable service or Web site by devices associated with fraudulent or abusive activity. Such information may be used by Institution and its third party service providers to provide similar fraud management and prevention services for services or Web sites not provided by Institution. Institution will not share with service providers any information that personally identifies the user of the applicable device.”
    37. Notwithstanding any fee increase restrictions in the Agreement, Apiture shall have the right to pass through all Debit Card Network-associated fees (including without limitation from the Debit Card Network and the sponsoring Institution) to Institution for payment, without any mark-up.
    38. Receipts for applicable Zelle Services provided to Subscribers by Institution will be provided by Institution and contain contact information for each Institution and no details regarding Fiserv.
    39. If Institution provides any content or materials in a format other than the format(s) approved by Apiture’s Third Party Provider, Apiture reserves the right to charge for any conversion necessary for such content or materials at the Third Party Provider’s then-current rates as shall be set forth in a fully executed professional services agreement; provided, however, Fiserv is not obligated to make any such conversion.
    40. Notwithstanding any fee increase restrictions in the Agreement, Apiture shall have the right to pass through all Debit Card Network-associated fees (including without limitation from the Debit Card Network and the sponsoring institution) to Institution for payment, without notice or mark-up.
    41. If Early Warning increases its fees or otherwise requires the payment of additional fees for the use of its Zelle Service, then Apiture will have the right to pass through such fee increases or additional fees to Institution for payment, without notice or mark-up.
    42. If NACHA increases its fees or otherwise requires the payment of additional fees for the use of the Automated Clearing House, then Apiture will have the right to pass through such fee increases or additional fees to Institution for payment, without notice or mark-up.
    43. All other fees set forth in the Agreement that apply to Zelle shall otherwise apply to Zelle Real-Time Payments.
    44. Any tiered pricing is based on thresholds, and such tiered fees only apply to the transactions or other fee measurements within that tier (i.e., stair-step pricing).
    45. If Institution provides any content or materials in a format other than the format(s) approved by Fiserv, Apiture reserves the right to charge for any conversion necessary for such content or materials at then-current rates and shall be set forth in a fully executed professional services agreement; provided, however, neither Apiture nor Fiserv is obligated to make any such conversion.
    46. Apiture shall invoice Institution monthly for fees and expenses incurred during the previous month for the Zelle Services. Institution shall be responsible for all invoicing and collection of fees from its subscribers, as applicable.
    47. Institution’s deconversion, conversion or termination (in whole or in part) of the Zelle Services shall be subject to Apiture’s Third Party Provider’s then-current termination, deconversion and file fees, as applicable.
  16. Digital Customer Support
    1. Definitions
      1. “Digital Customer Support Services” means the digital customer services provided by Apiture’s Third Party Provider, Glia, together with and through Apiture solutions.
      2. “User” means a named individual who is authorized by Institution and who has been supplied a user identification and password by Institution with access to any production environment of the Digital Customer Support Services.
    2. If Institution is a Credit Union, the total number of members for the purpose of the billing tiers shall be based on «https://mapping.ncua.gov/ResearchCreditUnion.aspx»
    3. In the event that Institution exceeds its allotted SMS usage, Apiture reserves the right to begin to charge the Institution for the additional SMS bundle upon written notice.
    4. Unlimited usage enables each licensed user to receive an unlimited number of inbound phone calls. Part -time usage enables each licensed user to receive 1,000 inbound minutes of inbound phone calls per month, on average.
    5. Major new features may require an additional license. Support for Messaging Short Codes is an additional fee on top of the Standard SMS & WhatsApp Module fee.
    6. Prices may be subject to revision once per calendar year. Apiture may increase the fees in connection with upgrades to Digital Customer Support Services at any time upon thirty (30) days’ advance written notice to Institution.
    7. Premature termination of the Digital Customer Support Services by Institution resulting in less than a thirty-six (36) month subscription will require full payment by Institution for a thirty-six (36) month minimum term. The foregoing does not apply if the Institution is contracted with Apiture for digital banking prior to subscribing to the Digital Customer Support Services.
    8. Apiture or its Third Party Provider may upgrade, update or sunset the system or certain features over time upon written notice without penalty or liquidated damages. Apiture or its Third Party Provider shall make all required modifications stipulated by applicable laws, rules and regulations at no direct additional charge to Institution, provided however, certain indirect fees may apply, which would be subject to prior written notice to Institution. Neither Apiture nor its Third Party Provider will knowingly make any adverse modification without Institution’s advance written consent.
    9. Apiture’s Third Party Provider will publicly post any Digital Customer Support Services downtime that will occur outside the scheduled maintenance downtime as soon as reasonably possible. The public posting will be available at «status.Glia.com». Institution may subscribe to status updates to receive email notifications.
    10. Grant of License and Access to the Digital Customer Support Services: Subject to the terms and conditions of the Agreement between Institution and Apiture and any accompanying order forms or statement of work, as the case may be, Apiture hereby grants Institution a limited, nonexclusive, nontransferable, non-sublicensable right and license to access and use the Digital Customer Support Services during the term of the Agreement between Institution and Apiture. Digital Customer Support Services may only be accessed by authorized Users in accordance with these Service Terms. Sharing of User identifications and passwords is not permitted. If a User is added by Institution, the User is billable to the annual renewal date starting on the day the User is added.
    11. Compliance: Institution will and will ensure its Users do not, directly or indirectly: (a) reverse engineer, decompile, disassemble or otherwise attempt to discover the source code, object code or underlying structure, or algorithms of the Digital Customer Support Services; (b) modify, translate or create derivative works based on any of the Digital Customer Support Services; (c) copy (except for archival purposes), rent, lease, distribute, pledge, assign or otherwise transfer or allow any lien, security interest or other encumbrance on any of the Digital Customer Support Services; (d) hack, manipulate, interfere with or disrupt the integrity or performance of or otherwise attempt to gain unauthorized access to any of the Digital Customer Support Services or their related systems, hardware or networks or any content or technology incorporated in any of the foregoing; or (e) remove or obscure any proprietary notices or labels of Apiture, its Third Party Provider or its suppliers on the Digital Customer Support Services. As among Institution, Apiture and its Third Party Provider, Apiture’s Third Party Provider owns and, except for the limited rights expressly granted, retains all right, title and interest in and to the Digital Customer Support Services and all improvements, enhancements or modifications thereto. Further, Institution will use the Digital Customer Support Services in compliance with all applicable laws, rules and regulations and is responsible for its Users’ compliance with the same. Apiture or its Third Party Provider may suspend or prohibit any use of the Digital Customer Support Services if it reasonably believes Institution, or its Users may be (or alleged to be) in violation of these Services Terms.
    12. Each Institution and User owns the data or information it submits while using the Digital Customer Support Services. Notwithstanding the foregoing, Institution hereby grants to Apiture (and its Third Party Provider as a third party beneficiary) the right and license to use such data for the limited purpose of enabling Apiture and its Third Party Provider to perform their respective obligations under the Agreement between Institution and Apiture. Additionally, Institution consents to Apiture’s Third Party Provider using such data generated by Institution’s use of the Digital Customer Support Services for internal purposes, provided that such data shall at all times shall be anonymized with no personally identifiable information or identification of the specific source of such data or that could reasonably be linked with a particular Institution, person or household. Institution data shall not be sold to any third parties.
  17. Orbipay
    1. Definitions
      1. “Applicable Law” means, with respect to a party, all federal, state, local, administrative laws, rules, regulations and interpretations, in either case as applicable to that party’s provision or receipt of Orbipay Services and includes the operating rules of the Networks and Payment Brands, and the Payment Card Industry Data Security Standard, as any or all of the foregoing may be amended, revised, or replaced from time-to-time.
      2. “Institution Materials” means information Institution furnishes to Apiture and its Orbipay Third Party Provider in connection with its Agreement as it relates to Orbipay.
      3. “Merchant Processing Services Terms and Conditions” means the terms and conditions posted at http://www.alacriti.com/legal/merchant-terms (and any successor or related locations designated by the Orbipay Third Party Provider), as may be updated by the Orbipay Third Party Provider from time to time and are incorporated herein by reference.
      4. “Networks” means Pulse, Star, NYCE, and/or any other electronic payment network authorization, routing, processing or funds transfer system for transmitting Transactions and settlement thereof.
      5. “Payment Brand” means any payment method provider whose payment method is used by the Orbipay Services, including Visa U.S.A., Inc., Visa International, MasterCard International Incorporated, Discover Financial Services, Inc., American Express Travel Related Services Company Inc., and other credit and debit card providers, debit network providers, gift card, and other stored value and loyalty program providers. Payment Brand also includes the Payment Card Industry Security Standards Council.
      6. “Privacy Laws” means applicable privacy laws, rules, and regulations, including industry self-regulations and the General Data Protection Regulation (if applicable).
      7. “Prohibited Categories List” means the list posted at http://www.alacriti.com/legal/prohibited (and any successor or related locations designated by the Orbipay Third Party Provider), as may be updated by the Orbipay Third Party Provider from time to time and are incorporated herein by reference.
      8. “Refund Policy” means the terms and conditions posted at http://www.alacriti.com/legal/refund-policy (and any successor or related locations designated by the Orbipay Third Party Provider), as may be updated by the Orbipay Third Party Provider from time to time and are incorporated herein by reference.
      9. “Settlement Terms” means the terms and conditions posted at http://www.alacriti.com/legal/settlement (and any successor or related locations designated by the Orbipay Third Party Provider), as may be updated by the Orbipay Third Party Provider from time to time and is incorporated herein by reference.
      10. “Transaction” means a credit, debit, ACH, or other electronic transaction processed by Apiture’s Orbipay Third Party Provider on behalf of Institution or an End User, including purchases, disbursements, cash withdrawals, disputes, chargebacks, and refunds.
      11. “Transaction Data” means the written or electronic record of a Transaction, including, without limitation, an authorization code or settlement record, which is submitted to Apiture’s Orbipay Third Party Provider.
    2. Institution retains ownership of all Institution Materials. Institution warrants that it has obtained all right, consent, and authority necessary for Apiture’s Orbipay Third Party Provider to use the Institution Materials as set forth in this section of the Service Terms. Institution grants Apiture’s Orbipay Third Party Provider and its service providers a worldwide, royalty-free, non-exclusive, non-transferable (except as part of a permitted transfer of these Service Terms) license during the term of its Agreement to use, copy, and creative derivative works of the Institution Materials to provide the Orbipay Services.
    3. Institution represents and warrants that all information it provides in connection with the Orbipay Services is accurate and complete, and Institution will provide Apiture and its Orbipay Third Party Provider with timely written notice of any changes to such information.
    4. Institution will ensure that it delivers its products and services to End Users, in accordance with applicable Privacy Laws. To the extent that Institution provides Apiture’s Orbipay Third Party Provider with any information about End Users, Institution shall obtain all consents necessary from such End Users to provide such information to Apiture’s Orbipay Third Party Provider and for Apiture’s Orbipay Third Party Provider to process such information to provide Orbipay Services.
    5. Institution acknowledges that Apiture’s Orbipay Third Party Provider will continuously monitor Institution’s use of the Orbipay Services for the purpose of identifying suspicious activity, to prevent, detect and deter fraud and abuse of the Orbipay Services, and to protect the integrity of its systems and business. Institution further acknowledges that as a result of such monitoring Apiture’s Orbipay Third Party Provider may require additional due diligence (including information on the Institution’s products and services, Institution financial statements, and additional information on End Users) with respect to Institution to ensure Institution continues to be eligible for the Orbipay Services. Apiture’s Orbipay Third Party Provider may suspend or terminate the Orbipay Services immediately and may withhold amounts owed to Institution in the event that: (a) Institution becomes ineligible for the Orbipay Services, (b) Apiture’s Orbipay Third Party Provider reasonably suspects Institution has violated Applicable Law, or (c) Institution does not furnish the requested information in a timely manner.
    6. Institution authorizes Apiture’s Orbipay Third Party Provider (or its affiliate or agent) to from time to time request a credit report on Institution from a credit reporting agency. In accordance with the U.S. Fair Credit Reporting Act, such consumer report(s) will be used to review Institution’s account to determine whether Institution continues to meet the terms and conditions related to the Orbipay Services. Apiture’s Orbipay Third Party Provider reserves the right to terminate, suspend, or limit access to the Orbipay Services based upon Apiture’s Orbipay Third Party Provider’s review of such consumer report(s), and/or in the event Apiture’s Orbipay Third Party Provider is unable to obtain or verify any of Institution’s information. In the event that Institution’s access to the Orbipay Services are so terminated, suspended, or limited based upon information contained in a consumer report, Apiture’s Orbipay Third Party Provider will notify Institution in accordance with Applicable Law.
    7. Apiture or its Orbipay Third Party Provider may terminate the Orbipay Services immediately upon written notice if: (a) it reasonably appears to Apiture or its Orbipay Third Party Provider that the Orbipay Services are being used by Institution or End Users for inappropriate, illegal, or improper purposes or that to continue to provide the Orbipay Services to Institution or End Users would present an unacceptable business risk to Apiture or its Orbipay Third Party Provider; or (b) if information supplied by Institution is false, inaccurate or incomplete.
    8. UNDER NO CIRCUMSTANCES WILL ONE OR MORE OF APITURE OR ITS ORBIPAY THIRD PARTY PROVIDERS BE LIABLE TO INSTITUTION, AN END USER, OR ANY THIRD PARTY FOR ANY SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES, INCLUDING PERSONAL INJURY, PROPERTY DAMAGE, DAMAGE TO OR LOSS OF EQUIPMENT, LOST PROFITS OR REVENUE, ARISING FROM OR RELATED TO THE ORBIPAY SERVICES OR THE SUBJECT MATTER OF THESE SERVICE TERMS, EVEN IF ONE OR MORE OF THE PARTIES HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. ANY FINES, FEES, PENALTIES OR ASSESSMENTS IMPOSED BY A THIRD PARTY RELATED TO INSTITUTION’S ACCEPTANCE OF PAYMENT INSTRUMENTS ARE CONSEQUENTIAL DAMAGES.
    9. SUBJECT TO THE EXCEPTIONS SET FORTH IN THE REMAINDER OF THIS SECTION, THE CUMULATIVE LIABILITY OF APITURE AND ITS ORBIPAY THIRD PARTY PROVIDERS, IN THE AGGREGATE, ARISING FROM OR RELATED TO THE ORBIPAY SERVICES AND THE SUBJECT MATTER OF THESE SERVICE TERMS FOR ANY CAUSE WHATSOEVER, REGARDLESS OF THE FORM OF ANY CLAIM OR ACTION, WHETHER BASED IN CONTRACT, TORT OR ANY OTHER LEGAL THEORY, SHALL NOT EXCEED THE AGGREGATE FEES PAID BY INSTITUTION TO APITURE UNDER THE AGREEMENT IN THE SIX MONTHS IMMEDIATELY PRECEDING THE OCCURRENCE OF THE EVENT GIVING RISE TO THE CLAIM. Neither Apiture nor its Orbipay Third Party Provider will be liable for the acts or omissions of the Institution or End User or any other person or entity, including any clearing house association or processor, any funds transfer system, the Federal Reserve Bank, any other financial institution or any supplier, and no such person or entity will be deemed an agent of any of Apiture or its Orbipay Third Party Provider. Neither Apiture nor its Orbipay Third Party Providers are responsible for detecting any errors in the information provided by Institution or any End User. Institution understands and agrees that any form of End User documentation or disclosures provided to Institution by Apiture or its Orbipay Third Party Provider in connection with the Orbipay Services are provided solely as a courtesy and neither Apiture nor its Orbipay Third Party Providers make any representation or warranty regarding the sufficiency or accuracy of such documentation or disclosures, including whether or not such documentation or disclosures comply with Applicable Law. The limitations on liability, waivers, indemnities, and other terms and conditions in these Service Terms are business understandings between the parties and apply to all legal theories of recovery, including breach of contract or warranty, breach of fiduciary duty, tort (including negligence), strict or statutory liability, or any other cause of action, provided that these limitations on liability, waivers and indemnities, and other terms and conditions will not apply to any losses or damages that are found by a trier of fact to have been caused by Apiture’s Orbipay Third Party Provider’s gross negligence or willful misconduct. For purposes of this Section 17 of these Service Terms “Orbipay Third Party Providers” means Alacriti Payments LLC, together with its affiliates, and its and their successors and assigns, and its and their vendors, service providers, and suppliers, and each of the foregoing’s officers, directors, employees, and agents.
    10. Institution shall indemnify and defend the Oribpay Third Party Providers from and against any and all third-party claims, demands, or actions against any of the foregoing arising from: (a) Institution’s breach of this Agreement or Applicable Law; (b) claims by End Users relating to the Subscription Services unless and except to the extent caused by Alacriti’s gross negligence or willful misconduct; (c) information, instructions or data provided by Institution or any End User or potential End User to Alacriti; (d) claims by Institution’s third-party service providers, including gateways, systems, banks, issuers, and card processors, other than claims related to Alacriti’s gross negligence or willful misconduct; (e) Institution failure to comply with all Alacriti guidelines, directives, policies, practices, rules and procedures made available to Institution or End User; or (f) chargebacks and other processing losses, including any returns, such as those caused by Institution’s or End User’s error or incorrect information supplied by Institution or End User, insufficient funds in Institution’s or End User’s account, a closed End User account, and/or failure timely to notify Alacriti of changes in Institution’s or End User’s account (collectively, (a) through (f) “Claims”). In addition, Institution shall indemnify and hold harmless the Alacriti Parties from and against all liabilities, losses, fines, costs, expenses (including reasonable attorneys’ fees), damages, awards, settlements, and penalties relating to those Claims. Sections 7, 8, and 9 survive termination or expiration of this Agreement.
    11. Institution acknowledges that settlement of Transactions will occur as set forth in the Settlement Terms. Institution shall not use the Orbipay Services to send or receive payments relating to any of the prohibited categories set forth on the Prohibited Categories List. Apiture or its Orbipay Third Party Provider may terminate the Orbipay Services upon five (5) days prior written notice if Institution has failed to maintain the Minimum Balance required by the Settlement Terms.
    12. Apiture’s Orbipay Third Party Provider may send documents to Institution and tax authorities for Transactions processed using the Orbipay Services. Specifically, pursuant to Applicable Law (including the Internal Revenue Code), Apiture’s Orbipay Third Party Provider may be required to file periodic informational returns with taxing authorities in relation to Institution’s use of the Orbipay Services.
    13. Termination of the Orbipay Services does not affect either party’s respective rights and obligations under these Service Terms as to Transaction Data submitted before termination or expiration. If Institution submits Transaction Data to Apiture’s Orbipay Third Party Provider after the date of termination or expiration, Apiture’s Orbipay Third Party Provider may, at its sole discretion and without waiving any of its rights or remedies under these Service Terms, process such Transaction Data in accordance with and subject to all of the terms of these Service Terms.
    14. Apiture or its Orbipay Third Party Provider may provide Institution with third-party hardware, software, or systems, such as “point of sale” systems, that facilitate the transmission of Transactions (collectively, “POS Systems”). Institution acknowledges and agrees that the provision of such POS Systems is only as a convenience, and neither Apiture nor its Orbipay Third Party Providers will be liable for any POS System or the acts or omissions of the third-party provider of any POS System.
    15. Upon notice of termination of the Orbipay Services, Apiture’s Orbipay Third Party Provider may estimate the aggregate dollar amount of Chargebacks, ACH Returns and other obligations, liabilities and expenses that Apiture’s Orbipay Third Party Provider reasonably anticipates subsequent to termination, and Institution agrees to immediately deposit such amount in Institution’s Settlement Account. Where possible, Apiture’s Orbipay Third Party Provider will first attempt to collect or set-off amounts owed to it and to its affiliates from the Settlement Account or from funds that Institution holds in reserve. Institution shall maintain an active business bank account (“Account”) and ensure such Account has, throughout the term of Orbipay Services, sufficient cleared funds to meet its obligations under these Service Terms. Institution irrevocably authorizes Apiture’s Orbipay Third Party Provider to debit and/or credit the Account via ACH to settle any and all fees and other amounts due to Apiture’s Orbipay Third Party Provider under these Service Terms. In addition, Apiture’s Orbipay Third Party Provider may collect any amounts Institution owes under the Agreement with Apiture by deducting or setting-off amounts that are owed to the Institution. Institution grants Apiture and Apiture’s Orbipay Third Party Provider a lien and security interest in all funds for Transactions that Apiture’s Orbipay Third Party Provider process for Institution, including funds that Apiture’s Orbipay Third Party Provider deposits into the Settlement Account and Institution-Funding Account, as well as funds held in any other bank accounts to which such Transaction funds are deposited or transferred. This means that if Institution has not paid funds that Institution owes to Apiture, Apiture’s Orbipay Third Party Provider, End Users, or to any Orbipay Third Party Provider affiliates, then Apiture and Apiture’s Orbipay Third Party Provider have a right superior to the rights of any of Institution’s other creditors to seize or withhold funds owed for Transactions processed through the Orbipay Services, and to debit or withdraw funds from any bank account associated with Institution’s Orbipay Services account (including the Settlement Account and Institution-Funding Account). Upon Apiture’s or its Orbipay Third Party Provider’s request, Institution will execute and deliver any documents and pay any associated fees Apiture’s Orbipay Third Party Provider considers necessary to create, perfect, and maintain a security interest in such funds (such as the filing of a form UCC-1).
    16. Institution acknowledges that Apiture or its Orbipay Third Party Provider may also charge End Users fees in order to use the Oribpay Services. Apiture or its Orbipay Third Party Provider is responsible for disclosing any such fees to the End User.
    17. Institution will maintain books and records relating to its compliance with these Service Terms and Applicable Law (“Records”), during the term of its Orbipay subscription with Apiture and for a period of six (6) years after. Institution shall ensure that its Records contain all Transaction Data processed through the Orbipay Services. Institution agrees to allow Apiture’s Orbipay Third Party Provider (or its designee) reasonable access to Institution’s facilities and Records, and will use commercially reasonable efforts to obtain for Apiture’s Orbipay Third Party Provider the right of access for such Records which are not in Institution’s possession, as the case may be, as is reasonably necessary for Apiture’s Orbipay Third Party Provider to audit Institution’s compliance with Applicable Law and these Service Terms. Except where Apiture’s Orbipay Third Party Provider or its designee discovered a deficiency or violation during an immediately preceding audit or have a reasonable and good faith belief of a material change to Institution’s business or operations, Apiture’s Orbipay Third Party Provider may not perform an audit of Institution more than once in any calendar year. If any audit results in a conclusion that Institution is not in compliance with Applicable Law or these Service Terms, or results in the identification of any control deficiency or other error or deficiency that could reasonably be expected to have an adverse impact on the Orbipay Services then Institution shall take immediate steps consistent with reasonable commercial practices to correct the noncompliance, error or deficiency.
    18. In order for Apiture’s Orbipay Third Party Provider to comply with anti-terrorism, financial services, and other applicable laws and regulations, Know Your End User (“KYC”), and requirements imposed by the Payment Brands, Institution must provide Apiture’s Orbipay Third Party Provider with information about itself, its shareholders, its activities, and its products and services. Institution warrants that all information it provides Apiture’s Orbipay Third Party Provider is true, correct and up to date, and Institution acknowledges that Apiture’s Orbipay Third Party Provider is relying upon such information in establishing these Service Terms and in providing the Orbipay Services. Institution authorizes Apiture’s Orbipay Third Party Provider to verify the information provided by Institution. Apiture’s Orbipay Third Party Provider may use this information to perform End User due diligence, identity verification, and various underwriting, fraud and risk reviews.
    19. Prior to using the Orbipay Services to process Transactions via Payment Cards, Institution must execute an acknowledgement of the processing instructions and guidelines required by Apiture’s Orbipay Third Party Provider payment processor, in the form set forth at https://www.alacriti.com/legal/Fiserv-Sub-Merchant-Processing-Agreement (“Processor Agreement”), and also comply with the Merchant Processing Services Terms and Conditions. Institution agrees that: (i) Apiture’s Orbipay Third Party Provider is an intended third-party beneficiary of the Processor Agreement and entitled to all of its benefits; and (ii) Apiture’s Orbipay Third Party Provider payment processor is an intended third-party beneficiary to this Section 17 of the Service Terms and entitled to all of its benefits.
    20. Apiture’s Orbipay Third Party Provider reserves the right to refuse to process any Transaction made subject to a refund policy of which Apiture’s Orbipay Third Party Provider has not been notified in advance. Institution’s refund policy must comply with the Refund Policy.
    21. Apiture’s Orbipay Third Party Provider may terminate the Orbipay Services immediately upon written notice if: (i) Institution or any person owning or controlling Institution’s business is or becomes listed in the MATCH file (Member Alert to Control High-Risk Merchants) maintained by Visa and MasterCard; (ii) any Payment Brand notifies Apiture’s Orbipay Third Party Provider that it is no longer willing to accept Institution’s Transaction Data; or (iii) there exists any circumstances that create or could tend to create harm or loss to the goodwill to any Payment Brand or Apiture’s Orbipay Third Party Provider.
    22. Institution’s use of the Orbipay Services must comply with the Payment Card Industry Data Security Standards (“PCI-DSS”) and, if applicable to Institution’s business, the Payment Application Data Security Standards (“PA-DSS”) (collectively, the “PCI Standards”). The PCI Standards include requirements to maintain materials or records that contains payment card or Transaction data in a safe and secure manner with access limited to authorized personnel. The specific steps Institution will need to take to comply with the PCI Standards will depend on Institution’s implementation of the Orbipay Services. Institution will promptly provide Apiture, or any applicable third party, with documentation demonstrating Institution’s compliance with the PCI Standards, upon request. If Institution does not provide documentation sufficient to satisfy Apiture or Apiture’s Orbipay Third Party Provider or the relevant third party, that Institution is compliant with the PCI Standards, then Apiture, Apiture’s Orbipay Third Party Provider, and any applicable third party, may access Institution’s business premises on reasonable notice to verify Institution’s compliance with the PCI Standards. If Institution does not comply with the PCI Standards, or if Apiture, Apiture’s Orbipay Third Party Provider or any applicable third party is unable to verify Institution’s compliance with the PCI Standards, Apiture or Apiture’s Orbipay Third Party Provider may suspend access to the Orbipay Services or terminate the Orbipay Services. If Institution intends to use a third-party service provider to store or transmit Transaction Data, then Institution must not share any data with the service provider until Institution verifies that the third party holds sufficient certifications under the PCI Standards, and notify Apiture and Apiture’s Orbipay Third Party Provider of Institution’s intention to share Transaction Data with the service provider. Further, Institution agrees to never store or hold any “Sensitive Authentication Data”, as defined by the PCI Standards (including CVC or CVV2), at any time. Institution will reimburse Apiture and Apiture’s Orbipay Third Party Provider, as the case may be, for all fines, penalties, fees, and other costs associated with Institution’s failure to comply with this clause, promptly after request. Such request will include reasonable detail regarding the amounts owed.
    23. Apiture may increase the fees related to processing Card Transactions, to take into account increases in the underlying costs associated with processing such Transactions (for example, an increase in the fees charged to Apiture or Apiture’s Orbipay Third Party Provider by the Networks). Apiture will use commercially reasonable efforts to give Institution notice of such increase promptly after becoming aware of the corresponding increase in underlying costs.
    24. The Orbipay Services are provided in recurring 12-month subscriptions commencing on the date of the Institution’s go-live commencement of Orbipay Services (or Deemed Accepted date, as applicable). In the event that the Orbipay Services conclude for any reason prior to any 12-month term, Institution will be obligated to pay the monthly equivalent of the Orbipay Services for the remainder of the then-current 12-month term. This Orbipay Services reconciliation fee from Apiture shall be in addition to and shall not limit any other termination obligations, deconversion fees or other payments due under the Agreement.
  18. Consumer Digital Account Opening
    1. Definitions
      1. “Analytical Data” means data and usage information from which all direct and known indirect identifiers have been removed, and on which technical, organizational and legal controls prevent employees, researchers or other third parties from re-identifying individuals. To constitute Analytical Data must meet the standard of “protected de-identified data.” Permanently de-identified Analytical Data no longer constitutes Institution Data.
      2. “Applicant” means an individual User applying to open a banking account with Institution or otherwise applying for the purchase of a product or service from Institution where Apiture will provide Services.
      3. “DAO Services” means the Services associated with digital account opening and onboarding activity.
      4. “Mobile Applicant Data” means any information about persons or entities that Apiture and/or its Third Party Providers and their data providers receive or derive in any manner from a Mobile Network Operator. Subscriber Data includes, without limitation, names, addresses, telephone numbers, electronic addresses, social security numbers, customer proprietary network information, location information, handset identifiers, account information, and any other information that either alone, or in combination with other data could provide information specific to a particular person.
      5. “Mobile Network Operator” means a provider of wireless communications services that owns or controls all the elements necessary to sell and deliver wireless communication services to a Subscriber.
      6. “Mobile Services” means Verification Services that utilize Subscriber Data.
      7. “Verification Services” means services through which Institution may verify the age or identity of an Applicant and includes Mobile Services.
    2. Apiture grants to Institution a restricted license to use the DAO Services solely for Institution’s internal business purposes. Institution represents and warrants that its use of the DAO Services shall be for only legitimate business purposes. Institution shall not use the DAO Services, the associated APIs, or data received from Apiture or its Third Party Providers for any marketing purposes, personal purposes, or to provide data processing services for third parties. Further, Institution shall not resell the DAO Services, the associated APIs, or data received from Apiture or its Third Party Providers to any third parties. The DAO Services may not be used from IP addresses outside of the United States. If Apiture reasonably determines that Institution’s or an Applicant’s use of or access to the DAO Services presents a security risk or is in violation of the Agreement, then Apiture may suspend or restrict provision of the DAO Services.
    3. Implementation of DAO Services are subject to the following:
      1. Apiture’s implementation scope includes the standard consumer deployment of the Apiture Digital Banking Platform Deposit Account Opening Module:
        1. Apiture-provided white-label user interface themed for Institution;
        2. User Identity Verification (IDV) and User Identity Authentication (IDA) leveraging Apiture’s standard third-party integration;
        3. External Account Verification: account funding and ACH generation functionality leveraging Apiture’s third-party integrations;
        4. Terms and Conditions consent capture;
        5. Electronic Consent capture; and
        6. Optional Document capture
      2. Institution will accept a fully configured test environment of the application using Institution approved test scripts once the test environment functions in accordance with the business requirements document and technical requirements document.
      3. The provisions and processes set forth in this Section 18.3.3 shall supersede and operate to the exclusion of any other implementation and testing provisions of the Agreement.
        1. Apiture will implement and deploy the DAO Services in a Production environment in accordance with the mutually agreed Project Plan. Institution shall devote adequate resources to support the implementation and Testing (defined below) of the DAO Services, including without limit, (i) network resources; (ii) hardware; (iii) communications facilities and connectivity; (iv) security resources; and (v) personnel resources. Institution shall be responsible for providing Apiture with all information and/or approvals required to enable Apiture to implement and configure the DAO Services in accordance with the Project Plan. Further, Institution shall be responsible for the accuracy, quality, integrity, structuring, and completeness of all information and data provided. All such information and data shall be sufficiently complete and accurate so as to fulfill Institution business requirements and successfully interact with correspondingly and properly structured Apiture scripts and Software. Failure to timely provide resources, approvals, and accurate and complete information, data, or resources shall constitute a Dependency.
        2. Institution will provide Apiture and its subcontractors such access to the Institution Systems as may be reasonably required to implement and configure the DAO Services or perform related activities. Institution will obtain any necessary third-party authorizations or consents necessary for Apiture to access, use, and interact with any Institution Systems to the extent reasonably required to perform the Professional Services or implement or configure the DAO Services.
        3. Prior to Production deployment of the DAO Services, Institution shall test the DAO Services in a non-Production environment to ensure material compliance with documentation and any agreed and documented Institution-specific specifications and requirements (Testing). Institution shall provide Apiture with a written Test Plan setting forth its user acceptance and performance testing strategy including proposed timing for all Testing as well as all test use cases to be employed during Testing. The Institution Test Plan will be provided to Apiture at least 20 business days (or such other time period as may be set forth in the Project Plan) prior to commencement of the Testing Period (defined below). Upon delivery of the DAO Services in a Testing-specific environment, Institution will have 20 business days to test the DAO Services (or such other time period as may be set forth in the Project Plan) to ensure that the DAO Services are in material compliance with the agreed documentation, specifications, and requirements and are otherwise Production-ready (Testing Period). If any of the DAO Services do not achieve material compliance with the specifications, requirements, or documentation during the initial Testing Period, the Institution will immediately notify Apiture in writing. Institution’s written notice shall identify and describe all deficiencies in reasonable detail. If Apiture receives written notice during the initial Testing Period that any of the DAO Services failed to achieve material compliance, Apiture will correct any deficiencies necessary to achieve material compliance, and a new Testing Period will begin. If the Institution has not submitted a written notice of a material deficiency within three (3) business days of the end of a Testing Period, the DAO Services and Professional Services will be deemed to be accepted and ready for Production launch. Notwithstanding the above, for any additional Services added after completion of the initial implementation and conversion activities, the Testing Period will be in accordance with the Project Plan for the additional Service.
        4. Following acceptance of the Services or otherwise following Production launch, further Professional Services in support of implementation, configuration, or testing of the Services will require a separate PSA setting forth corresponding additional Fees for all such activities. Apiture shall have no obligation to maintain or provide Institution access to a development or other non-Production environment with the exception of UAT, following production launch of the DAO Services.
        5. In the event Institution chooses to delay implementation for more than 6 months or not to implement Service features during the initial implementation process then additional Professional Services Fees will apply if and when such features are subsequently implemented based upon the level of effort associated with resourcing, commencing, and executing such activities.
      4. Changes in the Project Assumptions, implementation deliverables or estimated timelines to implement the DAO Services together with any corresponding changes in Fees will be memorialized in a PSA. In addition, Institution will reimburse Apiture for all expenses reasonably incurred in connection with the Professional Services on an as incurred basis. Apiture will invoice for Expenses monthly in arrears. Upon request but not as a condition of reimbursement, Apiture will provide Institution with reasonable documentation of such Expenses, including, without limit, a summary of the relevant Apiture personnel expense reports.
      5. Any estimated timelines or estimated DAO Services implementation Fees set out in the Agreement are based upon the following assumptions (Project Assumptions):
        1. (Institution will devote sufficient personnel and technology resources to the DAO Services implementation project, including, without limit, adequate resources to support configuration and Testing activities.
        2. Institution Testing activities will be conducted and coordinated by personnel (i) having reasonable experience testing banking software, (ii) for whom Testing the DAO Services represents their primary job function during the Testing Period, and (iii) who are devoting their full energies to such Testing activities during the Testing Period.
        3. Institution personnel and any Institution third-party service providers will timely provide all reasonably requested support and cooperation.
        4. The Institution Project leader and / or his or her designee will provide proactive project management and oversight of all Project participants and resolve all Dependencies within a reasonable time of notification by Apiture.
        5. Project scope remains confined to the Apiture standard consumer DAO Services offering, including standard workflows, standard compliance and disclosure methodologies, standard DAO Service configurations, and established third party integrations. Non-standard variations, including new integrations to third parties, will require execution of a separate professional services agreement addressing Institution’s custom requirements and attendant Fees.
        6. All Institution Data for conversion to the DAO Services will be provided by Institution in a manner and structure consistent with Institution’s business requirements and according to the data conversion plan agreed to by Institution and Apiture.
        7. The DAO Services implementation project will not exceed 6 months in duration.
        8. Apiture Professional Services obligations for DAO Services under the Agreement terminate upon Production launch of the DAO Services and support of the DAO Services will transition to the Apiture support organization thereafter.
        9. Within the Production environment, Apiture will create an unfunded validation user that will be leveraged for front-end testing.
        10. Apiture will have reasonable access to Core Banking System testing environments to facilitate troubleshooting of issues reported by Institution and assistance to the Institution during the Testing Period.
        11. Institution and Apiture will review and agree upon an Institution-prepared Go-Live plan to ensure expectations are aligned for activities, responsibilities, and schedule preceding and immediately following launch in Production.
        12. Apiture to provide Institution access to case management system for tracking questions, defects, configuration changes, change requests, etc.
        13. Institution will configure products in the Core Banking System with reduced terms, maturity dates, etc. during Testing to facilitate completion of time-based test scenarios within the schedule agreed upon in the Project Plan.
      6. IMPLEMENTATION *DELIVERABLES ARE PROVIDED “AS IS,” AND ALL WARRANTIES, WHETHER STATUTORY, EXPRESS OR IMPLIED, INCLUDING ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR PARTICULAR PURPOSE, DESIGN, DURABILITY, PERFORMANCE OR ERROR-FREE OPERATION (EVEN IF CREATED BY THE INTERNATIONAL SALE OF GOODS CONVENTION) ARE DISCLAIMED IN THEIR ENTIRETY.
    4. Use of Verification Services.
      1. Institution agrees that the Verification Services may only be used for the following use cases: (a) verifying the identity or age of an Applicant, via identity verification requests that are authorized by the Applicant and occur in the normal course of business; and (b) if verification information submitted to Apiture using the Services is incorrect, the Services may only be used to obtain correct information provided by the Services and such information may only be used for the purpose of preventing fraud by, or pursuing legal remedies against, or recovering on a debt or security interest against, the Applicant. 18 U.S.C. § 2721 (b)(3). 
      2. Institution agrees that it will not use Verification Services (a) for any “permissible purpose” under the Fair Credit Reporting Act (FCRA) (15 U.S.C. Sec. 1681 et seq) or use any of the information it receives via the Verification Services to take any “adverse action”, as that term is defined in the FCRA; (b) in violation of the provisions of and regulations pursuant to the Driver’s Privacy Protection Act (18 U.S.C. Section 2721 et seq.); (c) other than pursuant to an exception of the privacy provisions of and regulations issued pursuant to the Gramm-Leach-Bliley Act (15 U.S.C. Sec. 6801 et seq); or (d) in violation of such other future legislation that Apiture reasonably determines limits the use of the Verification Services. 
      3. Institution’s collection of information from Applicants in connection with use of the Verification Services shall be subject to authorization by the Applicant for the use in the normal course of business submitted by the individual to the business and, if the submitted information is incorrect, to obtain correct information, but only for the purpose of preventing fraud by, or pursuing legal remedies against, or recovering on a debt or security interest against, the individual. 18 U.S.C. § 2721 (b)(3). 
      4. Institution agrees that Mobile Services may only be used for the following use cases: (a) login and access management authentication; (b) performing identity and age verifications; and/or (c) performing step-up decisioning. 
      5. Institution agrees that it will not use the Mobile Services to access a mobile phone number provided by the Mobile Services for the purpose of marketing for telecom services (per the 2007 FCC CPNI Order), or for any other marketing purpose unrelated to the banking relationship established through the DAO Services. 
    5. Use of the Mobile Services will be subject to the special conditions set out in Part II of these Service Terms (User Agreement Terms).
    6. Institution shall comply with any Apiture or other third-party data provider requests to verify compliance with these Service Terms. Institution will promptly notify Apiture if Institution learns of confirmed unauthorized access to or use of the DAO Services in violation of these Service Terms.
    7. Apiture and its Third Party Providers may use Institution Data solely to provide the Services and improve the Services (e.g. fixing repetitive performance issues observed with certain data types or from certain data sources). Apiture and its Third Party Providers may, to the extent permitted by law, use, sell, license, distribute and disclose Analytical Data for the sole purpose of enabling market research in conjunction with merchant activity and in no way related to individual consumer activities.
    8. Institution acknowledges that, in connection with the DAO Services, Apiture obtains consumer and other data from third party sources, whose data is not necessarily accurate or complete. Institution accepts all data “AS IS” “WITH ALL FAULTS” and neither Apiture nor its Third Party Providers will be responsible for data accuracy, integrity or completeness or errors contained in data obtained from third party sources.
    9. All Apiture intellectual property or confidential information accessed by Institution in using or receiving the DAO Services will be subject to the same protections and restrictions applicable to Apiture IP and Apiture Confidential Information under the Agreement.
    10. To the extent that Institution is provided access to any Apiture systems as part of receiving the DAO Services for purposes of managing its verification settings or other uses, Institution will take reasonable steps to ensure that such access will be restricted to those of Institution’s employees or agents who are engaged in the verification process and to ensure that its employees and agents will not utilize such access for personal reasons. Those steps will include limiting access to passwords, access codes, or other confidential information necessary for Institution to obtain such access to those with a need-to-know in connection with the verification process, and changing of passwords at least every ninety (90) days or sooner if an employee or agent who has utilized a password is no longer responsible for obtaining such access, or if Institution suspects an unauthorized person or entity has learned of the password. Institution will immediately notify Apiture if Institution knows of or suspects unauthorized access to a Apiture system.
    11. Apiture has the right at its expense and upon reasonable advance written notice to reasonably audit Institution’s compliance with Sections 18.2 through 18.4 of these Service Terms. Such right to audit does not include access by Apiture personnel to Institution Systems. Apiture may audit Institution once per year without cause, provided that additional audits may be required if Apiture reasonably suspects or has evidence of Institution’s violation of Sections 18.2 or 18.4 of these Service Terms. Upon Apiture’s written request, Institution shall respond to reasonable audit requests within 15 business days.
  19. reCAPTCHA
    1. By accessing or using the reCAPTCHA services, Institution agrees to the Google APIs Terms of Use, Google Terms of Use, and to the Additional Terms below.
    2. Institution acknowledges and understands that the reCAPTCHA API works by collecting hardware and software information, such as device and application data, and sending these data to Google for analysis. The information collected in connection with Institution’s use of the service will be used for improving reCAPTCHA and for general security purposes. It will not be used for personalized advertising by Google. Institution agrees that if it uses the APIs that it is Institution’s responsibility to provide any necessary notices or consents for the collection and sharing of this data with Google. For users in the European Union, Institution must comply with the EU User Consent Policy. Institution’s use of reCAPTCHA is subject to call limits. Google may in its sole discretion enforce these limits through any of the means described at call limits or in these terms of service.
  20. Google Maps
    1. Institution acknowledges and will (A) notify Users that the SaaS Services include Google Maps features and content; and (B) state that use of Google Maps features, and content is subject to the then-current versions of the: (1) Google Maps/Google Earth Additional Terms of Service at https://maps.google.com/help/terms_maps.html; and (2) Google Privacy Policy at https://www.google.com/policies/privacy/.
    2. If Users of the SaaS Services (and downstream products, if any) fail to comply with the applicable terms of the Google Maps/Google Earth Additional Terms of Service, then Apiture will take appropriate enforcement action, including suspending or terminating those Users’ use of Google Maps features and content in the SaaS Services or downstream products.
    3. Data Use and Retention. To provide the Google Map services through the SaaS Services Google collects and receives data from Institution and Users, including search terms, IP addresses, and latitude/longitude coordinates. Institution acknowledges and agrees that Google and its affiliates may use and retain this data to provide and improve Google products and services, subject to the Google Privacy Policy at https://www.google.com/policies/privacy/.
    4. End User Requirements.
      1. End User Privacy. Institution’s use of the Google Map services in the SaaS Services will comply with applicable privacy laws, including laws regarding services that store and access cookies on Users’ devices. Institution will comply with the then-current Consent Policy at https://www.google.com/about/company/user-consent-policy.html, if applicable.
      2. End User Personal Data. Through the normal functioning of the Google Maps Core Services, Users provide personally identifiable information and personal data directly to Google, subject to the then-current Google Privacy Policy at https://www.google.com/policies/privacy/.

        However, Institution will not provide to Google (i) any User’s personally identifiable information; or (ii) any European User’s personal data (where “European” means “European Economic Area, Switzerland, or the UK”).

      3. End User Location Privacy Requirements. To safeguard Users’ location privacy, Institution will ensure to (i) notify Users in advance of (1) the type(s) of data that Institution intends to collect from the Users or the Users’ devices, and (2) the combination and use of User’s location with any other data provider’s data; and (ii) will not obtain or cache any User’s location except with the User’s express, prior, revocable consent.

PART II: User Agreement Terms

Prior to accessing and using the Services, Institution’s Users must register to use the Services and accept end user terms and conditions stipulated by Legal Requirements, the Agreement and as mentioned in Part I of these Service Terms.

Certain Services require specific User Agreement terms, which must meet the below minimum requirements or otherwise obtain advance written approval from Apiture or its respective Third Party Provider.

Institution shall enforce the terms of Institution’s User Agreements against Users and shall notify Apiture of any known breach of such terms. Institution will defend, indemnify and hold Apiture and the relevant Third Party Provider harmless against all claims and damages to Apiture or the Third Party Provider caused by Institution’s failure to include any required contractual terms in Institution’s User Agreement.

These sample forms are for Institution’s reference only and should be revised or amended by Institution to fit Institution’s specific business needs and legal and regulatory requirements. Institution understands and agrees that Apiture makes no representation, warranty, or guarantee of any kind, express or implied, including fitness for a particular purpose, with respect to any term or condition this Part II of the Service Terms and Apiture will have no liability for Institution’s use of any such term or condition, with or without modification.

Mandatory Provisions – Regardless of whether Institution chooses to utilize a sample form set forth in this Part II of the Service Terms, for legal compliance, Institution will incorporate in its User agreements terms and conditions that include the substance of the relevant provisions of Part I and Part II of these Service Terms, as applicable.


  1. My Spending, Apiture IQ, PULSE, IAV & ID (Instant Account Verification) and MX Wealth Management

    “you” “your” means the End User
    “us” “we” “our” or “Financial Institution” refers to Institution.

    1. We reserve the right to immediately suspend or terminate your use of the [Services] without notice if we believe that (i) you are using the [Services] for any unlawful purpose, or (ii) you have breached these [Terms of Use].
    2. Aggregated Data. Anonymous, aggregate information, comprised of financial account balances, other financial account data, or other available data that is collected through your use of the Services, may be used by us and our service providers to conduct certain analytical research, performance tracking and benchmarking. Our service providers may publish summary or aggregate results relating to metrics comprised of research data, from time to time, and distribute or license such anonymous, aggregated research data for any purpose, including but not limited to, helping to improve products and services and assisting in troubleshooting and technical support. Your personally identifiable information will not be shared with or sold to third parties.
    3. Indemnification. You agree to defend, indemnify and hold harmless Financial Institution, its third party service providers and their officers, directors, employees and agents from and against any and all third party claims, liabilities, damages, losses or expenses, including settlement amounts and reasonable attorneys’ fees and costs, arising out of or in any way connected with your access to or use of the Services, your violation of these terms or your infringement, or infringement by any other user of your account, of any intellectual property or other right of anyone.
    4. DISCLAIMER OF WARRANTIES. YOU AGREE YOUR USE OF THE SERVICES AND ALL INFORMATION AND CONTENT (INCLUDING THAT OF THIRD PARTIES) IS AT YOUR RISK AND IS PROVIDED ON AN “AS IS” AND “AS AVAILABLE” BASIS. WE, AND OUR SERVICE PROVIDERS, DISCLAIM ALL WARRANTIES OF ANY KIND AS TO THE USE OF THE SERVICES, WHETHER EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. WE, AND OUR SERVICE PROVIDERS, MAKE NO WARRANTY THAT THE SERVICES (i) WILL MEET YOUR REQUIREMENTS, (ii) WILL BE UNINTERRUPTED, TIMELY, SECURE, OR ERROR-FREE, (iii) THE RESULTS THAT MAY BE OBTAINED FROM THE SERVICES WILL BE ACCURATE OR RELIABLE, (iv) THE QUALITY OF ANY PRODUCTS, SERVICES, INFORMATION, OR OTHER MATERIAL OBTAINED BY YOU THROUGH THE SERVICES WILL MEET YOUR EXPECTATIONS, OR (v) ANY ERRORS IN THE SERVICES OR TECHNOLOGY WILL BE CORRECTED. ANY MATERIAL DOWNLOADED OR OTHERWISE OBTAINED THROUGH THE USE OF THE SERVICES IS DONE AT YOUR OWN DISCRETION AND RISK AND YOU ARE SOLELY RESPONSIBLE FOR ANY DAMAGE TO YOUR COMPUTER SYSTEM OR LOSS OF DATA THAT RESULTS FROM THE DOWNLOAD OF SUCH MATERIAL. NO ADVICE OR INFORMATION, WHETHER ORAL OR WRITTEN, OBTAINED BY YOU FROM FINANCIAL INSTITUTION OR ITS SERVICE PROVIDERS THROUGH OR FROM THE SERVICES WILL CREATE ANY WARRANTY NOT EXPRESSLY STATED IN THESE TERMS.
    5. LIMITATION OF LIABILITY. YOU AGREE THAT FINANCIAL INSTITUTION AND ITS THIRD PARTY SERVICE PROVIDERS WILL NOT BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL OR EXEMPLARY DAMAGES, INCLUDING, BUT NOT LIMITED TO DAMAGES FOR LOSS OF PROFITS, GOODWILL, USE, DATA OR OTHER LOSSES, EVEN IF WE HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES, RESULTING FROM (i) THE USE OR THE INABILITY TO USE THE SERVICES AT OUR WEBSITE/MOBILE APPLICATION OR OF ANY THIRD PARTY ACCOUNT PROVIDER’S WEBSITE/MOBILE APPLICATION; (ii) THE COST OF GETTING SUBSTITUTE GOODS AND SERVICES, (iii) ANY PRODUCTS, DATA, INFORMATION OR SERVICES PURCHASED OR OBTAINED OR MESSAGES RECEIVED OR TRANSACTIONS ENTERED INTO, THROUGH OR FROM THE SERVICES, (iv) UNAUTHORIZED ACCESS TO OR ALTERATION OF YOUR TRANSMISSION OR DATA, (v) STATEMENTS OR CONDUCT OF ANYONE ON THE SERVICES, (vi) THE USE, INABILITY TO USE, UNAUTHORIZED USE, PERFORMANCE OR NON-PERFORMANCE OF ANY THIRD PARTY ACCOUNT PROVIDER SITE, EVEN IF THE PROVIDER HAS BEEN ADVISED PREVIOUSLY OF THE POSSIBLITY OF SUCH DAMAGES, OR (vii) ANY OTHER MATTER RELATING TO THE SERVICES.
  2. Mobile Banking

    THESE ILLUSTRATIVE MOBILE BANKING USER TERMS SET FORTH MANDATORY CONCEPTS FOR INCLUSION IN INSTITUTION-GENERATED AGREEMENTS BETWEEN INSTITUTION AND ITS AUTHORIZED USERS. INSTITUTION ACKNOWLEDGES THAT APITURE DOES NOT PROVIDE LEGAL OR COMPLIANCE ADVICE AND HAS NOT RELIED AND WILL NOT RELY UPON APITURE TO PROVIDE LEGAL OR COMPLIANCE ADVICE. INSTITUTION IS SOLELY AND AT ALL TIMES REPONSIBLE FOR ITS RELATIONSHIP WITH AUTHORIZED USERS AS WELL AS THE CONTENT AND LEGAL AND REGULATORY COMPLIANCE OF ITS AGREEMENTS WITH ITS CUSTOMERS. INSTITUTION ACKNOWLEDGES THAT IT MUST AND WILL DEVELOP AND FURNISH SUITABLE MOBILE BANKING USER TERMS USING ITS OWN INDEPENDENT JUDGMENT. FURTHER, INSTITUTION SHALL BE SOLELY RESPONSIBLE FOR ITS AUTHORIZED USERS’ COMPLIANCE WITH SUCH TERMS AND CONDITIONS. IN THE EVENT THAT INSTITUTION USES ANY OF THE LANGUAGE SET OUT HEREIN (VERBATIM OR OTHERWISE), INSTITUTION WARRANTS AND AGREES THAT IT HAS ADOPTED SUCH LANGUAGE BASED ON ITS INDEPENDENT LEGAL JUDGMENT AND ASSUMES SOLE LIABILITY AND RESPONSIBILITY IN CONNECTION THEREWITH. INSTITUTION MAY OMIT FROM ITS USER TERMS AND CONDITIONS ANY OF THE CONCEPTS PRESCRIBED IN THESE ILLUSTRATIVE MOBILE BANKING USER TERMS, PROVIDED THAT, SUCH CONCEPTS ARE INCONSISTENT WITH INSTITUTION’S LEGAL AND REGULATORY OBLIGATIONS. INSTITUTION SHALL PROMPTLY NOTIFY APITURE IN WRITING CONCERNING THE BASIS FOR SUCH OMISSION. IN ANY EVENT, INSTITUTION SHALL NOTIFY APITURE PRIOR TO PUBLISHING OR USING ANY MOBILE BANKING USER TERMS AND CONDITIONS IN PRODUCTION. INSTITUTION IS RESPONSIBLE FOR MAKING UPDATES TO THE CONTENT OF ITS USER TERMS AND CONDITIONS IN CONTINUED COMPLIANCE WITH APPLICABLE LAWS, RULES AND REGULATIONS. ANY POST-PRODUCTION CHANGES TO SUCH TERMS AND CONDITIONS SHALL BE SUBJECT TO ADDITIONAL FEES AT APITURE’S THEN-CURRENT PROFESSIONAL FEES RATES.

    1. Eligible Enrollees. The mobile banking services (the “Services”) are only available to you as an enrolled and approved digital banking customer of [Institution Name]. By accepting and using the Services, you agree to comply with these Mobile Banking User Terms as well as all other user and account agreements between you and [Institution Name] applicable to your use of the Services.
    2. General. Access to [Institution Name’s] digital banking services via your mobile device is powered by the mobile technology solution owned by Apiture, Inc. and its third-party providers (collectively the “Provider”). The Provider is not the provider of any of the financial services available to you through the Software (defined below), and Provider is not responsible for any of the materials, information, products or services made available to you through the Software.
    3. Ownership. You acknowledge and agree that the Provider is the owner of all right, title and interest in and to the mobile technology solution made available to you hereunder, including but not limited to any mobile applications or other downloaded software and the computer code, scripts, interfaces and other programs contained therein, as well as any accompanying user documentation, and all subsequent copies, updates or versions thereof, regardless of the media or form in which they may exist (all of which is collectively referred to herein as the “Software”). You may not use the Software unless you have first accepted the Mobile Banking User Terms.
    4. License. During the term of your account agreement with [Institution Name] and subject to the terms and conditions of these Mobile Banking User Terms, you are hereby granted a personal, nonexclusive, nontransferable license to use the Software (in machine readable object code form only) in accordance with these Mobile Banking User Terms and for the sole purpose of enabling you to use and enjoy the benefits of your financial institution’s services made available via the Software. This is not a sale of the Software. All rights not expressly granted to you by these Mobile Banking User Terms are hereby reserved by the Provider. Nothing in this license will entitle you to receive hard-copy documentation, technical support, telephone or web assistance, or updates to the Software. This license may be terminated at any time, for any reason or no reason, by you, the Provider or [Institution Name]. Upon termination, you agree to cease using the Software and immediately destroy all copies of any Software which had been downloaded to your mobile device or otherwise in your possession or control.
    5. Restrictions. You shall not: (i) modify, revise or create any derivative works of the Software; (ii) decompile, reverse engineer or otherwise attempt to derive the source code for the Software or architecture of the Services; (iii) redistribute, sell, rent, lease, sublicense, or otherwise transfer rights to the Software; (iv) remove or alter any proprietary notices, legends, symbols or labels in the Software, including, but not limited to, any trademark, logo or copyright of Provider or [Institution Name]; or (v) use the Services or Software for any improper or illegal purpose.

      [Institution Name] reserves the right, in its reasonable discretion, to terminate or suspend your access to the Services or Software, with or without advance notice, if it has reason to believe, in its sole and reasonable discretion, that you are in breach of applicable law or these Mobile Banking User Terms or your use of the Services and/or Software jeopardizes the integrity or security of the Services, the Software or any supporting security network infrastructure.

    6. Updates and Upgrades. These Mobile Banking User Terms govern any updates that replace and/or supplement the original Software, unless such update is accompanied by a separate license in which case the terms of that license will govern. Provider may, in its sole discretion, make updates, upgrades or other changes to the Software. Upon request, you agree to upgrade or update your mobile device to the supported release of the Software to maintain compatibility. Provider will have no liability arising out of or relating to your use of an unsupported release. Certain Software updates or upgrades may be automatically downloaded.
    7. Mobile Check Deposit. To the extent the Services include functionality enabling you to present an image of a legal representation, as defined by federal law, of a check to be deposited into your [Institution Name] checking or savings account electronically (“MCD Services”), the following supplemental terms and conditions shall also apply:
      1. You must only use current Software made available by [Institution Name] through designated channels.
      2. You are responsible for all the data submitted through the MCD Services which must accurately represent the information on the original check(s).
      3. You agree that the electronic image of the item submitted to the [Institution Name], as defined by federal law, is a legal representation of the check for all purposes, including return check processing.
      4. You may experience technical or other difficulties when using the MCD Services and neither [Institution Name] nor Provider assume any liability for any technical or other difficulties you experience.
      5. [Institution Name] or Provider reserves the right to change, suspend or revoke services, immediately and at any time without prior notice to you. In the event this Service is not available to you, you acknowledge that you can attempt to deposit my check at a branch office location, through a participating ATM, or by mail.
      6. Only [Institution Name] checking and savings accounts are eligible for the MCD Services.
      7. [Institution Name] may charge a usage fee for MCD Services and reserve the right to start charging for MCD Services at any time.
      8. If an item you transmit for deposit is dishonored, rejected or otherwise returned unpaid, you agree that [Institution Name] may charge back the amount of the return to the account the check was originally deposited to and assess a fee in the amount shown on [Institution Name’s] current Schedule of Fees and Charges for a returned check. If there are not sufficient funds in my account to cover the amount of the returned check, the account will be overdrawn, and you will be responsible for payment. [Institution Name] may debit any account maintained by you in order to obtain payment of my obligations under these Mobile Banking User Terms.
      9. You acknowledge that wireless providers may assess or impose fees, limitations, or restrictions. You agree that you are solely responsible for all such fees, limitations, and restrictions, and that [Institution Name] may contact you via your wireless device for any purpose concerning my business relationship with the [Institution Name], including but not limited to account servicing and collection purposes.
      10. You agree to scan and deposit only “checks” as that term is defined in Federal Reserve Regulation CC, Availability of Funds and Collection of Checks.
      11. You agree that you will not use the MCD Service to scan and deposit any ineligible items.
      12. You agree to endorse all items with your signature and account number and print “For Mobile Deposit Only” on all items. [Institution Name] reserves the right to reject all items that are not endorsed as specified.
      13. When using the MCD Service to deposit funds, such deposits are limited to the [Institution Name] defined deposit segments and associated limits.
      14. [Institution Name] reserves the right to reject any item transmitted through the MCD Service, at its discretion. [Institution Name] is not liable for items you do not receive or for images that are not transmitted completely. An image is considered received when you receive a confirmation screen after submitting a check for deposit. You acknowledge and agree that such notification does not mean that the transmission was without error. Once an item is reviewed and approved, your account will be credited at the end of the business day (excluding Federal Reserve holidays).
      15. You agree to retain each item submitted for deposit through the MCD Services for 60 days after your funds have been posted to your account. After 60 days, you agree to dispose of the item(s) in a way that prevents representing for payment (i.e. shredding). Upon receipt of these funds you agree to mark the item prominently as “Void”, and you agree to store each retained item in a secured locked container until such proper disposal is performed. You will promptly provide any retained item to [Institution Name] as requested to aid in the clearing and collection process or to resolve claims by third parties with respect to any item.
    8. Text Messages and Notifications. You and your financial institution are solely responsible for the content transmitted through text messages sent between you and your financial institution. You must provide source indication in any text messages you send (e.g. mobile telephone number, “From” field in text message, etc.) You hereby consent to receipt of text messages and other notifications (including ‘in-app’ or ‘push’ notifications from [Institution Name] or Provider in connection with the Services or your business relationship with [Institution Name], provided that you may opt out of text messages by replying STOP or as otherwise advised. Text messaging fees may apply and be assessed by your wireless carrier. You are responsible for any such text message fees.
    9. Consent to Use of Data. During and after the term of your account agreement with [Institution Name] you agree that the Provider may collect, store and use technical data and related information, including but not limited to technical information about your device, system and application software, and peripherals, that is gathered periodically to facilitate the provision of software updates, product support and other services (if any) related to the Software. The Provider may use this information to improve its products, for diagnostic purposes or to provide other services or technologies; provided that Provider may not share information or data in a form that personally identifies you except as necessary to provide the Services and related services to you or [Institution Name]. Provider may combine aggregated data with the data of other customers or other publicly available information.
    10. Legal Restrictions. You may not use the Software except as authorized by United States law and the laws of the jurisdiction in which the Software was obtained. In particular, but without limitation, the Software may not be used or transferred (a) in or into any U.S. embargoed countries or (b) by or to anyone on the U.S. Treasury Department’s list of Specially Designated Nationals or the U.S. Department of Commerce Denied Person’s List or Entity List. By using the Software, you represent and warrant that you are not located in any such country or on any such list. You also agree that you will not use the Software for any purposes prohibited by United States law, including, without limitation, the development, design, manufacture or production of nuclear, missiles, or chemical or biological weapons.
    11. U.S. Government Restricted Rights. The Software is commercial computer software subject to RESTRICTED RIGHTS. In accordance with 48 CFR 12.212 (Computer software) or DFARS 227.7202 (Commercial computer software and commercial computer software documentation), as applicable, the use, duplication, and disclosure of the Software by the United States of America, its agencies or instrumentalities is subject to the restrictions set forth in these Mobile Banking User Terms.
    12. Disclaimer of Warranty. THE SOFTWARE IS PROVIDED ON AN ‘AS IS’ AND ‘AS AVAILABLE’ BASIS WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NON-INFRINGEMENT. NO WARRANTY IS PROVIDED THAT THE SOFTWARE WILL BE FREE FROM DEFECTS OR VIRUSES OR THAT OPERATION OF THE SOFTWARE WILL BE UNINTERRUPTED. YOUR USE OF THE SOFTWARE AND ANY MATERIAL OR SERVICES OBTAINED OR ACCESSED VIA THE SOFTWARE IS AT YOUR OWN DISCRETION AND RISK, AND YOU ARE SOLELY RESPONSIBLE FOR ANY DAMAGE RESULTING FROM THEIR USE. SOME JURISDICTIONS DO NOT ALLOW THE EXCLUSION OF CERTAIN WARRANTIES, SO SOME OF THE ABOVE LIMITATIONS MAY NOT APPLY TO YOU.
    13. Limitation of Liability.TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, IN NO EVENT WILL PROVIDER OR ITS AFFILIATES BE LIABLE FOR ANY DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE SOFTWARE, INCLUDING BUT NOT LIMITED TO ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES, EVEN IF ADVISED OF THE POSSIBILITY THEREOF, AND REGARDLESS OF THE LEGAL OR EQUITABLE THEORY (CONTRACT, TORT OR OTHERWISE) UPON WHICH ANY CLAIM IS BASED. IN ANY CASE, THE PROVIDER’S LIABILITY ARISING OUT OF THE USE OR INABILITY TO USE THE SOFTWARE SHALL NOT EXCEED IN THE AGGREGATE THE SUM OF THE FEES PAID BY YOU FOR THIS LICENSE. SOME JURISDICTIONS DO NOT ALLOW THE LIMITATION OR EXCLUSION OF LIABILITY FOR CERTAIN TYPES OF DAMAGES, SO SOME OF THE ABOVE LIMITATIONS MAY NOT APPLY TO YOU. IN NO EVENT SHALL PROVIDER HAVE ANY LIABILITY TO YOU OR [INSTITUTION NAME] FOR SERVICE UNAVAILABILITY OR FOR THE LOSS OF DATA OR FEES IN CONNECTION WITH THE FRAUDLENT USE OF THE SERVICES OR SOFTWARE.
    14. Miscellaneous. These Mobile Banking User Terms constitute the entire agreement between you and the [Institution Name] concerning the subject matter hereof. These Mobile Banking User Terms will be governed by and construed in accordance with the laws of the state of [Institution Jurisdiction], excluding that body of laws pertaining to conflict of laws. If any provision of these Mobile Banking User Terms is determined by a court of law to be illegal or unenforceable, such provision will be enforced to the maximum extent possible and the other provisions will remain effective and enforceable. All disputes relating to these Mobile Banking User Terms are subject to the exclusive jurisdiction of the courts of [Institution Jurisdiction] and you expressly consent to jurisdiction and venue thereof and therein. These Mobile Banking User Terms and all related documentation is and will be in the English language. The application of the United Nations Convention on Contracts for the International Sale of Goods is hereby expressly waived and excluded.
  3. Consumer Digital Account Opening
    1. Privacy Policy. Institution must have and abide by a written privacy policy and disclose to Applicant the data that will be collected from such Applicant and how Institution will use, protect, and disclose the Mobile Applicant Data. Institution shall provide a link to the Institution’s privacy policy, a URL containing the address of the privacy policy or a copy of the privacy policy at the point where the Subscriber’s consent is collected. Institution’s privacy policy must always be readily available for an Applicant’s access.
    2. Certification. Institution will cooperate with reasonable requests by Apiture and/or its Third Party Providers related to the provision of Institution’s privacy policy, data flows, a sample of the notice, and consent language as applicable and as required to preserve Apiture certification to resell and provide the DAO Services.
    3. Consents. Institution and Apiture will cooperate in good faith to ensure that all necessary consents for the use of or access to Mobile Applicant Data are included in the DAO Services workflow. Institution acknowledges that such workflows must include Applicant consent notices or agreements which are substantially consistent with the following: “you allow us and our service providers to access information on file with your mobile operator, specifically, name, address and email, to auto populate this form. See our Privacy Policy (hyperlink required) for how we treat your data.” Institution acknowledges that the Apiture mobile app must prominently display such consent language on-screen to the Applicant who must accept consent language by clicking on an “Accept” (or confirmation) button separate from Institution’s general consumer terms and conditions and that this consent will be for one-time use valid solely for the life of the interaction.
    4. The User Agreement must also include consent language which is substantially consistent with the following: “You authorize your wireless operator to disclose your mobile number, name, address, email, network status, customer type, customer role, billing type, mobile device identifiers (IMSI and IMEI) and other subscriber details, if available, to [Institution name] and its service providers for the duration of the business relationship, solely for identity verification and fraud avoidance. See our Privacy Policy (hyperlink required) for how we treat your data.”
    5. Institution may only store the following response data received from or made available by Apiture or its Third Party Providers: (a) the transaction ID; and (b) name, address, email address, mobile number (as a hashed value).
    6. Apiture reserves the right to change the consent language and consent methods at any time after notification from Mobile Network Operators or its Third Party Providers that changes are required. Apiture will provide no less than ninety (90) days’ notice to Institution of any such change.