Form 10-Q/A
 
 
UNITED STATES
SECURITIES AND EXCHANGE COMMISSION
Washington, D.C. 20549
 
FORM 10-Q/A
 
(Mark One)
     
þ   QUARTERLY REPORT PURSUANT TO SECTION 13 OR 15(d) OF THE SECURITIES EXCHANGE ACT OF 1934
For the quarterly period ended June 30, 2009
or
     
o   TRANSITION REPORT PURSUANT TO SECTION 13 OR 15(d) OF THE SECURITIES EXCHANGE ACT OF 1934
For the transition period from
Commission File Number 0-25346
 
ACI WORLDWIDE, INC.
(Exact name of registrant as specified in its charter)
     
Delaware   47-0772104
(State or other jurisdiction of   (I.R.S. Employer
incorporation or organization)   Identification No.)
     
120 Broadway, Suite 3350   (646) 348-6700
New York, New York 10271   (Registrant’s telephone number,
(Address of principal executive offices,   including area code)
including zip code)    
 
Indicate by check mark whether the registrant (1) has filed all reports required to be filed by Section 13 or 15(d) of the Securities Exchange Act of 1934 during the preceding 12 months (or for such shorter period that the registrant was required to file such reports), and (2) has been subject to such filing requirements for the past 90 days. Yes þ No o
Indicate by check mark whether the registrant has submitted electronically and posted on its corporate Web site, every Interactive Data File required to be submitted and posted pursuant to Rule 405 of the Regulation S-T during the preceding 12 months (or for such shorter period that the registrant was required to submit and post such files). Yes o No o
Indicate by check mark whether the registrant is a large accelerated filer, an accelerated filer, a non-accelerated filer, or a smaller reporting company. See definition of “large accelerated filer,” “accelerated filer” and “smaller reporting company” in Rule 12b-2 of the Exchange Act. (Check one):
             
Large accelerated filer þ   Accelerated filer o   Non-accelerated filer o   Smaller reporting company o
Indicate by check mark whether the registrant is a shell company (as defined in Rule 12b-2 of the Exchange Act). Yes o No þ
As of August 6, 2009, there were 34,020,096 shares of the registrant’s common stock outstanding.
 
 

 

 


 

Explanatory Note
ACI Worldwide, Inc. (the “Company”) is filing this Amendment No. 1 on Form 10-Q/A to the Quarterly Report on Form 10-Q for the quarter ended June 30, 2009, originally filed on August 7, 2009 (the “Original Report”), as an exhibit-only filing for the sole purpose of addressing comments received from the Securities and Exchange Commission (the “Commission”) in connection with the Commission’s review of the Company’s request for confidential treatment of information included within documents filed as exhibits to the Original Report. The Company has made no other changes to the previously filed Original Report.
This Amendment No. 1 on Form 10-Q/A includes in Part II, Item 6, the following revised Exhibits, to replace the Exhibits filed under the same exhibit numbers in the Original Report, which are addressed in the Company’s filing of its amended requests for confidential treatment:
10.1   Master Alliance Agreement by and between ACI Worldwide, Inc. and International Business Machines Corporation dated December 16, 2007
10.2   Master Services Agreement by and between ACI Worldwide, Inc. and International Business Machines Corporation dated March 17, 2008
This Form 10-Q/A continues to speak as of the date of the Original Report and no attempt has been made to modify or update disclosures in the Original Report except as noted above. This Form 10-Q/A does not reflect events occurring after the filing of the Original Report or modify or update any related disclosures, and information not affected by this Amendment No. 1 is unchanged and reflects the disclosure made at the time of the filing of the Original Report with the Commission. In particular, any forward-looking statements included in this Form 10-Q/A represent management’s view as of the filing date of the Original Report. Accordingly, this 10-Q/A should be read in conjunction with the Original Report
As required by Rule 12b-15, under the Securities and Exchange Act of 1934, new certifications of our principal executive officer and principal financial officer are also being filed and/or furnished as exhibits to this Form 10-Q/A.

 

2


 

PART II — OTHER INFORMATION
Item 6. EXHIBITS
The following lists exhibits filed as part of this quarterly report on Form 10-Q/A:
         
Exhibit    
No.   Description
  10.1 **  
Master Alliance Agreement by and between ACI Worldwide, Inc. and International Business Machines Corporation dated December 16, 2007.
       
 
  10.2 **  
Master Services Agreement by and between ACI Worldwide, Inc and International Business Machines Corporation dated March 17, 2008.
       
 
  31.01    
Certification of Principal Executive Officer pursuant to SEC Rule 13a-14, as adopted pursuant to Section 302 of the Sarbanes-Oxley Act of 2002.
       
 
  31.02    
Certification of Principal Financial Officer pursuant to SEC Rule 13a-14, as adopted pursuant to Section 302 of the Sarbanes-Oxley Act of 2002.
       
 
  32.01 *  
Certification of Principal Executive Officer pursuant to 18 U.S.C. Section 1350, as adopted pursuant to Section 906 of the Sarbanes-Oxley Act of 2002.
       
 
  32.02 *  
Certification of Principal Financial Officer pursuant to 18 U.S.C. Section 1350, as adopted pursuant to Section 906 of the Sarbanes-Oxley Act of 2002.
 
     
 
*   This certification is not deemed “filed” for purposes of Section 18 of the Securities Exchange Act of 1934, or otherwise subject to the liability of that section. Such certification will not be deemed to be incorporated by reference into any filing under the Securities Act of 1933 or the Securities Exchange Act of 1934, except to the extent that the Company specifically incorporates it by reference.
 
**   Material has been omitted from this exhibit pursuant to a request for confidential treatment pursuant to Rule 24b-2 promulgated under the Securities and Exchange Act of 1934 and such material has been filed separately with the Securities and Exchange Commission.

 

3


 

SIGNATURE
Pursuant to the requirements of the Securities Exchange Act of 1934, the registrant has duly caused this report to be signed on its behalf by the undersigned thereunto duly authorized.
         
  ACI WORLDWIDE, INC.
(Registrant)
 
 
Date: April 29, 2010  By:   /s/ Scott W. Behrens    
    Scott W. Behrens   
    Senior Vice President, Chief Financial Officer,
Corporate Controller and
Chief Accounting Officer
(Principal Financial Officer)
 
 

 

4


 

EXHIBIT INDEX
         
Exhibit    
No.   Description
  10.1 **  
Master Alliance Agreement by and between ACI Worldwide, Inc. and International Business Machines Corporation dated December 16, 2007.
       
 
  10.2 **  
Master Services Agreement by and between ACI Worldwide, Inc and International Business Machines Corporation dated March 17, 2008.
       
 
  31.01    
Certification of Principal Executive Officer pursuant to SEC Rule 13a-14, as adopted pursuant to Section 302 of the Sarbanes-Oxley Act of 2002.
       
 
  31.02    
Certification of Principal Financial Officer pursuant to SEC Rule 13a-14, as adopted pursuant to Section 302 of the Sarbanes-Oxley Act of 2002.
       
 
  32.01 *  
Certification of Principal Executive Officer pursuant to 18 U.S.C. Section 1350, as adopted pursuant to Section 906 of the Sarbanes-Oxley Act of 2002.
       
 
  32.02 *  
Certification of Principal Financial Officer pursuant to 18 U.S.C. Section 1350, as adopted pursuant to Section 906 of the Sarbanes-Oxley Act of 2002.
 
     
 
*   This certification is not deemed “filed” for purposes of Section 18 of the Securities Exchange Act of 1934, or otherwise subject to the liability of that section. Such certification will not be deemed to be incorporated by reference into any filing under the Securities Act of 1933 or the Securities Exchange Act of 1934, except to the extent that the Company specifically incorporates it by reference.
 
**   Material has been omitted from this exhibit pursuant to a request for confidential treatment pursuant to Rule 24b-2 promulgated under the Securities and Exchange Act of 1934 and such material has been filed separately with the Securities and Exchange Commission.

 

5

Exhibit 10.1
EXHIBIT 10.1
 
MASTER ALLIANCE AGREEMENT
BY AND BETWEEN
ACI WORLDWIDE, INC.
AND
INTERNATIONAL BUSINESS MACHINES CORPORATION
Dated as of December 16, 2007
 

 

 


 

TABLE OF CONTENTS
         
    Page  
 
       
ARTICLE I
Definitions
 
       
SECTION 1.01. Defined Terms
    2  
SECTION 1.02. Other Defined Terms
    7  
SECTION 1.03. Terms Generally
    8  
SECTION 1.04. Meaning of Day
    9  
 
       
ARTICLE II
Representations and Warranties of ACI
 
       
SECTION 2.01. Organization and Standing
    9  
SECTION 2.02. Capital Stock, Warrants and Warrant Shares
    9  
SECTION 2.03. Authorization
    10  
SECTION 2.04. No Conflicts
    10  
SECTION 2.05. Execution and Delivery; Enforceability
    11  
SECTION 2.06. No Consents
    11  
SECTION 2.07. No Litigation
    11  
SECTION 2.08. Financial Statements
    11  
SECTION 2.09. ACI Software
    11  
SECTION 2.10. Performance of Services
    12  
SECTION 2.11. General
    12  
 
       
ARTICLE III
Representations and Warranties of IBM
 
       
SECTION 3.01. Organization and Standing
    12  
SECTION 3.02. Warrants and Warrant Shares
    12  
SECTION 3.03. Authorization
    12  
SECTION 3.04. No Conflicts
    13  
SECTION 3.05. Execution and Delivery; Enforceability
    13  
SECTION 3.06. No Consents
    13  
SECTION 3.07. No Litigation
    13  
SECTION 3.08. Provision of Assistance
    13  
SECTION 3.09. General
    13  

 


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT
THE PORTIONS OF THIS DOCUMENT DENOTED
BY BOXES AND ASTERISKS BE ACCORDED
CONFIDENTIAL TREATMENT PURSUANT TO
RULE 24b-2 PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1934.
         
    Page  
 
       
ARTICLE IV
Covenants
 
       
SECTION 4.01. [*]
    14  
SECTION 4.02. Notices
    14  
SECTION 4.03. Further Action
    14  
SECTION 4.04. Certain Contemplated Actions
    14  
SECTION 4.05. [*]
    14  
 
       
ARTICLE V
Management and Governance
 
       
SECTION 5.01. Alliance Management Teams
    15  
SECTION 5.02. Alliance Management Council
    15  
SECTION 5.03. Senior Alliance Executive
    16  
 
       
ARTICLE VI
Other Agreements
 
       
SECTION 6.01. Grant of Warrants
    16  
SECTION 6.02. Publicity and Disclosure
    16  
SECTION 6.03. Facilities
    17  
SECTION 6.04. Logo Licensing
    17  
SECTION 6.05. Pricing
    19  
SECTION 6.06. Termination of Existing Agreements
    19  
SECTION 6.07. Services Agreement
    19  
SECTION 6.08. Payments
    21  
SECTION 6.09. Transition Obligations
    21  
SECTION 6.10. Intellectual Property
    22  
 
       
ARTICLE VII
Delivery
 
       
SECTION 7.01. Delivery
    25  
 
       
ARTICLE VIII
Term and Termination
 
       
SECTION 8.01. Term
    25  
SECTION 8.02. Termination
    26  
SECTION 8.03. Termination Notice
    26  
SECTION 8.04. Effect of Termination
    27  

 

ii 


 

         
    Page  
 
       
ARTICLE IX
Confidentiality
 
       
SECTION 9.01. Confidential Information
    28  
SECTION 9.02. Confidentiality Obligations
    28  
SECTION 9.03. Confidentiality Period
    30  
SECTION 9.04. Exceptions to Confidentiality Obligations
    30  
SECTION 9.05. Residual Information
    30  
SECTION 9.06. Disclaimers
    30  
 
       
ARTICLE X
Indemnification and Limitation on Liability
 
       
SECTION 10.01. Indemnification
    31  
SECTION 10.02. Remedies
    32  
SECTION 10.03. Claims for which the Parties are not Responsible
    32  
SECTION 10.04. Limitation on Liability
    33  
SECTION 10.05. General
    34  
 
       
ARTICLE XI
Dispute Resolution
 
       
SECTION 11.01. Intention of the Parties
    34  
SECTION 11.02. Procedures
    34  
 
       
ARTICLE XII
Miscellaneous
 
       
SECTION 12.01. Severability
    36  
SECTION 12.02. Amendments
    36  
SECTION 12.03. Waiver
    36  
SECTION 12.04. No Assignment
    36  
SECTION 12.05. Expenses
    37  
SECTION 12.06. Construction
    37  
SECTION 12.07. Language
    37  
SECTION 12.08. Relationship of the Parties
    37  
SECTION 12.09. Entire Agreement
    37  
SECTION 12.10. Force Majeure
    37  
SECTION 12.11. Counterparts
    38  
SECTION 12.12. Governing Law
    38  
SECTION 12.13. Order of Precedence
    38  
SECTION 12.14. Notices
    38  

 

iii 


 

         
EXHIBITS        
 
       
EXHIBIT A
    ACI LOGO
EXHIBIT B
    IBM LOGO
EXHIBIT C-1
    FORM OF JOINT PRESS RELEASE
EXHIBIT C-2
    EXCERPT OF ACI PRESS RELEASE
EXHIBIT D
    CERTAIN TERMS OF SERVICES AGREEMENT
EXHIBIT E
    FORM OF RECEIPT
EXHIBIT F
    ENHANCEMENTS
         
ANNEXES        
 
       
ANNEX A
    ACI LOGO USAGE GUIDELINES
ANNEX B
    IBM LOGO USAGE GUIDELINES

 

iv 


 

MASTER ALLIANCE AGREEMENT
THIS MASTER ALLIANCE AGREEMENT (this “Agreement”), dated as of December 16, 2007, is made and entered into by and between ACI WORLDWIDE, INC., a Delaware corporation (“ACI”), and INTERNATIONAL BUSINESS MACHINES CORPORATION, a New York corporation (“IBM”). ACI and IBM are each referred to herein as a “Party” and collectively as the “Parties”.
RECITALS
A. WHEREAS, the Parties wish to enter into certain commercial and other arrangements relating to the integration of ACI’s retail and wholesale electronic payment application software with IBM’s middleware and hardware platforms for the purposes of developing new and enhancing existing electronic payment technology and products and otherwise improving each Party’s ability to satisfy its customer needs, such efforts to be completed pursuant to the terms and subject to the conditions provided in this Agreement and in the other Alliance Agreements (such arrangements, as evidenced by the Alliance Agreements, collectively, the “Alliance”).
B. WHEREAS, simultaneously with the execution of this Agreement, the Parties are entering into (a) the Sales and Marketing Agreement regarding the sales, marketing and communications strategy and obligations of the Parties, (b) the Enablement Assistance Agreement regarding the Parties’ development projects and product compatibility requirements, (c) the Staff Augmentation Agreement regarding certain services to be provided by IBM to ACI in connection with the implementation of the Parties’ development projects, (d) the Subcontracting Agreements setting forth the relationship of the Parties in the event that, in connection with providing services to any customer of the Parties in respect of the Alliance, one Party serves as a subcontractor of the other Party and (e) the Warrant Agreements setting forth the terms and conditions of the Warrants granted by ACI to IBM on the date hereof (collectively, together with this Agreement, the “Alliance Agreements”).
C. WHEREAS, after the date hereof, the Parties will negotiate in good faith the terms of the Services Agreement regarding certain information technology and on-demand services to be provided by IBM to ACI.
D. WHEREAS, certain terms used in this Agreement shall have the meanings ascribed to them in the text of this Agreement or in Article I. The Exhibits and Annexes to this Agreement are all integral parts hereof.

 

1


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT
THE PORTIONS OF THIS DOCUMENT DENOTED
BY BOXES AND ASTERISKS BE ACCORDED
CONFIDENTIAL TREATMENT PURSUANT TO
RULE 24b-2 PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1934.
NOW, THEREFORE, in consideration of the foregoing recitals and the representations, warranties, covenants and agreements contained herein, and of other good and valuable consideration, the receipt and sufficiency of which are hereby acknowledged, the Parties hereby agree as follows:
ARTICLE I
Definitions
SECTION 1.01. Defined Terms. As used in this Agreement, the following terms shall have the meanings specified below:
ACI Logo” shall mean the logo of ACI identified in Exhibit A.
ACI Logo Usage Guidelines” shall mean the guidelines attached as Annex A. ACI may modify such guidelines from time to time upon 60 days prior written notice to IBM.
ACI Software” shall have the meaning set forth in the Enablement Assistance Agreement.
ACI Website” shall mean ACI’s Website located at the following address: http://www.aciworldwide.com.
Affiliate” shall mean, with respect to any Person, any other Person that directly, or indirectly through one or more intermediaries, Controls or is Controlled by or is under common Control with the Person specified.
Alliance-Related Employee” shall mean any employee of ACI or IBM, as the case may be, who is made known to the other Party as a result of activities performed by such employee pursuant to the Alliance.
Applicable Law” shall mean (a) any United States Federal, state, local or foreign law, statute, rule or regulation, or any order, writ, injunction, judgment, decree or permit of any Governmental Authority, or (b) any rule or listing requirement of any national stock exchange or Commission-recognized trading market on which securities issued by either of the Parties or any of their Subsidiaries are listed or quoted.
Bankruptcy” shall mean, with respect to either Party, (a) the voluntary commencement of any proceeding or the voluntary filing of any petition by such Party seeking relief under any bankruptcy, insolvency, receivership or similar law; (b) the consent by such Party to the institution of, or the failure by such Party to contest in a timely and appropriate manner, any involuntary petition or any involuntary filing of the type described in clause (a) above; (c) such Party ceasing to do business as a going concern; (d) an assignment being made for the benefit of such Party’s creditors; (e) such Party being adjudicated a bankrupt or an insolvent; or (f) the appointment of a trustee, receiver, liquidator or statutory manager in respect of such Party or all or any substantial part of such Party’s assets or properties.
[*]

 

2


 

Base Alliance Agreements” shall mean, collectively, this Agreement, the Sales and Marketing Agreement, the Enablement Assistance Agreement, the Staff Augmentation Agreement and the Subcontracting Agreements.
Business Day” shall mean any day other than a Saturday or a Sunday on which banks are legally authorized to be open for the transaction of business in New York City.
Business Partner” shall mean certain organizations that IBM has signed agreements with to promote, market and support certain IBM products and services.
Capital Stock” shall mean any and all shares, interests, participations or other equivalents (however designated) of corporate stock, and any option, warrant or other right entitling the holder thereof to purchase or otherwise acquire any such corporate stock.
Change in Control” shall mean (a) the acquisition of ownership, directly or indirectly, beneficially or of record, by any Person or group (within the meaning of the Exchange Act) of Capital Stock representing more than 35% of the aggregate ordinary voting power represented by the issued and outstanding Capital Stock of ACI or (b) a majority of the members of the Board of Directors of ACI not consisting of Continuing Directors.
Commission” shall mean the U.S. Securities and Exchange Commission.
Combined Solution” shall have the meaning set forth in the Sales and Marketing Agreement.
Confidentiality Agreement” shall mean the Agreement for Exchange of Confidential Information by and between ACI and IBM dated October 10, 2007.
Continuing Directors” shall mean, as of any date of determination, any member of the Board of Directors of ACI who (a) was a member of such Board of Directors on the date hereof or (b) was nominated for election by the Nominating and Corporate Governance Committee of the Board of Directors of ACI or elected to such Board of Directors with the approval of at least two-thirds of the Continuing Directors who were members of such Board of Directors at the time of such election.
Control” shall mean the possession, directly or indirectly, of the power to direct or cause the direction of the management or policies of a Person, whether through the ability to exercise voting power, by contract or otherwise. The terms “Controlling” and “Controlled” have meanings correlative thereto.
Deliverables” shall have the meaning set forth in the Enablement Assistance Agreement.
Enablement Assistance Agreement” shall mean the IBM Enablement Assistance Agreement (No. 4907021871) by and between ACI and IBM dated the date hereof, together with all exhibits, annexes and attachments thereto, as the same may be amended, modified and supplemented from time to time.

 

3


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT
THE PORTIONS OF THIS DOCUMENT DENOTED
BY BOXES AND ASTERISKS BE ACCORDED
CONFIDENTIAL TREATMENT PURSUANT TO
RULE 24b-2 PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1934.
Enablement Project Attachment” shall have the meaning set forth in the Enablement Assistance Agreement.
Exchange Act” shall mean the Securities Exchange Act of 1934, as amended, and the rules and regulations of the Commission promulgated thereunder.
Existing Alliance Agreement” shall mean the ISV Advantage for Industries Agreement (No. 2006-NA-ST164) by and between ACI and IBM dated November 16, 2006.
Existing Sales Incentive Agreement” shall mean the IBM Sales Incentive Agreement (No. 2007-NA-PS50) by and between ACI and IBM dated June 15, 2007.
Governmental Authority” shall mean any international, supranational, national, provincial, regional, Federal, state, municipal or local government, any instrumentality, subdivision, court, administrative or regulatory agency or commission or other authority thereof, or any quasi-governmental or private body exercising any regulatory, taxing, importing or other governmental or quasi-governmental authority.
Harmful Code” shall mean any computer programming code which is constructed with the intent to damage, interfere with or otherwise adversely affect other computer programs, data files or hardware, without the knowledge or consent of the computer user. “Harmful Code” includes, but is not limited to, self-replicating and self-propagating program instructions commonly referred to as “viruses” or “worms”.
[*]
IBM Assistance” shall mean IBM technical resources, assistance and expertise, excluding software development resources, which IBM provides ACI pursuant to Section 5.2 of the Enablement Assistance Agreement.
IBM Logo” shall mean the logo of IBM identified in Exhibit B.
IBM Logo Usage Guidelines” shall mean the guidelines attached as Annex B. IBM may modify such guidelines from time to time upon 60 days prior written notice to ACI.
IBM Resources” shall have the meaning set forth in the Enablement Assistance Agreement.
IBM Software” shall have the meaning set forth in the Enablement Assistance Agreement.

 

4


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT
THE PORTIONS OF THIS DOCUMENT DENOTED
BY BOXES AND ASTERISKS BE ACCORDED
CONFIDENTIAL TREATMENT PURSUANT TO
RULE 24b-2 PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1934.
“IBM Website” shall mean IBM’s Website located at the following address: http://www.ibm.com.
Incentives” shall have the meaning given to such term in the Sales and Marketing Agreement.
Invention” shall mean any idea, concept, know-how, technique, invention, discovery or improvement, whether or not patentable, that either Party, solely (“Sole Inventions”) or jointly with the other Party (“Joint Inventions”), first conceives and reduces to practice during the term of the Alliance in the performance of an Alliance Agreement.
Joint Inventions” shall have the meaning set forth in the definition of “Invention”.
Large Accounts” shall have the meaning set forth in the Sales and Marketing Agreement.
Logo” shall mean the IBM Logo or the ACI Logo, as the context requires.
Marketing Materials” shall mean only brochures, specifications, flyers and other printed marketing documents. Marketing Materials shall not include products, product packaging, program screens or promotional items (such as clothing, bags, glassware and writing instruments).
Materials” shall mean (a) source code, executable code, technical documentation and all derivative works and enhancements thereto, (b) domestic and foreign copyrights and copyrightable works and (c) copyright applications filed by a Party, which are created and delivered in performance of an Alliance Agreement. The term “Materials” does not include licensed programs and other items available under their own license terms or agreements.
Mega Accounts” shall have the meaning set forth in the Sales and Marketing Agreement.
[*]
Optimization” shall have the meaning set forth in the Enablement Assistance Agreement.
Optimized Product” shall have the meaning set forth in the Enablement Assistance Agreement.

 

5


 

Patent” shall mean (a) domestic and foreign patents issuing to Inventions, together with all reissuances, continuations, divisionals, revisions, extensions and reexaminations thereof, and (b) patent applications to Inventions filed by a Party.
Person” shall mean any natural person, corporation, general partnership, limited partnership, limited or unlimited liability company, proprietorship, joint venture, other business organization, trust, union, association, Governmental Authority or other entity.
Proceeding” shall mean any action, litigation, arbitration, suit, claim, proceeding or investigation or review of any nature, civil, criminal, regulatory or otherwise, before any Governmental Authority.
Sales and Marketing Agreement” shall mean the Sales and Marketing Agreement (No. 2007-NA-SMT001) by and between ACI and IBM dated the date hereof, together with all exhibits, annexes and attachments thereto, as the same may be amended, modified and supplemented from time to time.
Securities Act” shall mean the Securities Act of 1933, as amended, and the rules and regulations of the Commission promulgated thereunder.
Services” shall mean the services to be provided by ACI pursuant to the Enablement Assistance Agreement, including accomplishment of the Deliverables, and as more fully set forth in the applicable Enablement Project Attachments to the Enablement Assistance Agreement.
Services Agreement” shall mean the agreement relating to the outsourcing of certain information technology and on-demand services by ACI to IBM, together with all exhibits, annexes and attachments thereto, to be negotiated in good faith by the Parties on terms consistent with the terms set forth in Section 6.07, as the same may be amended, modified and supplemented from time to time.
Sole Inventions” shall have the meaning set forth in the definition of “Invention”.
Staff Augmentation Agreement” shall mean the Master Staff Augmentation Agreement by and between ACI and IBM dated the date hereof, together with all exhibits, annexes and attachments thereto, as the same may be amended, modified and supplemented from time to time.
Subcontracting Agreements” shall mean, collectively, (a) the International Master Agreement for Subcontracting by and between ACI, as prime contractor, and IBM, as subcontractor, dated the date hereof, and (b) the International Master Agreement for Subcontracting by and between IBM, as prime contractor, and ACI, as subcontractor, dated the date hereof, in each case (i) together with all exhibits, annexes and attachments thereto and (ii) as the same may be amended, modified and supplemented from time to time.

 

6


 

Subsidiary” of any Person shall mean a corporation, company or other entity (a) more than 50% of whose outstanding shares or securities (representing the right to vote for the election of directors or other managing authority of such Person) are owned or Controlled, directly or indirectly, by such Person, but such corporation, company or other entity shall be deemed to be a Subsidiary only so long as such ownership or Control exists, or (b) which does not have outstanding shares or securities (as may be the case in a partnership, limited liability company, joint venture or unincorporated association), but more than 50% of whose ownership interest representing the right to make decisions for such entity is, now or hereafter owned or Controlled, directly or indirectly, by such Person, but such corporation, company or other entity shall be deemed to be a Subsidiary only so long as such ownership or Control exists.
Transaction Document” shall have the meaning set forth in the Subcontracting Agreements.
Warrant Agreements” shall mean, collectively, the Warrant Agreements by and between ACI and IBM, dated the date hereof, together with all attachments thereto, as the same may be amended, modified and supplemented from time to time.
Warrant Shares” shall have the meaning ascribed to such term in the Warrant Agreements.
Website” shall mean the IBM Website or the ACI Website, as the context requires.
SECTION 1.02. Other Defined Terms. As used in this Agreement, the following terms shall have the meanings given in the Sections set forth opposite such terms:
     
Term   Section
ACI
  Preamble
ACI Bylaws
  2.02(c) 
ACI Charter
  2.02(c) 
ACI Common Stock
  2.02(a) 
ACI Preferred Stock
  2.02(a) 
Agreement
  Preamble
Alliance
  Recitals
Alliance Agreements
  Recitals
Alliance Executive
  5.01 
AMC
  5.02 
AMT
  5.01 
Confidential Information
  9.01 
Defaulting Party
  8.02(b) 

 

7


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT
THE PORTIONS OF THIS DOCUMENT DENOTED
BY BOXES AND ASTERISKS BE ACCORDED
CONFIDENTIAL TREATMENT PURSUANT TO
RULE 24b-2 PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1934.
     
Term   Section
Development Executive
  5.02(a)(iii) 
Disclosing Party
  9.01 
Finance Executive
  5.02(a)(v) 
IBM
  Preamble
IBM By-laws
  3.04(a)(i) 
IBM Charter
  3.04(a)(i) 
IBM Personnel
  10.01(b) 
Indemnified Party
  10.01 
Indemnifying Party
  10.01 
Initial Payment
  6.08(a)(i) 
Initial Termination Notice
  8.01 
[*]
  [*]
Migration Executive
  5.02(a)(iv) 
[*]
  [*]
Party
  Preamble
Prime Contractor
  6.10(f)(i) 
Receiving Party
  9.01 
[*]
  [*]
Residual Ideas
  6.10(i) 
Residual Information
  9.05 
Sales Executive
  5.02(a)(ii) 
Senior Alliance Executive
  5.03(a) 
Subcontractor
  6.10(f)(i) 
Terminating Party
  8.02(b) 
Termination Notice
  8.03 
Warrants
  6.01 
SECTION 1.03. Terms Generally. Unless the context shall otherwise require, all defined terms shall apply equally to both the singular and plural forms of the terms defined. The words “include”, “includes” and “including” shall be deemed to be followed by the phrase “without limitation”; and the word “will” shall be construed to have the same meaning and effect as the word “shall”. All references herein to Articles, Sections, Exhibits and Annexes shall be deemed to be references to Articles and Sections of, and Exhibits and Annexes to, this Agreement unless the context shall otherwise require. The table of contents and the headings of the Articles and Sections are inserted for convenience of reference only and are not intended to be a part of or to affect the meaning or interpretations of this Agreement. Unless the context shall otherwise require, any reference to any agreement or other instrument or statute or regulation is to such agreement, instrument, statute or regulation as amended and supplemented from time to time (and, in the case of a statute or regulation, to any successor provision).

 

8


 

SECTION 1.04. Meaning of Day. Any reference in this Agreement to a “day” or a number of “days” (without the explicit qualification of “Business”) shall be interpreted as a reference to a calendar day or number of calendar days. If any action or notice is to be taken or given on or by a particular calendar day, and such calendar day is not a Business Day, then such action or notice shall be deferred until, or may be taken or given, on the next Business Day.
ARTICLE II
Representations and Warranties of ACI
ACI hereby represents and warrants to IBM that:
SECTION 2.01. Organization and Standing. ACI (a) is a corporation duly incorporated, validly existing and in good standing under the laws of the State of Delaware and (b) has all requisite power and authority to conduct its business as now conducted and as presently contemplated and to perform its obligations under the Alliance Agreements.
SECTION 2.02. Capital Stock, Warrants and Warrant Shares.
(a) The authorized Capital Stock of ACI consists of (i) 70,000,000 shares of common stock, par value $0.005, of ACI (“ACI Common Stock”) and (ii) 5,000,000 shares of preferred stock, par value $0.01, of ACI (“ACI Preferred Stock”). As of December 12, 2007, (1) 35,675,884 shares of ACI Common Stock were issued and outstanding and no shares of ACI Preferred Stock were issued and outstanding, (2) 5,145,632 shares of ACI Common Stock were held in the treasury of ACI and (3) 3,893,404 shares of ACI Common Stock were reserved for issuance upon (x) exercise of then-outstanding options to purchase ACI Common Stock and (y) payout of shares of ACI Common Stock pursuant to then-outstanding performance share awards based on targeted award amounts, including options and performance shares granted to officers, directors or employees of ACI pursuant to ACI’s incentive plans. Since December 12, 2007, other than upon exercise of options included in clause (3) of the immediately preceding sentence, (x) no shares of Capital Stock of ACI have been issued and (y) no options, warrants, securities convertible into, or commitments with respect to the issuance of shares of Capital Stock of ACI have been issued, granted or made.
(b) Except as set forth in Section 2.02(a), as of the date hereof, there are no outstanding subscriptions, options, calls, contracts, commitments, restrictions, arrangements, rights or warrants, including any right of conversion or exchange under any outstanding security, instrument or other agreement and also including any rights plan, obligating ACI or any Subsidiary of ACI to issue, deliver or sell, or to cause to be issued, delivered or sold, additional shares of the Capital Stock of ACI or obligating ACI or any of its Subsidiaries to grant, extend or enter into any such agreement or commitment. There are no outstanding stock appreciation rights or similar derivative securities or rights issued by ACI or any of its Subsidiaries or to which ACI or any of its Subsidiaries is a party.

 

9


 

(c) Each of the Warrants and the Warrant Shares have been duly authorized. When the Warrant Shares are issued and delivered in accordance with the terms of the respective Warrant Agreement, such Warrant Shares will have been validly issued and will be fully paid and nonassessassable and free from all taxes, liens, claims and encumbrances, and the issuance thereof will not have been subject to any purchase option, right of first refusal, subscription right or preemptive right or made in contravention of the Amended and Restated Certificate of Incorporation of ACI, as in effect on the date hereof (the “ACI Charter”) or the Amended and Restated Bylaws of ACI, as in effect on the date hereof (the “ACI Bylaws”) or any Applicable Law.
(d) ACI has reserved solely for issuance and delivery, upon the exercise of the Warrants, the number of shares of ACI Common Stock that would be issuable if the Warrants were exercised in full immediately after the execution and delivery of the Warrant Agreements.
(e) Neither ACI, nor any of its Affiliates, nor any Person acting on its or their behalf, has directly or indirectly made any offers or sales of any security or solicited any offers to buy any security under circumstances that would require registration, or the filing of a prospectus qualifying the distribution, of the Warrants being issued pursuant to the Warrant Agreements under the Securities Act or cause the issuance of the Warrants to be integrated with any prior offering of securities of ACI for purposes of the Securities Act.
(f) IBM will, upon issuance of the Warrant Shares, have the rights set forth in the Warrant Agreements and under the General Corporation Law of the State of Delaware.
(g) Except for registration of securities on Form S-8 pursuant to employee compensation and incentive plans of ACI, there are no agreements or plans in effect on the date of this Agreement pursuant to which ACI has agreed to register any of its securities under the Securities Act.
SECTION 2.03. Authorization. The execution, delivery and performance by ACI of the Alliance Agreements have been duly authorized by all necessary corporate action.
SECTION 2.04. No Conflicts. The execution, delivery and performance by ACI of the Alliance Agreements do not, and the performance of its obligations thereunder and compliance with the terms thereof by ACI will not, conflict with, or result in any violation of or default (with or without notice or lapse of time, or both) under, any provision of (i) the ACI Charter or the ACI Bylaws, (ii) any contract to which ACI or any of its Subsidiaries is a party or by which any of their respective properties or assets is bound or (iii) any Applicable Law, except, with respect to clause (ii) only, for such of the foregoing that is, individually and in the aggregate, immaterial to ACI and its Subsidiaries, taken as a whole, and that does not, individually or in the aggregate, affect the ability of ACI to timely perform its obligations under the Alliance Agreements.

 

10


 

SECTION 2.05. Execution and Delivery; Enforceability. Each Alliance Agreement has been duly executed and delivered by ACI, and is a legal, valid and binding obligation of ACI, enforceable against ACI in accordance with its terms, except as may be limited by applicable bankruptcy, insolvency, moratorium and other laws affecting the rights of creditors generally and general principles of equity.
SECTION 2.06. No Consents. No authorization, consent, approval, license, exemption or other action by, and no registration, qualification, designation, declaration or filing with, any Governmental Authority is or will be necessary (a) in connection with the execution and delivery by ACI of this Agreement and the other Alliance Agreements, the consummation of the transactions contemplated hereby and thereby, or the performance of or compliance with the terms and conditions hereof or thereof, or (b) to ensure the legality, validity and enforceability of any of the Alliance Agreements.
SECTION 2.07. No Litigation. As of the date hereof, there is no litigation or other proceeding pending or, to the knowledge of ACI, threatened against ACI or any of its Affiliates which, if adversely determined, could reasonably be expected to adversely affect the ability of ACI to perform its obligations hereunder or under any of the other Alliance Agreements.
SECTION 2.08. Financial Statements. The audited consolidated financial statements and unaudited consolidated interim financial statements of ACI included in the reports, schedules, forms, statements and other documents filed with the Commission by ACI since January 1, 2007 fairly present, in all material respects, the consolidated financial position of ACI and its Subsidiaries as of the dates thereof and their consolidated results of operations and cash flows for the periods then ended (subject to, in the case of unaudited interim financial statements, normal year end adjustments).
SECTION 2.09. ACI Software.
(a) Following Optimization pursuant to the Enablement Assistance Agreement, the ACI Software shall substantially comply with the specifications and requirements set forth in the Enablement Assistance Agreement.
(b) Following Optimization pursuant to the Enablement Assistance Agreement, the ACI Software that interacts in any capacity with monetary data that is required to be euro-ready at such time of use shall be euro-ready such that when used in accordance with its associated documentation it is capable of correctly processing monetary data in the euro denomination and respecting the euro currency formatting conventions (including the euro sign).
(c) The ACI Software and Deliverables furnished by ACI pursuant to the Enablement Assistance Agreement, prior to its use on any system or other medium in connection with the Enablement Assistance Agreement, shall be tested (in accordance with ACI’s applicable testing standards) for, and will not, to ACI’s knowledge, contain, Harmful Code.

 

11


 

SECTION 2.10. Performance of Services. ACI shall perform the Services using reasonable care and skill and in accordance with the Enablement Assistance Agreement.
SECTION 2.11. General. EXCEPT AS EXPRESSLY SET FORTH IN ANY ALLIANCE AGREEMENT, ACI EXPRESSLY DISCLAIMS ANY AND ALL EXPRESS OR IMPLIED WARRANTIES OF NON-INFRINGEMENT, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. EXCEPT AS EXPRESSLY SET FORTH IN ANY ALLIANCE AGREEMENT, ANY ACI SOFTWARE, SERVICES OR DELIVERABLES AND OTHER ITEMS FURNISHED BY ACI PURSUANT TO THE ENABLEMENT ASSISTANCE AGREEMENT OR ANY OTHER ALLIANCE AGREEMENT ARE PROVIDED ON AN “AS IS” BASIS.
ARTICLE III
Representations and Warranties of IBM
IBM hereby represents and warrants to ACI that:
SECTION 3.01. Organization and Standing. IBM (a) is a corporation duly incorporated, validly existing and in good standing under the laws of the State of New York and (b) has all requisite power and authority to conduct its business as now conducted and as presently contemplated and to perform its obligations under the Alliance Agreements.
SECTION 3.02. Warrants and Warrant Shares.
(a) The Warrants will be acquired for IBM’s own account for investment purposes and not with a view to any offering or distribution within the meaning of the Securities Act and any applicable state securities laws. IBM has no present intention of selling or otherwise disposing of the Warrants or the Warrant Shares in violation of such laws.
(b) IBM has sufficient knowledge and expertise in financial and business matters so as to be capable of evaluating the merits and risks of its investment in ACI. IBM understands that this investment involves a high degree of risk and could result in a substantial or complete loss of its investment. IBM is capable of bearing the economic risks of such investment.
(c) IBM acknowledges that ACI has indicated that the Warrants and the Warrant Shares have not been registered under the Securities Act by reason of their issuance in a transaction exempt from the registration requirements thereof, and that the Warrant Shares will bear a legend stating that such securities have not been registered under the Securities Act and may not be sold or transferred in the absence of such registration or an exemption from such registration.
SECTION 3.03. Authorization. The execution, delivery and performance by IBM of the Alliance Agreements have been duly authorized by all necessary corporate action.

 

12


 

SECTION 3.04. No Conflicts. The execution, delivery and performance by IBM of the Alliance Agreements do not, and the performance of its obligations thereunder and compliance with the terms thereof by IBM will not, conflict with, or result in any violation of or default (with or without notice or lapse of time, or both) under, any provision of (i) the Certificate of Incorporation of IBM, as in effect on the date hereof (the “IBM Charter”) or the By-laws of IBM, as in effect on the date hereof (the “IBM By-laws”), (ii) any contract to which IBM or any of its Subsidiaries is a party or by which any of their respective properties or assets is bound or (iii) any Applicable Law, except, with respect to clause (ii) only, for such of the foregoing that is, individually and in the aggregate, immaterial to IBM and its Subsidiaries, taken as a whole, and that does not, individually or in the aggregate, affect the ability of IBM to timely perform its obligations under the Alliance Agreements.
SECTION 3.05. Execution and Delivery; Enforceability. Each Alliance Agreement has been duly executed and delivered by IBM, and is a legal, valid and binding obligation of IBM, enforceable against IBM in accordance with its terms, except as may be limited by applicable bankruptcy, insolvency, moratorium and other laws affecting the rights of creditors generally and general principles of equity.
SECTION 3.06. No Consents. Except for any required filings with any Governmental Authority in connection with the exercise of the Warrants or the ownership of the Warrant Shares, no authorization, consent, approval, license, exemption or other action by, and no registration, qualification, designation, declaration or filing with, any Governmental Authority is or will be necessary (a) in connection with the execution and delivery by IBM of this Agreement and the other Alliance Agreements, the consummation of the transactions contemplated hereby and thereby, or the performance of or compliance with the terms and conditions hereof or thereof, or (b) to ensure the legality, validity and enforceability of any of the Alliance Agreements.
SECTION 3.07. No Litigation. As of the date hereof, there is no litigation or other proceeding pending or, to the knowledge of IBM, threatened against IBM or any of its Affiliates which, if adversely determined, could reasonably be expected to adversely affect the ability of IBM to perform its obligations hereunder or under any of the other Alliance Agreements.
SECTION 3.08. Provision of Assistance. IBM shall provide the IBM Assistance using reasonable care and skill in accordance with the Enablement Assistance Agreement.
SECTION 3.09. General.
(a) The IBM Software and Deliverables furnished by IBM pursuant to the Enablement Assistance Agreement, prior to its use on any system or other medium in connection with the Enablement Assistance Agreement, shall be tested (in accordance with IBM’s applicable testing standards) for, and will not, to IBM’s knowledge, contain, Harmful Code.

 

13


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT
THE PORTIONS OF THIS DOCUMENT DENOTED
BY BOXES AND ASTERISKS BE ACCORDED
CONFIDENTIAL TREATMENT PURSUANT TO
RULE 24b-2 PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1934.
(b) EXCEPT AS EXPRESSLY SET FORTH IN ANY OF THE ALLIANCE AGREEMENTS, IBM EXPRESSLY DISCLAIMS ANY AND ALL EXPRESS OR IMPLIED WARRANTIES OF NON-INFRINGEMENT, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. EXCEPT AS EXPRESSLY SET FORTH IN ANY ALLIANCE AGREEMENT, ANY IBM RESOURCES, IBM ASSISTANCE, IBM SOFTWARE AND OTHER ITEMS FURNISHED BY IBM PURSUANT TO THE ENABLEMENT ASSISTANCE AGREEMENT, THE STAFF AUGMENTATION AGREEMENT OR ANY OTHER ALLIANCE AGREEMENT ARE PROVIDED ON AN “AS IS” BASIS.
ARTICLE IV
Covenants
SECTION 4.01. [*]
SECTION 4.02. Notices. Each of ACI and IBM shall furnish to the other Party prompt written notice of the following:
(a) any notice or other communication from any Governmental Authority in connection with the Alliance; and
(b) any commencement of any litigation against ACI or IBM, as the case may be, in respect of the Alliance.
SECTION 4.03. Further Action. From time to time after the date hereof, ACI and IBM agree to execute and deliver, and to cause their respective Subsidiaries to execute and deliver, such other documents, certificates, agreements and other writings and to take such other actions as may be necessary or desirable in order to consummate or implement the transactions contemplated hereby and by the other Alliance Agreements.
SECTION 4.04.
[*]
SECTION 4.05.
[*]

 

14


 

ARTICLE V
Management and Governance
SECTION 5.01. Alliance Management Teams. Promptly after the date hereof, each of the Parties shall establish an Alliance Management Team (each, an “AMT”) responsible for the successful implementation of the Alliance and the facilitation of successful communication between IBM and ACI. One of the dedicated representatives of the AMT of each Party will be designated as that Party’s Alliance Executive (the “Alliance Executive”) and will (i) be responsible for reaching agreement on targets for sales, marketing, development and services priorities, (ii) be responsible for managing the day-to-day activities of such Party’s AMT under this Agreement, (iii) have operational responsibility for the success of the Alliance and (iv) be responsible for managing the requirements of the Alliance across all of ACI’s or IBM’s business units, as applicable.
SECTION 5.02. Alliance Management Council.
(a) The Parties shall establish an Alliance Management Council (the “AMC”) that will be responsible for overseeing all operational aspects of the Alliance. The AMC shall consist of five persons nominated by IBM and five persons nominated by ACI as follows:
(i) the Alliance Executive of such Party;
(ii) an executive of such Party responsible for sales and marketing priorities relating to the Alliance (the “Sales Executive”);
(iii) an executive of such Party responsible for development priorities relating to the Alliance (the “Development Executive”);
(iv) an executive of such Party responsible for migration priorities relating to the Alliance (the “Migration Executive”); and
(v) an executive of such Party responsible for finance priorities relating to the Alliance (the “Finance Executive”).
(b) The AMC shall meet (i) from the date hereof through March 31, 2008, no less than on a weekly basis and on a consistent day and time as the Parties shall agree and (ii) thereafter, as frequently as the Parties shall agree, on dates and at times as the Parties shall agree. Meetings of the AMC shall be held at such location as the Parties shall agree or by telephone conference; provided that, in any case, the AMC shall meet at least once a month in person.
(c) In preparation for the meetings of the AMC contemplated by Section 5.02(b), (i) the Sales Executives of each Party, (ii) the Development Executives of each Party and (iii) the Migration Executives of each Party, shall each meet with each other (x) from the date hereof through March 31, 2008, no less than on a weekly basis and on a consistent day and time as the Parties shall agree and (y) thereafter, as frequently as the Parties shall agree at such location as the Parties shall agree or by telephone conference.

 

15


 

(d) The presence of at least three AMC members of IBM and at least three AMC members of ACI at a meeting of the AMC shall constitute a quorum.
(e) No action specified in this Section 5.02 may be validly taken by the AMC without the unanimous consent of the members of the AMC at a meeting of the AMC where a quorum has been established in accordance with clause (d) of this Section 5.02.
SECTION 5.03. Senior Alliance Executive.
(a) Each Party will designate a single executive (each, a “Senior Alliance Executive”) with responsibility for the overall success of the Alliance. The initial Senior Alliance Executive for each Party shall be as follows:
(i) For IBM: William Zeitler, Senior Vice President and Group Executive, IBM Systems & Technology Group; and
(ii) For ACI: Philip Heasley, Chief Executive Officer.
(b) To ensure the successful start-up, effective ongoing operations and overall achievement of the objectives of the Alliance, the Senior Alliance Executives of each Party will meet (i) from the date hereof through March 31, 2008, no less than on a monthly basis and (ii) thereafter, on a quarterly basis, in each case with each such meeting taking place on a day and at a time as the Parties shall agree. Each Party will be responsible for its own costs associated with such meetings.
ARTICLE VI
Other Agreements
SECTION 6.01. Grant of Warrants. Simultaneously herewith, ACI hereby grants to IBM warrants (the “Warrants”) to purchase (a) 1,427,035 shares of ACI Common Stock at a price of $27.50 per share and (b) 1,427,035 shares of ACI Common Stock at a price of $33.00 per share. The terms and conditions of the Warrants are set forth in the Warrant Agreements executed simultaneously with this Agreement.
SECTION 6.02. Publicity and Disclosure.
(a) IBM and ACI each agree to issue the joint press release announcing the Alliance in the form attached as Exhibit C-1 hereto on December 17, 2007, and agree that ACI shall include, in its press release on such date, the language set forth on Exhibit C-2 attached hereto.

 

16


 

(b) Except as expressly contemplated by Section 6.02(a), IBM and ACI each agree that (i) no public release or announcement concerning the Alliance shall be issued or made and (ii) none of the Alliance Agreements or any related documents (including, when signed, the Services Agreement) shall be publicly disclosed or filed, in each case by either Party or any of its Affiliates or any of its representatives, without the prior written consent of the other Party; provided that each of IBM and ACI may make internal announcements to their respective employees and ordinary course investors, customers, business partners and public relations communications, in each case that are consistent with the Parties’ prior public disclosures regarding the Alliance; and provided, further, that, subject to the following provisions of this Section 6.02(b), each of IBM and ACI may make such public disclosure as it determines in good faith is required by Applicable Law. In the event that a Party determines in good faith that disclosure or filing of an Alliance Agreement or any related document is required by Applicable Law, such Party shall, prior to any such disclosure or filing (and, other than in the case of any such disclosure or filing with the Commission, if and to the extent that such Party determines that it may do so pursuant to Applicable Law) (i) redact all information of a confidential or competitively sensitive nature, (ii) allow the other Party reasonable time to review such redacted Alliance Agreement or related document, and (iii) make such further redactions as are reasonably proposed by the reviewing Party. In the event that any Governmental Authority, including the Commission, challenges or otherwise disputes any such redactions to the provisions of any Alliance Agreement or any related document, the Parties shall cooperate and use reasonable best efforts to defend and obtain the agreement of such Governmental Authority to such redactions and, in any event, each Party shall (or, in the case of any Governmental Authority other than the Commission, shall use its reasonable best efforts to) provide the other Party with reasonable advance notice of any subsequent disclosure or filing of any such Alliance Agreement or related document containing any previously redacted information.
(c) The Parties shall cooperate with each other in good faith in (x) joint public relations announcements not contemplated by paragraph (b) above that are approved in writing in advance by both Parties and (y) other ongoing joint public relations in respect of the Alliance, as mutually agreed by the Parties.
SECTION 6.03. Facilities. Unless expressly required pursuant to any other Alliance Agreement, or as otherwise agreed by the Parties, the Parties will satisfy their obligations under the Alliance Agreements at their respective facilities.
SECTION 6.04. Logo Licensing.
(a) Each Party hereby grants the other Party a worldwide, non-exclusive, non-transferable, right and license to use the other Party’s Logo (the ACI Logo or the IBM Logo, as the case may be), such right and license to expire upon the effective date of the termination of the Base Alliance Agreements in accordance with Article VIII, solely on Marketing Materials and solely on the other Party’s Website in strict accordance with the terms of this Section 6.04. Each Party agrees to display and use the other Party’s Logo solely in the form, manner and style required by the IBM Logo Usage Guidelines and the ACI Logo Usage Guidelines listed in Annexes A and B, as applicable.

 

17


 

(b) All ownership rights in each Party’s Logo belong exclusively to that Party. Neither Party has any ownership rights in the other Party’s Logo and shall not acquire any ownership rights in the other Party’s Logo as a result of its performance (or breach) of this Section 6.04. All use and goodwill created from such use of the other Party’s Logo or variations thereon shall inure solely to the benefit of the owning Party. Upon termination of this Agreement all rights to use the other Party’s Logo shall terminate immediately except as otherwise provided herein.
(c) Each Party agrees:
(i) not to take any action which will interfere with any of the other Party’s rights in and to the other Party’s Logo;
(ii) not to challenge the other Party’s right, title or interest in and to its Logo or the benefits therefrom;
(iii) not to make any claim or take any action adverse to the other Party’s ownership of its Logo;
(iv) not to register or apply for registrations, anywhere, for the other Party’s Logo or any other mark which is similar to the other Party’s Logo or which incorporates the other Party’s Logo; and
(v) not to use any mark, anywhere, which is confusingly similar to the other Party’s Logo.
(d) Each Party agrees that it is of fundamental importance that each Party’s Website and Marketing Materials bearing the other Party’s Logo be of the highest quality and integrity and that each Party’s Logo be properly used and displayed. For that reason, each Party shall present its proposed use of the other Party’s Logo, and any significant variations in any previously approved use, on its Website or Marketing Materials to the other Party for approval no less than 20 days prior to its proposed use and shall not make use of the other Party’s Logo or any significant variation thereof until such approval is received in writing from the other Party. Failure to meet the quality standards set forth in this Section 6.04(d) shall be deemed to be a breach hereof for which this Agreement may be terminated by the Terminating Party in accordance with Section 8.02 (including the provisions thereof with respect to notice, cure and remedy).
(e) Each Party agrees to notify the other Party within ten Business Days if it becomes aware of:
(i) any uses of, or any application or registration for, a trademark, service mark or trade name that conflicts with or is confusingly similar to the other Party’s Logo;
(ii) any acts of infringement or unfair competition involving the other Party’s Logo; or
(iii) any allegations or claims whether or not made in a lawsuit, that the use of either Logo by either Party infringes the trademark or service mark or other rights of any other entity.

 

18


 

(f) Each Party may, but shall not be required to, take whatever action it, in its sole discretion, deems necessary or desirable to protect the validity and strength of its Logo at its sole expense. Each Party agrees to comply with all reasonable requests from the other Party for assistance in connection with any action with respect to the other Party’s Logo that the other Party may choose to take. Neither Party shall institute or settle any claims or litigation affecting any rights in and to the other Party’s Logo without the other Party’s prior written approval.
(g) Neither Party may, either directly or indirectly, sublicense, assign or in any way encumber the license granted pursuant to clause (a) of this Section 6.04. Any attempt to do so shall (i) be void and of no effect, (ii) be deemed to be a breach hereof for which this Agreement may be terminated by the Terminating Party in accordance with Section 8.02 (including the provisions thereof with respect to notice, cure and remedy) and (iii) result in the termination of the license granted pursuant to clause (a) of this Section 6.04 effective immediately upon receipt of a notice so stating.
SECTION 6.05. Pricing. Each Party will be responsible for establishing its respective end user customer pricing and terms of sale independently for its own products.
SECTION 6.06. Termination of Existing Agreements. Each of ACI and IBM hereby terminate (a) the Existing Alliance Agreement, (b) the Existing Sales Incentive Agreement and (c) the Confidentiality Agreement, and the Parties agree that each of the Existing Alliance Agreement, the Existing Sales Incentive Agreement and the Confidentiality Agreement cease to be of any further force or effect. In connection with the foregoing, IBM and ACI each hereby irrevocably waive the obligations of the other Party pursuant to (i) in the case of the Existing Alliance Agreement, Section 1.4 thereof, (ii) in the case of the Existing Sales Incentive Agreement, Section 11 thereof, and (iii) in the case of the Confidentiality Agreement, the fifth paragraph of Section 7 thereof, in each case with respect to the procedure for the termination by the Parties of such agreements.
SECTION 6.07. Services Agreement.
(a) Each Party agrees to negotiate in good faith, until the earlier of (x) the date on which a definitive agreement with respect thereto is entered into by the Parties and (y) March 31, 2008, a Services Agreement based on the terms set forth in Exhibit D hereto.

 

19


 

(b) The Parties agree that, in connection with the negotiation of the Services Agreement, IBM intends to conduct a detailed due diligence review of ACI’s operations. Such due diligence process shall include the review of technical details, procurement, financial projections and other relevant topics as the Parties may mutually agree. ACI agrees to provide representatives of IBM with access, during normal business hours and upon reasonable notice, to ACI’s internal information technology operations, contracts and financial statements, and shall make appropriate representatives of ACI available for the discussion of matters regarding such operations and the related outsourcing. IBM agrees to respond to ACI’s reasonable inquiries regarding IBM’s outsourcing operations and to provide to ACI relevant supporting information regarding the services to be provided under the Services Agreement.
(c) Notwithstanding the foregoing, neither Party shall have any obligation with respect to the proposed outsourcing unless and until the Parties have entered into a definitive agreement with respect to such services.

 

20


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT
THE PORTIONS OF THIS DOCUMENT DENOTED
BY BOXES AND ASTERISKS BE ACCORDED
CONFIDENTIAL TREATMENT PURSUANT TO
RULE 24b-2 PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1934.
SECTION 6.08. Payments.
(a) IBM agrees to pay, in the following installments and, in the case of clauses (ii) and (iii) below, upon the achievement of the following milestones, up to $[*] to ACI as follows:
(i) $33,333,334.00 following the execution by both Parties of the Alliance Agreements on the date hereof in consideration for the Warrants (the “Initial Payment”) to be paid as soon as practicable on December 17, 2007;
(ii)
[*]
(iii)
[*]
(b)
[*]
SECTION 6.09. Transition Obligations.
(a) In the event of any termination of the Base Alliance Agreements in accordance with Article VIII, the AMC and the Senior Alliance Executives will discuss the respective obligations of the Parties in connection with any customer engagements existing on the effective date of such termination, including (a) the commitments of the Parties to cooperate with each other in the performance of such obligations and (b) the respective services to be provided by the Parties in connection with such customer engagements of the nature, for a period of time and on terms and conditions that are agreed upon by the AMC and the Senior Alliance Executives; provided that, in any event, the respective commitments of each Party to perform such obligations shall not be for a period of less than six months, unless otherwise agreed upon by the AMC and the Senior Alliance Executives.
(b) For a period of one year following the date that the termination of the Base Alliance Agreements in accordance with Article VIII is effective, IBM shall continue to pay Incentives as contemplated by Section 1(a)(iii) of Attachment A to the Sales and Marketing Agreement.

 

21


 

SECTION 6.10. Intellectual Property. Additional or conflicting intellectual property terms, including commercial terms, set forth in any Enablement Project Attachment, Transaction Document or other similar document agreed upon by the Parties concerning a specific engagement, work or project shall take precedence over the intellectual property terms in this Section 6.10.
(a) ACI shall retain all rights in and to its pre-existing intellectual property. Except as expressly set forth in any Alliance Agreement, no right, title or license in or to the pre-existing ACI intellectual property is granted to IBM. IBM shall retain all rights in and to its pre-existing intellectual property. Except as expressly set forth in any Alliance Agreement, no right, title or license in or to pre-existing IBM intellectual property is granted to ACI.
(b) Except as provided in paragraphs (d) and (e) below, each Party shall own its Sole Inventions and hereby grants the other Party a worldwide, perpetual, irrevocable, nonexclusive, nontransferable, royalty-free, fully paid-up license under such Sole Inventions and Patents issuing under such Sole Inventions to (i) use, have used, make, have made, lease, sell, offer for sale, import, and otherwise transfer or license any product, (ii) provide any service and (iii) practice and have practiced any method or process and, in each case, to permit others to do any of the foregoing on behalf of the licensed party.
(c) Except as provided in paragraphs (d) and (e) below, each Joint Invention will be jointly owned and each Party will have the right to license such Joint Invention to third parties without consent from or accounting to the other Party. The parties shall cooperate and mutually agree upon all matters regarding registration, maintenance, enforcement and defense of the Joint Inventions, excluding Joint Inventions applicable to CELL Technology (as defined in the Enablement Assistance Agreement), with respect to which IBM shall make all such decisions and take all such actions.
(d) No license is granted to IBM with respect to ACI’s Sole Inventions that are uniquely applicable to, or the primary basis of which, is ACI Software.
(e) Sole Inventions or Joint Inventions that are applicable to CELL Technology will be solely owned by IBM and IBM hereby grants to ACI a worldwide, perpetual, irrevocable, nonexclusive, nontransferable, royalty-free, fully paid-up license under such Sole Inventions and Joint Inventions and Patents issuing thereunder to (i) use, have used, make, have made, lease, sell, offer for sale, import and otherwise transfer or license CELL Technology in conjunction with the Optimized Product, (ii) provide any service related to CELL Technology and the ACI Optimized Software and (iii) practice and have practiced any method or process related to CELL Technology in conjunction with ACI Optimized Software.

 

22


 

(f) When IBM develops and provides Materials to ACI under the Staff Augmentation Agreement, ACI shall own such Materials and hereby grants to IBM a nonexclusive, worldwide, royalty-free license to use, execute, display, perform and distribute (within its enterprise only) copies of such Materials solely for purposes of performing tasks under a Base Alliance Agreement; provided however, that where the Materials are indicated in a Transaction Document or Attachment to be “Other Deliverable Materials”, IBM will own the “Other Deliverable” Materials and hereby grants to ACI an irrevocable, nonexclusive, worldwide, royalty-free, paid-up license to use, execute, reproduce, display, perform, distribute (within its enterprise only) and prepare derivative works based thereon.
(i) When one Party (the “Subcontractor”) develops and provides Materials under a Subcontracting Agreement to the other Party (the “Prime Contractor”) or to the customer as specified in a Transaction Document, the Prime Contractor (or, if requested by the Prime Contractor, the Customer) shall own such Materials and hereby grants to the Subcontractor a nonexclusive, worldwide, royalty-free, paid-up license to use, execute, display, perform and distribute (within its enterprise only) copies of such Materials solely for purposes of performing tasks under a Base Alliance Agreement, provided however, that:
(A) where the Subcontractor is ACI and the Prime Contractor is IBM, ACI (or the customer, if requested by IBM, on behalf of the customer) shall own such Materials and hereby grants or authorizes the customer to grant, to ACI and IBM a nonexclusive, worldwide, perpetual, irrevocable, royalty-free, paid-up license to use, execute, display, modify, copy, perform, sublicense and distribute internally, or externally solely to the customer specified in the Transaction Document, copies of such Materials, and
(B) where the Materials are indicated in a Transaction Document or Attachment to be “Other Deliverable Materials”, the Subcontractor will own the “Other Deliverable” Materials and hereby grants the Prime Contractor an irrevocable, nonexclusive, worldwide, royalty-free, paid-up license to use, execute, reproduce, display, perform, distribute (within its enterprise only) and prepare derivative works based thereon.
(ii) Materials that are created by either Party pursuant to Attachment D to the Sales and Marketing Agreement (and not pursuant to the Staff Augmentation Agreement or the Subcontracting Agreements) will be owned by the Party that creates such Materials and each Party hereby grants the other Party a nonexclusive, worldwide, royalty-free license to use, execute, display, perform and distribute (within its enterprise only) copies of such Materials solely for purposes of performing tasks under Attachment D to the Sales and Marketing Agreement for customer engagements.
(g) To the extent required in connection with performance of the Parties’ obligations under the Alliance Agreements, the Parties grant the following demonstration licenses, testing licenses and other licenses between the Parties:
(i) In connection with the Sales and Marketing Agreement, for the term of the Base Alliance Agreements, each Party hereby grants the other a nonexclusive, worldwide, fully paid up, royalty-free, nontransferable, right and license to use, execute, reproduce, perform, display, link, translate into any language or form and copy (A) the Combined Solution in object code form only, or any portion thereof, and (B) Marketing Materials (as defined in the Sales and Marketing Agreement), solely for the purpose of and to the extent necessary for marketing, demonstrating, and promoting the Combined Solution internally and externally in connection with performing the sales and marketing activities under the Sales and Marketing Agreement; and

 

23


 

(ii) in connection with the Enablement Assistance Agreement and Attachment D to the Sales and Marketing Agreement, ACI hereby grants to IBM an irrevocable, worldwide, fully paid up, royalty-free, non-exclusive, non-transferable license to use, execute, copy, reproduce, configure, interface to display, perform, link (as a step to building executable code), compile, translate into any language or form, combine with other software or hardware, transfer (internally only) and transmit (internally only) the Optimized Products in source code (but only to the extent that ACI has provided such source code to its customers) and object code form solely for the purpose of and to the extent necessary (A) for IBM to internally install the Optimized Product on IBM systems for the purpose of benchmarking, tuning and testing, to perform trouble-shooting and problem determination, and developing and deploying system integration capabilities, tools, scripts, programs, and middleware configurations for the Optimized Product, (B) to test and distribute within a customer’s enterprise, subject to the customer’s license from ACI, (C) to provide support of customers concerning their Combined Solution and (D) otherwise as reasonably required for IBM to perform activities described in the Sales and Marketing Agreement.
(h) Except as provided above, neither Party grants any other licenses pursuant to, but shall negotiate in good faith concerning further licenses that may be required to perform the activities under, the Alliance Agreements.
(i) Either Party may disclose, publish, disseminate and use the ideas, concepts, know-how and techniques, related to the other Party’s business activities, which are contained in the intellectual property of the other Party and retained in the unaided memories of the employees who have access to such intellectual property pursuant to this Section 6.10 (“Residual Ideas”); provided that nothing contained in this Section 6.10 gives the Party with such Residual Ideas the right to disclose, publish or disseminate, except as set forth elsewhere in this Section 6.10, the source of such Residual Ideas.
(j) ACI acknowledges that IBM is in the business of providing consulting services and developing computer software for a wide variety of clients and ACI understands that IBM will continue these activities. IBM acknowledges that ACI is in the business of developing electronic payment software applications and IBM understands that ACI will continue these activities. Accordingly, nothing in this Section 6.10 will preclude or limit IBM from providing consulting services or developing software or materials for itself or other entities, or ACI from developing electronic payment software applications, irrespective of the possible similarity to materials which might be delivered to or received from the other Party, including screen formats, structure, sequence and organization. Notwithstanding the foregoing, nothing in this paragraph shall be deemed to diminish either Party’s obligations with respect to Confidential Information set forth in Article IX hereof or expand the scope of any license rights set forth in this Section 6.10.

 

24


 

ARTICLE VII
Delivery
SECTION 7.01. Delivery. On the date hereof:
(a) IBM shall deliver to ACI:
(i) counterparts of each Alliance Agreement executed by duly authorized representatives of IBM; and
(ii) the Initial Payment, in immediately available funds, wired to a bank account that has been designated by ACI not later than three Business Days prior to the date hereof, such Initial Payment to be subject to Section 6.08(b).
(b) ACI shall deliver to IBM:
(i) counterparts of each Alliance Agreement executed by duly authorized representatives of ACI; and
(ii) ACI shall deliver to IBM an executed receipt in the form of Exhibit E hereto evidencing receipt by ACI of the Initial Payment.
ARTICLE VIII
Term and Termination
SECTION 8.01. Term. The Base Alliance Agreements shall commence and become effective on the date hereof and, subject to Section 8.02, shall terminate on the fifth anniversary of the date hereof in the event that either Party provides a Termination Notice (an “Initial Termination Notice”) to the other Party on or prior to the fourth anniversary of the date hereof of its termination of the Base Alliance Agreements. Any such Initial Termination Notice shall terminate the Base Alliance Agreements effective as of the fifth anniversary of the date hereof. If neither Party timely provides the other Party with an Initial Termination Notice, the Base Alliance Agreements shall continue to be effective until the date that is at least two years from the date that either Party provides a Termination Notice to the other Party, subject to Section 8.02; provided that, in any event, if not earlier terminated pursuant to this Article VIII, the Base Alliance Agreements shall terminate, with or without notice by either Party, on the tenth anniversary of the date hereof.

 

25


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT
THE PORTIONS OF THIS DOCUMENT DENOTED
BY BOXES AND ASTERISKS BE ACCORDED
CONFIDENTIAL TREATMENT PURSUANT TO
RULE 24b-2 PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1934.
SECTION 8.02. Termination. Notwithstanding anything in Section 8.01 to the contrary, but subject to Section 8.04,
(a) IBM shall be entitled to terminate all of the Base Alliance Agreements at any time upon delivery to ACI of a Termination Notice in the event that a Change in Control occurs, which termination shall be effective upon such delivery; provided that IBM may only deliver a Termination Notice pursuant to this Section 8.02(a) (i) within 60 days after the occurrence of a Change in Control and (ii) after each of the AMC and the Senior Alliance Executives have engaged in discussions with respect to the impact of such Change in Control on the Alliance (unless ACI’s AMC members or Senior Alliance Executive are unwilling or consistently unavailable to engage in such discussions); and
(b) either Party (the “Terminating Party”) shall be entitled to terminate all of the Base Alliance Agreements at any time upon delivery to the other Party (the “Defaulting Party”) of a Termination Notice, which termination shall be effective upon such delivery, in the event that:
(i) the Defaulting Party is in material breach of any provision of this Agreement or any other Alliance Agreement and the nature of such breach is such that it is not capable of being remedied or, if such breach is capable of being remedied, the Defaulting Party fails to remedy such breach to the reasonable satisfaction of the Terminating Party within an amount of time designated by the Terminating Party in a written notice from the Terminating Party specifying the breach and requesting remedy of such breach within a reasonably designated amount of time (but in no event fewer than 60 days, unless mutually agreed otherwise) that, in the good faith opinion of the Terminating Party, is reasonable on the basis and in the context of the nature of such breach;
(ii) the Defaulting Party consistently breaches this Agreement or any other Alliance Agreement to an extent which in the aggregate amounts to a material breach that is unable to be remedied; or
(iii) Bankruptcy occurs in respect of the Defaulting Party;
provided that a Terminating Party may only provide a notice of breach or a Termination Notice pursuant to clause (i) or (ii) of this Section 8.02(b) after each of the AMC and the Senior Alliance Executives have engaged in discussions with respect to any such material breach (unless the Defaulting Party’s AMC members or Senior Alliance Executive are unwilling or consistently unavailable to engage in such discussions).
SECTION 8.03. Termination Notice. Any notice of termination (a “Termination Notice”) shall specify the following in reasonable detail:
(a) the terminating Party’s basis for such termination;
(b) the effective date of termination; and
(c)
(d) [*]

 

26


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT
THE PORTIONS OF THIS DOCUMENT DENOTED
BY BOXES AND ASTERISKS BE ACCORDED
CONFIDENTIAL TREATMENT PURSUANT TO
RULE 24b-2 PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1934.
SECTION 8.04. Effect of Termination. At the time that termination of the Base Alliance Agreements in accordance with Section 8.01 or Section 8.02 is effective, (x) except as expressly provided below or in any Base Alliance Agreement, all of the obligations of the Parties under the Base Alliance Agreements shall terminate and cease to be of further force or effect and (y) [*]. Any such termination shall not release either Party from any liability that has already accrued as of the effective date of such termination and shall not constitute a waiver or release of, or otherwise be deemed to prejudice or adversely affect, any rights, remedies or claims which a Party may have hereunder, at law, equity or otherwise or which may arise out of or in connection with such termination. In addition, the following provisions shall survive the termination of the Base Alliance Agreements and remain in full force and effect in accordance with their terms:
(i) Article II (Representations and Warranties of ACI);
(ii) Article III (Representations and Warranties of IBM);
(iii) Section 6.02 (relating to publicity and disclosure);
(iv) [*]
(v) Section 6.09 (relating to transition obligations);
(vi) Section 6.10 (relating to intellectual property)
(vii) this Article VIII;
(viii) Article IX (Confidentiality);
(ix) Article X (Indemnification and Limitation on Liability);
(x) Article XI (Dispute Resolution);
(xi) Article XII (Miscellaneous); and
(xii) each provision of each other Base Alliance Agreement that, by the express terms of such Base Alliance Agreement, survives the termination of the Base Alliance Agreements.

 

27


 

ARTICLE IX
Confidentiality
SECTION 9.01. Confidential Information. IBM and ACI agree that (a) information disclosed by the disclosing Party (the “Disclosing Party”) to the other Party (the “Receiving Party”), both prior to and after the date hereof, in connection with the Alliance includes technical, marketing, financial, commercial and other proprietary information and is disclosed for the sole purpose of successfully effecting the Alliance and (b) the mutual objective of the Parties pursuant to this Article IX is to provide appropriate protection of such Confidential Information while maintaining the ability of the Parties to conduct their respective business activities. Any such technical, marketing, financial, commercial and other proprietary information disclosed by a Disclosing Party shall be deemed to be confidential information if it is disclosed (i) in writing and marked “confidential” at the time of such disclosure by the Disclosing Party, or (ii) by oral and/or visual presentation and either designated in advance as “confidential” by the Disclosing Party or readily apparent as confidential disclosure (any such information, “Confidential Information”).
SECTION 9.02. Confidentiality Obligations.
(a) The Receiving Party agrees to use the same care and discretion to avoid disclosure, publication or dissemination of the Disclosing Party’s Confidential Information as it uses with its own similar information that it does not wish to disclose, publish or disseminate; provided that the inherent disclosure of ideas, concepts, know-how or techniques contained in the Disclosing Party’s Confidential Information by the Receiving Party in the use, distribution or marketing of any product or service in connection with activities performed under the Enablement Assistance Agreement shall not be deemed to be in violation of the Receiving Party’s obligations under this Section 9.02(a). Notwithstanding anything to the contrary in any Alliance Agreement, the Receiving Party may use the Disclosing Party’s Confidential Information solely in connection with activities contemplated by the Alliance. The Receiving Party may disclose the Disclosing Party’s Confidential Information to the following parties:
(i) its employees and employees of its Subsidiaries who have a need to know;
(ii) any other party with the Disclosing Party’s prior written consent; and
(iii) where IBM is the Receiving Party, IBM may disclose ACI’s Confidential Information to IBM’s Business Partners and, where ACI is the Receiving Party, ACI may disclose IBM’s Confidential Information to ACI’s authorized distributors, in each case solely with respect to activities performed under the Alliance Agreements;

 

28


 

provided that, prior to any such disclosure pursuant to clause (iii) above, the Receiving Party must have a written agreement in a customary form with such party sufficient to require that party to treat such Confidential Information in accordance with this Article IX.
(b) The Receiving Party may disclose the Disclosing Party’s Confidential Information as required by Applicable Law; provided that (i) if reasonably practicable, the Receiving Party gives the Disclosing Party reasonable notice and opportunity to seek an appropriate protective order or waive compliance with this Article IX and (ii) such Receiving Party shall comply with the provisions under Section 6.02(b), if applicable. If the Disclosing Party waives compliance with this Article IX in accordance with clause (i) of this Section 9.02(b), or after a reasonable amount of time has elapsed from the Receiving Party’s notice, a protective order has not been entered (and, if applicable, the Parties have complied with Section 6.02(b)), the Receiving Party may disclose that portion of such Confidential Information which its in-house or outside counsel advises that it is compelled to disclose.
(c) Non-public information of ACI may also be considered material to ACI for purposes of Federal and state securities laws and Commission rules and regulations. IBM acknowledges that it is aware of the United States securities laws regarding the possession of material non-public information concerning a company whose shares are publicly traded on an exchange.
(d) (i) ACI acknowledges that IBM is in the business of providing consulting services and developing computer software for a wide variety of clients and ACI understands that IBM will continue these activities and (ii) IBM acknowledges that ACI is in the business of developing electronic payment software applications and IBM understands that ACI will continue these activities. Accordingly, nothing in this Article IX shall preclude or limit IBM from providing consulting services and/or developing software or materials for itself or other entities, or ACI from developing electronic payment software applications, irrespective of the possible similarity to materials which might be delivered to or received from the other Party, including screen formats, structure, sequence and organization.
(e) The Receiving Party shall, upon written request by the Disclosing Party, at any time, instruct its personnel that have been granted access to Confidential Information to promptly destroy any Confidential Information in their possession; provided that the Receiving Party shall be permitted to retain a copy of such Confidential Information solely for archival purposes. Notwithstanding the destruction of Confidential Information, or the failure to so destroy Confidential Information, the Parties shall continue to be bound, for any remaining term hereunder, by the rights and obligations of confidentiality hereunder.
(f) Notwithstanding anything to the contrary in this Article IX, in the event of any breach or threatened breach of any of the provisions of this Article IX, the aggrieved Party, in addition to any other remedies it may have at law or in equity, is entitled to seek injunctive relief.

 

29


 

SECTION 9.03. Confidentiality Period. Confidential Information disclosed pursuant to this Article IX will be subject to the terms of this Article IX for three years from the initial date of disclosure of such Confidential Information. In addition, at the request of a Party on a case-by-case basis, prior to the disclosure of any particular Confidential Information, the Parties shall discuss whether a longer confidentiality period is appropriate with respect to such Confidential Information.
SECTION 9.04. Exceptions to Confidentiality Obligations. Notwithstanding any provision of this Article IX, the Receiving Party may disclose, publish, disseminate and use Confidential Information that is:
(a) already in its possession without obligation of confidentiality;
(b) developed independently;
(c) obtained from a source other than the Disclosing Party without obligation of confidentiality;
(d) publicly available when received, or thereafter becomes publicly available through no fault of the Receiving Party; or
(e) disclosed by the Disclosing Party to another party without obligation of confidentiality.
SECTION 9.05. Residual Information. The Receiving Party may disclose, publish, disseminate and use the ideas, concepts, know-how and techniques, related to the Receiving Party’s business activities, which are contained in the Confidential Information disclosed by the Disclosing Party and retained in the unaided memories of the Receiving Party’s employees who have access to such Confidential Information pursuant to this Article IX (such Confidential Information, “Residual Information”); provided that nothing contained in this Section 9.05 gives the Receiving Party the right to disclose, publish or disseminate, except as set forth elsewhere in this Article IX:
(a) the source of Residual Information;
(b) any financial, statistical or personnel data of the Disclosing Party; or
(c) the business plans of the Disclosing Party.
SECTION 9.06. Disclaimers.
(a) All Confidential Information disclosed by the Disclosing Party is provided solely on an “as is” basis.
(b) The Disclosing Party shall not be liable for any damages arising out of the use of Confidential Information disclosed pursuant to this Article IX.

 

30


 

(c) Neither this Article IX, nor any disclosure of Confidential Information, grants the Receiving Party any right or license under any trademark, copyright or patent now or hereafter owned or controlled by the Disclosing Party.
(d) Disclosure of Confidential Information containing business plans is for planning purposes only. The Disclosing Party may change or cancel its plans at any time. Use of such Confidential Information is at the Receiving Party’s own risk.
(e) Nothing in this Article IX requires either Party to disclose or to receive Confidential Information.
(f) The receipt of Confidential Information pursuant to this Article IX will not preclude, or in any way limit, the Receiving Party from:
(i) providing to others products or services which may be competitive with products or services of the Disclosing Party;
(ii) providing products or services to others who compete with the Disclosing Party; or
(iii) assigning its employees in any way it may choose.
ARTICLE X
Indemnification and Limitation on Liability
SECTION 10.01. Indemnification. If a third party claims that any product, service, material or deliverable provided by a Party (the “Indemnifying Party”) to any customer or to the other Party (the “Indemnified Party”), infringes such third party’s patent, trademark or copyright, the Indemnifying Party will defend the Indemnified Party against that claim at the Indemnifying Party’s expense, and shall pay all costs, damages and attorney’s fees that a court finally awards or that are included in a settlement approved by the Indemnifying Party; provided that the Indemnified Party:
(a) promptly notifies the Indemnifying Party in writing of the claim; and
(b) allows the Indemnifying Party to control, and reasonably cooperates with the Indemnified Party in, the defense and any related settlement negotiations.
Notwithstanding the foregoing, the failure of any Indemnified Party to give notice as provided herein shall not relieve the Indemnifying Party of its indemnification obligation set forth above except to the extent that such failure results in a lack of actual notice to the Indemnifying Party and such Indemnifying Party is actually prejudiced as a result of such failure to give notice.

 

31


 

SECTION 10.02. Remedies. If a claim of the nature set forth in Section 10.01 is made or appears likely to be made, the Indemnified Party agrees to permit the Indemnifying Party to enable the Indemnified Party to continue to use the product, service, material or deliverable provided by the Indemnifying Party, or to modify them, or replace them with such products, services, materials or deliverables, as the case may be, that are at least functionally equivalent. If the Indemnifying Party determines that none of these alternatives is reasonably available, the Indemnified Party agrees to return the product, service, material or deliverable that is the subject to such claim, to the Indemnifying Party on the Indemnifying Party’s written request. The Indemnifying Party will then give the Indemnified Party a credit equal to the amount that the Indemnified Party paid to the Indemnifying Party for the creation of such product, service, material or deliverable.
SECTION 10.03. Claims for which the Parties are not Responsible. Notwithstanding Section 10.01:
(a) IBM shall not have any obligation to ACI regarding any claim based on any of the following:
(i) anything provided by ACI or a third party on ACI’s behalf that is incorporated into such product, service, material or deliverable or IBM’s compliance with any designs, specifications or instructions provided by ACI or a third party on ACI’s behalf;
(ii) the modification of such product, service, material or deliverable by ACI or a third party on ACI’s behalf;
(iii) the combination, operation or use of such product, service, material or deliverable with any product, data, apparatus, method or process that IBM did not provide as a system, if the infringement would not have occurred were it not for such combination, operation or use; and
(iv) the distribution, operation or use of such product, service, material or deliverable outside of ACI and its Affiliates.
(b) ACI shall not have any obligation to IBM regarding any claim based on any of the following:
(i) anything provided by IBM or a third party on IBM’s behalf that is incorporated into such product, service, material or deliverable or ACI’s compliance with any designs, specifications or instructions provided by IBM or a third party on IBM’s behalf;
(ii) the modification of such product, service, material or deliverable by IBM or a third party on IBM’s behalf;
(iii) the combination, operation or use of such product, service, material or deliverable with any product, data, apparatus, method or process that ACI did not provide as a system, if the infringement would not have occurred were it not for such combination, operation or use; and
(iv) the distribution, operation or use of such product, service, material or deliverable outside of IBM and its Affiliates.

 

32


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT
THE PORTIONS OF THIS DOCUMENT DENOTED
BY BOXES AND ASTERISKS BE ACCORDED
CONFIDENTIAL TREATMENT PURSUANT TO
RULE 24b-2 PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1934.
SECTION 10.04. Limitation on Liability.
(a) Neither Party shall be liable to the other Party for any consequential damages (including lost profits, business, revenue, goodwill or anticipated savings and loss of or damage to data and records), special damages, incidental damages, indirect damages or punitive damages under this Agreement or under any other Alliance Agreement, even if advised that any of these types of damages may occur; provided that the limitations set forth this Section 10.04(a) shall not apply to (i) any such damages that may be awarded pursuant to a third party’s claim contemplated by Section 10.01 or (ii) any breach of a Party’s obligations set forth in Article IX or Section 10 of the Enablement Assistance Agreement; and provided, further, that the limitations set forth in this Section 10.04(a) with respect to consequential damages and indirect damages shall not apply to any claim for willful infringement of intellectual property rights.
(b) Each Party’s entire liability for all claims in the aggregate arising from or related to any Alliance Agreement will in no event exceed:
(i) payments referred to in Section 10.01;
(ii) payments [*] expressly required to be made to the other Party pursuant to the Alliance Agreements;
(iii) damages for bodily injury (including death), and damage to real property and tangible personal property for which a Party is legally liable;
(iv) damages for infringement by one Party of the other Party’s intellectual property rights; and
(v) the amount of any other actual direct damages in an aggregate amount not to exceed $[*]; provided that no such limitation shall be applied to actual direct damages awarded to a Party as a result of the other Party’s breach of its obligations set forth in Article IX of this Agreement or Section 10 of the Enablement Assistance Agreement.
(c) The limits set forth in this Section 10.04 also apply to each Party’s subcontractors. It is the maximum for which such Party and its subcontractors are collectively responsible.
(d) The provisions of this Section 10.04 apply to all liabilities, claims and causes of action, regardless of the basis on which a Party is entitled to claim damages from the other Party (including fundamental breach, failure of essential purpose, negligence or other contract or tort claim), other than for willful misconduct or willful misrepresentation.

 

33


 

SECTION 10.05. General. This Article X states each Party’s entire obligation and each Party’s exclusive remedy regarding any claim of infringement.
ARTICLE XI
Dispute Resolution.
SECTION 11.01. Intention of the Parties. The Parties intend that all disputes between the Parties arising out of this Agreement or any other Alliance Agreement shall be settled by the Parties amicably through good faith discussions upon the written request of either Party.
SECTION 11.02. Procedures
(a) Prior to filing suit, instituting a Proceeding or seeking other judicial or governmental resolution in connection with any dispute between the Parties or any of their Subsidiaries arising out of any of the Alliance Agreements or any aspect of the Alliance, the Parties will attempt to resolve such dispute through good faith negotiations. If a dispute arises in respect of a matter relating to a specific Alliance Agreement, the Parties shall first exercise the dispute resolutions procedures, if any, set forth in such Alliance Agreement. If the Parties do not resolve the dispute after exhausting the dispute resolutions procedures, if any, set forth in such Alliance Agreement, or if no dispute resolution procedures are provided in the applicable Alliance Agreement, the Parties shall utilize the dispute resolution procedures set forth in this Section 11.02, as follows:
(i) Either Party shall send a written notice to the other Party requesting negotiations to continue resolving, or initially attempt to resolve, as the case may be (depending upon whether dispute resolution procedures are provided in the applicable Alliance Agreement), the dispute in accordance with the procedures set forth in this Section 11.02. Promptly following receipt of such notice by the other Party, each Party shall cause its Alliance Executive together with, if necessary, an individual designated by it as having general responsibility for the affected Alliance Agreement to meet in person with the corresponding individuals designated by the other Party to discuss the dispute; and
(ii) If the dispute is not resolved within 60 days (or such shorter time as the Parties agree is necessary to attempt to resolve the dispute in order to satisfy the Parties’ client service obligations that may be the subject of such dispute) after the first meeting between such individuals described in clause (i) of this Section 11.02(a), then, upon the written request of either Party, each Party shall cause its Senior Alliance Executive and its Alliance Executive (together with, if necessary, an individual designated by it as having general responsibility for the affected Alliance Agreement) to meet in person with the Senior Alliance Executive, Alliance Executive and the individual or individuals so designated by the other Party to discuss the dispute.

 

34


 

Except and only to the limited extent provided in Section 11.02(b), neither Party shall file suit, institute a Proceeding or seek other judicial or governmental resolution of the dispute until at least 60 days after the first meeting between the corporate officers described in clause (ii) of this Section 11.02(a).
(b) Notwithstanding the provisions of Section 11.02(a), either Party may institute a Proceeding seeking a preliminary injunction, temporary restraining order or other equitable relief (excluding rescission, economic damages or other forms of non-injunctive relief), if necessary in the good faith opinion of that Party to avoid material harm to its property, rights or other interests, before commencing, or at any time during the course of, the dispute procedure described in Section 11.02(a). In addition, either Party may file an action prior to the commencement of or at any time during or after the dispute resolution procedures in Section 11.02(a), if in the good faith opinion of that Party it is necessary to prevent the expiration of a statute of limitations or filing period or the loss of any other substantive or procedural right.
(c) ACI irrevocably submits, and agrees to cause its Affiliates to irrevocably submit, and IBM irrevocably submits, and agrees to cause its Affiliates to irrevocably submit, to the exclusive jurisdiction of the state and Federal courts located in the State of New York, New York County, for the purposes of any suit, action or other proceeding arising out of the Alliance Agreements or any aspect of the Alliance (and each Party agrees that no such action, suit or proceeding relating to the Alliance Agreements or any aspect of the Alliance shall be brought by it or any of its Affiliates except in such courts). ACI irrevocably and unconditionally waives (and agrees not to plead or claim), and IBM irrevocably and unconditionally waives (and agrees not to plead or claim), any objection to the laying of venue of any action, suit or proceeding arising out of the Alliance Agreements or any aspect of the Alliance in such courts or that any such action, suit or proceeding brought in any such court has been brought in an inconvenient forum.
(d) ACI and IBM further agree that service of any process, summons, notice or document by U.S. registered mail to such Party’s respective address set forth in Section 12.14 shall be effective service of process for any action, suit or proceeding in the state and Federal courts located in the State of New York, New York County, with respect to any matters to which it has submitted to jurisdiction as set forth above in Section 11.02(c).
(e) EACH PARTY HEREBY WAIVES, AND AGREES TO CAUSE EACH OF ITS RESPECTIVE AFFILIATES TO WAIVE, TO THE FULLEST EXTENT PERMITTED BY APPLICABLE LAW, ANY RIGHT IT MAY HAVE TO A TRIAL BY JURY IN RESPECT OF ANY LITIGATION DIRECTLY OR INDIRECTLY ARISING OUT OF, UNDER OR IN CONNECTION WITH ANY OF THE ALLIANCE AGREEMENTS OR ANY ASPECT OF THE ALLIANCE. Each Party (i) certifies that no representative of any other Party has represented, expressly or otherwise, that such other Party would not, in the event of litigation, seek to enforce the foregoing waiver and (ii) acknowledges that it and the other parties thereto have been induced to enter into the Alliance Agreements by, among other things, the mutual waivers and certifications in this Section 11.02.

 

35


 

ARTICLE XII
Miscellaneous
SECTION 12.01. Severability. If any provisions of this Agreement or any of the other Alliance Agreements shall be held to be illegal, invalid or unenforceable, the Parties agree that such provisions will be enforced to the maximum extent permissible so as to effect the intent of the Parties, and the validity, legality and enforceability of the remaining provisions of this Agreement or any of the other Alliance Agreements shall not in any way be affected or impaired thereby. If necessary to effect the intent of the Parties, the Parties will negotiate in good faith to amend this Agreement or any of the Alliance Agreements to replace the unenforceable language with enforceable language which as closely as possible reflects such intent.
SECTION 12.02. Amendments. This Agreement and each other Base Alliance Agreement may be amended or modified only by a written instrument signed by each Party.
SECTION 12.03. Waiver. Any waiver by a Party of an instance of the other Party’s noncompliance with any obligation or responsibility herein contained or contained in another Alliance Agreement shall be in writing and signed by the waiving Party and shall not be deemed a waiver of other instances of the other Party’s noncompliance hereunder.
SECTION 12.04. No Assignment. This Agreement and the other Alliance Agreements shall be binding upon and inure to the benefit of and be enforceable by the respective successors and permitted assigns of the Parties. Nothing in this Agreement or the other Alliance Agreements shall confer any rights upon any Person other than the Parties and their respective successors and permitted assigns (provided that in no event shall this provision affect either Party’s obligations pursuant to Article X). Neither Party may assign this Agreement or any other Alliance Agreement or its rights hereunder or thereunder to any Person without the written consent of the other Party; provided that it shall not be considered an assignment by IBM in the event that IBM divests a portion of its business in a manner that similarly affects all of its customers. Any attempted assignment of this Agreement or the other Alliance Agreements in violation of this Section 12.04 shall be void and of no effect; provided that (a) either Party may assign any of its obligations under the Base Alliance Agreements to any of its wholly owned Subsidiaries and (b) either Party may delegate or subcontract its duties under any Base Alliance Agreement to any other Person. Notwithstanding the foregoing, IBM shall be permitted to transfer the Warrants and the Warrant Shares in accordance with Section 6 of each of the Warrant Agreements, and such transferees shall be entitled to the benefits under such Warrant Agreements.

 

36


 

SECTION 12.05. Expenses. Except as otherwise expressly provided herein or in any other Alliance Agreement, each Party shall bear all out-of-pocket costs and expenses incurred by it in connection with the Alliance, including:
(a) all attorneys’, accountants’, investment advisors’ and consultants’ fees and expenses; and
(b) all taxes (including withholding or payment of all applicable Federal, state and local income taxes, social security taxes and other payroll taxes with respect to its employees, as well as any taxes, contributions or other obligations imposed by applicable state unemployment or workers’ compensation acts), fees, assessments and other charges assessed by any Governmental Authority in connection therewith.
SECTION 12.06. Construction. This Agreement and the other Alliance Agreements have been negotiated by the Parties and their respective counsel and shall be fairly interpreted in accordance with its terms and without any strict construction in favor of or against either of the Parties.
SECTION 12.07. Language. The Parties have negotiated this Agreement in the English language, which shall be the governing language of this Agreement.
SECTION 12.08. Relationship of the Parties. Except for provisions herein expressly authorizing one Party to act for another, this Agreement and the other Alliance Agreements shall not constitute any Party as a legal representative or agent of any other Party, nor shall a Party have the right or authority to assume, create or incur any liability of any kind, expressed or implied, against or in the name or on behalf of the other Party or any of its Affiliates. The Parties shall perform their obligations under the Alliance Agreements as independent contractors and nothing contained in this Agreement or any other Alliance Agreement is intended to, or shall be deemed to, create a partnership or joint venture relationship among the Parties or any of their Affiliates for any purpose, including tax purposes. Each Party has sole authority and responsibility to hire, fire and otherwise control its employees. Neither of the Parties nor any of their respective Affiliates will take a position contrary to the foregoing.
SECTION 12.09. Entire Agreement. The provisions of this Agreement and the other Alliance Agreements set forth the entire agreement and understanding between the Parties as to the subject matter hereof and thereof and supersede all prior agreements, oral or written, and all other prior communications between the Parties relating to the subject matter hereof and thereof.
SECTION 12.10. Force Majeure. Neither Party will be considered in default or liable for any delay or failure to perform any provision of this Agreement or any of the other Alliance Agreements if such delay or failure arises directly or indirectly out of an act of God, acts of the public enemy, freight embargoes, quarantine restrictions, unusually severe weather conditions, insurrection, riot or other such causes beyond the reasonable control of the Party responsible for the delay or failure to perform; provided that the Party that has failed to perform for such reason notifies the other Party within 15 days of the occurrence; and provided, further, that the Party affected by such delay is using commercially reasonable efforts to mitigate or eliminate the cause of such delay or its effects and, if events in the nature of the force majeure event were foreseeable, use commercially reasonable efforts prior to its occurrence to anticipate and avoid its occurrence or effect. In the event of such force majeure event, the date of performance hereunder or under any of the other Alliance Agreements shall be extended for a period not to exceed the time lost by reason of the failure or delay.

 

37


 

SECTION 12.11. Counterparts. This Agreement and the other Alliance Agreements may be executed in two or more counterparts, each of which shall be binding as of the date first written above (or, in the case of the Services Agreement, on the date of such agreement or agreements), and all of which shall constitute one and the same instrument. Each such counterpart shall be deemed an original, and it shall not be necessary in making proof of this Agreement or the Alliance Agreements to produce or account for more than one such counterpart.
SECTION 12.12. Governing Law. This Agreement and the other Alliance Agreements will be construed and interpreted in accordance with and governed by the laws of the State of New York (without regard to the choice of law provisions thereof).
SECTION 12.13. Order of Precedence. In the event of an inconsistency or conflict between a provision of this Agreement and a provision of any other Alliance Agreement, this Agreement shall prevail unless such other Alliance Agreement expressly provides that its provision supersedes the provision of this Agreement.
SECTION 12.14. Notices. Any and all notices, requests, demands and other communications required or otherwise contemplated to be made under this Agreement and the other Alliance Agreements shall be in writing and in English, shall be provided by one or more of the following means and shall be deemed to have been duly given (a) if delivered personally, when received, (b) if transmitted by facsimile (to those for whom a facsimile number is set forth below), on the date of receipt of the transmission confirmed by receipt of a transmittal confirmation, or (c) if delivered by international courier service, on the fourth Business Day following the date of deposit with such courier service.
All such notices, requests, demands and other communications relating to any of the Alliance Agreements shall be addressed as follows:
(a) If to ACI:
ACI Worldwide, Inc.
120 Broadway, Suite 3350
New York, New York 10271
Attention: Philip Heasley, Chief Executive Officer
Telephone: (646) 348-6700
Facsimile: (212) 479-4000

 

38


 

with a copy (which copy shall not constitute notice) to the
following in-house counsel of ACI:
ACI Worldwide, Inc.
224 South 108th Avenue, Suite 7
Omaha, Nebraska 68154
Attention: Dennis P. Byrnes, Senior Vice President and
General Counsel
Telephone: (402) 390-8993
Facsimile: (402) 390-8077
(b) If to IBM:
IBM Corporation
New Orchard Road
Armonk, NY 10504
Attention: James Wallis, IBM Alliance Executive
Telephone: (914) 766-1035
with a copy (which copy shall not constitute notice) to the
following in-house counsel of IBM:
IBM Corporation
New Orchard Road
Armonk, NY 10504
Attention: Mark Goldstein, Associate General Counsel
Telephone: (914) 499-6005
In addition, all notices, requests, demands and other communications relating specifically to this Agreement shall be addressed as follows:
(c) If to ACI:
ACI Worldwide, Inc.
120 Broadway, Suite 3350
New York, New York 10271
Attention: Philip Heasley, Chief Executive Officer
Telephone: (646) 348-6700
Facsimile: (212) 479-4000

 

39


 

with a copy (which copy shall not constitute notice) to:
ACI Worldwide, Inc.
224 South 108th Avenue, Suite 7
Omaha, Nebraska 68154
Attention: Dennis P. Byrnes, Senior Vice President and
General Counsel
Telephone: (402) 390-8993
Facsimile: (402) 390-8077
and
Jones Day
222 East 41st Street
New York, New York 10017-6702
Attention: Robert A. Profusek
Telephone: (212) 326-3800
Facsimile: (212) 755-7306
(d) If to IBM:
IBM Corporation
New Orchard Road
Armonk, NY 10504
Attention: Cosmo L. Nista, Vice President, Mergers and
Acquisitions
Telephone: (914) 499-5700
with a copy (which copy shall not constitute notice) to:
Cravath, Swaine & Moore LLP
Worldwide Plaza
825 Eighth Avenue
New York, NY 10019
Attention: Craig F. Arcella
Telephone: 212-474-1000
Facsimile: 212-474-3700
[Remainder of page intentionally blank]

 

40


 

IN WITNESS WHEREOF, ACI and IBM have caused their respective duly authorized officers to execute this Agreement as of the day and year first above written.
                 
    ACI WORLDWIDE, INC,    
 
               
 
  By   /s/ Philip G. Heasley    
             
 
      Name:   Philip G. Heasley    
 
         
   
 
      Title:   Chief Executive Officer    
 
         
 
   
    INTERNATIONAL BUSINESS    
    MACHINES CORPORATION,    
 
               
 
  By   /s/ Cosmo L. Nista    
             
 
      Name:   Cosmo L. Nista    
 
         
 
   
 
      Title:   Vice President Corporate Development, M&A    
 
         
 
   

 

41


 

EXHIBIT A
ACI LOGO
(ACI LOGO)

 


 

EXHIBIT B
IBM Logo
(IBM LOGO)

 


 

EXHIBIT C-1
Form of Joint Press Release
IBM and ACI Forge Global Strategic Alliance
Deliver Integrated Electronic Payment Solutions for the Financial Services Industry
NEW YORK, N.Y. — 17 Dec 2007: IBM (NYSE: IBM) and ACI Worldwide (NASDAQ: ACIW) today announced a significantly expanded strategic alliance to create an end-to-end solution for electronic payments powered by IBM’s open technology. As part of the alliance, ACI will optimize a new generation of payment solutions on the IBM System z platform including IBM DB2, WebSphere, and Tivoli software and Crypto-chip technology. The optimization supports the convergence of retail and wholesale payments through the use of service oriented architecture (SOA) including IBM’s Payments Framework.
ACI will further enhance its leading Money Transfer System and BASE24-eps payment solutions to take full advantage of IBM hardware, software and services. IBM will provide ACI with technical staff and laboratory support for benchmarking and performance tuning its payments software. The companies will create a worldwide team of sales and technical specialists dedicated to selling ACI solutions on System z, including IBM “migration factory” services that provide clients with trained staff and IT tools to simplify migrations from legacy payments systems. In addition, ACI plans to use IBM data centers globally to host its integrated software, allowing clients to access ACI payments solutions on demand for those who prefer a hosted versus in-house managed system.
The alliance is aimed primarily at the financial services industry. IBM is a leading technology and services provider in financial while ACI counts more than 110 of the world’s top 500 banks as its customers. Banks in particular are struggling to manage aging payments systems running on disparate platforms that are siloed and expensive to maintain. For example, a typical large bank can have multiple wholesale and retail payments systems that are not integrated and serve only specific lines of business. ACI payments software running on System z provides an SOA foundation that opens up disparate payments information to be shared across the enterprise in support of multiple software applications and lines of business. In addition to benefiting from the SOA approach, ACI clients that bring their payment transaction traffic to the System z platform can also take advantage of industry leading security, reliability and availability, and help reduce power consumption and maintenance costs through server consolidation.

 


 

“Financial services companies are looking for new ways to modernize outdated payments systems due to increasing transaction volumes and regulatory and IT cost pressures,” said June Yee Felix, general manager of banking solutions and strategy, IBM. “Payments systems running on IBM System z and ACI payments software address these issues and provide our joint clients with world-class transaction processing performance and the flexibility of SOA through next generation mainframe technology.”
The IBM/ACI alliance is also designed to yield solutions for retailers who require highly available, scalable solutions for payment authentication, switching and loss prevention. El Corte Ingles, the largest retailer in Spain with over 30,000 point of sale terminals serving more than 9 million cards, is implementing ACI’s BASE24-eps software on System z to process in-store payments initiated with their private label card as well as all major brands of international bank cards. El Corte Ingles selected ACI’s software on System z as a robust, secure, highly scalable and reliable platform necessary for a retailer to provide the best possible service to its growing client base in Spain and Europe. The close cooperation between ACI and IBM has allowed El Corte Ingles an extremely smooth implementation process.
Phase one of the alliance will yield an optimized version of ACI’s BASE24-eps software on System z to acquire, route and authorize payments online; a wholesale payments solution to help clients meet the needs of pending Single Euro Payments Area (SEPA) regulations; and a solution for real-time fraud detection across the enterprise. Subsequent phases will see solutions optimized on System z for dispute management, smart card management, online banking and trade finance, and will see the companies offer a broad payment hub solution that exploits the IBM Payments Framework and its SOA foundation for payments processing.
Today’s announcement represents a significant commitment to providing clients with open standards-based solutions that will allow them to leverage their existing IT assets, lower costs and increase flexibility. Building on its existing successful relationship, the strategic alliance tightens the integration between IBM and ACI across all areas including software, hardware, services, marketing, and joint product development.

 

2


 

“Our alliance with IBM signals a strategic repositioning of ACI to focus on solutions that offer an end-to-end framework for integrated payments,” said Philip Heasley, CEO of ACI. “IBM’s capital, both economic and intellectual, will help us accelerate the availability of our integrated payments framework and make it available on what is already the platform of choice for a majority of the world’s banks. Together we will offer a unique payments solution differentiated by its low cost of ownership, improved risk management, and comprehensive architecture for improving payments productivity.”
About ACI Worldwide
Every second of every day, ACI Worldwide solutions are at work processing electronic payments, managing risk, automating back office systems and providing application infrastructure services. ACI is a leading international provider of solutions for banking, retail and cross-industry systems. The company serves more than 800 customers in 84 countries including many of the world’s largest financial institutions, retailers and payment processors. Visit ACI Worldwide at www.aciworldwide.com.
IBM SOA Foundation
The SOA Foundation is an integrated, open set of software, best practices, and patterns that provide what customers need to get started with SOA. For more information, visit http://www-304.ibm.com/jct09002c/isv/soa/found_intro.html.
For more information on IBM Banking Solutions, visit www.ibm.com/banking, and for IBM PartnerWorld, visit www.ibm.com/partnerworld.
Contacts:
Judy Hartlieb
ACI Corporate Marketing
402-390-7790
judy.hartlieb@aciworldwide.com

 

3


 

Jim Maxwell
ACI Public Relations
402-390-8906
jim.maxwell@aciworldwide.com
Sean Tetpon
IBM Media Relations
914-474-5508
stetpon@us.ibm.com
Kaveri Camire
IBM Media Relations
914-625-6395
kcamire@us.ibm.com

 

4


 

EXHIBIT C-2
Excerpt of ACI Press Release
ACI Worldwide, Inc. Reports Financial
Results for Quarter Ended September 30, 2007 and
Establishment of Strategic Alliance with IBM
KEY TRANSACTION HIGHLIGHTS:
   
ACI to partner with IBM on global scale to deliver next generation payment solutions
   
Transformational transaction which significantly expands addressable market universe of potential customers for ACI
   
Long-term alliance to optimize ACI software on IBM’s System z mainframe platform
   
IBM issued warrants, half exercisable at $27.50/share and the balance at $33.00/share
On December 16, 2007, we signed a definitive agreement with IBM that formalized a new strategic alliance. Pursuant to the agreement, we will deploy a new generation of ACI software integrated and optimized on IBM’s System z platform, thereby enhancing security and resiliency of the operations of global financial clients. IBM will assist ACI with software enablement and marketing and provide sales incentives on IBM products and services. ACI plans to use IBM data centers globally to host its integrated software in an on-demand environment. Joint sales and technical teams will sell ACI’s solutions on System z and support migrations to IBM platforms. IBM will receive warrants to purchase up to 8% of ACI’s outstanding shares, half exercisable at $27.50/share and the balance at $33.00/share.
“We are delighted to launch this transformational alliance with IBM. The partnership provides ACI with an opportunity to extend our reach among the world’s top 2,000 banks, where System z is the leading platform, and helps IBM expand their footprint in the payments arena. It also helps us exploit the global opportunity for ACI’s on-demand initiative by working with IBM to utilize their proven data centers to host our software. We are especially pleased to share and build upon best-of-breed practices with a proven industry leader,” said ACI Chief Executive Officer Philip G. Heasley.

 


 

“Redacted- ACIW operating quarter comment-.” Heasley continued, “We believe that the IBM alliance will allow us to accelerate growth in what we see as a very solid foundation in the rapidly expanding payments framework segment of the marketplace.”

 

2


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT
THE PORTIONS OF THIS DOCUMENT DENOTED
BY BOXES AND ASTERISKS BE ACCORDED
CONFIDENTIAL TREATMENT PURSUANT TO
RULE 24b-2 PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1934.
EXHIBIT D
Certain Terms of Services Agreements
     
IT Outsourcing
  [ * ]
 
   
 
  IBM’s IT services will be included in a definitive agreement specifically covering this work. Given the complex and important issues surrounding IT service levels and services delivery, completing this work and contracting for these services will require additional time to complete a thorough assessment and service delivery plan following execution of definitive alliance agreements.
 
   
 
  Prior to submitting a firm price, IBM and ACI will go through a due diligence process covering ACI’s internal IT operations. This will include technical details, procurement, financial projections and other relevant topics. ACI will provide adequate support — including access to key staff, contracts, and financials — to facilitate IBM’s assessment. To facilitate the due diligence process, IBM has identified the critical information required and tasks to be completed within a [ * ]. In addition to the technical action plan, IBM and ACI will jointly develop a [ * ] base case.
 
   
 
  Subject to completion of standard due diligence process, ACI will retain:
 
   
 
  [ * ]
 
   
On Demand Centers
  IBM will provide the infrastructure (HW, SW, and facilities) and labor for [ * ] on a standard [ * ] as well as on [ * ] as mutually determined by the parties. Coverage includes [ * ]. The placement, sizing, and timing of [ * ] rollout will be jointly determined. [ * ].
 
   
 
  Key assumptions include:
 
   
 
  [ * ]
 
   
 
  Subject to due diligence, services to be retained by ACI are:
 
   
 
  [ * ]

 


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT
THE PORTIONS OF THIS DOCUMENT DENOTED
BY BOXES AND ASTERISKS BE ACCORDED
CONFIDENTIAL TREATMENT PURSUANT TO
RULE 24b-2 PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1934.
     
 
  Prior to submitting a final price, IBM and ACI will jointly validate the assumptions, infrastructure, timeline, technical requirements, sales opportunities, procurement relationships, financial projections, level of ACI support and other relevant topics. Key assumptions for this review include:
 
   
 
 
    IBM’s infrastructure estimates are based on [ * ]
 
   
 
 
    Retail & wholesale customers can reside [ * ]
 
   
 
  IBM and ACI to determine if [ * ] services can be incorporated into the IT Outsourcing contract.

 

2


 

EXHIBIT E
Form of Receipt
PROJECT LEXINGTON
Receipt
Reference is made to (i) the Master Alliance Agreement (the “Master Alliance Agreement”), dated as of December 16, 2007, by and between ACI Worldwide, Inc., a Delaware corporation (“ACI”), and International Business Machines Corporation, a New York corporation (“IBM”) and (ii) the other Alliance Agreements. Capitalized terms used but not defined herein shall have the meanings set forth in the Master Alliance Agreement.
ACI hereby acknowledges receipt of the Initial Payment from IBM in full satisfaction of the obligations of IBM to fund such Initial Payment to ACI pursuant to Section 7.01(a)(ii) of the Master Alliance Agreement, such Initial Payment to be subject to Section 6.08(b) of the Master Alliance Agreement.
Dated: December 17, 2007
                 
    ACI WORLDWIDE, INC,    
 
               
 
  by            
             
 
      Name:        
 
         
 
   
 
      Title:        
 
         
 
   

 


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT
THE PORTIONS OF THIS DOCUMENT DENOTED
BY BOXES AND ASTERISKS BE ACCORDED
CONFIDENTIAL TREATMENT PURSUANT TO
RULE 24b-2 PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1934.
EXHIBIT F
Enhancements
The following list of enhancements are planned for [ * ] to be available in [ * ]:
[ * ]
With respect to [ * ] to be available in [ * ], the [ * ].

 


 

ANNEX A
ACI Logo Usage Guidelines
Logo usage
ACI Worldwide logo icon
The ACI Worldwide logo icon is the cornerstone of our corporate image. The ACI mark represents all ACI Worldwide entities (with no variation for legal company names) and will be marketed as our single face to the customer.
Color requirements
The ACI logo icon can appear four ways: all black, black with a red spike, all white, and white with red spike.
Examples of correct use:
(ACI LOGO)
ACI Logo with the every second, every day tagline
When using the ACI logo on marketing materials, the tagline “Every Second. Every Day.” should always appear in conjunction with the logo unless there are space considerations.
The ACI logo with every second, every day tagline can appear four ways: all black, black with a red spike, all white, and white with red spike and red text.
Examples of correct use:
(ACI LOGO)
(ACI LOGO)
The ACI logo should never be stretched or altered. Please refrain from using other colors for the logo without corporate marketing’s approval and never add “Worldwide” to the logo.

 


 

Examples of incorrect use (not to be used):
(ACI LOGO)
Downloadable files
ACI logos are located on i4: https://i4.tsacorp.com/Marketing/Corporate%20Marketing.asp select: ACI graphic standards (logos, photos, icons, colors). Logos are available in a variety of formats:
MicroSoft PowerPoint
.jpeg formatted logos imported into PowerPoint. Users can copy and paste logos into their PowerPoint presentations or MS Word documents.
.eps (encapsulated postscript):
.eps is a standard, vector, high resolution format used by most graphic design packages. Most offset and digital printing companies and vendors prefer .eps files. Vector .eps files can be expanded to any size without loss of quality.
.tiff (tagged image file format):
.tiff is a high resolution, raster format which is good for cross-platform use and printing. Some offset and digital printing companies or vendors may request .tiff files. File sizes tend to be very large.
.jpeg (joint photographic experts group):
.jpeg files are good for use on the Web, in presentations and if high enough resolution, laser printing. .jpeg files import well into MS Office applications.
.gif (graphic interchange format):
.gif files are best for use on the Web and supported by most Web browsers. File sizes tend to be quite small.

 

2


 

Positioning and staging of logos
Careful consideration should be applied when deciding on the size and use of the corporate logo. The impact of the logo can be diminished if it is not presented properly. The placement of the logo must work to enhance the communication of the corporate image.
Find a calm area for the logo. Don’t force it to compete with a busy background. Isolate the logo visually. Isolating the logo gives it the impact needed for clear communication.
There should always be a minimum area of clear space surrounding the ACI logo with no other graphics, text or photography encroaching on the area of isolation. As a general rule, the space surrounding the logo should be at least equal to the height of the logo icon.
(ACI LOGO)
Co-branded marketing
Co-branded marketing (also known as dueling logos) will be approved only when legal or marketing equity requirements exist. Exceptions may exist with some acquired companies where existing equity can be leveraged.
Product logos
Products will not be promoted by logos, but by their trademarked or registered trademarked name and appear in one of our corporate typestyles.

 

3


 

ANNEX B
IBM Logo Usage Guidelines
IBM Logo Usage Guidelines for Marketing Materials and Web sites
These Guidelines set forth standards and requirements for the use of IBM Logo on Marketing Materials and Web sites bearing the IBM Logo and the logo, trademark, or trade name of another company.
Compliance with these Guidelines is required. In the event of a conflict between the terms and conditions of the Logo License Agreement and this Attachment A, this Attachment shall prevail.
Guidelines as to the Nature and Content of the Marketing Materials and Web sites
1. Use of the IBM Logo may occur only on Marketing Materials and Web sites which clearly and explicitly communicate:
(a) the scope and nature of the relationship between the parties;
(b) the responsibilities of each of the parties.
The IBM Logo may not be used in such a way as to attribute to IBM a product or service not actually originating from IBM.
2. Marketing Materials or Web sites may not contain any statements, imagery or other material which is illegal or which may, in the sole judgment of IBM, be in bad taste or inconsistent with IBM’s public image, or tend to bring disparagement, ridicule or scorn upon IBM.
Correct Usage of the IBM Logo within Marketing Materials and the Correct Usage of the IBM Logo on the Web site.
1. The IBM Logo may not be placed or applied in a manner which may cause confusion as to the source or origin of the offering or communication.
2. The IBM Logo must always remain distinct and separate. The IBM Logo may not be combined with any other trademark or logo owned by another company nor may it be combined with any text, graphics, imagery or product identifiers. The IBM Logo may not be contained within the text of a sentence.
3. In a sponsorship, when used in proximity to one or more company identifiers, the IBM Logo should be placed and sized to match the visual weight and emphasis of all the other sponsors logos.
4. The use of the IBM Logo must clearly communicate the context or relationship IBM has with the company, event or offering. This may be done by the addition of “relationship text” in the headline, body copy and/or in association with the logo signatures of a communication.

 

4


 

5. The following trademark attribution statement shall be applied on the page on which the IBM Logo is being used or in the legal attribution segment of the Marketing Materials:
The IBM Logo is a registered trademark of IBM in the United States and other countries and is used under license. IBM responsibility is limited to IBM products and services and is governed solely by the agreements under which such products and services are provided.
Correct Appearance of the IBM Logo
1. Do not create your own version of the IBM Logo.
2. Do not change the size, color or proportion of the artwork provided by IBM.
3. Always allow a “safe space” around the logotype that is equal to or greater than the height of the IBM Logo in use.
4. Do not place the IBM Logo on active backgrounds that may reduce legibility.
5. Always use the approved IBM Blue:
Color Specifications
Pantone equivalent: PMS 2718C
Process equivalent: Cyan 91%, Magenta 43%, Yellow 0%, Black 0%
Broadcast equivalent: Red 22%, Green 42%, Blue 70%
Hex Value: 3366FF

 

5

Exhibit 10.2
EXHIBIT 10.2
Execution Copy
Master Services Agreement
by and between
ACI Worldwide, Inc.
and
International Business Machines Corporation

 

 


 

Execution Copy
                 
1.   Background, Goals and Objectives     1  
 
               
 
  1.1   Background, Goals and Objectives     1  
 
               
 
  1.2   Construction     2  
 
               
2.   Definitions     2  
 
               
 
  2.1   Certain Definitions     2  
 
               
 
  2.2   Inclusion of Affiliates in Definition of ACI and Vendor     2  
 
               
 
  2.3   Other Defined Terms     2  
 
               
3.   Services     3  
 
               
 
  3.1   General     3  
 
               
 
  3.2   Implied Services     3  
 
               
 
  3.3   Services Evolution     4  
 
               
 
  3.4   Services Variable in Scope and Volume     5  
 
               
 
  3.5   Work Prioritization     5  
 
               
 
  3.6   Services Performed by ACI or Third Parties     5  
 
               
 
  3.7   Existing Equipment and Vendor Supported Software     6  
 
               
 
  3.8   Transition     6  
 
               
 
  3.9   ACI IT Standards     6  
 
               
 
  3.10   End Users of the Services     7  
 
               
 
  3.11   Projects     7  
 
               
 
  3.12   Protection of ACI Information     8  
 
               
 
  3.13   Relocation of the Services     8  
 
               
 
  3.14   Acquisitions and Divestitures     8  
 
               
 
  3.15   ACI Retained Systems and Processes     9  
 
               
 
  3.16   Knowledge Sharing     9  
 
               
4.   Term of Agreement     10  
 
               
 
  4.1   Term     10  
 
               
 
  4.2   Extension of Term     10  
 
               
5.   Personnel     10  
 
               
Confidential
Master Services Agreement

 

Page i


 

Execution Copy
                 
 
  5.1   Key Vendor Positions     10  
 
               
 
  5.2   Transitioned Personnel     12  
 
               
 
  5.3   Qualifications, Retention and Removal of Vendor Personnel     13  
 
               
6.   Responsibility for resources     14  
 
               
 
  6.1   Generally     14  
 
               
 
  6.2   Intentionally left blank     14  
 
               
 
  6.3   Financial Responsibility for Equipment     14  
 
               
 
  6.4   Equipment Access and Operational and Administrative Responsibility     14  
 
               
 
  6.5   Financial Responsibility for Software     15  
 
               
 
  6.6   Third Party Contracts     16  
 
               
 
  6.7   Required Consents     16  
 
               
 
  6.8   Straddle Agreements     16  
 
               
7.   Software and Proprietary Rights     16  
 
               
 
  7.1   ACI Software     16  
 
               
 
  7.2   Vendor Software     17  
 
               
 
  7.3   ISV Software     18  
 
               
 
  7.4   Rights in Newly Developed Software and Other Materials     19  
 
               
 
  7.5   Export     21  
 
               
8.   Office Space     21  
 
               
 
  8.1   ACI Obligations     21  
 
               
 
  8.2   Vendor Obligations within ACI Office Space     21  
 
               
 
  8.3   Use of Vendor Facilities by ACI     22  
 
               
9.   Service Levels     22  
 
               
 
  9.1   General     22  
 
               
 
  9.2   Failure to Perform     22  
 
               
 
  9.3   Critical Service Levels and Service Level Credits     23  
 
               
 
  9.4   Priority of Recovery Following Interruption of Services     23  
 
               
 
  9.5   User Satisfaction     23  
 
               
Confidential
Master Services Agreement

 

Page ii


 

Execution Copy
                 
 
  9.6   Periodic Reviews and Adjustments to Service Levels     24  
 
               
 
  9.7   Measurement and Reporting     24  
 
               
10.   Project and Contract Management     25  
 
               
 
  10.1   Governance Guidelines and Principles     25  
 
               
 
  10.2   Executive Steering Committee     25  
 
               
 
  10.3   Reports     25  
 
               
 
  10.4   Meetings     26  
 
               
 
  10.5   Procedures Manuals     26  
 
               
 
  10.6   Change Control     27  
 
               
 
  10.7   Subcontracting     29  
 
               
 
  10.8   Technology Planning and Budgeting     31  
 
               
 
  10.9   Quality Assurance and Improvement Programs     32  
 
               
 
  10.10   Management of Issues     32  
 
               
11.   Audits, Record Retention     33  
 
               
 
  11.1   Intentionally left blank     33  
 
               
 
  11.2   Audit Rights     33  
 
               
 
  11.3   Vendor Internal Controls     35  
 
               
 
  11.4   Audit Follow-up     35  
 
               
 
  11.5   Records Retention     36  
 
               
 
  11.6   Discovery of Overcharge of ACI     36  
 
               
12.   ACI Responsibilities     36  
 
               
13.   Charges     37  
 
               
 
  13.1   General     37  
 
               
 
  13.2   Pass-Through Expenses     37  
 
               
 
  13.3   Incidental Expenses     37  
 
               
 
  13.4   Taxes     37  
 
               
 
  13.5   Extraordinary Events     39  
 
               
Confidential
Master Services Agreement

 

Page iii


 

Execution Copy
                 
 
  13.6   New Services     39  
 
               
 
  13.7   Benchmarks for Cost of Services     40  
 
               
14.   Invoicing and Payment     42  
 
               
 
  14.1   Invoicing.     42  
 
               
 
  14.2   Payment Due     42  
 
               
 
  14.3   Accountability     43  
 
               
 
  14.4   Pro-ration     43  
 
               
 
  14.5   Prepaid Amounts     43  
 
               
 
  14.6   Refunds and Credits     43  
 
               
 
  14.7   Deduction     43  
 
               
 
  14.8   Disputed Charges     43  
 
               
15.   Safeguarding of Data; Confidentiality     44  
 
               
 
  15.1   General     44  
 
               
 
  15.2   Safeguarding ACI Data     44  
 
               
 
  15.3   Confidential Information     45  
 
               
 
  15.4   Corporate Information Risk Controls     48  
 
               
 
  15.5   Step-In Rights     49  
 
               
16.   Warranty     49  
 
               
 
  16.1   General     49  
 
               
 
  16.2   Work Standards     50  
 
               
 
  16.3   Maintenance     50  
 
               
 
  16.4   Efficiency and Cost Effectiveness     50  
 
               
 
  16.5   Technology     50  
 
               
 
  16.6   Non-Infringement; Licenses     50  
 
               
 
  16.7   Authorization and Other Consents     51  
 
               
 
  16.8   Inducements     51  
 
               
 
  16.9   Viruses     51  
 
               
Confidential
Master Services Agreement

 

Page iv


 

Execution Copy
                 
 
  16.10   Disabling Code     52  
 
               
 
  16.11   Deliverables     52  
 
               
 
  16.12   Software Ownership or Use     52  
 
               
 
  16.13   Other     52  
 
               
 
  16.14   Application     53  
 
               
 
  16.15   Disclaimer     53  
 
               
17.   Insurance     53  
 
               
 
  17.1   Insurance     53  
 
               
 
  17.2   Insurance Provisions     54  
 
               
18.   Indemnities     55  
 
               
 
  18.1   Vendor Indemnities     55  
 
               
 
  18.2   ACI Indemnities     56  
 
               
 
  18.3   Infringement     58  
 
               
 
  18.4   Indemnification Procedures     59  
 
               
19.   Liability     59  
 
               
 
  19.1   General Intent     59  
 
               
 
  19.2   Liability Restrictions     59  
 
               
 
  19.3   Direct Damages     61  
 
               
 
  19.4   Duty to Mitigate     61  
 
               
 
  19.5   Disaster Recovery Plan     61  
 
               
 
  19.6   Force Majeure     62  
 
               
20.   Dispute Resolution     63  
 
               
 
  20.1   Informal Dispute Resolution Process     63  
 
               
 
  20.2   Litigation     64  
 
               
 
  20.3   Continued Performance     64  
 
               
 
  20.4   Governing Law     64  
 
               
21.   Termination     65  
 
               
 
  21.1   Termination For Cause By ACI     65  
 
               
Confidential
Master Services Agreement

 

Page v


 

Execution Copy
                 
 
  21.2   Termination by Vendor     65  
 
               
 
  21.3   Termination for Convenience by ACI     66  
 
               
 
  21.4   Termination by ACI for Change of Control     66  
 
               
 
  21.5   Failure to Transition and Other Termination Rights     66  
 
               
 
  21.6   Termination Due To A Party’s Insolvency and Related Events     66  
 
               
 
  21.7   Intentionally left blank     67  
 
               
 
  21.8   Cumulative Termination Rights     67  
 
               
 
  21.9   Termination/Expiration Assistance     67  
 
               
 
  21.10   Bid Assistance     69  
 
               
 
  21.11   Equitable Remedies     69  
 
               
 
  21.12   Charge Adjustment     69  
 
               
22.   Compliance With Laws     69  
 
               
 
  22.1   Compliance with Laws and Regulations Generally     69  
 
               
 
  22.2   Liens     70  
 
               
 
  22.3   Sarbanes-Oxley     70  
 
               
 
  22.4   International Considerations     71  
 
               
 
  22.5   Privacy Laws     71  
 
               
23.   General     72  
 
               
 
  23.1   Binding Nature and Assignment     72  
 
               
 
  23.2   Mutually Negotiated     72  
 
               
 
  23.3   Joint Verification     73  
 
               
 
  23.4   Notices     73  
 
               
 
  23.5   Counterparts     74  
 
               
 
  23.6   Headings     74  
 
               
 
  23.7   Relationship of Parties     74  
 
               
 
  23.8   Severability     74  
 
               
 
  23.9   Consents and Approvals     74  
 
               
Confidential
Master Services Agreement

 

Page vi


 

Execution Copy
                 
 
  23.10   Waiver of Default     74  
 
               
 
  23.11   Cumulative Remedies     74  
 
               
 
  23.12   Survival     75  
 
               
 
  23.13   Public Disclosures     75  
 
               
 
  23.14   Use of Name     75  
 
               
 
  23.15   365(n)     75  
 
               
 
  23.16   Third Party Beneficiaries     75  
 
               
 
  23.17   Covenant of Good Faith     75  
 
               
 
  23.18   Non-Solicitation     75  
 
               
 
  23.19   Order of Precedent     76  
 
               
 
  23.20   Entire Agreement; Amendment     76  
Confidential
Master Services Agreement

 

Page vii


 

Execution Copy
Table of Schedules and Exhibits
     
Schedule A
  Statement of Work
          Exhibit A-1
  Delivery Management Services (Cross Functional)
          Exhibit A-2
  Asset Services
          Exhibit A-3
  Service Desk Services
          Exhibit A-4
  End User Services
          Exhibit A-5
  Server Systems Management Services (including mainframe)
          Exhibit A-6
  Storage Management Services
          Exhibit A-7
  Data Network Services
          Exhibit A-8
  Enterprise Security Management Services
          Exhibit A-9
  Disaster Recovery and Business Continuity Services
Schedule B
  Service Levels
          Exhibit B-1
  SLA Matrix
          Exhibit B-2
  Critical Service Levels and Key Measurements
          Exhibit B-3
  Critical Deliverables
          Exhibit B-4
  Severity Levels
Schedule C
  Charges
          Exhibit C-1
  Base Charges, Baselines, ARC/RRC Rates and Termination Charges
          Exhibit C-2
  Financial Responsibility and Ownership Matrix
          Exhibit C-3
  Form of Invoice
          Exhibit C-4
  Base Case
Schedule D
  Definitions
Schedule E
  Intentionally left blank
Schedule F
  Intentionally left blank
Schedule G
  Third Party Contracts
Schedule H
  Existing Equipment
          Exhibit H-1
  ACI US Midrange Inventory
          Exhibit H-2
  ACI Toronto Server Room Inventory
          Exhibit H-3
  EMEA Server Equipment
          Exhibit H-4
  ACI AP Midrange Inventory
          Exhibit H-5
  Network Inventory
          Exhibit H-6
  People Counts by Location
Schedule I
  Vendor Supported Software
          Exhibit I-1
  Framingham Workstations
          Exhibit I-2
  Newton Workstations
          Exhibit I-3
  Omaha Workstations
Confidential
Master Services Agreement

 

Page viii


 

Execution Copy
     
Schedule J
  ACI Policies and Standards
Schedule K
  User Satisfaction Survey Guidelines
Schedule L
  Transition and Transformation
Schedule M
  Vendor Confidentiality Agreement
Schedule N
  Approved Subcontractors
Schedule O
  Approved Benchmarkers
Schedule P
  Locations
Schedule R
  Reports
Schedule S
  Governance
Schedule T
  Human Resources
Schedule U
  Change Control Procedure
          Exhibit U-1
  Form of Change Management Document
Schedule V
  In-Flight Projects
Confidential
Master Services Agreement

 

Page ix


 

Execution Copy
MASTER SERVICES AGREEMENT (the “Agreement”), made and effective as of March 17, 2008 (the “Effective Date”), by and between ACI Worldwide, Inc., a Delaware corporation with a principal place of address at 120 Broadway, Suite 3350, New York, NY 10271 (“ACI”), and International Business Machines Corporation, a New York corporation, with its principal place of business located at Route 100, Somers, New York 10589 (“Vendor”).
1. BACKGROUND, GOALS AND OBJECTIVES
1.1 Background, Goals and Objectives.
This Agreement is being made and entered into with reference to the following background, specific goals and objectives, the successful achievement of which are mutually agreed by the Parties hereto to be in the best business interests of both Parties and the principal purpose of this Agreement:
(a) ACI is an software company. Currently ACI manages and operates its own information technology environment.
(b) Vendor is in the business of providing information technology outsourcing services.
(c) ACI desires to enter into an outsourcing arrangement that will meet its business objectives, which include:
(i) realizing cost savings (by virtue of the performance of this Agreement by the Parties) both initially and on an ongoing basis;
(ii) restructuring and standardizing ACI’s IT infrastructure and strengthening its IT governance model;
(iii) delivering to ACI world class, evolving IT outsourcing services;
(iv) enabling ACI to focus on its core competencies and on those activities which provide it with a competitive advantage, recognizing that ACI’s core business is dependent on ACI being able to deliver information and related services to its customers;
(v) establishing a flexible framework within which to quickly respond to evolving technologies, competitive conditions, and changing ACI business needs;
(vi) treating fairly ACI personnel being hired by Vendor and also providing such personnel with meaningful jobs and a package of total compensation and benefits package that is at current market rates within Vendor’s industry;
(vii) attaining transparency and variability of Vendor pricing permitting ACI to fully understand Vendor’s Charges;
(viii) identifying means to improve services and reduce costs to ACI and to enable ACI to improve and expand its information technology operations;
(ix) providing for an uninterrupted transition of responsibility for performing the Services from ACI and certain of its contractors to Vendor;
Confidential
Master Services Agreement

 

Page 1


 

Execution Copy
(x) ensuring strong data security and disaster recovery capability;
(xi) providing for an uninterrupted transition of responsibility for performing the Services back to ACI or its designee(s) in connection with termination or expiration of this Agreement; and
(xii) limiting to the extent possible the amount of raised floor space in ACI facilities.
(d) The Parties desire to promote a flexible business relationship between them that allows for and encourages growth of ACI’s core businesses.
(e) The Parties desire to collaborate for the overall success of this Agreement for both Parties.
(f) The Parties desire to provide an agreement and pricing structure that, as of the Effective Date, is intended to establish a mutually beneficial business relationship.
1.2 Construction.
The provisions of this Article 1 are intended to be a general introduction to this Agreement and are not intended to expand the scope of the Parties’ clearly stated obligations or otherwise alter the plain meaning of this Agreement’s terms and conditions, as set forth hereinafter. However, to the extent that any of the terms and conditions of this Agreement do not address a particular circumstance or otherwise conflict or give rise to ambiguity, such terms or conditions are to be interpreted and construed so as to give effect to this Agreement as a whole and this listing of background, goals and objectives.
2. DEFINITIONS
2.1 Certain Definitions.
The terms used with initial capital letters in this Agreement shall have the meanings ascribed to them in Schedule D (Definitions).
2.2 Inclusion of Affiliates in Definition of ACI and Vendor.
(a) References to “ACI” in this Agreement include Affiliates of ACI as defined in Schedule D (Definitions).
(b) References to “Vendor” in this Agreement include Affiliates of Vendor but only those Vendor Affiliates previously approved in writing by ACI.
2.3 Other Defined Terms.
Other terms used in this Agreement are defined where they are used and have the meanings there indicated. Those terms, acronyms, and phrases utilized in the IT outsourcing services industry, as applicable, or other pertinent business context which are not otherwise defined herein shall be interpreted in accordance with their then-generally understood meaning in such industry or business context.
Confidential
Master Services Agreement

 

Page 2


 

Execution Copy
3. SERVICES
3.1 General.
Beginning on the Effective Date (if required pursuant to the Transition Plan) and thereafter on each applicable Service Tower Commencement Date, Vendor shall provide the following services, functions and responsibilities, as they may evolve or be modified by mutual agreement of the Parties during the Term and as they may be supplemented, enhanced, modified or replaced (“Services”):
(a) The Services described in this Agreement, its Schedules, Exhibits and related documents, including (i) Termination/Expiration Assistance, (ii) Projects, (iii) New Services, (iv) Enhancement Activities, (v) Vendor Applications Software Operational Support Services, and (vi) performance of the Transition; and
(b) The information technology services, functions and responsibilities that are reasonably related to the Services described in this Agreement, to the extent
(i) performed on a consistent or routine basis during the twelve (12) months preceding the Effective Date by Affected Employees and ACI Contractor Personnel who are (A) transitioned to Vendor, or (B) displaced or whose tasks were displaced as a result of this Agreement, even if the service, tasks or responsibility so performed is not specifically described in this Agreement. Notwithstanding the foregoing, services, functions or responsibilities that are specifically excluded from the scope of Services under this Agreement (such as responsibilities retained by ACI) shall not be deemed to be within the scope of the Services; or
(ii) reflected in those categories in Exhibit C-4 (Base Case) that Vendor is assuming pursuant to this Agreement.
3.2 Implied Services.
(a) If any information technology services, functions, or responsibilities are required for the proper performance and provision of the Services, regardless of whether they are specifically described in this Agreement, they shall be deemed to be implied by and included within the scope of the Services to be provided by Vendor to the same extent and in the same manner as if specifically described in this Agreement. Vendor shall be compensated for the provision of such Services in accordance with the payment provisions of this Agreement. Notwithstanding the foregoing, services, functions or responsibilities that are specifically excluded from the scope of Services under this Agreement (such as responsibilities retained by ACI) shall not be deemed to be within the scope of the Services.
(b) For the avoidance of doubt, the following is a non-exclusive listing of services, tasks and responsibilities that are deemed to be included within the Monthly Base Charges and, therefore, will not result in additional Charges under the Change Control Procedure.
(i) Invoicing activities, including support of and providing information for charge-back or allocation of Charges to individual business units, ACI customers or costs centers in accordance with this Agreement. With the exception of charge-back for testing and other ACI customer services that are supported by the Services provided by Vendor (and will be addressed by the Parties pursuant to Section 10.6), ACI agrees that such charge-back or allocation processes are being followed by ACI as of the Effective Date;
Confidential
Master Services Agreement

 

Page 3


 

Execution Copy
(ii) All services, tasks and responsibilities that this Agreement expressly provides are to be performed at no additional Charge;
(iii) Vendor’s internal functions and responsibilities needed to support the Services, including management reporting, staff planning, quality assurance programs, Vendor Personnel training and development and maintenance of project management methodologies;
(iv) the development and implementation of action plans to remedy any deficient Services;
(v) compliance with this Agreement’s security requirements and security-related audit requirements, including monitoring, executing and coordinating Sarbanes Oxley testing of logical security, assistance with vulnerability scans, and management and administration of user IDs and passwords;
(vi) reasonable cooperation with respect to software use audits by providers of Third-Party Software performed with reasonable advance notice and to the extent such cooperation does not materially affect Vendor’s ability to provide the Services using existing resources;
(vii) any training for ACI personnel required as a result of Changes requested by Vendor;
(viii) services, tasks and responsibilities necessary for or incidental to the Transition of the Services;
(ix) monitoring, measurement, analysis and reporting of performance against Service Levels; and
(x) services, tasks and responsibilities preliminary to or incidental to Projects or Changes, including the preparation of change management documents, SOWs, scoping SOWs and other similar deliverables, pursuant to Schedule V (In-Flight Projects) and/or Schedule U (Change Control Procedure).
3.3 Services Evolution.
(a) Vendor and ACI shall cause the Services to evolve and to be modified, enhanced, supplemented and replaced as necessary for the Services to keep pace with technological advances and advances in the methods of delivering services, where such advances are at the time in general use within the IT outsourcing services industry, as applicable, or otherwise among ACI’s competitors, including as practices evolve to comply with new or modified Applicable Laws. Such evolution shall, at a minimum, be made so as to cause the Services to conform with the requirements for continuous improvement of Service Levels as set forth in Schedule B (Service Levels). As an example, Services evolution shall include the addition of functionality by Vendor as is made possible with new Equipment and Software utilized by Vendor during the Term. Adjustments in Services in accordance with this Section 3.3 shall be deemed to be included within the scope of the Services to the same extent and in the same manner as if expressly described in this Agreement. Notwithstanding anything to the contrary in this Section 3.3, the foregoing statement is not intended to enlarge Vendor’s obligations where evolutions in technology are specified in this Agreement (e.g., standards, configurations and Service Levels). To the extent necessary and appropriate, the Parties shall equitably modify and adjust the Resource Units to be measured and the Baselines associated with such Resource Units to be consistent with such evolution in technology.
Confidential
Master Services Agreement

 

Page 4


 

Execution Copy
Adjustments to the Services under this Section may also constitute New Services. Adjustments to the Services pursuant to this subparagraph shall be at no charge (unless they are New Services) and are subject to the technical change control procedure set forth in the Procedures Manual.
(b) The Parties acknowledge that, from time to time, Vendor may make modifications to its shared services centers for the benefit of a number of customers including ACI as a part of Vendor’s normal course of business, including modifications that are necessary to comply with new or modified Vendor Laws, as defined in Section 22.1. As such modifications are made by Vendor, although ACI would enjoy the benefit of the specific modifications at no additional charge, there may be some planning and testing that needs to occur for the ACI information technology environment which may result in some additional internal costs to ACI or would otherwise have a negative impact to ACI. Vendor will give ACI forty five (45) days’ advance written notice if Vendor intends to make such modifications to a shared service center, shall advise ACI in such notice what internal planning and testing it believes ACI will have to perform in connection with Vendor’s implementation of such modifications and shall not make any such changes unless it (i) reimburses ACI for the costs ACI may incur as the result of the changes and (ii) takes all reasonable steps to mitigate any other negative impact to ACI and its customers. Any such proposed modification shall be subject to the technical change control procedure set forth in the Procedures Manual.
3.4 Services Variable in Scope and Volume.
The Services are variable in scope and volume to the extent specified in the pricing mechanisms set forth in Schedule C (Charges) and its Exhibits, or as may otherwise be set forth in this Agreement. Vendor shall not be entitled to receive an adjustment to the Charges except as set forth in this Agreement.
3.5 Work Prioritization.
ACI may identify new or additional work activities to be performed by Vendor Personnel (including work activities that would otherwise be treated as New Services or a Project) or reprioritize or reset the schedule for existing work activities to be performed by such Vendor Personnel. Unless otherwise agreed, ACI shall incur no additional Charges for the performance of such work activities by such Vendor Personnel to the extent then assigned to ACI. Vendor shall use Commercially Reasonable Efforts to perform such work activities without impacting the established schedule for other tasks or the performance of the Services in accordance with the Service Levels. If after using such efforts it is not possible to avoid such an impact, Vendor shall notify ACI of the anticipated impact and obtain its consent prior to proceeding with such work activities. ACI, in its sole discretion, may forego or delay such work activities or temporarily adjust the work to be performed by Vendor, the schedules associated therewith or the Service Levels to permit the performance by Vendor of such work activities.
3.6 Services Performed by ACI or Third Parties.
(a) Subject to Sections 13.5, 13.6 and 21.3 (provided that ACI’s adjustments to the Services pursuant to this Section 3.6 constitute a termination for convenience) and any adjustments to Charges provided for in Schedule C (Charges), ACI retains the right to perform itself, or retain third parties to perform, any of the Services. Notwithstanding anything to the contrary, the total Charges payable by ACI under the Agreement shall not be less than the annual dollar amounts shown in the Minimum Revenue Commitment Table in the Pricing Tables, Exhibit C-1, Tab VII. (Minimum Revenue Commitment and Inflation Sensitivity) in Schedule C (Charges) (the “Minimum Revenue Commitment” or “MRC”), as adjusted pursuant to the following. The MRC shall be equitably reduced as further described in this Section 3.6 to the extent that the total Charges payable by ACI fall below the MRC as a result of any material breach of the Agreement resulting in removal of Services pursuant to Section 21.1 (Termination
Confidential
Master Services Agreement

 

Page 5


 

Execution Copy
for Cause by ACI) or a partial termination for convenience by ACI pursuant to Section 21.3 (Termination for Convenience) of the Agreement, or reduction in Service volume pursuant to Section 13.5 (Extraordinary Event) or Section 19.6 (Force Majeure). The Minimum Revenue Commitment will not be in effect during the Termination/Expiration Assistance Period.
(b) In the case of ACI’s withdrawal of Services under this Section 3.6, the Charges for the remaining Services shall be as reflected in Exhibit C-1 (Base Charges, Baselines, ARC/RRC Rates and Termination Charges) or if not addressed in such Exhibit C-1 (Base Charges, Baselines, ARC/RRC Rates and Termination Charges), the Charges shall be equitably adjusted to reflect those Services that are no longer required. If, within thirty (30) days following ACI’s notice, the Parties have not agreed on the Charges for the remaining Services, then the pricing will be determined under Section 20.1(a).
(c) To the extent ACI performs any of the Services itself, or retains third parties to do so, Vendor shall cooperate with ACI or such third parties in accordance with Section 21.9.
3.7 Existing Equipment and Vendor Supported Software.
Schedule H (Existing Equipment) includes a listing of the Equipment that is, as of the Effective Date, used by ACI in providing the Services internally, and that will be used and managed by Vendor in providing the Services from and after the Effective Date. Schedule I (Vendor Supported Software) identifies the Software that is, as of the Effective Date, used by ACI in providing the Services internally, and that will be used and managed by Vendor in providing the Services from and after the Effective Date.
3.8 Transition.
Vendor will perform all functions and services necessary to accomplish the transition to Vendor of ACI’s information technology operations embodied in the Services described in Schedule A (Statement of Work) (other than those specified in the Agreement as ACI’s responsibility (the “Transition”)) in accordance with the initial, high level, transition plan (as revised and supplemented by the Parties under the Changes Control Procedure from time to time, the “Transition Plan”) attached as Schedule L (Transition and Transformation). Within the timeframes set forth in the Schedule L (Transition and Transformation), the Parties shall mutually agree on a more detailed plan, which, upon such mutual agreement, shall supersede and replace Schedule L (Transition and Transformation). Vendor will perform the Transition without causing material disruption to ACI’s business or that of its customers or Affiliates. No functionality of the information technology operations being Transitioned shall be disabled until Vendor demonstrates to ACI’s reasonable satisfaction that it has fully tested and implemented equivalent capabilities for such functionality. ACI may monitor, test and otherwise participate in the Transition in its discretion.
3.9 ACI IT Standards.
As requested by ACI from time to time, Vendor shall assist ACI in defining and developing, and integrating with Vendor’s information technology standards, ACI’s information technology architectures and standards applicable to the Services on an ongoing basis (collectively, the “ACI IT Standards”). ACI will retain primary responsibility for determining the ACI IT Standards. The ACI IT Standards as of the Effective Date are set forth in Schedule J (ACI Policies and Standards). Subject to the Change Control Procedure, Vendor will comply with changes from time to time in the ACI IT Standards. The assistance to be provided by Vendor shall include:
(a) active participation with ACI representatives on permanent and ad-hoc committees and working groups addressing such issues;
Confidential
Master Services Agreement

 

Page 6


 

Execution Copy
(b) assessments of the then-current ACI IT Standards at a level of detail sufficient to permit ACI to make informed business decisions;
(c) analyses of the appropriate direction for such ACI IT Standards in light of business priorities, business strategies, competitive market forces and changes in technology;
(d) the provision of information to ACI regarding Vendor’s information technology strategies for its own business to the extent not considered proprietary to Vendor’s business;
(e) recommendations regarding then current and available information technology architectures and platforms, software and hardware products, information technology strategies, standards and directions, and other enabling technologies (which may or may not be reflected in the Technology Plans); and
(f) recommending then current and available appropriate information technology services (including platforms comprising various hardware and software combinations) that support Service Level requirements, exploiting industry trends in production capabilities and provide potential price and performance improvement opportunities.
Without limiting the foregoing, ACI IT Standards shall include the then-current ACI technical architecture and product standards, as such standards may be modified by ACI from time to time.
3.10 End Users of the Services.
(a) Subject to Section 3.10(b) hereof, the Services may be used by ACI and, as directed by ACI, (i) its Affiliates and those third parties (such as suppliers, service providers and joint venturers) with whom, at any point during the Term, ACI or any Affiliate has a commercial relationship; and (ii) those persons and entities that, as determined by ACI, access ACI’s or any of its Affiliates’ IT infrastructure (for example, these who are registered/authorized users of ACI’s website and who are made known to Vendor) at any time during the Term through standard operating procedures (the parties in Sections 3.10(a)(i) and 3.11(a)(ii) will collectively be referred to as “End Users”). Vendor acknowledges that such access is ongoing as of the Effective Date. Services provided to End Users shall be deemed to be Services provided to ACI.
(b) In accordance with Schedule A (Statement of Work), Vendor shall perform the Services at the Service Locations set forth in Schedule P (Locations), which include ACI facilities and non-ACI facilities as designated on Schedule P (Locations). If ACI requests that Vendor provide Services in or from a new Service Location, then Charges set forth in Schedule C (Charges) shall apply and ACI shall pay the applicable labor rate(s) for additional personnel reasonably required by Vendor and for the incremental Out-of-Pocket Expenses reasonably incurred by Vendor in physically relocating to such new Service Location, and for any additional ongoing costs incurred by Vendor that would not have been incurred but for the requirement that the Services be provided from or in a new Service Location and only to the extent those ongoing costs are disclosed in a written plan approved by ACI. All such changes and any additional payments will be determined through the contractual Change Control Procedure, as appropriate (collectively, the “Change Control Procedure”). Notwithstanding the foregoing, if ACI changes a location at which Vendor Personnel are performing Services, and the relocation is 50 miles or less in distance, ACI will not be responsible for any Vendor employee relocation costs, including reimbursement of relocation costs or changes in employee compensation related to any local labor market conditions.
3.11   Projects.
Confidential
Master Services Agreement

 

Page 7


 

Execution Copy
At ACI’s request and upon mutual agreement, Vendor shall perform Projects. Charges for such Projects shall be determined in accordance with Schedule C (Charges). Projects shall be proposed and implemented in accordance with Schedule C (Charges), Schedule V (In-Flight Projects) (which contains procedures regarding initiation and management of Projects) and Schedule U (Change Control Procedure).
3.12 Protection of ACI Information.
If any information of ACI is processed in any facility used by Vendor to perform services for any ACI Competitor, Vendor will take such steps as are reasonably necessary to prevent ACI’s information from being disclosed.
3.13 Relocation of the Services.
For a relocation of substantially all of the Services under a Service Tower to a new or different Service Location, Vendor shall give ACI at least ninety (90) days prior notice; for any other relocation of Services to a new or different Service Location, Vendor shall give ACI reasonable notice under the circumstances which shall in no event be less than thirty (30) days (in either case, the “Relocation Notice”). Notwithstanding the foregoing, if a relocation is required to obtain critical skills, is required for Vendor to meet Service Levels or as otherwise agreed by the Parties, then such thirty (30) days notice shall not be required but Vendor will provide as much notice to ACI as is reasonably possible. If the relocation would result in one or more of the following impacts, then Vendor shall obtain ACI’s prior approval, and such approval shall not be unreasonably withheld, for such relocation proposed by Vendor, its Affiliates or subcontractors;
(i) if the relocation of the Services would prevent ACI or its Affiliates from being in compliance with any ACI Laws, or results in a material administrative burden for ACI or its Affiliates to comply with any ACI Law;
(ii) if the relocation of the Services would result in a negative regulatory or financial impact on a customer of ACI or its Affiliates, or would cause ACI or its Affiliates to be in breach of its contract with a customer of ACI or its Affiliates; or
(iii) if the relocation involves the movement of Equipment to a new or different Service Location.
If ACI determines within the period of the Relocation Notice that one of the above criteria is met, ACI shall provide written notice of such to Vendor. ACI and Vendor shall then meet in good faith to review alternatives to mitigate the impact of the proposed relocation. If the impact cannot be mitigated using the Parties’ Commercially Reasonable Efforts, ACI may withhold its consent. Any incremental expenses incurred by ACI as a result of such a relocation (or a relocation as a result of Vendor’s failure to perform its obligations in accordance with this Agreement) will be paid or reimbursed by Vendor.
3.14 Acquisitions and Divestitures.
(a) If, as a result of a Restructure, an entity that was not an Affiliate of ACI on the Effective Date becomes an Affiliate of ACI during the Term (a “New Entity”), then, at ACI’s option and to the extent such New Entity is not a Vendor Competitor and in accordance with ACI’s directions, Vendor will provide the Services designated by ACI to the End Users of the New Entity. In such case, the Parties will utilize the Change Control Procedure to address any integration services requested by ACI with respect to the integration required for the New Entity to receive the Services and any associated Charges.
Confidential
Master Services Agreement

 

Page 8


 

Execution Copy
(b) If at any time during the Term, ACI divests or otherwise transfers ownership of a business unit or entity receiving Services from Vendor, then, if requested by ACI, Vendor shall continue to provide the Services to such entity on the terms and conditions set forth in this Agreement for such period as specified by ACI, not to exceed twelve (12) months after the effective date of the divestiture or transfer. In such case, the Parties will utilize the Change Control Procedure to address any required Changes or additions to the Services and the associated Charges.
(c) Where ACI indicates that it is considering or intends a Restructure, Vendor will, at no additional cost to ACI to the extent the then-existing Vendor Personnel have the skill set and availability without causing a materially negative impact on the Services, provide to ACI reasonable assistance and information as may be reasonably necessary to facilitate the Restructure, including:
(i) working with ACI to develop a plan to adequately staff any Projects specific to the Restructure and meet volume increases resulting from the Restructure;
(ii) responding promptly to requests for information relating to the Services and Charges for the Services;
(iii) if requested by ACI, assisting in discussions with third parties relating to any Equipment, licenses or contracts relevant to any proposed New Entity;
(iv) cooperating in good faith with ACI in relation to the Restructure; and
(v) performing any Termination / Expiration Assistance which may be necessary under the circumstances.
Any incremental effort required of Vendor (beyond the above obligations) to support a Restructure, whether such Restructure is an acquisition or a divestiture, will be reviewed by the Parties in accordance with the Change Control Procedure. The staffing process generally applicable to the Services will also apply in the context of a Restructure to staffing for the in-scope Services.
3.15 ACI Retained Systems and Processes.
Vendor will use Commercially Reasonable Efforts to ensure that, in providing the Services, it does not, without the consent of ACI, adversely affect or alter (a) the operation, functionality or technical environment of the software and hardware used by or on behalf of ACI in connection with ACI’s business other than the Vendor Equipment (the “Retained Systems”); and (b) the processes used by ACI in connection with ACI’s business (the “Retained Processes”). Vendor will be proactive in keeping itself informed about Retained Systems and Retained Processes as necessary to provide the Services. ACI will inform Vendor about all aspects of the existing and future Retained Systems and the Retained Processes that are reasonably likely to have a material impact on Vendor’s ability to perform the Services. ACI will provide documentation, information and other cooperation regarding any existing and future Retained Systems and Retained Processes, as reasonably necessary for Vendor to perform the Services. ACI will also provide training with respect to any ACI System and Retained Process that is proprietary to ACI that is reasonably required by Vendor to perform the Services. At ACI’s request, Vendor will coordinate with ACI to evaluate the impact of any alterations to Retained Systems and Retained Processes to the extent such alterations may impact the Services.
3.16   Knowledge Sharing.
Confidential
Master Services Agreement

 

Page 9


 

Execution Copy
(a) At least once every twelve (12) months during the Term, Vendor will meet with ACI account leaders (such meetings to occur in the United States, EMEA or Asia Pacific as designated by ACI), at no additional charge, in order to (i) provide an overview of how the Services are provided, (ii) provide an overview of how the Vendor Software and Equipment work and should be operated and (iii) provide such training and documentation necessary for ACI to (A) provide the Retained Systems, Retained Processes or other services that relate to or interface with the Services and (B) provide an outline of such training and documentation necessary for ACI to understand and operate the interfaces to the Vendor Software and Equipment and understand and provide the Services for itself and the other End Users after the expiration or termination of this Agreement. The Parties will document the training and documentation to be provided in subsection (iii) of the preceding sentence.
(b) As further specified pursuant to the Change Control Procedure, ACI may assign ACI personnel (excluding any third parties) on a rotational basis to Vendor’s operating environment (subject to appropriate safeguards to protect the data and proprietary information of other Vendor customers and Vendors security policies) as reasonably required in order to (i) maintain visibility and understanding regarding Services and how they are performed and (ii) provide assistance to Vendor personnel in connection with a Transition or a modification to an existing Service.
(c) Upon ACI’s request from time to time, but no more often than once every twelve (12) months during the Term, Vendor will provide to ACI a full description of the environmental configuration in respect of the Services, including information regarding Vendor Software and Equipment, staffing relative to Projects, operating environment, systems constraints, protocols, interfaces, architecture and other operating parameters.
4. TERM OF AGREEMENT
4.1 Term.
The term (“Term”) of this Agreement shall begin on the Effective Date and shall expire on the seventh anniversary of the Effective Date, unless terminated earlier or extended in accordance with this Agreement.
4.2 Extension of Term.
Vendor shall provide ACI written notice not less than nine (9) months prior to the then-existing expiration date of this Agreement of such upcoming expiration. No less than three (3) months prior to such upcoming expiration, ACI shall have the right to extend the Term of this Agreement for up one (1) year on the terms and conditions then in effect by delivering written notice to Vendor.
5. PERSONNEL
5.1 Key Vendor Positions.
(a) “Key Vendor Positions” are the Vendor Transition Manager (as defined below), the Vendor Project Executive, Vendor Delivery Project Executive and Vendor Tower Leads for each Service Tower. Vendor shall cause each of the Vendor Personnel filling the Key Vendor Positions to devote substantial time and effort to the provision of Services to ACI. Except with respect to the Vendor representative assigned primary responsibility for Transition Services (the “Vendor Transition Manager”), once assigned to a Key Vendor Position, these individuals shall remain on the ACI account in such position for a period of at least two (2) years (or if assigned during Transition, during the Transition and for two (2) years after the Transition). In the event of the voluntary resignation, involuntary termination
Confidential
Master Services Agreement

 

Page 10


 

Execution Copy
for cause, illness, disability or death of one of its Vendor Personnel filling a Key Vendor Position during or after the specified period, Vendor shall (i) give ACI as much notice as reasonably possible of such development, and (ii) expeditiously identify and a suitable replacement. If an employee of an Approved Subcontractor is assigned to a Key Vendor Position, Vendor shall obtain commitments from that Approved Subcontractor to comply with the requirements of this Section 5.1 with respect to such position. Upon providing Vendor 30 days prior notice, ACI may from time to time change the positions designated as Key Vendor Positions. ACI shall have the right, in its sole discretion, to change any position from a non-Key Vendor Position to a Key Vendor Position; provided that in no event will the aggregate number of Key Vendor Positions increase by more than five from the number of Key Vendor Positions as of the Effective Date.
(b) Vendor shall designate an individual to serve as “Vendor Delivery Project Executive.” The Vendor Delivery Project Executive shall:
(i) be one of the Key Vendor Positions;
(ii) serve as the single point of accountability for Vendor for the Services;
(iii) have day-to-day authority for undertaking to ensure customer satisfaction;
(iv) be located at ACI’s offices in Omaha, Nebraska or other location reasonably designated by ACI from time to time;
(v) be willing to travel to other ACI locations as reasonably requested by ACI from time to time.
(c) Without limiting Vendor’s obligation to obtain the approvals required by this Section 5.1 for changes in Key Vendor Positions:
(i) Vendor shall implement and maintain a retention strategy designed to retain Vendor Personnel assigned to Key Vendor Positions for the prescribed period;
(ii) Vendor shall also maintain active succession plans for each of the Key Vendor Positions; and
(iii) At least once each year during the Term, Vendor shall review with ACI the retention strategies and succession plans for the Key Vendor Positions. Such review shall include a status review of the current risk profile for each of the Vendor Personnel currently assigned to such positions. The risk profile will include the unique technical, account or process skills needed for the Key Vendor Position, and an assessment of the risk that such Vendor Personnel might leave Vendor, and any actions, including the execution of appropriate retention strategies to assure ACI that Vendor will be able to continue to perform its obligations under this Agreement.
(d) Before assigning an individual to a Key Vendor Position, whether as an initial assignment or a subsequent assignment, Vendor shall advise ACI of the proposed assignment and introduce the individual to the appropriate ACI representatives. ACI shall have the right to require Vendor to remove from ACI’s account and replace such individual at any time, in its sole discretion, provided that ACI does not request the removal of any individual for reasons prohibited by Applicable Law, and provided that reasonable notice (which may be immediate, depending on the circumstances surrounding the removal) is
Confidential
Master Services Agreement

 

Page 11


 

Execution Copy
given. Upon such request from ACI, Vendor will investigate the request and reasons for it and take appropriate action.
(e) If ACI objects in good faith to the proposed Key Vendor Position assignment, the Parties shall attempt to resolve ACI’s concerns on a mutually agreeable basis. If the Parties have not been able to resolve ACI’s concerns within five (5) Business Days, Vendor shall not assign the individual to that position and shall propose to ACI the assignment of another individual of suitable ability and qualifications. Except with ACI’s consent, individuals filling Key Vendor Positions may not be transferred or re-assigned to other positions with Vendor or its Affiliates until a suitable replacement has been approved by ACI, and no such transfer shall occur at a time or in a manner that would have an adverse impact on delivery of the Services. Vendor shall establish and maintain an up to date succession plan for the replacement of individuals serving in Key Vendor Positions.
(f) Except with respect to the Vendor Transition Manager, so long as an individual is assigned to a Key Vendor Position, is one of the Vendor employees that is substantially or fully dedicated to providing Services to ACI or otherwise has regular access to view or manipulate ACI Confidential Information that is either identified by ACI as competitively sensitive or a reasonable person would understand is competitively sensitive for ACI based upon the content of such information, and for twelve (12) months, thereafter, Vendor shall not assign such individual to perform services for the benefit of any ACI Competitor, unless such assignment is approved by ACI, in advance and in writing.
(g) A meaningful portion of the annual variable compensation for the Vendor Delivery Project Executive and Vendor Personnel in the other Key Vendor Positions shall be based upon: (i) the level of ACI satisfaction reflected in the periodic customer satisfaction surveys; (ii) the extent to which Vendor has met Vendor’s responsibilities and obligations under this Agreement; (iii) Vendor’s achievement of the objectives relating to ACI and its businesses set forth in Section 1.1, and (iv) Vendor’s determination in consultation with ACI as to whether Vendor has met the technical and business objectives set by ACI. Vendor maintains the final responsibility and decisions for determining the compensation levels of all Vendor employees as well as recognizing and rewarding them.
5.2 Transitioned Personnel.
(a) Promptly after the Effective Date, Vendor will offer employment to “Potentially Rebadged Employees” identified in Schedule T (Human Resources). “Rebadged Employees” shall mean those Affected Employees who receive and accept such offers and become employed by Vendor effective as of such Service Tower Commencement Date or such other date as to which the Parties agree. The provisions of Schedule T (Human Resources) shall apply to all Affected Employees.
(b) ACI believes that the Rebadged Employees are critical in providing the Services (“Key Rebadged Employees”). During the term stated in Section 5.1(a), following the hire date for any Key Rebadged Employee (the “Mandatory Employment Period”), without ACI’s prior written approval Vendor may not transfer or re-assign a Key Rebadged Employee from performing the Services for ACI for a period of at least one (1) years.
(c) ACI has contracted for the services of non-employee personnel who immediately prior to the Effective Date were performing services similar to the Services (“ACI Contractor Personnel”). With regard to the agreements for ACI Contractor Personnel (“ACI Contractor Agreements”), such ACI Contractor Agreements shall be terminated or, subject to obtaining Required Consents in the manner provided in Section 6.7, assigned to Vendor. The action of termination or assignment for particular ACI Contractor Agreements shall be in accordance with a plan prepared by Vendor within ninety (90) days
Confidential
Master Services Agreement

 

Page 12


 

Execution Copy
after the Effective Date and approved by ACI. Vendor shall be responsible for the costs, charges and fees associated with such actions.
5.3 Qualifications, Retention and Removal of Vendor Personnel.
(a) Vendor shall assign an adequate number of Vendor Personnel to perform the Services. Vendor Personnel shall be properly educated, trained and fully qualified for the Services they are to perform. If any portion of the Services of Vendor Personnel are a separately charged resource, Vendor shall not charge ACI for the costs of training Vendor Personnel, including the time necessary for such Vendor Personnel to become familiar with ACI’s account or business.
(b) ACI and Vendor agree that it is in their best interests to keep the turnover rate of Vendor Personnel to a low level. Vendor shall use Commercially Reasonable Efforts to keep the turnover rate to a low level and remains obligated to perform the Services, regardless of turnover, without degradation and in accordance with this Agreement.
(c) While at ACI’s premises (or the premises of others receiving the Services under this Agreement), Vendor Personnel shall (i) comply with all reasonable requests, and all rules and regulations, regarding personal and professional conduct (including the wearing of an identification badge and adhering to regulations and general safety, dress, behavior and security practices or procedures) generally applicable to such premises to the extent that such requests, and rules and regulations have been provided to Vendor in writing in advance; and (ii) otherwise conduct themselves in a businesslike and professional manner.
(d) Vendor, in performing the Services, shall comply, and cause its employees, agents and subcontractors to comply, with:
(i) All applicable local, state and federal laws and regulations relating to the workplace and the performance of its obligations, including OSHA and other laws regarding workplace safety.
(ii) The ACI policies and procedures set forth in Schedule J (ACI Policies and Standards) (to the extent that ACI is in compliance as of the Effective Date) and as provided to the Vendor in writing from time to time;
(iii) Any of ACI’s policies and procedures as, from time to time, are communicated in writing to Vendor.
(e) If ACI reasonably determines that the continued assignment to ACI’s account of any of Vendor Personnel is not in the best interests of ACI, then, upon reasonable notice from ACI, Vendor shall replace that person with another person of equal or superior ability and qualifications. Vendor shall ensure that such replacement has received sufficient and necessary information to accomplish a satisfactory knowledge transfer from the Vendor Personnel being replaced and is sufficiently trained so as to assure continuity of the Services without adverse impact. Notwithstanding the foregoing, where ACI notifies Vendor that ACI has determined that the concern is of such a nature that such Vendor Personnel should be removed immediately (albeit possibly temporarily) from ACI’s account, Vendor shall immediately remove such individual(s) from ACI’s account. In any event, any request by ACI to remove an individual from ACI’s account shall not be deemed to constitute a termination of such individual’s employment by Vendor and in no event shall ACI be deemed an employer of any such person. Notwithstanding the above or any other provision in this Agreement to the contrary, the rights of ACI in
Confidential
Master Services Agreement

 

Page 13


 

Execution Copy
this Section 5.3(e) shall be restricted to those Vendor Personnel that either (i) are located at a ACI facility, or (ii) have direct contact with ACI or an End User (including any ACI clients).
(f) Vendor shall be responsible for conducting at its expense a background investigation of all Vendor’s employees, contractors, agents and subcontractors assigned to provide Services to ACI. Vendor agrees that the review period and information gathered will be in accordance with Vendor’s standard policies. Vendor shall exercise reasonable care and diligence to ensure that it does not assign employees, agents or subcontractors to ACI who, based on the results of their background investigation, are likely to present a threat to the safety or security of people or other assets on ACI’s premises.
(g) Vendor shall maintain documentation evidencing that the background investigations required in Section 5.3(f) have been completed.
6. RESPONSIBILITY FOR RESOURCES
6.1 Generally.
Except to the extent specifically provided otherwise in this Agreement, Vendor shall be responsible for providing all resources (including Equipment, Software, facilities and personnel) necessary or desirable to provide the Services, and shall be responsible for all costs associated with those resources, and shall only recover such costs through the corresponding Charges specified in this Agreement. Vendor shall permit ACI, or any third-party provider of services to ACI, (provided Vendor receives reasonable advance notification and subject to execution by such third party of a confidentiality agreement in the form of Schedule M (Vendor Confidentiality Agreement)) to establish and maintain uninterrupted remote access to the Applications Software and any software running on Equipment and used to provide the Services, and, upon request, on-site access to any Vendor facility at which Services are performed as may be reasonably required by ACI.
6.2 Intentionally left blank.
6.3 Financial Responsibility for Equipment.
As identified in Exhibit C-2 (Financial Responsibility and Ownership Matrix), Vendor shall have full financial responsibility for all such Equipment. This includes responsibility for all upgrades, enhancements, growth and technology refreshments to and for the Equipment not owned or leased by ACI, and all costs and expenses related to operational support, including installation, support, maintenance, disaster recovery, and Service Levels with respect to the Equipment. Vendor shall refresh the Equipment in accordance with Exhibit C-2 (Financial Responsibility and Ownership Matrix).
6.4 Equipment Access and Operational and Administrative Responsibility.
(a) Access. ACI shall grant Vendor the same rights of access and use, at no cost to Vendor, that ACI has to Equipment used by ACI immediately prior to the Effective Date to provide services to itself (subject to the Parties’ having obtained any Required Consents therefore and solely to the extent necessary to provide the Services).
(b) No Warranties. All Equipment transferred or made available to Vendor and Approved Subcontractors under this Agreement by ACI is provided or made available on an “AS IS, WHERE IS” basis, with no warranties whatsoever. Notwithstanding anything to the contrary contained in this Agreement, ACI and its Affiliates shall not be responsible for any breach of any of such manufacturers’
Confidential
Master Services Agreement

 

Page 14


 

Execution Copy
warranties and indemnities, and no breach thereof shall affect the limitation on liabilities, rights and obligations of the Parties set forth in this Agreement.
(c) Hardware and Software Purchases. If and as requested by ACI from time to time and agreed by the Vendor, Vendor will offer to acquire hardware or software for re-sale to ACI at Vendor’s charges plus a reasonable mark-up through Vendor’s contracts with third-party suppliers.
(d) Disposal of Equipment Owned or Leased by ACI. Vendor shall, as a part of the Services included in the Monthly Base Charges, dispose of Equipment owned or leased (in accordance with Schedule A (Statement of Work)) by ACI and no longer needed for the provision of the Services. Vendor is entitled to retain any salvage value of such Equipment that is owned by ACI without accounting to ACI.
(e) Disposal of Equipment Not Owned by ACI. Vendor shall be responsible for any disposal of Equipment provided or otherwise used by Vendor or its subcontractors. Vendor shall be responsible for all costs, charges or fees associated with the disposal of such Equipment.
(f) Refresh of Equipment. Vendor is responsible for acquiring, as a part of the Hardware Services Charge (as defined in Schedule C (Charges)), such Equipment for refresh and growth as indicated in Exhibit C-2 (Financial Responsibility and Ownership Matrix). The Equipment to be acquired by Vendor pursuant to such Equipment refresh is based on the expected volume identified in the Resource Volume Baseline and in Exhibit C-1. The Parties acknowledge that the actual refresh of Equipment will be based on ACI’s changing business needs and Vendor’s requirements to perform the Services and meet the Service Levels. Within thirty (30) days after the each anniversary of the Effective Date, ACI and Vendor will review the then-current refresh schedule, make any required revisions to the schedule and estimate by month for the upcoming year the timing such refresh is required.
6.5 Financial Responsibility for Software.
(a) All licenses to Software in ACI’s name as of the Effective Date shall be retained in the name of ACI as licensee. Subject to Section 6.5(c), financial, administrative and operational responsibility for Software, including (i) all costs for current and future packages, new releases, expanded license rights, growth and technology refreshment (“Software Capital Costs”) and (ii) all costs and expenses related to operational support, including installation, support, software maintenance, and achieving Service Levels (“Software Operational Support Costs”) shall be allocated between the Parties as provided in Exhibit C-2 (Financial Responsibility and Ownership Matrix). For that Software for which Vendor has financial responsibility, Vendor shall pay directly, or promptly reimburse ACI if ACI (or any of its Affiliates) has paid, all such costs that are attributable to periods from and after the assumption of such responsibility.
(b) Licenses. Vendor shall obtain all licenses for any new Systems Software acquired during the Term for Equipment that Vendor is financially responsible for refreshing as specified in Exhibit C-2 (Financial Responsibility and Ownership Matrix). Any negotiation of software licenses on behalf of ACI will be in consultation with the ACI legal and procurement departments.
(c) ISV Software. Except as otherwise provided herein or in Exhibit C-2 (Financial Responsibility and Ownership Matrix), Vendor’s financial responsibility for Software Capital Costs shall not extend to ISV Software. Notwithstanding the foregoing, (i) Vendor shall be responsible for providing Vendor Applications Software Operational Support Services with respect to all ISV Software; and (ii) if Vendor elects to operate any Applications Software on a shared platform, and such election results in any
Confidential
Master Services Agreement

 

Page 15


 

Execution Copy
increase in the Software Capital Costs or Software Operational Support Costs in relation to such Applications Software, Vendor shall be solely responsible for such incremental costs.
6.6 Third Party Contracts.
Vendor has financial, administrative and operational responsibility for those Third Party Contracts set forth in Schedule G (Third Party Contracts). Vendor shall pay directly, or promptly reimburse ACI, if ACI (or any of its Affiliates) has paid, all such costs that are attributable to periods from and after the assumption of such responsibility.
6.7 Required Consents.
Vendor and its Affiliates shall be administratively responsible, with ACI’s and its Affiliates’ reasonable cooperation and subject to the provisions of Section 6.6, for performing all administrative activities necessary for obtaining the Required Consents for Software, Equipment, facility leases/subleases and Third Party Contracts as necessary to perform the Services and other obligations under this Agreement, upon mutually acceptable terms and conditions. ACI acknowledges that, in those instances where ACI is the contracting party or licensee, ACI will be the party that must seek the Required Consents and Vendor will provide assistance and the administrative activities in seeking such Required Consents. Vendor will pay any and all fees (including transfer or upgrade fees, additional licenses, sublicenses and maintenance fees) required to obtain such Required Consents and will invoice ACI (as part of Vendor’s normal monthly invoice) such fees on a Pass-Through Expenses basis. The Parties shall cooperate with each other so as to minimize such costs and ensure that mutual agreement exists as to acceptable terms and conditions for the provision of any such Required Consent. As and to the extent consent is obtained for Vendor and its Affiliates to manage and utilize the Software or a contract but the relevant license or such contract remains in ACI’s or an Affiliate’s name, ACI and its Affiliates shall exercise permissible termination, extension and other rights thereunder as Vendor, after consultation with ACI, reasonably directs. If a Required Consent is not obtained, then, unless and until such Required Consent is obtained, the Parties shall determine and promptly adopt, such alternative approaches as are necessary and sufficient to provide the Services without such Required Consents (including modifications to the Transition Plan) and, subject to consultation with and agreement by ACI, an applicable Service Tower Commencement Date affected by such unavailable Required Consents shall be adjusted accordingly.
6.8 Straddle Agreements.
If a Straddle Agreement is discovered by the Parties after the Effective Date, within ninety (90) days of the date of discovery, the Parties shall undertake to establish the most appropriate, including the most cost effective, method of leveraging such Straddle Agreement for the benefit of both Parties and if necessary, shall negotiate in good faith to determine an alternative to Vendor using the Straddle Agreement to perform the Services.
7. SOFTWARE AND PROPRIETARY RIGHTS
7.1 ACI Software.
(a) ACI retains all right, title and interest in and to ACI Software, including all modifications, enhancements and derivative works relating thereto. ACI grants to Vendor (and its Approved Subcontractors if and to the extent required to provide the Services) a worldwide, fully paid-up, nonexclusive license during the Term to use ACI Software solely to the extent necessary for performing the Services for the benefit of ACI, ACI’s Affiliates and other End Users as directed by ACI. ACI
Confidential
Master Services Agreement

 

Page 16


 

Execution Copy
Software shall be made available to Vendor in such form and on such media as exists on the Effective Date or as is later obtained by ACI, together with available documentation and any other related materials.
(b) Vendor shall not modify, decompile, reverse engineer, reverse assemble or reverse compile any ACI Software or any Software licensed to ACI; distribute, rent, lease, sublicense or transfer any ACI Software to any third party; use the ACI Software in a service bureau or time-sharing arrangement; or otherwise allow direct or indirect use of any ACI Software by any third party other Approved Subcontractors to the extent necessary for Vendor to perform the Services without the prior written consent of ACI, which may be withheld at ACI’s sole discretion. Vendor shall not use ACI Software for the benefit of any entities other than ACI, ACI’s Affiliates and other End Users, without the prior written consent of ACI, which may be withheld at ACI’s sole discretion. Except as otherwise requested or approved by ACI, Vendor shall cease all use of ACI Software upon expiration or termination of this Agreement and deliver to ACI or destroy any copies of such ACI Software.
7.2 Vendor Software.
(a) Subject to Section 7.4, Vendor retains all right, title and interest in and to Vendor Software, including all modifications, enhancements and derivative works relating thereto. In providing the Services, Vendor shall not use any Vendor Software without ACI’s prior written approval, which approval shall not be unreasonably withheld; provided, however that Vendor may use any Vendor Software to be used as Shared Software without approval from ACI. Vendor shall be responsible for installing, operating and maintaining Vendor Software at its own expense.
(b) As and to the extent necessary for ACI to receive the Services and otherwise obtain the benefits as specified this Agreement, Vendor grants to ACI a worldwide, fully paid-up, nonexclusive license during the Term to use Vendor Software as it exists from time to time during the Term to receive the Services during the Term and otherwise obtain the benefits as specified this Agreement. Subject to the execution of reasonable confidentiality agreements with the third party, Vendor also grants to ACI the right to sublicense Vendor Software to a third party for such third party to perform work as permitted under Section 21.9 of this Agreement solely for the benefit of ACI, ACI’s Affiliates and End Users.
(c) For generally commercially available Vendor Software which on the date of expiration or termination of this Agreement Vendor, ACI and ACI Affiliates are using:
(i) solely to provide the Services to ACI:
(A) which Vendor licenses from a third party, subject to the consent of the third party, Vendor will assign its license, if any, to such software to ACI or its designee upon ACI’s reimbursement to Vendor of any transfer fees imposed by a third party for ISV Software, and any one-time license or purchase charges in an amount equal to the remaining unamortized value, if any, for the software, depreciated over a period beginning on the date such charges were incurred and ending on the Termination/Expiration Date (as of the date such charges were incurred); and
(B) which is Vendor Software, Vendor will provide ACI under Vendor’s standard terms and conditions, a license to such Software upon ACI’s reimbursement to Vendor of any one-time license fees in an amount equal to the lower of (a) Vendor’s commercially available price at the time or (b) the discount generally applicable to ACI based on the discount it generally receives at the time the Agreement is terminated, in each case of (a) and (b) prorated over a period starting on the date the cost was incurred and ending on the Termination/Expiration Date; and
Confidential
Master Services Agreement

 

Page 17


 

Execution Copy
(C) for all Software subject to clauses (A) and (B) of this subsection, ACI will reimburse Vendor for any recurring periodic license, maintenance, support or other charges applicable to periods after the date of transfer or license to ACI, and ACI will be responsible for any additional recurring charges applicable to periods after such date of transfer or license; and
(D) to provide Services to ACI and other customers in a shared environment, Vendor will use Commercially Reasonable Efforts to assist ACI in obtaining licenses for such software at ACI’s expense.
(d) For non-commercially available Vendor Software which on the date of expiration or termination of this Agreement Vendor is using to provide the Services, Vendor grants to ACI a worldwide, fully paid-up, nonexclusive license during the Termination/Expiration Assistance Period to use such non-commercially available Vendor Software solely to provide Services to ACI. Subject to the execution of reasonable confidentiality agreements with the third party, Vendor also grants to ACI the right to sublicense such non-commercially available Vendor Software to a third party for such third party to perform work during the Termination/Expiration Transition Period solely for the benefit of ACI, ACI Affiliates and End Users.
(e) As of the Effective Date, the Parties do not intend for Vendor to use any Vendor Application Software other than for Vendor’s own internal or administrative use. If during the Term the Parties agree that the scope of the Services should be expanded such that Vendor should use Vendor Application Software, they shall enter into a separate written agreement governing such use. Absent such agreement, ACI shall have no express or implied right to use Vendor Application Software.
7.3 ISV Software.
(a) Grant of Rights. With respect to the ISV Software licensed by ACI, subject to the Parties having obtained any Required Consents for such ISV Software, ACI grants to Vendor to the extent necessary for performing the Services, the rights of use of such Software that ACI has as of the Effective Date or later obtains during the Term with respect to such Software. Vendor shall comply with the duties, including use and non-disclosure restrictions imposed on ACI by the licenses for such ISV Software, and Vendor shall not seek to modify or otherwise revoke the terms of such licenses without ACI’s prior written consent to the extent that such duties and/or licenses have been provided in writing to Vendor prior to such compliance obligation. Except as otherwise requested or approved by ACI, or with respect to operating system Software that (i) is licensed for use on Equipment that ACI does not elect to purchase or assume the lease pursuant to Section 21.9 and (ii) may not be transferred to ACI for use on other Equipment, Vendor shall cease all use of such Software upon expiration or termination of this Agreement.
(b) Third Party Applications Software. Vendor shall not use or introduce, nor seek compensation or reimbursement for, any Third Party Applications Software in providing the Services without ACI’s prior written approval, which will not be unreasonably withheld.
(c) Third Party Systems Software Acquired During the Term. With respect to any Third Party Systems Software acquisitions that are made in Vendor’s name, prior to the introduction of such Software, Vendor shall comply with the following:
(i) Vendor shall use Commercially Reasonable Efforts to obtain for ACI, ACI Affiliates and End Users a perpetual, non-exclusive license to Use such Software at the expiration or termination of this Agreement and at no additional charge to ACI; or
Confidential
Master Services Agreement

 

Page 18


 

Execution Copy
(ii) If Vendor is unable to obtain such license, Vendor shall notify ACI of its inability to obtain such a license and of the cost and viability of any other software that can perform the requisite functions and with respect to which Vendor has the ability to obtain such a license. Such notice shall contain the proposed third-party vendor’s then-current terms and conditions, if any, for licensing the software to ACI in accordance with Section 7.3(c)(i). With ACI’s prior approval, Vendor may introduce such software in providing the Services. Moreover, if Vendor desires to introduce Software, the rights to which have been acquired by Vendor as part of an enterprise agreement, then Vendor shall notify ACI of the relevant terms of such agreement and shall obtain ACI’s written consent prior to using such Software to provide the Services.
(d) Exercise of Rights. To the extent Vendor has financial responsibility for licenses for Third Party Systems Software, but such licenses remain in ACI’s name, ACI shall exercise termination or extension rights thereunder, as Vendor, after consultation with ACI, reasonably directs with respect to such Software; provided that Vendor shall be responsible for the costs, charges and fees associated with the exercise of such rights.
7.4 Rights in Newly Developed Software and Other Materials.
(a) Newly Developed Software.
(i) “Developed ACI Software” As between ACI and Vendor, all developed Software that is (a) a modification, enhancement or derivative work of the ACI Software (called “Developed ACI Software”) (b) newly developed software that Vendor develops for ACI on a project basis; and (c) modifications to, or upgrades or enhancements or derivative works of, ISV Software provided by ACI under this Agreement shall be owned by ACI. ACI shall have all right, title and interest, including worldwide ownership of trade secret, copyright, patent and other proprietary rights in and to the Developed ACI Software and all copies made therefrom. To the extent that any of the Developed ACI Software is not deemed a “work made for hire” by operation of law, Vendor hereby irrevocably assigns, transfers and conveys, and shall cause Vendor Personnel to assign, transfer and convey, to ACI, without further consideration, all of its or their right, title and interest in and to such Developed ACI Software, including all rights of patent, copyright, trade secret or other proprietary rights in such Developed ACI Software. Vendor acknowledges, and shall cause Vendor Personnel to acknowledge, that ACI and the successors and permitted assigns of ACI shall have the right to obtain and hold in their own names any Intellectual Property Rights in and to the Developed ACI Software. Vendor agrees to execute, and shall cause Vendor Personnel to execute, any documents or take any other actions as may reasonably be necessary, or as ACI may reasonably request, at ACI’s expense, to perfect ACI’s ownership of any such Developed ACI Software. ACI hereby grants Vendor a fully paid-up, non-exclusive, worldwide license to use Developed ACI Software solely to provide the Services during the Term and the Termination/Expiration Assistance Period, which includes the right to sublicense and otherwise permit Vendor subcontractors to do any of the foregoing. Vendor shall not be permitted to use Developed ACI Software for the benefit of any entities other than ACI, ACI’s Affiliates, and other End Users, without the prior written consent of ACI, which may be withheld at ACI’s sole discretion. Except as otherwise requested or approved by ACI, Vendor shall cease all use of Developed ACI Software upon expiration or termination of this Agreement and deliver to ACI or destroy any copies in its possession. No further license is granted to Vendor with respect to Developed ACI Software. However, both Parties are free to use any ideas, concepts, know-how, or techniques which are developed or provided by the other or jointly by both Parties during a Project. Both Parties are free to enter into similar agreements with others and to develop and provide materials or Services which are similar to those provided under this Agreement.
(ii) “Developed Vendor Software” shall mean: (a) modifications to, or upgrades or enhancements or derivative works of, Vendor Software; (b) newly developed software for which Vendor
Confidential
Master Services Agreement

 

Page 19


 

Execution Copy
does not charge ACI on a project basis; and (c) modifications to, or enhancements or derivative works of, ISV Software provided by Vendor under this Agreement. Developed Vendor Software shall also include methods of providing the Services, such as a work-flow, where such methods were developed under this Agreement. As between the Parties, Vendor shall have all rights, title and interest in and to Developed Vendor Software and all copies made from it. Vendor hereby grants to ACI a perpetual, fully paid-up, non-exclusive, worldwide license to: (i) use all Developed Vendor Software (other than with respect to the Software which Vendor is not entitled to license to ACI under Vendor’s license with the third party and which ACI is not entitled to use under its own license agreements with the third party) solely to provide services similar to the Services for itself or services for the processing of approximately the volume of ACI’s business that existed during the Term; and (ii) permit third parties to use all Developed Vendor Software (other than with respect to the ISV Software that Vendor is not entitled under its license agreement with the ISV Software vendor to license to third parties unless such third parties are entitled to use under their own license agreements with the third party) solely to provide services similar to the Services for ACI.
(b) Non-Software Materials. All literary works or other works of authorship including manuals, training materials and documentation developed or created by Vendor or any Vendor Personnel in accordance with this Agreement or Schedule A (Statement of Work) specifically and exclusively for ACI, or at the written request of and specifically for ACI or its Affiliates pursuant to a Project or the Change Control Procedures under this Agreement, but excluding Developed ACI Software, Developed Vendor Software and any Vendor Preexisting IP incorporated into any of the foregoing (collectively herein referred to as “Work Product”) shall be exclusively owned by ACI. ACI shall have all right, title and interest, including worldwide ownership of copyright, in and to the Work Product and all copies made from them. To the extent any of the Work Product is not deemed a “work made for hire” by-operation of law, Vendor hereby irrevocably assigns, transfers and conveys, and shall cause Vendor Personnel to assign, transfer and convey, to ACI without further consideration all, of its or their right, title and interest in and to such Work Product, including all rights of copyright in such materials. Vendor acknowledges, and shall cause Vendor Personnel to acknowledge, that ACI and the successors and permitted assigns of ACI shall have the right to obtain and hold in their own name any copyrights in and to such Work Product. Vendor agrees to execute, and shall cause Vendor Personnel to execute, any documents or take any other actions as may reasonably be necessary, or as ACI may reasonably request, at ACI’s expense, to perfect ACI’s ownership of any such Work Product. Nothing in Section 7.4 will be interpreted or construed to assign to ACI (and, except as licensed to the ACI under this Agreement, Vendor reserves all right, title and interest that Vendor may have or acquire in) any proprietary software, tools, utilities, methodologies, processes, documentation and other items (i) that are developed by or on behalf of Vendor in performance of the Services (including all modifications, enhancements, and derivative works of the Vendor Software and/or tools made by or on behalf of ACI under Section 7.4 excluding all Work Product, Developed ACI Software and any ACI Data or other materials or information provided by ACI to Vendor for use in connection with such development (“Vendor Developed IP”), or (ii) that were created or acquired by Vendor prior to the Effective Date, or was developed or acquired by Vendor outside the scope of this Agreement (and without the use of ACI Confidential Information), and inserted or incorporated within any Work Product or Developed Vendor Software with the prior written consent of ACI (“Vendor Preexisting IP”). To the extent: (i) any Work Product or Developed Vendor Software contains any Vendor Preexisting IP, or (ii) Vendor Developed IP has been provided to ACI under this Agreement or has been used to provide Services to ACI under this Agreement, or (iii) use of any Work Product or Developed Vendor Software requires any Vendor Developed IP or Vendor Preexisting IP, Vendor grants to ACI a royalty-free, worldwide, non-exclusive copyright license to such Vendor Developed IP or Vendor Preexisting IP, during the Term and the Termination/Expiration Assistance Period solely in connection with internal use of the Work Product, Developed Vendor Software or Vendor Developed IP that is actually provided to ACI under this Agreement or is actually used to provide Services to ACI under this Agreement. ACI hereby grants Vendor an irrevocable, fully paid-up, non-
Confidential
Master Services Agreement

 

Page 20


 

Execution Copy
exclusive, worldwide license to use the Work Product solely to provide the Services during the Term and the Termination/Expiration Assistance Period, which includes the right to sublicense and otherwise permit third parties to do any of the foregoing.
7.5 Export.
The Parties acknowledge that certain Software and technical data to be provided under this Agreement and certain transactions under this Agreement may be subject to export controls under the laws and regulations of the United States of America and other countries. Neither Party shall export or re-export any such items or any direct product thereof or undertake any transaction in violation of any such laws or regulations.
8. OFFICE SPACE
8.1 ACI Obligations.
(a) Subject to Section 8.2(a), below, ACI shall provide to Vendor the office space reasonably needed and comparable to similarly situated employees of ACI to accommodate Vendor Personnel who are on site at the End User Locations (the “ACI Office Space”), as the same may be changed by ACI from time to time throughout the Term. With respect to such ACI Office Space, except as otherwise provided in this Article 8, Vendor shall have the same privileges regarding use thereof (such as heating, lights, air conditioning systems, use of cafeteria, etc. (excluding parking privileges)) as do any other similarly situated employees of ACI. Furthermore, those Vendor employees who are performing Services or any portion of the Services from ACI Office Space, shall be free to use and consume, at no cost to Vendor, a reasonable amount of office supplies (such as pencils, pens, pads, copy machines and facsimile machines) that are ordinarily furnished by ACI to its personnel, and in accordance with the same policies and procedures regarding the use of office supplies and services as are applicable to similarly-situated ACI employees, as such policies and procedures may be modified from time to time to the extent such policies are provided to Vendor in writing. Vendor shall be responsible for providing all other facilities required to perform the Services.
(b) ACI shall retain the costs of applicable facilities leases and related leasehold improvements with respect to the ACI Office Space to the extent required by the applicable facilities leases and related documents.
(c) The ACI Office Space shall be made available to Vendor on an “AS IS” basis, with no warranties whatsoever.
(d) ACI shall inform Vendor of any plans or determination to relocate the ACI Office Space so that Vendor shall have a reasonable amount of time to prepare for and implement such change or relocation as it impacts Vendor. ACI shall reimburse Vendor for Vendor’s Out-of-Pocket Expenses incurred in connection with such relocation in accordance with Section 3.10.
8.2 Vendor Obligations within ACI Office Space.
(a) Vendor shall use the ACI Office Space for the sole and exclusive purpose of providing the Services, unless in its sole discretion ACI approves another use in advance and in writing. Accordingly, Vendor and its agents may not provide or market services to a third party from the ACI Office Space. The use of ACI Office Space by Vendor shall not constitute a leasehold, a usufruct or other property interest in favor of Vendor. Notwithstanding any provision in this Agreement to the contrary, in no event may Vendor file a notice of lease or comparable instrument on the applicable land.
Confidential
Master Services Agreement

 

Page 21


 

Execution Copy
(b) Vendor shall use the ACI Office Space in an efficient manner and in a manner that is coordinated, and does not interfere, with ACI’s other business operations. To the extent that Vendor operates the space in a manner that unnecessarily or unreasonably increases facility or other costs incurred by ACI, ACI reserves the right to deduct such costs pursuant to Section 14.7 of this Agreement.
(c) Vendor shall be responsible for any damage to the ACI Office Space resulting from the abuse, misuse, neglect or negligence of Vendor or other failure to comply with the obligations respecting the ACI Office Space.
(d) Vendor shall keep the ACI Office Space in good order, not commit or permit waste or damage to ACI Office Space or use ACI Office Space for any unlawful purpose or act, and shall comply with ACI’s standard policies and procedures and with applicable leases regarding access to and use of the ACI Office Space, including procedures for the physical security of the ACI Office Space to the extent such policies, procedures and lease information has been provided to Vendor in writing.
(e) Subject to compliance with Vendor’s reasonable security requirements and reasonable advance notice (where practical given the nature of access required), Vendor shall permit ACI and its agents and representatives to enter into those portions of the ACI Office Space occupied by Vendor staff at any time to (i) inspect the premises; (ii) show the premises; and (iii) perform facilities-related services.
(f) Vendor shall not make improvements or changes involving structural, mechanical or electrical alterations to the ACI Office Space without ACI’s prior written approval. At ACI’s option, any improvements or fixtures to the ACI Office Space shall become the property of ACI. If ACI does not elect to take title thereto Vendor shall remove the same at the end of the use of the ACI Office Space and shall repair any damage caused by the installation or removal of such improvements or fixtures.
(g) Vendor will comply with the physical safety and security procedures that are applicable to the ACI Office Space from time to time to the extent such procedures are provided to Vendor in writing.
(h) When the ACI Office Space is no longer required for performance of the Services, Vendor shall return them to ACI in substantially the same condition as when Vendor began use of them, subject to reasonable wear and tear.
8.3 Use of Vendor Facilities by ACI.
Vendor will make available to ACI reasonable office space and office facilities when ACI personnel are onsite at Vendor facilities, including desks, telephones and internet connectivity.
9. SERVICE LEVELS
9.1 General.
Vendor shall perform the Services that are subject to Service Levels in a manner that meets or exceeds the service levels set forth in Schedule B (Service Levels) (“Service Levels”). Vendor will provide all Services without expressly defined Service Levels with at least the same degree of accuracy, quality, completeness, timeliness, responsiveness and efficiency as the greater of (i) the level provided by or for ACI prior to the Effective Date, or (ii) at levels consistent with the warranty provided in Section 16.2.
9.2   Failure to Perform.
Confidential
Master Services Agreement

 

Page 22


 

Execution Copy
If Vendor fails to meet any Service Level twice consecutively or any Critical Service Level, Vendor shall promptly (taking into consideration the severity of the failure): (a) investigate, assemble and preserve pertinent information with respect to, and report to ACI on the causes of, the problem causing the Service Level failure, including performing a root cause analysis of the problem; (b) advise ACI, as and to the extent requested by ACI, of the status of remedial efforts being undertaken with respect to such problem; (c) minimize the impact of and correct such problem to begin meeting the Service Level; and (d) take appropriate preventive measures to minimize the recurrence of the problem. Vendor shall correct any such failure, whether or not material, as soon as possible after Vendor becomes aware of such failure; provided, however, that, in the event the root cause analysis demonstrates that Vendor was not at fault in failing to meet the Service Level or if such failure is due to an exception to Service Level performance expressly set forth in Schedule B (Service Levels), and Vendor is unable to perform remediation efforts without incurring additional expense or adding significant additional resources, ACI may elect to either (i) reprioritize the Services, in which event Vendor will perform the activities reflected in (b), (c) or (d) above, or (ii) authorize Vendor to perform the remediation as a Project.
9.3 Critical Service Levels and Service Level Credits.
Vendor recognizes that its failure to meet those Service Levels identified in Schedule B (Service Levels) as critical Service Levels (“Critical Service Levels”) may have a material adverse impact on the business and operations of ACI and that the damage from Vendor’s failure to meet a Critical Service Level is not susceptible to precise determination. Accordingly, if Vendor fails to meet Critical Service Levels, then in addition to any other remedies available to ACI under this Agreement, Vendor shall pay or credit to ACI the performance credits specified in Schedule B (Service Levels) (“Service Level Credits”) in recognition of the diminished value of the Services resulting from Vendor’s failure to meet the agreed upon level of performance, and not as a penalty. The methodology for calculating such Service Level Credits is set forth in Schedule B (Service Levels). ACI may from time to time, in accordance with the limitations set forth in Schedule B (Service Levels), change the Allocation of Pool Percentage and/or Service Level Credit Allocation Percentage, each as defined in and subject to the limitations set forth in Schedule B (Service Levels). This Section 9.3 or the Service Level Credits shall not limit ACI’s rights to terminate this Agreement for cause or pursue other damages.
9.4 Priority of Recovery Following Interruption of Services.
If a Force Majeure Event or other occurrence creates an interruption in Vendor’s rendition of the Services, Vendor shall give the recovery of its capabilities to perform the Services and the resumption of its actual performance of the Services the same or greater priority it gives to recovering its capabilities to perform services and resuming its performance of those services for any other similarly situated customer of Vendor (and Vendor’s own operations).
9.5 User Satisfaction.
Vendor and ACI shall conduct satisfaction surveys in accordance with Schedule K (User Satisfaction Survey Guidelines). The surveys shall be designed to determine the level of user satisfaction and areas where user satisfaction can be improved. Such surveys shall include representative samples of each major category of user within ACI and may include a number of in-depth face-to-face or telephone interviews. Vendor and ACI shall mutually agree on the form and content of the surveys, which shall be no less thorough than Vendor’s customary user satisfaction program as set forth in Schedule K (User Satisfaction Survey Guidelines). The Parties shall jointly review the results of the surveys, and Vendor shall develop and implement a plan to improve user satisfaction in areas where user satisfaction is low. ACI’s satisfaction as indicated in the survey results will be a factor in determining the compensation for all individuals holding Key Vendor Positions.
Confidential
Master Services Agreement

 

Page 23


 

Execution Copy
9.6 Periodic Reviews and Adjustments to Service Levels.
(a) Without limitation of Schedule B (Service Levels), every six (6) months (or as otherwise mutually agreed by the Parties) starting twelve (12) months after the Effective Date, ACI and Vendor shall review the Service Levels. During such reviews, Vendor shall work with ACI to identify possible cost/Service Level tradeoffs (but any resulting changes in the Service Levels shall be implemented only if approved by ACI in its sole discretion). Upon such review, ACI may, in accordance with Schedule B (Service Levels), adjust the applicable Service Levels.
(b) In accordance with Schedule B, ACI may change (i) the Service Levels to reflect its changing business needs, including by adding or removing a Service Level, or (ii) one or more of the calculation metrics and other mechanisms used to determine the Service Level (a “Changed Service Level”). Except as otherwise specified in Schedule B (Service Levels), Changed Service Level will take effect sixty (60) days after ACI gives Vendor a notice specifying the Changed Service Level. Notwithstanding the foregoing, Vendor acknowledges that ACI customers may from time to time require faster implementation of new or revised Service Levels that pertain to the On Demand environment, and Vendor will use all Commercially Reasonable Efforts to implement such new Service Levels or modifications as quickly as possible. If Vendor can demonstrate to ACI’s reasonable satisfaction that such Changed Service Level or On Demand Service Levels will materially increase Vendor’s cost of performing the Services in accordance with the Changed Service Level, ACI may only add that Changed Service Level or On Demand Service Level if:
(i) Vendor agrees; or
(ii) Vendor does not agree, but: (a) ACI removes an existing Service Level at the same time as introducing a Changed Service Level and the cost of providing the Services in accordance with the Changed Service Level and the cost of achieving, measuring and reporting on such Changed Service Level is not materially higher than the cost of providing the Services under the existing Service Level and the cost of achieving, measuring and reporting on the existing Service Level; or (b) ACI agrees to pay Vendor for its incremental cost of providing the Services under the Changed Service Level and the cost of achieving, measuring and reporting on the Changed Service Level.
(c) Any disputes in respect of such incremental cost will be subject to the dispute resolution provisions of this Agreement. If the Changed Service Level has associated Service Level Credits, ACI will adjust the then-current aggregate percentage allowed, subject to any limitations set forth in Schedule B (Service Levels).
(d) The Parties expect and understand that the Service Levels shall be improved over time. Therefore, each Service Level will be reset annually in accordance with the terms of Schedule B (Service Levels) governing continuous improvement of Service Levels.
(e) As new technologies and processes are introduced, subject to Section 9.6(b) above, the Parties shall establish additional Service Levels reflecting industry best practices for those technologies and processes. Vendor will, on a regular basis, attempt to identify ways to improve the Service Levels. Vendor will, from time to time, include updates with respect to such improvements in the reports provided to ACI in connection with such Service Levels.
9.7   Measurement and Reporting.
Confidential
Master Services Agreement

 

Page 24


 

Execution Copy
(a) In addition to Critical Service Levels, Schedule B (Service Levels) also sets forth certain key measurements with associated service level expectations (“Key Measurements”). Vendor will measure its performance of the Services against such Key Measurements, will report such performance to ACI on a monthly basis and will strive to improve its performance related to such Key Measurements over the course of the Term. For each Key Measurement, Vendor will either use ACI’s existing methodology for measuring and reporting the Key Measurement or (if no such methodology exists) Vendor will formulate and propose to ACI a comprehensive, accurate and sufficiently detailed, measurement scope, calculation and reporting methodology.
(b) Vendor shall utilize the necessary measurement and monitoring tools and procedures required to measure and report Vendor’s performance of the Services against the applicable Service Levels. Such measurement and monitoring shall permit reporting at a level of detail sufficient to verify compliance with the Service Levels, and shall be subject to audit by ACI. Vendor shall provide ACI with (i) performance and measurement data, for purposes of verification, project and contract management; (ii) problem management data and other data regarding the status of incidents, problems, Service Requests and Authorized User inquiries; and (iii) access to the data used by Vendor to calculate its performance against the Service Levels and procedures utilized by Vendor to generate such data for purposes of audit and verification. ACI shall not be required to pay any amount in addition to the Charges for such measurement and monitoring tools or the resource utilization associated with their use.
(c) The raw data, the detailed supporting information, and the reports delivered to ACI under this Agreement relating to Service Levels and performance under this Agreement (“Performance Information”) will be ACI Data for the purposes of this Agreement. Vendor may only use Performance Information in the course of providing the Services and for its internal business purposes and will provide material containing that Performance Information to ACI promptly on request. Vendor may also use aggregated data derived from Performance Information for external purposes provided that such aggregated data is not identifiable as relating to ACI.
10. PROJECT AND CONTRACT MANAGEMENT
10.1 Governance Guidelines and Principles.
Governance of the Parties’ relationship pursuant to this Agreement will follow the guidelines and principles set out in Schedule S (Governance), as such guidelines and principles are amended or supplemented by the Parties from time to time during the Term.
10.2 Executive Steering Committee.
The Parties shall form a steering committee to facilitate communications between them (the “Executive Steering Committee”). The members, activities and responsibilities of the Executive Steering Committee are set forth in Schedule S (Governance).
10.3 Reports.
(a) Prior to an applicable Service Tower Commencement Date, the Parties shall determine an appropriate set of periodic reports to be issued by Vendor to ACI with respect to such Service Tower. For reports that relate to Services provided across multiple Service Towers, such reports shall be established prior to the first Service Tower Commencement Date for the Service Towers the report is intended to cover. Such reports shall be issued at the frequency set forth in Schedule R (Reports). An initial list of all such reports (including a description of the frequency of such reports) is set forth in Schedule R
Confidential
Master Services Agreement

 

Page 25


 

Execution Copy
(Reports). Vendor shall provide ACI with suggested formats for such reports for ACI’s review and approval.
(b) Vendor’s reports shall include, at a minimum, (i) reports consistent with ACI’s practice prior to the applicable Service Tower Commencement Date; and (ii) a monthly performance report, which shall be delivered to ACI within ten (10) Business Days after the end of each month, describing Vendor’s performance of the Services in such month (the “Monthly Performance Report”).
(c) Vendor shall enable ACI to (i) access reports (both management and operational reports) online; (ii) access supporting information for reports; and (iii) compile such reports and supporting information in order to generate new reports.
10.4 Meetings.
(a) The Parties shall conduct periodic meetings that shall, at a minimum, include the following:
(i) a weekly meeting of the ACI Project Office Executive and the Vendor Delivery Project Executive to discuss day-to-day operations and such other matters as appropriate;
(ii) a monthly meeting among operational personnel representing ACI and Vendor to discuss the Monthly Performance Report, daily performance, planned or anticipated activities and changes that might adversely affect performance, and otherwise to address, review and discuss matters specific to ACI;
(iii) a quarterly management meeting of the Steering Committee to review the reports for the quarter (including the Monthly Performance Reports), review Vendor’s overall performance under this Agreement, review progress on the resolution of issues, provide a strategic outlook for ACI’s service requirements, and discuss such other matters as appropriate;
(iv) a semi-annual senior management meeting by the Parties to review relevant contract and performance issues; and
(v) such other meetings between ACI representatives and Vendor Personnel reasonably requested by either Party as necessary to address performance of the Services.
(b) Vendor shall prepare and circulate an agenda sufficiently in advance of each such meeting to give participants an opportunity to prepare for the meeting. Vendor shall incorporate into such agenda items that ACI desires to discuss. For each meeting held between representatives of Vendor and ACI, Vendor shall prepare and circulate detailed, precise, complete and accurate minutes reporting, at a minimum all decisions reached during the meeting and for each such decision, which Party representative raised the issue, a summary of the major points for and in opposition of each issue and the results or actions agreed upon, promptly after a meeting, although ACI shall not be bound thereto and shall be under no obligation to correct or object to any errors therein.
10.5 Procedures Manuals.
(a) The “Procedures Manual” shall describe the method that Vendor will use to perform and deliver the Services under this Agreement, the Equipment and Software being used, and the documentation (e.g., operations manuals, user guides, specifications) which provide further details of
Confidential
Master Services Agreement

 

Page 26


 

Execution Copy
such activities. Procedures Manuals shall also describe the activities Vendor will undertake in order to provide the Services, including those direction, supervision, monitoring, reporting, planning and oversight activities normally undertaken to provide services of the type Vendor is to provide under this Agreement. Procedures Manuals also shall include descriptions of the acceptance testing and quality assurance procedures approved by ACI, Vendor’s problem management and escalation procedures, and the other standards and procedures of Vendor pertinent to ACI’s interaction with Vendor in obtaining the Services. Procedures Manuals shall be written explicitly and comprehensively enough to describe how the Services will be performed. Vendor will make all Procedures Manuals available for access by ACI on-line as well as in hard copy.
(b) Vendor will provide for ACI’s review and consent an outline of the Procedures Manual applicable to that Service Tower on the dates specified in Exhibit B-3 (Critical Deliverables). Within forty-five (45) days after such dates, Vendor shall deliver a draft Procedures Manual with respect to such Service Tower to ACI for ACI’s comments and review. Vendor shall incorporate comments or suggestions of ACI and shall finalize the Procedures Manual thirty (30) days after receiving ACI’s comments on the Procedures Manual. The final Procedures Manual shall be subject to the approval of ACI. Vendor shall periodically, but no less than semi-annually, update Procedures Manuals for all Service Towers to reflect changes in the operations or procedures described therein. Updates of the Procedures Manuals shall be provided to ACI for review, comment and approval. Vendor shall perform the Services in accordance with the Procedures Manuals. In the event of a conflict between the provisions of this Agreement and the Procedures Manuals, the provisions of this Agreement shall control. Until the Parties agree upon a Procedures Manual pursuant to this Section 10.5, Vendor will follow the ACI procedures which were in effect on the applicable Service Tower Commencement Date to the extent that such procedures have been provided to Vendor in writing.
10.6 Change Control.
(a) Technical Change Control.
(i) At all times ACI shall be responsible for establishing ACI’s IT architecture, standards and strategic direction; provided, however, that Vendor shall actively participate in and provide subject matter expertise to ACI as it establishes such IT architecture, standards and strategic direction. In performing the Services, Vendor shall conform with and shall support such architecture, standards and strategic direction in accordance with the technical change control procedures defined in this Section 10.6 and in the Procedures Manual.
(ii) Vendor shall be responsible for all Changes to ACI’s IT environment pertaining to the Services, including Changes to programs, Procedures Manuals, job control language statements, distribution parameters and schedules. Vendor shall comply with the following Change control requirements:
(A) Prior to using any new Systems Software or new Equipment to provide the Services, Vendor shall have verified that the item is (1) consistent with the IT architecture, standards and strategic direction specified by ACI, (2) has been properly installed, is operating in accordance with its specifications, (3) is performing its intended functions in a reliable manner, and (4) has been thoroughly tested and been proven compatible with and within ACI’s then-existing IT infrastructure environment.
(B) Vendor may make temporary Changes required by an emergency if, after making Commercially Reasonable Efforts, Vendor has been unable to contact an appropriate ACI
Confidential
Master Services Agreement

 

Page 27


 

Execution Copy
manager to discuss Vendor’s proposed actions. Vendor shall document and promptly report such emergency Changes to ACI, which Changes shall then be subject to ACI’s approval.
(C) Vendor shall not make the following Changes, including implementing a Change in technology, without first obtaining ACI’s approval, which such approval ACI may withhold in its discretion:
(1) a Change adversely affecting the function or performance of, or decreasing to any significant degree the resource efficiency of, the Services;
(2) a Change increasing ACI’s Charges under this Agreement or other costs or fees of ACI;
(3) a Change inconsistent with ACI’s physical or information security policies or procedures to the extent such policies or procedures have been provided to Vendor in writing and in advance;
(4) a Change impacting the safety or security of ACI personnel, resources or information;
(5) a Change inconsistent with the IT architecture, standards or strategic direction specified by ACI; or
(6) a Change impacting the way in which ACI conducts its business or operations which impact ACI considers to be adverse.
(D) Vendor shall move programs from development and test environments to production environments in a controlled, documented and auditable manner, so that no Changes are introduced into the programs during such activity, and with the full capability of restoring to the prior state until the programs have been established as fully operational.
(iii) Within ninety (90) days after the Effective Date, Vendor shall propose a detailed technical change control procedure, to be set forth in the Procedures Manual, detailing how Vendor will comply with the requirements set forth in this Section 10.6 and otherwise control Changes to ACI’s IT environment pertaining to the Services throughout the Term. Vendor shall incorporate comments or suggestions of ACI and shall finalize the technical change control procedure thirty (30) days after receiving ACI’s comments. The technical change control procedure may be used to identify the need for the Parties to amend this Agreement. ACI shall have the right to approve in advance any action or decision of Vendor materially affecting the provision of Services, including Equipment, Software and systems configuration. ACI shall have the right to set priorities in scheduling work. If, in accordance with the Procedures Manual, ACI requests a change in priorities, Vendor shall strive to accommodate the change without negatively impacting the Service Levels; if the Service Levels shall be impacted, Vendor shall notify ACI of the anticipated impact and the Parties shall agree on the approach to be taken.
(b) Contractual Change Control. In addition to the technical change control procedure, the Parties shall also implement a process for documenting and mutually agreeing to Changes to this Agreement that are intended to be minor, non-material modifications to this Agreement. To institute and implement such a process (the “Contractual Change Control Procedure”), the Parties shall use that procedure reflected in Schedule U (Change Control Procedure). Any modifications to this Agreement made pursuant to the Contractual Change Control Procedure shall (i) be by mutual agreement of the Parties, (ii) require appropriate executions by the Parties to evidence such agreement, and (iii) be deemed amendments to this Agreement.
Confidential
Master Services Agreement

 

Page 28


 

Execution Copy
(c) In determining whether the Charges should be adjusted as a result of a Change implemented pursuant to this Section 10.6, the Parties shall be guided by the following principles:
(i) To the extent and for so long as such a Change can be performed in accordance with the Service Levels without a material increase in the resources then being utilized by Vendor therefore and is not a New Service, there will be no adjustment to the Charges.
(ii) In the event such increase cannot reasonably be accommodated without a change in priorities or a material increase in the resources then being utilized by Vendor for the performance of the Services (and ACI so requests), Vendor and ACI will work together to adjust the Service Levels and priorities with respect to other Services being performed by Vendor so as to permit such Change to be implemented without an increase in Vendor’s Charges.
(iii) A Change that is required to cure a defective Deliverable or other Service default resulting from Vendors action or inaction will be provided at no additional Charge.
(iv) If such a Change cannot be implemented without an increase in the Charges, and ACI agrees to implement the Change, then, if such Change can be reasonably performed on a time and material basis, the increase in Charges shall be calculated using the applicable time and materials rates set forth in Exhibit C-1 (Base Charges, Baselines, ARC/RRC Rates and Termination Charges). If such work cannot be reasonably performed on a time and material basis, then the Change shall be implemented at a price to be mutually agreed to by the Parties in writing.
(v) To the extent that such a Change causes a reduction in the scope of the Services or priority of the Services that does not also cause a reduction in the Vendor resources then being utilized therefore, there will be no adjustment to the Charges.
(vi) If such a Change results in a reduction of the resources required by Vendor to perform the Services and that reduction is not reflected in the Charges through the Charges mechanism set forth in Schedule C (Charges), the Charges will be equitably adjusted by mutual written agreement of the Parties.
(d) Notwithstanding anything to the contrary contained herein, including this Section 10.6, no Change that would result in an increase to ACI’s Charges under this Agreement or to other costs or fees of ACI shall be implemented unless it has been approved, in advance and in writing, in accordance with Schedule U (Change Control Procedure).
10.7 Subcontracting.
(a) Except as and to the extent ACI may agree otherwise in writing, Vendor may subcontract its obligations under this Agreement only in accordance with the following:
(i) Except as set forth below, Vendor may not delegate or subcontract any of its responsibilities under this Agreement (including to Affiliates) without prior written approval of ACI, which ACI may withhold in its sole discretion. Prior to entering into a subcontract with a third party, Vendor shall give ACI not less than ten (10) Business Days’ prior written notice specifying the components of the Services affected, the scope of the proposed subcontract, and the identity and qualifications of the proposed subcontractor. Notwithstanding the foregoing or any other provision in this Agreement to the contrary, Vendor may, in the ordinary course of business and without notice to ACI, subcontract for any third-party service and/or product that (1) is not material to any function constituting a
Confidential
Master Services Agreement

 

Page 29


 

Execution Copy
part of the Services, and (2) does not result in a material change in the way Vendor conducts its business, provided such subcontract does not adversely affect ACI, whether in performance of or Charges for the Services or otherwise. Without limitation of the provisions set forth in Section 5.3, if ACI expresses concerns to Vendor about a subcontract covered by this Section 10.7(a)(i), Vendor shall discuss such concerns with ACI and work in good faith to resolve ACI’s concerns on a mutually acceptable basis.
(ii) ACI may request that Vendor use a particular subcontractor in certain limited circumstances in which case Vendor will attempt to use such proposed subcontractor unless Vendor persuades ACI that the use of such subcontractor would impair Vendor’s ability to satisfy the Service Levels or such use would cause a Vendor to breach an agreement. For purposes of clarity, Vendor Charges shall be equitably adjusted should the use of such ACI requested subcontractor cause Vendors costs to increase.
(iii) ACI shall have the right to revoke its prior approval of a subcontractor and direct Vendor to replace such subcontractor if the subcontractor’s performance is materially deficient, or there have been material misrepresentations by or concerning the subcontractor, or a subcontractor which at the time approved is a majority owned Affiliate of Vendor ceases to be such an Affiliate.
(b) Vendor shall remain responsible for obligations, services and functions performed by subcontractors to the same extent as if such obligations, services and functions were performed by Vendor employees (including requiring subcontractors to adhere to the standards applicable to Vendor and the policies and procedures then in effect, whether promulgated by ACI or Vendor) and for purposes of this Agreement such work shall be deemed Services performed by Vendor. Vendor shall be ACI’s sole point of contact regarding the Services performed by Vendor’s subcontractors, including with respect to payment. It is understood and agreed that, as between the Parties, Vendor shall be solely liable for all costs and payment obligations owed by Vendor to its subcontractors and third parties in connection with the Services.
(c) In addition to any other restrictions in this Agreement regarding confidentiality, Vendor shall not disclose ACI Confidential Information to a subcontractor unless and until such subcontractor has agreed in writing to protect the confidentiality of such Confidential Information in a manner substantially equivalent to that required of Vendor under this Agreement, and then only on a need-to-know basis.
(d) To the extent subcontractors, agents, representatives or other entities perform the Services, Vendor shall cause such entities to comply with the obligations and restrictions associated with the services, functions and responsibilities performed by such subcontractors, agents, representatives and other entities that are applicable to Vendor under this Agreement In addition, Vendor shall include in its subcontracts, as “flow-down” provisions, provisions substantially similar to the provisions of this Agreement relating to compliance with Applicable Laws; audit; confidentiality, security and Intellectual Property Rights of ACI; and each other provision which is necessary to assure that Vendor will fulfill its obligations under this Agreement. In addition, all documents (e.g., contracts) between Vendor and its subcontractors or other third parties relating to creative services shall contain a provision whereby the subcontractor transfers intellectual property rights to customer-developed materials to Vendor or Vendor’s customers.
(e) Vendor will, at ACI’s request, enforce the subcontracts as necessary to cause the subcontracted obligations to be fulfilled on Vendor’s behalf in accordance with this Agreement.
(f) Vendor shall exercise prudence and good business judgment in the selection and monitoring of performance of subcontractors. In the event of loss resulting from such failure of
Confidential
Master Services Agreement

 

Page 30


 

Execution Copy
performance by any subcontractor, the burden shall be on Vendor to show that it complied with the aforesaid standard of selection and monitoring of the subcontractor.
(g) ACI may request at any time, and Vendor shall provide within thirty (30) calendar days of such request, a listing of all Vendor employees, agents and subcontractors who are then performing Services under this Agreement, such listing to include basic information about each person including name, job title and basic job function with respect to the Services.
(h) Subcontractors as to which ACI has, as of the Effective Date, given the approvals required by this Section 10.7 are identified in Schedule N (Approved Subcontractors).
10.8 Technology Planning and Budgeting.
(a) Technology Plan. The Parties shall annually jointly prepare a technology plan in accordance with the provisions of this Section 10.8 (“Technology Plan”). The Technology Plan shall address the IT requirements of ACI’s activities and future opportunities to enhance delivery of Services and to reduce the costs of the Services through introduction of tools, procedures and other improvements into ACI’s IT environment (“Enhancement Activities”). Each Technology Plan after the first shall review and assess the immediately preceding Technology Plan. The Technology Plan shall consist of a three-year plan and an annual implementation plan as described below.
(b) Targeted Cost Savings. In addition to cost savings opportunities that apply generally to the Services to be discussed as a part of annual knowledge sharing and technology planning processes, the Parties intend to more closely examine on an annual basis specific aspects of the Services for cost savings opportunities. The Parties will identify cost saving opportunities for a selected Service Tower each year of the Term. The resulting plan shall outline the activities to undertake in order for ACI to realize the anticipated cost savings if ACI chooses to pursue such opportunity and any gainsharing by the Parties related to such anticipated cost savings. In each subsequent Contract Year, the Parties will undertake a similar process for another Service Tower (one Service Tower per Contract Year).
(c) Three-Year Plan. The Technology Plan shall include a comprehensive assessment and strategic analysis of ACI’s then-current IT systems related to the Services including the ACI IT Standards and an assessment of the appropriate direction for such systems and services for the next three (3) years in light of ACI’s business priorities and strategies and competitive market forces (to the extent such business information is provided by ACI to Vendor). The Technology Plan shall include:
(i) a specific identification of proposed software and hardware strategies and direction;
(ii) a cost/benefit analysis of any proposed Changes;
(iii) a general plan and a projected time schedule for developing and achieving the recommended elements;
(iv) the resulting impact on ACI information technology costs;
(v) a description of the types of personnel skills and abilities needed to respond to any recommended Changes or upgrades in technology;
Confidential
Master Services Agreement

 

Page 31


 

Execution Copy
(vi) the changes, if any, in the personnel and other resources required to operate and support the changed environment;
(vii) the expected performance, quality, responsiveness, efficiency, reliability, security risks and other service levels to be achieved based on the recommended strategies and directions; and
(viii) Any Enhancement Activities generally known within the information technology industry at the time of the particular Technology Plan which could be implemented into the Services on a long-term basis (i.e., during the term of the three-year Technology Plan) and an initial high-level benefits analysis with regard to such Enhancement Activities and the implementation of same.
(d) Annual Implementation Plan. As necessary to support the overall objectives and directions of the three-year plan, the annual implementation plan shall include information services requirements, plans, projects (which may include Projects) for the upcoming year, including details on operations, maintenance backlog and development activities. The annual implementation plan shall include a summary review of Vendor’s performance of the Services in the year then concluding, and shall provide updates and revisions of the three-year plan as appropriate. The annual implementation plan will also include any Enhancement Activities generally known within the information technology industry at the time of the particular annual technology plan which could be implemented into the Services on a short-term basis (i.e., during the term of the annual technology plan) and an initial benefits analysis with regard to such Enhancement Activities and the implementation of same. An annual implementation plan shall be prepared for each year of the Term. As part of the process for preparing the annual implementation plan, the Parties shall review the overall operation of this Agreement with regard to a determination of whether the Services are meeting ACI’s strategic IT requirements.
(e) Drafting Responsibility. Vendor shall submit to ACI a draft of the Technology Plan for ACI’s review and comment, which draft shall have been developed with input from key business users of ACI. Vendor shall submit the final Technology Plan to ACI for its approval within thirty (30) days of receiving ACI’s comments. The draft of the first Technology Plan shall be provided within six (6) months of the completion of Transition.
(f) Technology Plan Timing and Update. The schedule for developing and delivering each Technology Plan shall be coordinated to support ACI’s annual business planning cycle and the semi-annual senior management meeting described in Section 10.4(a)(iv). Vendor shall recommend modifications to the Technology Plan as it deems appropriate, and shall revise the Technology Plan as requested or approved by ACI. During Transition, an outline and the contents of the Technology Plan will be jointly developed by the Parties.
10.9 Quality Assurance and Improvement Programs.
As part of its total quality management process, Vendor shall provide continuous quality assurance and quality improvement through: (a) the identification and application of proven techniques and tools from other installations within its operations (i.e., “best practices”) that would benefit ACI either operationally or financially or ensure continued compliance with Applicable Vendor Laws; and (b) the implementation of concrete programs, practices and measures designed to improve Service Levels. Such procedures shall include checkpoint reviews, testing, acceptance and other procedures for ACI to confirm the quality of Vendor’s performance, and shall be included in the Procedures Manuals. Vendor shall utilize project management tools, including productivity aids and project management systems, as appropriate in performing the Services.
10.10   Management of Issues.
Confidential
Master Services Agreement

 

Page 32


 

Execution Copy
(a) Notwithstanding anything to the contrary contained in this Section 10.10, Vendor will proactively manage issues in a manner such that tasks required to be performed under this Agreement are performed in a timely manner. Each member of the Vendor Personnel is expected to promptly escalate an issue if the performance of any such Vendor Personnel member’s obligation is directly impacted by the failure of ACI or an ACI agent to perform a prerequisite task. Vendor will not have met its obligation with respect to the hindered task unless and until the ACI Contract Executive has been notified of such failure to perform, but only to the extent ACI’s ability to cure its failure is prejudiced by Vendor’s delay or failure in escalating the applicable issue.
(b) If ACI, a ACI Affiliate or a ACI agent fails to perform any of its responsibilities set forth in Schedule L (Transition and Transformation), Schedule A (Statement of Work) or operational responsibility set forth in connection with a Project, Vendor will be excused from the performance of Vendor’s obligation that is adversely affected by such failure to the extent and only for so long as ACI’s failure is the direct cause of Vendor’s non-performance, but only (i) if Vendor promptly notifies the ACI Contract Executive of such failure, (ii) if, after notifying the ACI Contract Executive, ACI fails to promptly rectify such failure; and (iii) with respect to such specific obligations for which no reasonable workaround exists.
11. AUDITS, RECORD RETENTION
11.1 Intentionally left blank.
11.2 Audit Rights.
(a) Vendor shall maintain a complete record of all financial transactions and customary records of non-financial transactions resulting from this Agreement. Vendor shall provide to ACI and ACI’s Affiliates and its and their auditors (including the internal audit staff of ACI and ACI’s external auditors), inspectors, regulators and other representatives who are not Vendor Competitors as ACI may from time to time designate in writing and who agree in writing to substantially the terms and conditions set forth in Schedule M (Vendor Confidentiality Agreement), access at all reasonable times (and in the case of regulators at any time required by such regulators), and upon at least five (5) Business Days notice (or a shorter period of time as may be required by Applicable Law or entities that regulate ACI), to any facility or part of a facility at which either Vendor or any of its subcontractors is providing any portion of the Services (subject to Vendor’s and its subcontractors standard security rules for such facility), to Vendor Personnel, and to data and records relating to the Services excluding: (x) attorney-client privileged information; (y) Vendor internal audit reports of Vendor’s activities (provided that Vendor shall provide summaries of such audits that are prepared by the person that produced the original audit report); and (z) cost data (other than where the Agreements specifies that cost or cost plus is the basis for determining the Charges), for the purpose of performing audits and inspections of either Vendor or any of its subcontractors during the Term and for the period Vendor is required to maintain records hereunder. The purpose of such audits will be to:
(i) verify the accuracy of Charges and invoices, and the inventory of ACI supplies and other ACI assets, if any;
(ii) verify the confidentiality, integrity and accessibility of ACI Data and examine the systems that process, store, support and transmit that data;
(iii) verify that Vendor and ACI are in compliance with their respective obligations under Article 22; and
Confidential
Master Services Agreement

 

Page 33


 

Execution Copy
(iv) examine Vendor’s performance of the Services and conformance to the terms of this Agreement including, to the extent applicable to the Services and to the Charges therefore, performing audits:
(A) of practices and procedures;
(B) of systems, Equipment and Software;
(C) of supporting information and calculations regarding compliance with Service Levels;
(D) of general controls and security practices and procedures;
(E) of disaster recovery and back-up procedures;
(F) of the efficiency of Vendor in performing the Services; and
(G) as necessary to enable ACI to meet, or to confirm that Vendor is meeting, applicable regulatory and other legal requirements.
ACI shall not use auditors engaged on a contingency fee basis to perform audits under this Section 11.2. If an audit by or on behalf of ACI hereunder shows any matter that may adversely affect ACI, ACI shall notify Vendor of such matter and Vendor shall provide ACI with a detailed plan to remedy such matter within ten (10) Business Days after Vendor’s receipt from ACI of the final audit report. Vendor will then immediately proceed to implement the remediation plan and correct such matters.
(b) If, as required by Section 10.7(d), Vendor is unable to include substantially similar audit-related provisions in a subcontract, or audit provisions that are at least as protective of ACI, Vendor shall disclose such inability in connection with requesting ACI’s consent to use such subcontractor. Without limiting the generality of the foregoing, the audit rights with respect to contracts assigned by ACI to Vendor shall be as set forth in such contracts.
(c) In addition but subject to the procedures described in (a) above, Vendor shall provide information sufficient to allow ACI or a designated third party who is not a Vendor Competitor to ensure that current server packs, patches and firmware are in place for Equipment Vendor has refresh responsibility. Vendor will also permit ACI or its Affiliates (or its and their auditors who are not Vendor Competitors) to audit compliance with laws and regulations and any IT general controls, including the Change Control Procedure, Network security, logical security, computer operations, backup and recovery and disaster recovery.
(d) Vendor and ACI shall meet and review each audit report promptly after its issuance, and, as part of such meeting, Vendor shall provide responses to ACI on the issues in such audit report. Vendor shall provide to ACI’s auditors, inspectors, regulators and representatives the reasonable assistance they require, including installing and operating audit software to the extent such assistance is during Business Hours and does not materially interfere with Vendors ability to perform its obligations under the Agreement. Vendor shall notify ACI if the assistance required, including installation of any audit software would materially and adversely affect Vendor’s ability to meet the Service Levels. After receiving such notice, ACI shall either alter its request or temporarily waive the Service Levels that would be adversely affected. Vendor shall cooperate fully with ACI and its designees in connection with audit functions and with regard to examinations by regulatory authorities.
Confidential
Master Services Agreement

 

Page 34


 

Execution Copy
(e) Vendor agrees to promptly provide ACI and its auditors with all reasonable cooperation and information that may be required in connection with any audits conducted by ACI’s or its Affiliates’ customers that pertain to the Services.
(f) With respect to any change management or benchmarking adjustment proposed by Vendor, or any proposed adjustment offered by Vendor in connection with an Extraordinary Event, New Service or ACI’s withdrawal of Services under Section 3.6(b) (each, an “Adjustment”), if ACI disputes such Adjustment, in addition to any other rights that ACI has under this Agreement, ACI may retain an independent third party (which may include ACI’s internal auditors or outside auditors) to audit Vendor’s or any of its subcontractor’s charges and costs (where the Agreement specifies that cost or cost plus is the basis for determining the charges) associated with such Adjustment; provided (i) such independent third party shall execute a nondisclosure agreement with both Parties containing confidentiality and nondisclosure terms substantially similar to those set forth in this Agreement, and (ii) such independent third party may not disclose Vendor’s or any of its subcontractor’s charges and costs (where the Agreement specifies that cost or cost plus is the basis for determining the charges) associated with such Adjustment to ACI, but may provide sufficient information to ACI to enable ACI to assess the validity of such Adjustment. Vendor shall maintain, and shall cause its subcontractors to maintain, sufficient records to permit such independent third party to conduct such audits, and shall provide such independent third party with reasonable access to its and each of its subcontractor’s records for the purpose of performing such audits. Vendor shall provide its full cooperation and assistance as is reasonably requested by such independent third party.
11.3 Vendor Internal Controls.
(a) Vendor agrees that, beginning no sooner than eight (8) months following completion of Transition, each calendar year during the Term, it will have one of the “big four” accounting firms (“Auditors”) conduct, at Vendor’s expense, at least one SAS 70 Type II Audit in Vendor’s shared delivery center in North America at or from which the Services are provided. Vendor shall provide ACI with one copy of each applicable audit report resulting from such SAS 70 Type II Audit (“SAS 70 Type II Report”) at no charge. To the extent ACI provides reasonable notice and requests that, in addition to the SAS 70 Type II Audit described in the preceding sentence, Vendor conducts a ACI-specific SAS 70 Type II Audit, Vendor shall do so at ACI’s expense (provided, Vendor notifies ACI of such expense, obtains ACI’s approval and uses Commercially Reasonable Efforts to minimize such expense).
(b) Vendor or an independent third party shall perform a security and controls audit at least annually. This audit shall test the compliance to the agreed-upon security standards, procedures as reflected in Schedule A (Statement of Work) and the other requirements in this Agreement. If the audit shows any material matter that may adversely affect ACI, Vendor shall disclose such matter to ACI and prepare a detailed plan to remedy such matter within thirty (30) Business Days of completion of the audit. If the audit does not show any matter that may adversely affect ACI, Vendor shall provide the audit or a reasonable summary thereof within ten (10) Business Days of audit completion to ACI. Any such summary may be limited to the extent necessary to avoid a breach of Vendor’s security by virtue of providing such summary. ACI may use a third party or its internal staff for an independent audit. If ACI chooses to conduct its own security audit, such audit shall be at ACI’s expense.
11.4 Audit Follow-up.
(a) Following an audit or examination, ACI may conduct (in the case of an internal audit), or request its external auditors or examiners to conduct, an exit conference with Vendor to obtain factual concurrence with issues identified in the review.
Confidential
Master Services Agreement

 

Page 35


 

Execution Copy
(b) Vendor shall promptly make available to ACI SAS 70 Type II Reports to the extent such reports are performed or available as reflected in Section 11.3(a).
(c) Vendor will promptly remediate any audit issues arising in SAS 70 Type II Reports that impact or are reasonably likely to impact ACI or the Services in accordance with the remediation process described in Section 11.2(a).
11.5 Records Retention.
Until the latest of (a) seven (7) years after expiration or termination of this Agreement; (b) all pending matters relating to this Agreement (e.g., disputes) are closed; or (c) the information is no longer required to meet ACI’s records retention policy as such policy may be adjusted from time to time and communicated in writing to Vendor, Vendor shall maintain and provide access upon reasonable request to the records, documents, and other information required to meet ACI’s audit rights under this Agreement. Before destroying or otherwise disposing of such information, Vendor shall provide ACI with not less than sixty (60) days prior written notice and offer ACI the opportunity to recover such information or to request Vendor to deliver such information to ACI.
11.6 Discovery of Overcharge of ACI.
If an audit shows that Vendor has overcharged ACI in the current contract year and/or previous calendar year, at ACI’s option, Vendor shall either credit to ACI’s account or pay to ACI directly an amount equal to the amount of the overcharge plus interest at the prime rate calculated from the date the overcharge was paid by ACI to Vendor. For the purposes of this Section 11.6, the prime rate shall be the rate set forth in the Wall Street Journal, New York edition, “Money Rates” section (or any successor thereto) at the time of such audit. If an audit shows that Vendor overcharged ACI by more than five (5) percent of the Charges, net of any undercharges identified in the audit, then Vendor shall also pay ACI an amount equal to the cost of the portion of the audit related to such overcharges discovery. If any such audit reveals an undercharge by Vendor in the Charges for a particular Charges category, ACI shall promptly pay to Vendor the amount of such undercharge plus interest at the prime rate calculated from the date the undercharge should have been paid to Vendor.
12. ACI RESPONSIBILITIES
ACI shall have no other responsibilities than those expressly set forth in this Agreement (including any reflected in any Schedules, Exhibits or Attachments to this Agreement). Those responsibilities include the following:
(a) ACI shall designate one (1) individual to whom Vendor may address all Vendor communications concerning this Agreement and all activities pursuant to it (the “ACI Contract Executive”).
(b) ACI shall cooperate with Vendor, including by making available management decisions, information, approvals and acceptances, as reasonably requested by Vendor so that Vendor may accomplish its obligations and responsibilities under this Agreement. The ACI Contract Executive or its designee shall be the principal point of contact for obtaining such decisions, information, approvals and acceptances. Only personnel as expressly so designated by the ACI Contract Executive shall be authorized to make commitments on the part of ACI that amend this Agreement or commit resources that are subject to a Resource Volume Baseline. To the extent Vendor relies on the apparent authority of other personnel, it does so at its own risk and without obligation on ACI’s part.
Confidential
Master Services Agreement

 

Page 36


 

Execution Copy
13. CHARGES
13.1 General.
The charges for the Services (“Charges”) are set forth in this Agreement. ACI shall not be required to pay Vendor any amounts for the Services in addition to those set forth in this Agreement.
13.2 Pass-Through Expenses.
(a) “Pass-Through Expenses” shall mean third-party charges paid by Vendor and reimbursed (without markup or administrative charge of any kind) by ACI. Pass-Through Expenses agreed by the Parties as of the Effective Date are set forth in Schedule C (Charges). Additional Pass-Through Expenses may be agreed by the Parties through the Change Control Procedure.
(b) Vendor shall use Commercially Reasonable Efforts to minimize the amount of any particular Pass-Through Expense. With respect to services or materials paid for on a Pass-Through Expenses basis, ACI reserves the right to:
(i) obtain such services or materials directly from one or more third parties;
(ii) subject to Section 10.6, designate the third-party source for such services or materials;
(iii) designate the particular services or materials (e.g., equipment make and model) Vendor shall obtain (although if Vendor demonstrates to ACI that such designation shall have an adverse impact on Vendor’s ability to meet the Service Levels, such designation shall be subject to Vendor’s reasonable approval);
(iv) designate the terms for obtaining such services or materials (e.g., purchase or lease and lump sum payment or payment over time);
(v) require Vendor to identify and consider multiple sources for such services or materials or to conduct a competitive procurement; and
(vi) review and approve the applicable Pass-Through Expenses before entering into a new contract for particular services or materials.
13.3 Incidental Expenses.
Except as may be otherwise provided in this Agreement, expenses that Vendor expects to incur in performing the Services (including travel and lodging, document reproduction and shipping, and long-distance telephone) are included in Vendor’s Charges and rates set forth in this Agreement. Accordingly, such Vendor expenses are not separately reimbursable by ACI unless, on a case-by-case basis for unusual expenses, ACI has agreed in advance and in writing to reimburse Vendor for the expense. Notwithstanding the above or any other provision in this Agreement to the contrary, Vendor shall use Commercially Reasonable Efforts to minimize any expenses that ACI is required or elects to pay under this Agreement. Vendor agrees that any such expenses will be invoiced to ACI without markup.
13.4 Taxes.
Confidential
Master Services Agreement

 

Page 37


 

Execution Copy
(a) Each Party shall be responsible for any personal property taxes on property it owns or leases, for franchise and privilege taxes on its business, and for taxes based on its net income or corporate level gross receipts.
(b) Vendor shall be responsible for any sales, use, excise, value-added, services, consumption or other taxes and duties payable by Vendor on the goods or services used or consumed by Vendor in providing the Services where the tax is imposed on Vendor’s acquisition or use of such goods or services and the amount of tax is measured by Vendor’s costs in acquiring such goods or services. ACI shall be responsible to pay to Vendor, or reimburse Vendor for the payment of, and Vendor shall be responsible for the collection and remittance of, any and all sales, use, excise, value-added, services, consumption and other taxes imposed or assessed on the Charges or the provision of the Services provided by the Vendor after the Effective Date. Vendor and ACI shall agree on the appropriate method for invoicing the Services to be certain to capture only those Services subject to tax and the appropriate tax rate. If and to the extent any such tax is increased, reduced or eliminated during the Term, Vendor shall adjust the amounts invoiced to ACI to fully reflect the increase, reduction or elimination of such tax. If new or higher taxes thereafter become applicable to the Services as a result of Vendor moving all or part of its operations to a different Service Location (for example, Vendor relocating performance of Services to a shared service center or subcontracting any portion of the Services), Vendor shall (i) specify the tax rate that applies to the new Service Location on all subsequent invoices, and (ii) reimburse ACI for any incremental taxes that arise from the move to the new Service Location.
(c) If any sales, use, excise, value added, services, consumption or other tax is assessed on the provision of any of the Services, the Parties shall work together to segregate the payments of such taxes under this Agreement into three (3) payment streams:
(i) those for taxable Services;
(ii) those for which Vendor functions merely as a payment agent for ACI in receiving goods, supplies or services (including leasing and licensing arrangements); and
(iii) those for other nontaxable Services, including those Services and related Equipment sales that qualify under the exemption of outsourcing.
(d) Each Party shall provide and make available to the other any direct pay or resale certificates, information regarding out-of-state or out-of-country sales or use of Equipment, materials or services, and other exemption certificates or information reasonably requested by the other Party.
(e) The Parties agree to cooperate with each other to enable each to more accurately determine its own tax liability and to minimize such liability to the maximum extent legally permissible. Unless ACI has provided Vendor with tax-exemption, direct pay or resale certificates, Vendor’s invoices shall separately state the amounts of any taxes Vendor is collecting from ACI, and Vendor shall remit such taxes to the appropriate authorities.
(f) Each Party shall promptly notify the other Party of, and cooperate with, such other Party regarding the response to and settlement of, any claim for taxes asserted by applicable taxing authorities for which it is responsible hereunder.
(g) If ACI reasonably requests Vendor, timely and in writing, and with appropriate legal authority, to challenge the imposition of any tax, Vendor shall do so in a timely manner and ACI shall reimburse Vendor for the reasonable legal fees and expenses it incurs.
Confidential
Master Services Agreement

 

Page 38


 

Execution Copy
(h) Each Party shall be entitled to any tax refunds or rebates (and related interest) granted to the extent such refunds or rebates are of taxes that were paid by such Party.
13.5 Extraordinary Events.
(a) An “Extraordinary Event” means a circumstance in which ACI experiences a significant change in the scope or nature of its business (e.g. changes to the locations where the ACI operates, changes in the ACI’s products or markets, mergers, acquisitions or divestitures involving ACI, changes in the ACI’s method of service delivery, changes in the ACI’s market priorities) that is expected by ACI to vary from the applicable Charges at applicable Resource Volumes Baselines for at least three (3) consecutive months by more than plus or minus thirty-five percent (+/-35%) provided that any such decrease is not due to ACI resuming provision of the Services itself or transferring provision of the Services to another service provider.
(b) Upon the occurrence of an Extraordinary Event, and at ACI’s request, the Parties shall negotiate in good faith with regard to the adjustment of Vendor’s Charges and resources (including Baselines, Monthly Base Charges, ARCs, RRCs and other rates as appropriate) as well as any other impacted terms and conditions of this Agreement. For the avoidance of doubt, either Party may notify the other that an Extraordinary Event has occurred.
(c) If within thirty (30) days following a Party’s notice of the occurrence of an Extraordinary Event, the Parties have not agreed upon the foregoing, then either Party may submit the issue to dispute resolution under Article 20. Unless and until the Parties have agreed on the adjustment contemplated in paragraph (b) above, Vendor will continue to perform, and ACI will continue to pay, in accordance with the terms and conditions of this Agreement as applicable before the Extraordinary Event.
13.6 New Services.
Services that are materially different from, or in addition to, the Services, but for which there is no charging methodology, or which the existing charging methodology was not intended to cover (e.g., start-up expenses) shall be considered “New Services.” The Parties’ obligations with respect to New Services shall be as follows:
(a) If the performance of the New Services can be reflected in a change in the volume of chargeable resource usage, and the net change in the resources and expenses required to perform the New Services would not be disproportionately different from the corresponding change in the volume or composition of such chargeable resource usage from performing such New Services, then the charge, if any, for such New Services shall be determined pursuant to Schedule C (Charges), this Section 13.6 and the other Sections of this Agreement relating to New Services. The New Services shall then be considered Services and shall be subject to the provisions of this Agreement. In addition, the Parties may work together to re-prioritize certain then existing Services and/or Service Levels in order to determine if, by such re-prioritization of existing work or Service Levels, Vendor could accommodate the ACI requested New Services with the then current account staff, Equipment, Software and other related items. If Vendor determines, in its reasonable discretion, that it could accommodate such New Services, such New Services shall become Services without the necessity of an added charge so long as such accommodation does not jeopardize the performance by Vendor of any other of the Services at the Service Levels.
(b) If the performance of the New Services cannot be reflected in a change in the volume of chargeable resource usage, or if the net change in the resources and expenses required to perform the New
Confidential
Master Services Agreement

 

Page 39


 

Execution Copy
Services would be disproportionately different from the corresponding change in the volume or composition of chargeable resource usage from performing such New Services, then:
(i) Vendor shall quote to ACI a charge (which may be variable) for such New Services that is competitive with the charge Vendor provides for similar services to its other customers. Such charges shall take into account, as applicable, resources and expenses of Vendor for then-existing portions of the Services that would no longer be required if the New Services would be performed by Vendor; and
(ii) upon receipt of such quote, ACI may then elect to have Vendor perform the New Services, and the Charges under this Agreement shall be adjusted, if appropriate, to reflect such New Services. If ACI so elects, such New Services shall be subject to the provisions of this Agreement.
(c) If the Parties cannot agree upon the pricing applicable to a New Service that, although materially different from the Services, is still closely related to the Services then being provided by Vendor, ACI nonetheless desires Vendor to perform such New Service, then upon ACI’s written instruction to proceed, Vendor shall begin performance of such New Service and, until that time when ACI and Vendor can agree on the applicable charge for the New Service, Vendor will provide such New Service at the applicable time and materials rates reflected in Exhibit C-1 (Base Charges, Baselines, ARC/RRC Rates and Termination Charges). If within sixty (60) days following ACI’s written instruction to proceed, the Parties have not agreed on the applicable charges for the New Service, then the Charges will be determined as provided under Section 20.1(a).
(d) ACI may in its discretion elect to solicit and receive bids from, or otherwise enter into agreements with, third parties to perform or to perform itself any New Services. If ACI so elects, Vendor shall cooperate at no charge with ACI and the third parties with respect to the provision of such New Services.
(e) Evolution, supplements, modifications, enhancements and replacements of the Services required by Section 3.3 above shall not be deemed to be New Services.
(f) With regard to Production Mainframe and Hosting Services which may be required by ACI in the future to provide market competitive service offerings to their external clients, the Parties agree that Vendor will provide market competitive pricing.
13.7 Benchmarks for Cost of Services.
(a) Beginning in the second Contract Year and up to once in each Contract Year thereafter, ACI may benchmark the Services within a Services Tower. If ACI notifies Vendor in writing that it elects not to exercise its right to perform a benchmarking within the twelve (12) month period following such notice, ACI will receive a credit of $200,000.00 on the next invoice following the notice. Once such a credit has been paid, a benchmark may not be initiated during the applicable twelve (12) month period.
(b) A benchmarking under this Section 13.7 shall be conducted by an independent industry-recognized benchmarking service provider designated by ACI from the list of approved benchmarkers attached hereto as Schedule O (Approved Benchmarkers) (the “Benchmarker”), which list the Parties will update under the Contract Change Control Procedure from time to time as necessary to reflect changes in the industry. The Parties shall be jointly responsible for the fees of the Benchmarker. The Benchmarker shall execute a confidentiality agreement in substantially the form set forth in Schedule M (Vendor Confidentiality Agreement). The Benchmarker’s compensation shall not be contingency fee based. The Parties shall cooperate with the Benchmarker, including, as appropriate, making available knowledgeable
Confidential
Master Services Agreement

 

Page 40


 

Execution Copy
personnel and pertinent documents and records. Notwithstanding the preceding sentence, the Benchmarker shall not have access to any proprietary data other than pricing information, or data related to another Vendor customer. The Benchmarker may not use any information provided by either Vendor or ACI for any purpose other than conducting the benchmark study hereunder, unless such use is expressly agreed to in writing by Vendor and ACI.
(c) The Benchmarker shall perform the benchmarking in accordance with Benchmarker’s documented procedures, which shall be provided to the Parties prior to the start of the benchmarking process. The Benchmarker shall, separately as to each Service Tower benchmarked, compare the aggregate Charges under this Agreement for the Services being benchmarked to the aggregate charges (for services similar to those in that Service Tower) being incurred in a representative sample of outsourced IT operations by or for other entities. The Benchmarker shall select the representative sample from entities (i) identified by the Benchmarker and approved by the Parties, or (ii) identified by a Party and approved by the Benchmarker. The following conditions apply to the representative sample: (A) it shall include no more than eight (8) entities and no less than four (4) entities and (B) it may include entities that are outsourcing customers of Vendor.
(d) The Benchmarker is to conduct a benchmarking as promptly as is prudent in the circumstances. In conducting the benchmarking, the Benchmarker shall normalize the data used to perform the benchmarking to accommodate, as appropriate, differences in volume of services, scope of services, service levels, financing or payment streams, service window coverage, geographic scope, Vendor’s upfront costs, the overall financial structure of the agreement, sophistication of the underlying technology, contract terms and conditions (to the extent available), other factors unique to ACI’s and the comparison contract’s requirements, and other factors the Benchmarker views to be pertinent. Each Party shall be provided a reasonable opportunity to review, comment on and request changes in the Benchmarker’s preliminary findings. Following such review and comment, the Benchmarker shall issue a final report of its findings and conclusions.
(e) If in the final report of the Benchmarker, the Charges to ACI under this Agreement for the benchmarked Services are in the aggregate within five (5) percent of the average of the representative sample then no adjustment shall be made to Vendor’s Charges. If in the final report of the Benchmarker, the Charges to ACI under this Agreement for the benchmarked Services are in the aggregate between five (5) percent and (10) percent higher than the average of the representative sample, then the relevant Charges for the Services shall be reduced to the average of the representative sample for each percent above five (5) percent, effective thirty (30) days after the initial date of delivery of the benchmark results provided however, the Vendor’s Charges shall not be reduced by more than five (5) percent of the Charges payable for the particular Service Tower benchmarked. For example, if in the final report of the Benchmarker, the Charges to ACI under this Agreement for the benchmarked Services are in the aggregate seven (7) percent higher than the average of the representative sample, then the Vendor Charges payable for the particular Service Tower would be reduced by two (2) percent. If in the final report of the Benchmarker, the Charges to ACI under this Agreement for the benchmarked Services are in the aggregate more than ten percent (10%) greater than the average of the representative sample then (A) the relevant Vendor Charges payable for the particular Service Tower would be reduced by five (5) percent effective thirty (30) days after the initial date of delivery of the benchmark results and (B) the Vendor shall promptly offer an alternative proposal for the ACI’s consideration for further adjustments to either the scope of the Services, Service Levels or Charges.
(f) Without limiting the generality of the foregoing, the foregoing proposal may include Changes to the method, manner or quality of the Services to the extent Vendor can demonstrate the Changes were not already reflected in the benchmark. Vendor then shall implement the agreed plan for the benchmarked Services in the designated period of time.
Confidential
Master Services Agreement

 

Page 41


 

Execution Copy
(g) If Vendor (A) fails to develop promptly and implement a plan to adjust its Charges in accordance with paragraph (i) above, or (B) fails to adjust its Charges in accordance with the plan in the required time period, then ACI may terminate the benchmarked Services or any portion thereof without the payment of any Termination Charges, other than payment of the Wind Down Expenses for the affected Services, by giving Vendor at least sixty (60) days’ prior notice. In the case of termination by ACI of Services in accordance with this Section 13.7, the Charges payable under this Agreement for continuing Services shall be equitably adjusted to reflect the removal of the Services that are terminated.
(h) In no event shall Charges be increased based on the results of a benchmarking process.
14. INVOICING AND PAYMENT
14.1 Invoicing.
(a) Vendor shall invoice ACI for all Charges due under this Agreement in the manner reflected in this Section 14.1. Monthly Base Charges, as defined in Schedule C (Charges), shall be invoiced on or before the tenth (10th) day of each month in which the Services which are the subject of the Monthly Base Charges are performed with payment due to Vendor on or before the last day of the month; provided however, if such invoice is received after the tenth (10th) day of the month, payment for such invoice shall be due to Vendor within thirty (30) days of the invoice receipt date. ARCs, RRCs and any other variable Charges that are in addition to the Monthly Base Charges for a month will be invoiced on a monthly basis but will be invoiced on the following month’s invoice.
(b) To the extent a credit is due ACI pursuant to this Agreement, Vendor shall provide ACI with an appropriate credit against Charges then due and owing in the next monthly invoice; if no further payments are due to Vendor, Vendor shall pay such amounts to ACI within thirty (30) days.
(c) Vendor shall render a single, consolidated, monthly invoice for each month’s Charges, showing the details specified in Exhibit C-3 (Form of Invoice) including details necessary to satisfy ACI’s accounting and chargeback requirements in accordance with Section 3.2(b). Such invoice shall separately identify Pass-Through Expenses for the month (if any), Charges prepaid by ACI, the number of hours allocated to Projects, broken out by Project and indicating, as applicable, (i) where Project pool resources are drawn down (as described in Schedule C (Charges)) and (ii) where additional Charges (other than the Monthly Base Charges) have been incurred, and the amounts of any taxes Vendor is collecting from ACI. Vendor shall include with the invoice the calculations utilized to establish the charges in sufficient detail to enable ACI to confirm the accuracy of the Charges included in the invoice. The form of invoice is included as Exhibit C-3 (Form of Invoice). If Vendor fails to provide an invoice to ACI for any amount within one calendar year after the date on which the Services in question are rendered or the expense incurred, Vendor shall waive any right it may otherwise have to invoice for and collect such amount.
14.2 Payment Due.
Subject to the other Sections of this Agreement, undisputed Charges on invoices submitted to ACI shall be due and payable by ACI as specified in 14.1(a). Such payments will be made by ACI by electronic funds transfer. If a due date does not fall on a Business Day, payments must be received by Vendor on or before one (1) Business Day after such date. Subject to Section 14.8, any undisputed Charges not paid within five (5) days of when they are due will bear interest until paid at a rate of interest equal to the lesser of: (i) one percent per month of such outstanding amount per every thirty days or portion thereof or; (2) the maximum rate of interest allowed by Applicable Law calculated from the date payment was due.
Confidential
Master Services Agreement

 

Page 42


 

Execution Copy
14.3 Accountability.
Vendor shall maintain complete and accurate records of and supporting documentation for the Charges billable to and payments made by ACI under this Agreement in accordance with generally accepted accounting principles applied on a consistent basis. Vendor shall provide ACI with documentation and other information with respect to each invoice as may be reasonably requested by ACI to verify accuracy and compliance with the provisions of this Agreement.
14.4 Pro-ration.
Charges occurring on a periodic basis under this Agreement are to be computed on a calendar month basis, and shall be prorated for any partial month.
14.5 Prepaid Amounts.
Where ACI has prepaid for a service or function for which Vendor is assuming financial responsibility under this Agreement, upon either Party identifying the prepayment, Vendor shall refund to ACI that portion of such prepaid expense that is attributable to periods on and after the applicable Service Tower Commencement Date on the next monthly invoice. Upon Vendor’s request and as a condition to Vendor’s obligation, ACI shall provide substantiation and documentation of any prepaid expense for which it believes it is entitled to credit hereunder.
14.6 Refunds and Credits.
If Vendor receives a refund, credit or other rebate for goods or services previously paid for by ACI, Vendor shall promptly notify ACI of such refund, credit or rebate and shall promptly credit the full amount of such refund, credit or rebate, as the case may be, to ACI on the next monthly invoice; provided that Vendor will make payment in lieu of such a credit if requested by ACI.
14.7 Deduction.
ACI shall have the right to deduct from Charges owed by ACI to Vendor under this Agreement any amount (i) not in dispute between the Parties, (ii) that ACI has notified Vendor in writing of, on or before the payment due date, and (iii) that Vendor is obligated to pay to or credit to ACI.
14.8 Disputed Charges.
Subject to ACI’s right of deduction under Section 14.7, ACI shall pay undisputed Charges when those payments are due. ACI may withhold invoiced amounts that ACI disputes in good faith subject to the limits specified herein and pursuant to the following procedures:
(i) After receipt of an invoice from Vendor, but prior to the date on which payment for such invoice is due, ACI shall give written notice to Vendor of its intent to dispute and reasons for disputing such invoice.
(ii) Unless Vendor gives ACI written notice of Vendor’s agreement as to ACI’s position by the payment date for such invoice, ACI shall pay the disputed invoice upon the due date.
(iii) Vendor shall have thirty (30) days from the date of ACI’s notice to cure any breach or otherwise resolve the issue related to the dispute. If Vendor is unable to cure the breach or otherwise
Confidential
Master Services Agreement

 

Page 43


 

Execution Copy
resolve the issue within thirty days, ACI may withhold the disputed amount from the next month’s payment
If any portion of an invoice is subject to a bona fide dispute between the Parties, ACI may withhold the amount ACI disputes in good faith, directly attributable to such dispute, up to twenty (20) percent of the Monthly Base Charge each month, not to exceed, in the aggregate, the Monthly Base Charge for one months. ACI’s payment of invoiced amounts shall not constitute a waiver by ACI of any right or remedy available to it at law or equity or this Agreement, including any right ACI may have to dispute (or recover) such amounts. Any dispute regarding payment shall be resolved in accordance with the Dispute Resolution Process in Section 20 below. In the event the dispute is resolved in Vendor’s favor, interest (at the rate reflected in Section 14.2) will be due and owing accruing back to the date that is five (5) days after the date such amount would have been due as an undisputed amount.
15. SAFEGUARDING OF DATA; CONFIDENTIALITY
15.1 General.
(a) ACI Confidential Information shall be and remain, as between the Parties, the property of ACI. Vendor shall not possess or assert any lien or other right against or to ACI Confidential Information. ACI Confidential Information shall not be:
(i) used by Vendor other than in connection with providing the Services;
(ii) disclosed, sold, assigned, leased or otherwise provided to third parties by Vendor, other than as permitted in this Agreement; or
(iii) commercially exploited by or on behalf of Vendor.
(b) ACI Confidential Information shall not be utilized by Vendor for any purpose other than that of rendering the Services under this Agreement.
15.2 Safeguarding ACI Data.
Vendor shall establish and maintain safeguards against the destruction, loss or alteration of ACI Data in the possession of Vendor which are no less rigorous than those implemented and in use by ACI as of the Effective Date, to the extent such safeguards are made known to Vendor, either through documented security policies provided by ACI (“ACI Information Security Requirements”) and in no event less rigorous than the safeguards employed by Vendor to protect its own confidential information. Vendor will comply with Changes in the ACI Information Security Requirements as soon as reasonably practicable after such Changes have been provided to Vendor, subject to ACI’s payment of additional Charges, if any, determined to be payable with respect to such Change under the Change Control Procedure. Vendor shall make no Changes to ACI’s safeguards unless agreed by ACI. Vendor shall maintain such safeguards until the Security Plan (as defined below) becomes effective.
(a) Within three (3) months of the completion of Transition, and annually thereafter as part of the technology planning process described in Section 10.8, Vendor shall provide ACI with a security plan (the “Security Plan”) describing upgrades to ACI’s data security procedures and the related infrastructure for ACI Data in the possession of Vendor necessary to bring such procedures and infrastructure into compliance with the standards the Parties agree are appropriate for ACI, which at a minimum will include any then-current ACI Information Security Requirements. Vendor shall implement the initial Security Plan and each annual plan thereafter. Any Changes to the Services as a result of
Confidential
Master Services Agreement

 

Page 44


 

Execution Copy
upgrades to the Security Plan shall be implemented by Vendor, subject to ACI’s payment of any Charges therefore agreed by the Parties in accordance with the Change Control Procedure.
(b) If ACI requests enhancements that are not necessary to satisfy either the safeguards maintained by ACI as of the Effective Date, or the requirements of any Security Plan agreed upon by the Parties, Vendor shall implement such improvements as a New Service, except that any additional disaster recovery measures or safeguards reasonably deemed by ACI to be necessary to protect any Personally Identifiable Information shall be subject to the Change Control Procedure. ACI shall have the right to establish backup security for data and to keep backup data and data files in its possession if it chooses.
(c) Vendor Personnel shall not attempt to access, or allow access to, any ACI Data which they are not permitted to access under this Agreement. If such access is attained (or is reasonably suspected), Vendor shall promptly report such incident to ACI, describe in detail the accessed ACI Data, and if applicable return to ACI any copied or removed ACI Data.
(d) The systems security measures required under Sections 15.2(a) and 15.2(b) shall include, any System Software which:
(i) requires all users to enter a user identification and password prior to gaining access to the information systems;
(ii) controls and tracks the addition and deletion of users; and
(iii) controls and tracks user access to areas and features of the information systems.
(e) ACI Data (i) shall not be used by Vendor other than pursuant to this Agreement; (ii) shall not be disclosed, sold, assigned, leased or otherwise provided to third parties by Vendor, except as required by any court or administrative agency under Applicable Law; (iii) shall not be commercially exploited by or on behalf of Vendor, its employees or agents; and (iv) shall not be stored or co-mingled with Vendor’s data or any data from any other Vendor client except as permitted by ACI’s Risk Control Requirements.
15.3 Confidential Information.
(a) Vendor and ACI each acknowledge that they may be furnished with, receive or otherwise have access to information of or concerning the other Party that such Party considers to be confidential, a trade secret or otherwise restricted. “Confidential Information” shall mean all information, in any form, furnished or made available directly or indirectly by one Party to the other that is marked confidential, restricted or with a similar designation. The terms and conditions of this Agreement shall be deemed Confidential Information of each Party. In the case of ACI, Confidential Information also shall include, whether or not marked confidential, restricted or with a similar designation: (i) ACI Data; (ii) the specifications, designs, documents, software, documentation, data and other materials and work products owned by ACI pursuant to this Agreement; (iii) all information concerning the operations, employees, assets, customers, affairs or businesses of ACI, the financial affairs of ACI or the relations of ACI with its customers, employees and service providers (including customer lists, customer information, account information, analyses, compilations, forecasts, studies and consumer market information); (iv) ACI Software or ISV Software licensed in the name of ACI or a ACI Affiliate, provided to Vendor by or through ACI; and (v) information that a reasonable person would deem confidential under the context of disclosure or due to the nature of the information (collectively, the “ACI Confidential Information”). In the case of Vendor, Confidential Information also shall include, whether or not marked confidential, restricted or with a similar designation, Vendor’s financial information, personnel records, information
Confidential
Master Services Agreement

 

Page 45


 

Execution Copy
regarding Vendor’s, its Affiliates’ or its subcontractors’ business plans and operations, and software, tools and methodologies owned or used by Vendor, its Affiliates or its subcontractors, and information that a reasonable person would deem confidential under the context of disclosure or due to the nature of the information.
(b) Obligations in Connection with Confidential Information.
(i) Each Party shall use at least the same degree of care as it employs to avoid unauthorized disclosure of its own information, but in any event no less than Commercially Reasonable Efforts (except that the case of ACI Data, the degree of care required of Vendor shall be that degree of care specified under Section 15.2), to prevent disclosing to unauthorized parties the Confidential Information of the other Party, provided that Vendor may disclose such information to properly authorized entities as and to the extent necessary for performance of the Services, and ACI may disclose such information to third parties as and to the extent necessary for the conduct of its business, where in each such case:
(A) the receiving entity first agrees in writing to terms and conditions substantially the same as the confidentiality provisions set forth in this Agreement;
(B) use of such entity is authorized under this Agreement;
(C) such disclosure is necessary or otherwise naturally occurs in that entity’s scope of responsibility; and
(D) the receiving Party assumes full responsibility for the acts and omissions of such third party.
(ii) As requested by ACI during the Term, or upon expiration or any termination of this Agreement, or completion of Vendor’s obligations under this Agreement, Vendor shall return or destroy, as ACI may direct, all material in any medium that contains, refers to or relates to ACI Confidential Information, in the form reasonably requested by ACI, and retain no copies.
(iii) Each Party shall ensure that its personnel comply with these confidentiality provisions.
(iv) In the event of any actual or suspected misuse, unauthorized disclosure or loss of, or inability to account for, any Confidential Information of the furnishing Party, the receiving Party promptly shall:
(A) notify the furnishing Party upon becoming aware thereof;
(B) promptly furnish to the other Party full details of the unauthorized possession, use or knowledge or attempt thereof, and use reasonable efforts to assist the other Party in investigating or preventing the reoccurrence of any unauthorized possession, use or knowledge or attempt thereof, of Confidential Information;
(C) take such actions as may be necessary or reasonably requested by the furnishing Party to minimize the violation; and
Confidential
Master Services Agreement

 

Page 46


 

Execution Copy
(D) cooperate in all reasonable respects with the furnishing Party to minimize the violation and any damage resulting therefrom.
(c) The Parties’ obligations with respect to Confidential Information (other than Personally Identifiable Information) shall not apply to any particular information which Vendor or ACI can demonstrate:
(i) was, at the time of disclosure to it, public knowledge;
(ii) after disclosure to it, is published or otherwise becomes part of the public knowledge through no breach of this Agreement or any other confidentiality agreement;
(iii) was in the possession of the receiving Party at the time of disclosure to it without obligation of confidentiality herein;
(iv) was received after disclosure to it from a third party who had a lawful right to disclose such information to it without any obligation to restrict its further use or disclosure; or
(v) was independently developed by the receiving Party without reference to Confidential Information of the furnishing Party.
(d) In addition, a Party shall not be considered to have breached its obligations by:
(i) disclosing Confidential Information of the other Party (including Personally Identifiable Information) as required to satisfy any legal requirement of a competent government body provided that, immediately upon receiving any such request and to the extent that it may legally do so, such Party advises the other Party of the request prior to making such disclosure in order that the other Party may interpose an objection to such disclosure, take action to assure confidential handling of the Confidential Information, or take such other action as it deems appropriate to protect the Confidential Information; or
(ii) disclosing Confidential Information of the other Party (other than Personally Identifiable Information) to its attorneys, auditors and other professional advisors in connection with services rendered by such advisors, provided that such Party has confidentiality agreements with such professional advisors and/or such advisors owe professional confidentiality obligations to the Party.
(e) Except in emergency situations, prior to a Party commencing any legal action or proceeding in respect of any unauthorized possession, use or knowledge or attempt thereof, of Confidential Information by any person or entity which action or proceeding identifies the other Party or its Confidential Information, such Party shall seek such other Party’s consent. If a Party withholds its consent, the other Party’s performance shall be excused to the extent such lack of consent prohibits the performance of its obligations under this Agreement.
(f) Each Party’s Confidential Information shall remain the property of that Party. Nothing contained in the Parties’ obligations with respect to Confidential Information shall be construed as obligating a Party to disclose its Confidential Information to the other Party, or as granting to or conferring on a Party, expressly or impliedly, any rights or license to the Confidential Information of the other Party, and any such obligation or grant shall only be as provided by other provisions of this Agreement.
Confidential
Master Services Agreement

 

Page 47


 

Execution Copy
15.4 Corporate Information Risk Controls.
(a) Vendor shall support and adhere to ACI’s corporate information, rules, policies, standards, procedures and applicable regulatory requirements as provided to Vendor in writing by ACI (collectively, “ACI Risk Control Requirements”). Vendor will comply with any modifications to the ACI Risk Control Requirements, subject to clause (ii) of this Section 15.4(a). Vendor shall implement and administer effective solutions as necessary to implement the ACI Risk Control Requirements, or as otherwise directed by ACI (subject to clause (ii) of this Section 15.4(a)), and shall cause the systems used to provide the Services to comply with such requirements. ACI confirms that ACI is solely responsible for interpreting the applicable regulatory requirements (including the Federal Financial Institutions Examination Council regulations and the Payment Card Industry Data Security Standard) and ensuring that the ACI Risk Control Requirements and other instructions provided to Vendor comply with both the ACI Risk Control Requirements and ACI Laws. Immediately prior to the Effective Date, Vendor received from ACI copies of the FFIEC and PCI regulations and standards with which Vendor will comply, subject to the following:
(i) At no additional charge (A) beginning on the first Service Tower Commencement Date, Vendor shall maintain compliance with the ACI Risk Control Requirements (to the extent that ACI was in compliance with such requirements as of the Effective Date), and (B) within six (6) months of the last Service Tower Commencement Date, Vendor shall upgrade its facilities and otherwise begin performing the Services in a manner necessary to comply with Vendor’s own requirements of a similar nature. Notwithstanding the foregoing, if at any time Vendor provides the Services from a shared data center at which Vendor provides services to more than one Vendor customer, Vendor shall at all times also comply with Vendor’s own risk rules, policies, procedures, standards and guidelines.
(ii) If ACI changes any ACI Risk Control Requirements after the first Service Tower Commencement Date, or requests that Vendor comply with any such requirements with which ACI was not in compliance as of the first Service Tower Commencement Date, and such requirements exceed Vendor’s own requirements of a similar nature, and Vendor is unable to perform the new requirements without adding substantial additional resources, Vendor will so notify ACI. ACI may elect to either (A) reprioritize the Services in a manner which allows Vendor to expend the effort necessary to bring the in scope infrastructure into compliance with such requirements at no additional charge; or (B) authorize Vendor to expend the effort necessary to bring the in scope infrastructure into compliance with such requirements as a New Service, a Project or otherwise pursuant to the Change Control Procedure. If at any time ACI requests additional security, Vendor may make such security available, but shall first notify ACI of the incremental charges (if any) for such security and such Changes shall be subject to the Change Control Procedure. Each Party shall designate an individual who shall serve as the primary contact for security-related issues.
(b) If control deficiencies are identified in systems or procedures used to provide the Services, Vendor shall take immediate and concerted action to correct the deficiency, and shall conduct a post-incident assessment and institute measures to prevent reoccurrence. On an event-occurrence basis, Vendor shall inform ACI of any significant known issues surrounding the control environment caused by system or procedural changes or errors and track the status of such issues as they are resolved. Controls in modified or reengineered systems shall be tested against those of the previous system versions to ensure desired levels of control are in place. Vendor shall update ACI on the status of those system or procedural control improvements identified during audits and agreed to by ACI.
(c) Suspected or actual incidents of non-compliance with ACI rules, policies and procedures shall be managed to resolution by Vendor’s compliance team, in cooperation and consultation with ACI,
Confidential
Master Services Agreement

 

Page 48


 

Execution Copy
and reports shall be provided to ACI on an event-occurrence basis. If Vendor Personnel are responsible for such incidents, appropriate disciplinary action shall be taken in accordance with the appropriate Vendor personnel policies. Additionally, ACI shall have the right to direct Vendor to remove any Vendor Personnel from performing Services pursuant to this Agreement connected with such incidents.
(d) Vendor shall conduct benchmarks or provide assessments by third parties, at ACI’s request and expense, of Vendor’s compliance with the ACI corporate information risk control requirements set forth in this Agreement. Vendor shall perform self-assessments of such compliance and make results of such engagement-related self-assessments available to ACI for review. In developing new systems, Vendor shall interface with ACI so that ACI may understand the associated controls required. This shall include informing ACI of Vendor’s methodology for developing control specifications and providing ACI with the ability to request changes to controls early in the systems development process.
15.5 Step-In Rights.
(a) The Parties acknowledge that, upon the occurrence of any Step-In Event, and at ACI’s option, ACI will have a reasonable opportunity to identify, and assist Vendor in remedying, the causes underlying the Step-In Event so that Vendor may perform its obligations in respect of the affected Services in accordance with this Agreement.
(b) Accordingly, upon the occurrence of a Step-In Event and upon ACI’s request, Vendor will meet with ACI as promptly as possible in order to discuss the actions that ACI may take in order for ACI to have such a reasonable opportunity. Such actions may include providing a ACI management team to work closely with Vendor’s management team at the affected Service Locations or hiring (at ACI’s expense) a third-party expert to do so, or both. ACI and Vendor will expedite such discussions to agree upon such actions as quickly as possible, but in no event later than ten (10) days after ACI’s request.
(c) Vendor will cooperate with ACI, the ACI management team and any third-party expert as reasonably necessary for ACI to have such a reasonable opportunity and to take such agreed actions at the affected locations from which the Services are provided, including:
(i) giving the ACI management team or such third-party expert, or both, reasonable access to relevant Vendor management personnel at the affected Service Locations subject to Vendor’s security policies that otherwise apply pursuant to the other provisions of this Agreement;
(ii) working with ACI to identify the causes underlying the Step-In Event and to develop a plan for Vendor to remedy the Step-In Event, which, if appropriate, will include a root cause analysis. The plan will describe the objective criteria upon the satisfaction of which ACI will consider such Step-In Event remedied; and
(iii) subject to Section 10.5 (solely for purposes of documenting the plan and specifying the timeframe), promptly implementing the plan approved by ACI.
The Parties agree that the period during which ACI will have such a reasonable opportunity and take such actions will not exceed ninety (90) days after the Parties agree upon such actions. Nothing in this Section 15.5 limits ACI’s rights with respect to any default or non-performance by Vendor under this Agreement.
16. WARRANTY
16.1   General.
Confidential
Master Services Agreement

 

Page 49


 

Execution Copy
Vendor represents, warrants and covenants that: (a) it has successfully provided and performed services that are substantially equivalent to the Services for other major customers of Vendor; (b) it has performed all necessary due diligence on ACI’s environment (including systems, Software and personnel) to provide the Services in accordance with this Agreement; and (c) its financial condition is, and during the Term shall remain, sufficient to enable Vendor to provide the Services in accordance with this Agreement.
16.2 Work Standards.
Vendor warrants that the Services shall be rendered with promptness and diligence and shall be executed in a workmanlike manner, in accordance with Section 9.1. Vendor warrants that it shall use adequate numbers of qualified individuals with suitable training, education, qualifications, rights, resources, experience and skill to perform the Services.
16.3 Maintenance.
Vendor warrants that it shall maintain the Equipment and Software for which Vendor has maintenance responsibility as identified in Exhibit C-2 (Financial Responsibility and Ownership Matrix) so that they operate in accordance with their specifications, including:
(a) maintaining Equipment in good operating condition, subject to normal wear and tear;
(b) undertaking repairs and preventive maintenance on Equipment in accordance with the applicable Equipment manufacturer’s recommendations; and
(c) performing Software maintenance in accordance with the applicable Software vendor’s documentation and recommendations; and
(d) using Software in accordance with any and all applicable licensing agreements and associated user manuals.
16.4 Efficiency and Cost Effectiveness.
Vendor warrants that with respect to chargeable resources it shall perform the Services in a cost-effective manner consistent with the required level of quality and performance.
16.5 Technology.
Vendor warrants that it shall provide the Services using, consistent with the Procedures Manual and refresh obligations referenced in this Agreement, proven, then-current technology that will enable ACI to take advantage of technological advancements in its industry and support ACI’s efforts to maintain competitiveness in the markets in which it competes throughout the Term.
16.6 Non-Infringement; Licenses.
(a) Vendor warrants that (i) Vendor will perform the Services and its other responsibilities under this Agreement in a manner that does not infringe or misappropriate any Intellectual Property Rights of any third party; (ii) the Vendor Provided Technology will not infringe upon or misappropriate the Intellectual Property Rights of any third party; and (iii) there is no claim or proceeding pending or, to Vendor’s knowledge, threatened alleging that the Services or any of the Vendor Provided Technology infringes or misappropriates the Intellectual Property Rights of any third party.
Confidential
Master Services Agreement

 

Page 50


 

Execution Copy
(b) Vendor warrants that it has obtained all requisite licenses and permits necessary to perform the Services and grant the licenses to be granted by Vendor under this Agreement.
(c) To the extent capable, Vendor will pass through any warranties and indemnities for any Vendor provided ISV Software, Equipment or other products purchased or licensed from third parties and provided to ACI or used by Vendor or its Affiliates in connection with the Services.
16.7 Authorization and Other Consents.
Each Party represents, warrants and covenants to the other that:
(a) It has the requisite corporate power and authority to enter into this Agreement and to carry out the transactions contemplated by this Agreement;
(b) The execution, delivery and performance of this Agreement and the consummation of the transactions contemplated by this Agreement have been duly authorized by the requisite corporate action on the part of such Party and shall not constitute a violation of any judgment, order or decree;
(c) The execution, delivery and performance of this Agreement and the consummation of the transactions contemplated by this Agreement shall not constitute a material default under any material contract by which it or any of its material assets are bound, or an event that would, with notice or lapse of time or both, constitute such a default;
(d) As to Vendor, Vendor is duly licensed, authorized or qualified to do business and is in good standing in every jurisdiction in which a license, authorization or qualification is required for the ownership or leasing of its assets or the transaction of business of the character transacted by it, except where the failure to be so licensed, authorized or qualified would not have a material adverse effect on Vendor’s ability to fulfill its obligations under this Agreement; and
(e) As to Vendor, there is no outstanding proceeding pending nor, to the knowledge of Vendor, threatened, to which Vendor is a party that Vendor, without predicting the outcome of such matter, reasonably expects to have a material adverse affect on the ability of Vendor to fulfill its obligations under this Agreement or the transactions contemplated by this Agreement. As to ACI, there is no outstanding proceeding pending nor, to the knowledge of ACI, threatened, to which ACI is a party that ACI, without predicting the outcome of such matter, reasonably expects to have a material adverse affect on the ability of ACI to fulfill its obligations under this Agreement or the transactions contemplated by this Agreement.
16.8 Inducements.
Vendor represents, warrants and covenants to ACI that it has not violated, and will not violate, any the U.S. Foreign Corrupt Practices Act or any other Applicable Laws regarding the offering of unlawful inducements in connection with this Agreement or the Services. If at any time during the Term, the foregoing warranty is inaccurate, then, in addition to any other rights ACI may have at law or in equity, ACI shall have the right to terminate this Agreement immediately for cause without paying any Termination Charge and without affording Vendor an opportunity to cure.
16.9 Viruses.
Vendor shall use Commercially Reasonable Efforts to reduce the likelihood that Viruses are coded or introduced into the Software, Equipment or any expressly specified deliverable delivered under
Confidential
Master Services Agreement

 

Page 51


 

Execution Copy
this Agreement. If a Virus is found in the Software, Equipment or deliverable, Vendor shall use Commercially Reasonable Efforts to assist ACI in reducing the effects of the Virus and, if the Virus causes a loss of operational efficiency or loss of data, to assist ACI to the same extent to mitigate and restore such losses; provided that, if it is ultimately determined such Virus was introduced by ACI, an ACI subcontractor or vendor or an ACI Affiliate or other third party, such assistance will be at Charges determined under the Change Control Procedure. Vendor shall immediately notify ACI of any existing or anticipated Virus.
16.10 Disabling Code.
Each Party covenants that, without the prior written consent of the other Party, it shall not insert into the Software any code designed to disable or otherwise shut down all or any portion of the Services. Notwithstanding the foregoing, both Parties acknowledge that certain third-party and or Vendor, commercial off-the-shelf Software may include passwords, software keys, trial-period software and similar programming code that are distributed as part of hardware or Software to automatically ensure that the purchaser or licensee uses the product in accordance with the acquisition or license agreement. Each Party shall inform the other Party of all such disabling code in the Software of which such Party has knowledge. Vendor further covenants that, with respect to any disabling code that may be part of the Software, Vendor shall not knowingly invoke such disabling code at any time, including upon expiration or termination of this Agreement for any reason, without ACI’s prior written consent.
16.11 Deliverables.
Unless otherwise agreed in writing by the Parties, Vendor warrants that during the Term each expressly specified deliverable provided to ACI under this Agreement will conform in all material respects to the stated requirements and specifications set forth in the relevant documents with respect to such deliverable.
16.12 Software Ownership or Use.
Vendor represents and warrants that it will be, at the applicable time and after obtaining the applicable Required Consents, either the owner of, or authorized to distribute, provide and use the Software provided by, licensed or developed by Vendor under this Agreement or in connection with the provision of Services hereunder.
16.13 Other.
Vendor represents, warrants and covenants, as applicable, that:
(a) Neither Vendor nor any of its employees, agents or subcontractors (including any Approved Subcontractors and Vendor Personnel) that will perform Services or provide other services to the ACI account (i) have ever been convicted of a felony or, within a seven (7) year period (three (3) years for Vendor agents and subcontractors) preceding that employee’s, agent’s or subcontractor’s date of hire or use by Vendor, been convicted of a criminal offense in connection with obtaining, attempting to obtain or performing a public (federal, state or local) transaction or contract under a public transaction, or for violation of federal or state antitrust statutes or commission of embezzlement, theft, forgery, bribery, falsification or destruction of records, making false statements or receiving stolen property; or (ii) are presently indicted for, or other criminally charged by a governmental entity (U.S. or non-U.S. federal, state or local) with commission of any of the offenses enumerated in clause (i) of this paragraph. Nothing in this Agreement shall be interpreted as requiring Vendor to conduct background checks in jurisdictions where it is legally prohibited from conducting such checks.
Confidential
Master Services Agreement

 

Page 52


 

Execution Copy
(b) Vendor will maintain at Vendor’s expense all of the necessary certification and documentation such as I-9’s (or the locally equivalent work permits or other documents) as well as all necessary insurance for its employees, including workers’ compensation and unemployment insurance, and that, with respect to contractors, Vendor has a written agreement with each and every contractor which specifically provides that the contractor shall not be entitled to any benefits or payments from any company such as ACI for which Vendor will provide services, and that each and every contractor shall maintain current employment eligibility verification (DOJ, INS, I-9 (“I-9”)) and other necessary certification and documentation or insurance for all its employees provided under this Agreement. Vendor will be solely responsible for the withholding and payment, if any, of employment taxes, all benefits and workers’ compensation insurance.
(c) In the event that a Vendor contractor is in the United States on work authorization documents, such contractor has an F-1, TN, or H-1B or an L-1 visa, provided, however, in the case of an H-1B or L-1 visa, contractor has a presence or office in the United States. Vendor covenants that all work authorization documents issued to contractors shall be valid at the time of issuance and shall remain valid and in full force and effect during the entire period of the contractors’ assignment(s) under any SOW. ACI shall have the right to perform a background check on such contractor. The acceptable forms of identification are as set forth on the current I-9.
16.14 Application.
For the avoidance of doubt, each of the covenants set forth in this Article 16 shall remain in effect continually throughout the Term of this Agreement and those referenced in Section 23.11 shall remain in effect after the expiration or termination of this Agreement.
16.15 Disclaimer.
THE WARRANTIES SET FORTH IN THIS AGREEMENT, INCLUDING THOSE SPECIFIED AS APPLYING, IF ANY, TO ANY LICENSES GRANTED OR TO BE GRANTED UNDER THIS AGREEMENT, ARE EXCLUSIVE. THERE ARE NO IMPLIED WARRANTIES, INCLUDING ANY IMPLIED WARRANTY OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. SOFTWARE MADE AVAILABLE BY ACI TO VENDOR IS MADE AVAILABLE ON AN “AS IS” BASIS.
17. INSURANCE
17.1 Insurance.
Vendor covenants that as of the Effective Date it shall have, and agrees that during the Term it shall maintain in force, at least the following insurance coverages:
(a) Employer’s Liability Insurance (Coverage B) and Worker’s Compensation Insurance (Coverage A), including coverage for occupational injury, illness and disease, and other similar social insurance in accordance with the laws of the country, state or territory exercising jurisdiction over the employee with Statutory Limits (Coverage A) and minimum limits (Coverage B) per employee and per event of $2,000,000 or the minimum limit required by law, whichever limit is greater.
(b) Comprehensive General Liability Insurance, including Products, Completed Operations, Premises Operations, Bodily Injury, Personal and Advertising Injury, on an occurrence basis, with a minimum combined single limit per occurrence of $3,000,000 and a minimum combined single aggregate limit of $5,000,000. This coverage shall include ACI and its Affiliates as Additional Insureds.
Confidential
Master Services Agreement

 

Page 53


 

Execution Copy
(c) Property Insurance and Business Income coverage, for all risks of physical loss of or damage to buildings, tangible business personal property or other tangible property that is owned or leased and supplied by Vendor pursuant to this Agreement or otherwise. Such insurance shall have a minimum limit adequate to cover risks on a replacement costs basis.
(d) Automotive Liability Insurance covering use of all owned, non-owned and hired automobiles for bodily injury, property damage liability with a minimum combined single limit per accident of $3,000,000 or the minimum limit required by law, whichever limit is greater. This coverage shall include ACI and its Affiliates as Additional Insureds.
(e) Commercial Crime Insurance, including blanket coverage for Employee Dishonesty for loss or damage to tangible property arising out of or in connection with any fraudulent or dishonest acts committed by the employees of Vendor, acting alone or in collusion with others, including the property and funds of others in Vendor’s or its employees’ possession, care, custody or control, with a minimum limit per event of $1,000,000.00. ACI shall be designated as a “loss payee” as its interest may appear under this policy. However, loss payments hereunder shall not include any loss to the extent such loss results from the dishonest acts of the employees of ACI.
Errors and Omissions Liability Insurance covering liability for loss or damage due to an act, error, omission or negligence, with a minimum limit per event of $5,000,000.
17.2 Insurance Provisions.
(a) The insurance coverages described above that include ACI as an additional insured (i.e. the Commercial General Liability and Automobile Liability policies) shall be primary, and all coverage shall be non-contributing with respect to any other insurance or self insurance which may be maintained by ACI and is primary and non-contributory with respect to liability arising out of Vendor’s negligence and as respects this Agreement only. All coverages described above shall contain the standard separation of insureds provisions regarding ACI. To the extent any coverage is written on a claims-made basis, it shall have a retroactive date no later than the Effective Date and shall be maintained for a period of two (2) years after the expiration or premature termination of this Agreement.
(b) Vendor shall provide certificates of insurance evidencing that the coverages and policy endorsements required under this Agreement are in force and should any of the policies described herein be cancelled before the expiration date thereof, the insurer affording coverage will endeavor to mail 30 days written notice to the certificate holder named herein, but failure to mail such notice shall impose no obligation of liability of any kind upon the insurer affording coverage, its agents or representatives. The insurers selected by Vendor shall have an A.M. Best rating of A-, Size VII or better, or, if such ratings are no longer available, with a comparable rating from a recognized insurance rating agency. Vendor shall assure that all Approved Subcontractors, if any, maintain insurance coverages described above naming Vendor as an additional insured where relevant.
(c) In the case of loss or damage or other event that requires notice or other action under the terms of any insurance coverage described above, Vendor shall be solely responsible to take such action. Vendor shall provide ACI with contemporaneous notice and with such other information as ACI may request regarding the event.
(d) Vendor’s obligation to maintain insurance coverage in specified amounts shall not act as a limitation or expansion on any other liability or obligation which Vendor would otherwise have under this Agreement.
Confidential
Master Services Agreement

 

Page 54


 

Execution Copy
18. INDEMNITIES
18.1 Vendor Indemnities.
Vendor shall defend, indemnify and hold harmless ACI and ACI’s Affiliates and their respective officers, directors, employees, agents, successors and assigns (collectively, “ACI Indemnitees”) against any and all Losses and threatened Losses payable to third parties, to the extent arising from, in connection with, or based on allegations whenever made of, any of the following:
(a) Claims arising out of Vendor’s failure to observe or perform any duties or obligations to be observed or performed by Vendor under any of the contracts, including Software licenses, Equipment leases and Third Party Services Contracts (including the terms of any Required Consents with respect to any of the foregoing): (i) assigned to Vendor, if any; or (ii) for which Vendor has assumed financial, administrative or operational responsibility, all to the extent such duties or obligations were required by this Agreement to be observed or performed by Vendor on or after the date of such assignment or assumption;
(b) Any claims of infringement that would amount to a breach by Vendor of the warranties set forth in Section 16.6; provided that (i) the claim is not caused by improper acts or omissions of ACI (such as use of more copies of an item than that for which a license was to have been obtained); (ii) the claim does not result from ACI’s failure to fulfill its obligation to provide reasonable cooperation under Section 6.7 in connection with Vendor’s efforts to obtain Required Consents; and (iii) Vendor’s obligations under this Section 18.1(b) shall not apply to the extent that (A) the claim of infringement is based upon ACI’s use of Vendor Provided Technology (1) in combination with equipment, devices or software not specified or approved in writing by Vendor, contemplated by this Agreement, or otherwise used by Vendor to provide the Services or (2) in a manner that violates any license grant or other term or condition of this Agreement; (B) a ACI Indemnitee modifies the software provided by Vendor hereunder without Vendor’s written approval and such infringement would not have occurred but for such modification; or (C) the claim of infringement arises out of designs or specifications provided by a ACI Indemnitee that necessarily caused such infringement claim and that describe detailed, non-discretionary methods of processes for meeting a business requirement of achieving a required outcome (as opposed to just describing business requirements of expected outcomes);
(c) Any claim or action by, on behalf of, or related to, any employee of Vendor or its Affiliates, or any of their subcontractors (which, if made by a Rebadged Employee arises out of acts, incidents or omissions occurring on or after, or out of events occurring on or after, the date such employee is transferred to Vendor or acts or omissions specifically requested by Vendor or its Affiliates or their subcontractors at any time), including claims asserting liens or other encumbrances on assets of ACI or ACI Affiliates and claims arising under occupational health and safety, ERISA, worker’s compensation or other Applicable Laws;
(d) Any claim or action asserted against an ACI Indemnitee but resulting from an act or omission of Vendor or its Affiliates or its or their respective officers, directors, employees, subcontractors or agents;
(e) The material inaccuracy or untruthfulness of the representations or warranties made by Vendor in Sections 16.7 and 16.12;
(f) Any claim or action by Vendor’s subcontractors arising out of Vendor’s breach or violation of Vendor’s subcontracting arrangements;
Confidential
Master Services Agreement

 

Page 55


 

Execution Copy
(g) Any claim or action arising out of acts or omissions of Vendor which result in, arise from or relate to:
(i) a violation of Applicable Laws for the protection of persons or members of a protected class or category of persons by Vendor or its employees, subcontractors or agents;
(ii) discrimination or harassment by Vendor, its employees, subcontractors or agents;
(iii) vested employee benefits of any kind expressly assumed by Vendor;
(iv) representations (oral or written) to ACI personnel by Vendor, Vendor Affiliates (or their respective officers, directors, employees, representatives, subcontractors or agents), or other acts or omissions with respect to ACI personnel by such persons or entities, including any act, omission or representation made in connection with the interview, selection, hiring and/or transition process (other than any representations to the Affected Employees based on information or direction provided by ACI), any offers of employment made to such employees, the failure to make offers to any such employees required hereunder or the terms and conditions of such offers (including compensation and employee benefits).
(h) Any breach of Vendor’s obligations under Article 15 (Safeguarding of Data; Confidentiality) as a result of Vendor’s or Vendor’s subcontractors’ misappropriation;
(i) Any claim or action by any employee or contractor of Vendor or its subcontractors that ACI is liable to such person as the employer or joint employer of such person, including and any claim for employee benefits as a result thereof, other than claims by Rebadged Employees arising out of events, acts, incidents or omissions occurring prior to the date such Rebadged Employees are transferred to Vendor;
(j) Any claim or action arising out of or relating to Vendor’s failure to comply with the obligations provided in Section 13.4, provided that Vendor shall not be responsible for interest or penalties occasioned by ACI’s failure to timely remit taxes to Vendor which ACI is responsible to pay except to the extent that such failure is due to Vendor’s failure to timely notify or charge ACI for taxes which Vendor is responsible to collect and remit (i) for which Vendor had failed to timely request all necessary tax information from ACI or (ii) for which ACI had previously provided all required necessary tax related information previously requested by Vendor on a timely basis;
(k) Any failure to obtain or maintain the Required Consents as contemplated under Section 6.7;
(l) Any failure to comply with any Vendor Laws resulting in claims by government regulators or agencies for fines, penalties, sanctions, underpayments or other remedies to the extent such fines, penalties, sanctions, underpayments or other remedies are caused by Vendor’s failure to comply with any Vendor Laws; or
(m) Any physical injury, death or real or tangible property loss caused by Vendor or Vendor Personnel as a result of the provision of the Services.
18.2   ACI Indemnities.
Confidential
Master Services Agreement

 

Page 56


 

Execution Copy
ACI shall defend, indemnify and hold harmless Vendor and Vendor’s Affiliates and their respective officers, directors, employees, agents, successors and assigns (collectively, “Vendor Indemnitees”) against any and all Losses and threatened Losses payable to third parties, to the extent arising from, in connection with, or based on allegations whenever made, of the following:
(a) Claims arising out of ACI’s failure to observe or perform any duties or obligations to be observed or performed by ACI under any of the contracts, including Software licenses, Equipment leases, if any, and Third Party Services Contracts: (i) assigned to Vendor, if any; or (ii) for which (and to the extent) ACI has retained financial, administrative or operational responsibility, all to the extent such duties or obligations were required to be observed or performed by ACI before the date of such assignment or assumption;
(b) Any claim by a third party of infringement of such third party’s Intellectual Property Rights directly arising from (i) designs or specifications provided by ACI to Vendor under this Agreement that necessarily caused such infringement claim and that describe detailed, non-discretionary methods of processes for meeting a business requirement of achieving a required outcome (as opposed to just describing business requirements of expected outcomes), or (ii) data, documents, code or other technology or materials that have been provided by ACI to Vendor for Vendor to provide Services to ACI under this Agreement (collectively, the “ACI Provided Technology”); provided that (A) the infringement claim is not caused by improper acts or omissions of Vendor; (B) the claim does not result from Vendor’s failure to fulfill its obligation to provide reasonable cooperation under Section 6.7 in connection with efforts to obtain Required Consents; and (C) ACI’s obligations under this Section 18.2(b) shall not apply to the extent that: (1) the claim of infringement is based upon Vendor’s use of ACI Provided Technology: (x) in combination with equipment, devices or software not approved, specified or reasonably anticipated by ACI, contemplated by this Agreement or otherwise used by ACI prior to the Effective Date, or (y) in a manner that violates any license grant or other term or condition of this Agreement, (2) Vendor modifies the ACI Provided Technology and such infringement would not have occurred but for such modification, or (3) the claim of infringement arises out of designs or specifications provided by a Vendor Indemnitee that necessarily caused such infringement claim and that describe detailed, non-discretionary methods of processes for providing the Service. The indemnities in this Section 18.2(b) are Vendor’s sole and exclusive remedies for infringement claims related to any Software or other technology provided by ACI;
(c) Any claim or action by, on behalf of, or related to, any employee of ACI or any of its subcontractors (which, if made by a Rebadged Employee arises out of acts, incidents, events or omissions occurring before the date such employee is transferred to Vendor), or acts or omissions specifically requested by ACI or its Affiliates at any time, including claims arising under occupational health and safety, ERISA, worker’s compensation or other applicable federal, state or local laws or regulations, except where such claim arises out of acts or omissions specifically requested by Vendor or its Affiliates;
(d) Any claim or action arising out of or relating to ACI’s failure to comply with the obligations provided in Section 13.4, provided that ACI shall not be responsible for interest or penalties occasioned by Vendor’s failure to notify or charge ACI for taxes which Vendor is responsible to collect except to extent that such failure is due to ACI’s failure to provide necessary tax related information previously requested by Vendor on a timely basis;
(e) Any claim or action by subcontractors arising out of ACI’s breach or violation of ACI’s subcontracting arrangements;
(f) Any breach of ACI’s obligations under Article 15 (Safeguarding of Data; Confidentiality) as a result of misappropriation by ACI;
Confidential
Master Services Agreement

 

Page 57


 

Execution Copy
(g) Any failure to obtain or maintain the Required Consents as contemplated under Section 6.7;
(h) Vendor and ACI agree that in the United Kingdom, the Transfer of Undertakings (Protection of Employment) Regulations 2006 (the “Regulations”) do not apply to service transfers and that other than the one employee specified below (the “ACI Employee”), no employee of ACI or any of its subcontractors will transfer employment from ACI to Vendor as a result of the service transfer. In the event that the contract of employment of any other ACI employee or the employee of any ACI subcontractor or any collective agreement shall have effect or is alleged to have effect as if originally made between Vendor and such person or trade union pursuant to the Regulations, unless Vendor should make a decision to take any such person into employment or such person is the ACI Employee, Vendor may, within one month of becoming aware of the application or alleged application of the Regulations to any such contract or collective agreement (having promptly communicated such awareness to Vendor) terminate (or purport to terminate) such contract of employment or collective agreement. ACI shall indemnify, keep indemnified and hold harmless Vendor against any claims, losses, proceedings, costs, demands, liabilities and expenses (including without limitation all legal expenses and other professional fees together with any valued added tax thereon) suffered or incurred by Vendor arising out of or in connection with:
(i) any termination of any contract of employment or collective agreement in accordance as set forth above;
(ii) in the event the Regulations are found to apply, any failure by ACI to comply with its obligations pursuant to the Regulations, including any failure by ACI to provide the information which it is obliged to provide to employee representatives in accordance with the Regulations; or
(iii) anything done or omitted to be done by ACI or its subcontractors in respect of the ACI Employee before the service transfer, including without limitation, any claim by the ACI Employee that ACI or its subcontractors violated any Applicable Law in connection with the employment of the ACI Employee.
Vendor agrees that on or before May 15, 2008, it shall make or shall procure that its subcontractor shall make an offer to employ Steve Newbury (being the ACI Employee) at its or its subcontractor’s location at Watford in the United Kingdom on substantially equivalent or better terms than such employee enjoys with ACI, without reference to occupational retirement plans and that upon such acceptance, Vendor or its subcontractors shall employ the ACI Employee in accordance with such offer. ACI shall render all reasonable assistance to Vendor or its subcontractor so that the ACI Employee accepts such employment and shall waive any notice of termination of employment that such employee is required to give ACI.
(i) Except to the extent covered by another provision of this Article 18, claims by any individual or entity, other than ACI, that uses or receives the benefits of the Services by or through ACI or by virtue of this Agreement (as the Parties intend that only ACI shall be permitted to enforce rights against Vendor under this Agreement or related to the Services); or
(j) Any physical injury, death or real or tangible property loss caused by ACI.
18.3 Infringement.
If any item provided by either Party that is used in the provision of the Services becomes, or in the providing Party’s reasonable opinion is likely to become, the subject of an infringement or misappropriation claim, in addition to indemnifying the other Party to the extent required in Section
Confidential
Master Services Agreement

 

Page 58


 

Execution Copy
18.1(b) and 18.2(b), and in addition to such Party’s other rights, the providing Party shall promptly take the following actions, at no charge to the other Party, in the listed order of priority:
(a) promptly secure the right to continue using the item;
(b) replace or modify the item to make it non-infringing or without misappropriation, provided that any such replacement or modification must not degrade the performance or quality of the affected component of the Services, as reasonably determined by the Parties; or
(c) remove the item from the Services, in which case Vendor’s Charges shall be equitably adjusted to reflect such removal; provided that (i) such removal and adjustment does not limit Vendor’s liability for any failure of the remaining Services to fully comply with the requirements of this Agreement, whether such failure is due to the absence of the removed item or the removal’s impact on the remaining Services and (ii) any resulting failure of the Services to comply with this Agreement may constitute a material breach entitling ACI to terminate this Agreement under Section 21.1, in which case ACI will not be required to observe the otherwise applicable cure period.
18.4 Indemnification Procedures.
With respect to third-party claims the following procedures shall apply:
(a) Notice. Promptly after receipt by a ACI Indemnitee or Vendor Indemnitee, as applicable, of notice of the assertion or the commencement of any action, proceeding or other claim by a third party in respect of which the indemnitee will seek indemnification pursuant to this Article 18, the indemnitee shall promptly notify the indemnitor of such claim in writing. No failure to so notify an indemnitor shall relieve it of its obligations under this Agreement except to the extent that it can demonstrate that such failure has increased the indemnifying Party’s costs or liability. Within fifteen (15) days following receipt of written notice from the indemnitee relating to any claim, but no later than ten (10) days before the date on which any response to a complaint, claim, action or summons is due, the indemnitor shall notify the indemnitee in writing if the indemnitor acknowledges its indemnification obligation and elects to assume control of the defense and settlement of that claim (a “Notice of Election”); provided, however, that such acknowledgement and election shall not be, or deemed to be, a waiver of any defense that the indemnitor may have with respect to the underlying action, proceeding or claim.
(b) Procedure Following Notice of Election. If the indemnitor delivers a Notice of Election relating to any claim within the required notice period, the indemnitor shall be entitled to have sole control over the defense and settlement of such claim; provided that the indemnitee shall be entitled, at its own expense, to participate in the defense of such claim and to employ counsel to assist in the handling of such claim. If the indemnitor has delivered a Notice of Election relating to any claim in accordance with the preceding subsection, the indemnitor shall not be liable to the indemnitee for any legal expenses incurred by the indemnitee in connection with the defense of that claim. In addition, the indemnitor shall not be required to indemnify the indemnitee for any amount paid or payable by the indemnitee in the settlement of any claim for which the indemnitor has delivered a timely Notice of Election if such amount was agreed to without the written consent of the indemnitor.
(c) Procedure Where No Notice of Election Is Delivered. If the indemnitor does not deliver a Notice of Election relating to a claim, or otherwise fails to acknowledge its indemnification obligation or to assume the defense of a claim, within the required notice period or fails to diligently defend the claim, the indemnitee shall have the right to defend the claim in such manner as it may deem appropriate, at the cost, expense and risk of the indemnitor, including payment of any judgment or award, indemnitee’s attorneys’ fees and expenses and the costs of settlement or compromise of the claim. The
Confidential
Master Services Agreement

 

Page 59


 

Execution Copy
indemnitor shall promptly reimburse the indemnitee for all such costs and expenses, including payment of any judgment or award and the costs of settlement or compromise of the claim. If it is determined that the indemnitor failed to defend a claim for which it was liable, the indemnitor shall not be entitled to challenge the amount of any settlement or compromise paid by the indemnitee.
19. LIABILITY
19.1 General Intent.
Subject to the liability restrictions below, it is the intent of the Parties that each Party shall be liable to the other Party for any actual damages incurred by the non-breaching Party as a result of the breaching Party’s failure to perform its obligations in the manner required by this Agreement.
19.2 Liability Restrictions.
(a) SUBJECT TO SECTION 19.2(c) BELOW, IN NO EVENT, WHETHER IN CONTRACT OR IN TORT (INCLUDING NEGLIGENCE), BREACH OF WARRANTY, STRICT LIABILITY, OR OTHERWISE, SHALL A PARTY BE LIABLE FOR INDIRECT, CONSEQUENTIAL, EXEMPLARY, PUNITIVE, INCIDENTAL, OR SPECIAL DAMAGES, OR LOST PROFITS, EVEN IF SUCH PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES IN ADVANCE.
(b) Subject to Section 19.2(c) and Section 19.2(d) below, each of the Parties will be liable to the other for any direct damages arising out of or relating to its performance or failure to perform under this Agreement; provided, however, that the liability of a Party to the other Party, whether based on an action or claim in contract, equity, negligence, tort or otherwise, will not in the aggregate exceed an amount equal to the greater of: (i) $5,000,000 or (ii) the amount of Charges paid or payable by ACI under this Agreement during the twelve (12) months immediately preceding the occurrence of the first event, act or omission on which such liability is based; provided, however, that however, that (1) if twelve (12) months has not elapsed since the Effective Date, the amount for this subsection (ii) will be equal to twelve (12) times the average monthly Charges for the elapsed period of the Term or (2) if the event, act or omission occurred after the expiration or termination of this Agreement, the amount for this subsection (ii) will be equal to the aggregate amount of Charges paid or payable by ACI during the last twelve (12)-month-period of time during the Term.
(c) The limitations set forth in Section 19.2(a) and Section 19.2(b) above shall not apply with respect to:
(i) claims that are the subject of indemnification pursuant to Sections 18.1 and 18.2; provided, however that damages payable for indemnification claims set forth in Section 18.1(l) (relating to violations of Vendor Laws) shall (i) be included in the damages cap set forth in Section 19.2(b) and (ii) not exceed $1,000,000; and
(ii) damages occasioned by infringement of a Party’s Intellectual Property Rights or misappropriation of its Confidential Information.
(d) The limitations set forth in Section 19.2(b) above shall not apply with respect to:
(i) damages occasioned by the willful misconduct or gross negligence of a Party; in which case each of the Parties will be liable to the other for any direct damages arising out of or relating to its performance or failure to perform under this Agreement; provided, however, that the liability of a
Confidential
Master Services Agreement

 

Page 60


 

Execution Copy
Party to the other Party, whether based on an action or claim in contract, equity, negligence, tort or otherwise, will not in the aggregate exceed an amount equal to the greater of: (i) $7,000,000 or (ii) the amount of Charges paid or payable by ACI under this Agreement during the fifteen (15) months immediately preceding the occurrence of the first event, act or omission on which such liability is based; provided, however, that however, that (1) if fifteen (15) months has not elapsed since the Effective Date, the amount for this subsection (ii) will be equal to fifteen (15) times the average monthly Charges for the elapsed period of the Term or (2) if the event, act or omission occurred after the expiration or termination of this Agreement, the amount for this subsection (ii) will be equal to the aggregate amount of Charges paid or payable by ACI during the last fifteen (15)-month-period of time during the Term.
(ii) damages occasioned by abandonment of all or substantially all of the work required to perform the Services in which case the limitations will be the same as those set forth in Section 19.2(d)(i) above.
In addition, for Vendor’s breaches of its obligations under Section 15.3 (Confidential Information) resulting in a release of Personally Identifiable Information, in addition to the direct damages limited by Section 19.2(b) above and ACI’s other rights under the Agreement, Vendor shall pay for (i) legally required notifications to ACI’s customers and (ii) credit monitoring services for ACI’s customers up to an amount not to exceed $1,000,000.
19.3 Direct Damages.
For purposes of this Agreement, direct damages shall include, but not be limited to, the following, which shall not be considered consequential damages to the extent they result from a Party’s failure to fulfill its obligations in accordance with this Agreement:
(a) Reasonable costs of recreating or reloading any of ACI’s information that is lost or damaged to the last available back-up; provided, however, that if Vendor has the responsibility under this Agreement to back up ACI’s data, and fails to fulfill its obligation to do so with respect to the lost or damaged data, Vendor shall pay for the costs of recreating or reloading such data up to the limit of liability in Section 19(b);
(b) Reasonable costs of implementing a workaround or fix in respect of a failure to provide the Services;
(c) Reasonable costs of replacing lost or damaged equipment and software and materials;
(d) Reasonable costs and expenses incurred to correct errors in software maintenance and enhancements provided as part of the Services;
(e) Reasonable costs and expenses incurred to procure the Services from an alternate source; or
(f) Reasonable straight time, overtime or related expenses incurred by ACI or its Affiliates, including overhead allocations for employees, wages and salaries of additional personnel, travel expenses, telecommunication and similar charges incurred due to the direct failure of Vendor to provide the Services or incurred in connection with (a) through (e) above in strict accordance with the standards of performance specified in this Agreement.
Notwithstanding the foregoing, to the extent damages payable by ACI under this Article 19 consist of compensation to Vendor for work performed by Vendor Personnel, such compensation shall be calculated
Confidential
Master Services Agreement

 

Page 61


 

Execution Copy
using the time and material rates provided in Exhibit C-1 (Base Charges, Baselines, ARC/RRC Rates and Termination Charges).
19.4 Duty to Mitigate.
Each Party shall have a duty to mitigate damages for which the other Party is responsible.
19.5 Disaster Recovery Plan.
(a) Vendor will implement and maintain disaster recovery plans and business continuity plans for Service Locations and Vendor’s business (collectively, “DR/BC Plans”) as set forth in Exhibit A-9 (Disaster Recovery / Business Continuity Plans) and provide reasonable cooperation and support with the then-current resources being applied by Vendor to ACI’s account for ACI’s implementation of its internal disaster recovery and business continuity plans. Vendor will (1) update and test the operability of the DR/BC Plans annually, (2) verify for ACI upon each such test that the DR/BC Plans are fully operational and provide ACI with a summary of any report regarding the results of such test and (3) implement the DR/BC Plans upon the occurrence of a disaster. Subject to the Change Control Procedure, ACI may request and Vendor will perform additional testing and support for such testing as may be requested by ACI customers.
(b) Upon the occurrence of a disaster, Vendor will reinstate the Services within the time periods set forth in Exhibit A-9 (Disaster Recovery / Business Continuity Plans) or, if not set forth in Exhibit A-9 (Disaster Recovery / Business Continuity Plans), the recovery time periods set forth in the DR/BC Plans.
19.6 Force Majeure.
(a) Provided that Vendor has fully complied with its obligations to provide disaster recovery-related Services hereunder, to the extent that the Vendor facilities intended to be used for such disaster recover Services are not impacted by the event, neither Party shall be liable for any default or delay in the performance of its obligations under this Agreement:
(i) if and to the extent such default or delay is caused, directly or indirectly, by fire, flood, earthquake, elements of nature or acts of God, acts of terrorism, riots, labor disputes (other than labor disputes of a Party or its subcontractors, and its employees), civil disorders or any other similar cause beyond the reasonable control of such Party;
(ii) provided the non-performing Party is without fault in causing such default or delay, and such default or delay could not have been prevented by reasonable precautions and could not reasonably be circumvented by the non-performing Party through the use of alternate sources, workaround plans or other means (including, with respect to Vendor, by Vendor meeting its obligations for performing disaster recovery services as provided in this Agreement) (each such event, a “Force Majeure Event”).
(b) The non-performing Party shall be excused from further performance or observance of the obligations affected by a Force Majeure Event for as long as such circumstances prevail and such Party continues to use Commercially Reasonable Efforts to recommence performance or observance without delay. Any Party so delayed in its performance shall immediately notify the Party to whom performance is due by telephone (to be confirmed in writing within twenty-four (24) hours of the inception of such delay) and describe at a reasonable level of detail (1) the circumstances causing such delay and (2) the steps the non-performing Party intends to take to mitigate the effect of the Force
Confidential
Master Services Agreement

 

Page 62


 

Execution Copy
Majeure Event, including the use of resources available to such non-performing Party through its DR Plan. Except as set forth in Section 19.6(c) below, to the extent a Force Majeure Event relieves Vendor of its obligations to perform the Services impacted by such event and Vendor does not perform due to such Force Majeure Event, ACI’s obligation to pay for such Services shall also be relieved.
(c) If any Force Majeure Event affecting facilities, personnel or other resources under the control of Vendor or any of its Affiliates or subcontractors substantially prevents, hinders or delays performance of the Services necessary for the performance of functions identified by ACI as critical for more than three (3) consecutive days or any material portion of the Services for more than five (5) Business Days, then, at ACI’s option, ACI may procure such Services from an alternate source, and Vendor shall be liable for payment for such Services from the alternate source for up to ninety (90) days of such alternate services based upon the number of days that ACI receives such alternate services. ACI will continue to pay Vendor undisputed Charges for the impacted Services during such ninety (90) day period for so long as ACI continues to receive the alternate Services. Vendor’s reimbursement obligation pursuant to this Section 19.6 is limited to reimbursement for the alternate services that are substantially similar to the Services impacted by the Force Majeure Event, and does not extend to any additional services that ACI may elect to procure from the alternate source. If ACI returns to Vendor facilities after use of the alternate source, Vendor will reimburse ACI for all reasonable out of pocket costs of returning to the Vendor facility. If the alternate source provides services for longer than fifteen (15) days, then ACI may, within five (5) days after the end of such fifteen (15) day period and upon payment to Vendor for: (i) any unrecovered startup expenses, (ii) unamortized assets, and (iii) other reasonable out-of-pocket expenses associated with ramp-down, terminate the affected portion of the Services upon notice to Vendor, such termination to be effective at any time within ninety (90) days after such five (5) day period. However, if the impacted Services are within the scope of Exhibit A-9 and Vendor does not provide Services pursuant to the DR / BC Plan, ACI may terminate without payment of the expenses described in the foregoing sentence. ACI agrees to use Commercially Reasonable Efforts to mitigate damages arising pursuant to this Section 19.6.
(d) Vendor shall not have the right to any additional payments from ACI for costs or expenses incurred by Vendor as a result of any Force Majeure Event.
20. DISPUTE RESOLUTION
Any dispute between the Parties arising out of or relating to this Agreement, including with respect to the interpretation of any provision of this Agreement and with respect to the performance by Vendor or ACI, shall be resolved as provided in this Article 20.
20.1 Informal Dispute Resolution Process.
(a) Subject to Sections 20.1(b) and 20.1(c), the Parties initially shall attempt to resolve their dispute informally, in accordance with the following:
(i) Upon the written notice by a Party to the other Party of a dispute (“Dispute Date”), each Party shall appoint a designated representative whose task it will be to meet for the purpose of endeavoring to resolve such dispute. The designated representatives of a Party shall have the authority to resolve the dispute on behalf of such Party.
(ii) The designated representatives shall meet as often as the Parties reasonably deem necessary in order to gather and furnish to the other all information with respect to the matter in issue which the Parties believe to be appropriate and germane in connection with its resolution. The
Confidential
Master Services Agreement

 

Page 63


 

Execution Copy
representatives shall discuss the problem and attempt to resolve the dispute without the necessity of any formal proceeding.
(iii) During the course of discussion, all reasonable requests made by a Party to the other for non-privileged information, reasonably related to this Agreement, shall be honored in order that a Party may be fully advised of the other’s position.
(iv) The specific format for the discussions shall be left to the discretion of the designated representatives.
(b) After ten (10) Business Days or such other period as the Parties may agree, following the Dispute Date and prior to commencement of any litigation as permitted under Section 20.1(c), both Parties may agree to initiate non-binding mediation of the dispute by submitting to the American Arbitration Association (the dispute mediation entity, “DM”) a written request for mediation under the Commercial Mediation rules of such organization, setting forth the subject of the dispute and the relief requested. The Parties shall cooperate with DM and each other in the mediation process, and any such mediation shall be held in New York, New York. The mediation shall be conducted in accordance with the applicable practices and procedures of DM. Either Party, upon notice to DM and to the other Party, may terminate the mediation process. Each Party shall bear its own expenses in the mediation process and shall share equally the charges of DM.
(c) Litigation of a dispute may be commenced by either Party upon the earlier to occur of any of the following:
(i) the designated representatives mutually conclude that amicable resolution through continued negotiation of the matter does not appear likely; or
(ii) forty-five (45) days have elapsed from the Dispute Date.
(d) Notwithstanding the above, either Party may commence litigation if it is deemed appropriate by a Party to avoid the expiration of an applicable limitations period or to preserve a superior position with respect to other creditors, or a Party makes a good faith determination, including as provided in Section 21.10 respecting ACI, that a breach of this Agreement by the other Party is such that a temporary restraining order or other injunctive relief is necessary.
(e) No resolution or attempted resolution of any dispute or disagreement pursuant to this Section 20.1 shall be deemed to be a waiver of any term or provision of this Agreement or consent to any breach unless such waiver or consent shall be in writing and signed by the Party claimed to have waived or consented.
20.2 Litigation.
For all litigation which may arise with respect to this Agreement, the Parties irrevocably and unconditionally submit to the jurisdiction and venue (and waive any claim of forum nonconveniens and any objections as to laying of venue) of the New York state and federal courts located in New York, New York in connection with any action, suit or proceeding arising out of or relating to this Agreement. Each Party further waives personal service of any summons, complaint or other process and agrees that the service thereof may be made by certified or registered mail directed to such Party at such Party’s address provided in Section 23.3 for purposes of notices under this Agreement, provided that service occurs upon actual receipt of the notice and that no other applicable state or federal rule of civil procedure regarding jurisdiction or service of process is waived or otherwise altered.
Confidential
Master Services Agreement

 

Page 64


 

Execution Copy
20.3 Continued Performance.
Each Party agrees to continue performing its obligations (subject to ACI’s rights to withhold disputed Charges under Section 14.8) under this Agreement while any dispute is being resolved, regardless of the nature and extent of the dispute, unless and until such obligations are terminated by the termination or expiration of this Agreement or by and in accordance with the final determination of the dispute resolution procedures.
20.4 Governing Law.
This Agreement and performance under it shall be governed by and construed in accordance with the laws of the State of New York without regard to any portion of its choice of law principles that might provide for application of a different jurisdiction’s law. The United Nations Convention on the International Sale of Goods shall not apply to this Agreement.
21. TERMINATION
21.1 Termination For Cause By ACI.
(a) ACI may terminate this Agreement, either in whole or by affected Service Tower, if Vendor:
(i) commits a material breach of this Agreement and fails to cure such breach within thirty (30) days after notice of breach from ACI to Vendor;
(ii) commits a material breach of this Agreement which Vendor demonstrates, during the thirty (30) day cure period, is not capable of being cured within such period and fails to (A) proceed promptly and diligently to correct the breach; (B) within thirty (30) days following such notice provide ACI with a written plan for curing the breach; and (C) cure the breach within thirty (30) days after such notice;
(iii) commits numerous breaches of the same duty or obligation which collectively constitute a material breach of this Agreement which is not cured within thirty (30) days after notice of breach from ACI; or
(iv) fails to meet the Minimum Service Level value for the same Critical Service Level for three (3) consecutive months or six (6) months during any rolling twelve (12) month period; provided that for purposes of this subsection (iv) only ACI agrees to pay Vendor for: (x) any unrecovered startup expenses, (y) unamortized assets, and (z) other reasonable out-of-pocket expenses associated with ramp-down.
(b) ACI may terminate a Service (and any other Service that is integrally related to such terminated Service) if Vendor (i) commits a material breach of this Agreement with respect to such Service and fails to cure such breach within thirty (30) days after notice of breach from ACI to Vendor, or (ii) commits a material breach of this Agreement with respect to such Service which Vendor demonstrates, during the thirty (30) day cure period, is not capable of being cured within such period and fails to (A) proceed promptly and diligently to correct the breach; (B) within thirty (30) days following such notice provide ACI with a written plan for curing the breach; and (C) cure the breach within thirty (30) days after such notice. The reductions of Services resulting from any such termination will not give rise to payment of any Termination Charges.
Confidential
Master Services Agreement

 

Page 65


 

Execution Copy
(c) For the purposes of this Section 21.1 payment of monetary damages by Vendor shall not be deemed to cure a material breach by Vendor of its obligations under this Agreement.
21.2 Termination by Vendor.
(a) Due to the impact any termination of this Agreement would have on ACI’s business, ACI’s failure to perform its responsibilities set forth in this Agreement (other than as provided in this Section 21.2) shall not be grounds for termination by Vendor, notwithstanding any provision in this Agreement to the contrary. Vendor acknowledges that ACI would not be willing to enter into this Agreement without assurance that it may not be terminated by Vendor and that Vendor may not suspend performance except, and only to the extent, provided under this Agreement.
(b) If and only if ACI fails to pay Vendor as set forth in Section 14.2 and Section 14.8 undisputed Charges under the Agreement totaling at least $50,000.00 within fourteen (14) days after the due date for such Charges, Vendor may by giving written notice to ACI terminate this Agreement as of a date specified in the notice of termination which is at least ten (10) days after the date on which such notice is received by ACI, unless ACI has cured within such timeframe.
21.3 Termination for Convenience by ACI.
At any time during the Term, ACI may terminate this entire Agreement or any one or more of the Service Towers for convenience and without cause by giving Vendor at least six (6) months’ prior written notice designating the effective termination date. In that event, on the effective date of the termination, ACI will pay to Vendor an amount calculated in accordance with Exhibit C-1 (Base Charges, Baselines, ARC/RRC Rates and Termination Charges) consisting of the sum of (A) the applicable Termination for Convenience Fee and (B) Wind Down Expenses.
21.4 Termination by ACI for Change of Control.
(a) If (i) another entity not currently an Affiliate of ACI, directly or indirectly, in a single transaction or series of related transactions, acquires either Control of ACI or all or substantially all of the assets of ACI; or (ii) ACI is merged with or into another entity, then, at any time within nine (9) months after the last to occur of such events, ACI may terminate this Agreement by (A) giving Vendor at least six (6) month’s prior written notice and designating a date upon which such termination shall be effective, and (B) by the payment of 90% of the then-applicable Termination Charge specified in Exhibit C-1 (Base Charges, Baselines, ARC/RRC Rates and Termination Charges), and Wind Down Expenses.
(b) If (i) another entity not currently an Affiliate of Vendor, directly or indirectly, in a single transaction or series of related transactions, acquires either Control of Vendor or all or substantially all of the assets of Vendor; or (ii) Vendor is merged with or into another entity that results in a change of Control of Vendor, then, at any time within nine (9) months after the last to occur of such events, ACI may terminate this Agreement by (A) giving Vendor at least six (6) months’ prior written notice and designating a date upon which such termination shall be effective, and (B) by the payment of 50% of the then-applicable Termination Charge specified in Exhibit C-1 (Base Charges, Baselines, ARC/RRC Rates and Termination Charges), and Wind Down Expenses.
21.5 Failure to Transition and Other Termination Rights.
(a) This Agreement may be terminated by ACI in whole or in part as provided in Section 13.7(e)(ii), Section 16.8, Section 18.3(c) or Section 19.6(c).
Confidential
Master Services Agreement

 

Page 66


 

Execution Copy
(b) ACI may terminate this Agreement without liability, except for payment for Services already performed, by paying 50% of the then-applicable Termination Charge specified in Exhibit C-1 (Base Charges, Baselines, ARC/RRC Rates and Termination Charges), and by paying Wind Down Expenses, if there is a change in Applicable Law that makes receiving the Services illegal. ACI may terminate this Agreement, by paying 75% of the then-applicable Termination Charge specified in Exhibit C-1 (Base Charges, Baselines, ARC/RRC Rates and Termination Charges), and by paying Wind Down Expenses, if there is a change in Applicable Law that makes receiving the Service impractical or would significantly increase the Charges for the Services.
21.6 Termination Due To A Party’s Insolvency and Related Events.
Either Party may terminate this Agreement without liability to the other Party, if the other Party (a) files any petition in bankruptcy; (b) has an involuntary petition in bankruptcy filed against it which is not challenged in forty (40) days and not dismissed within one hundred twenty (120) days of the filing of such involuntary petition; (c) makes a general assignment for the benefit of creditors; (d) admits in writing its inability to pay its debts as they mature; or (e) has a receiver appointed for a substantial portion its assets and the receivership is not released within sixty (60) days.
21.7 Intentionally left blank.
21.8 Cumulative Termination Rights.
Rights of termination under this Article 21 are cumulative. Circumstances that are relevant to one Section of this Article 21, but do not entitle the Party to terminate this Agreement under that Section, may nonetheless entitle the Party to terminate under another Section of this Article 21.
21.9 Termination/Expiration Assistance.
(a) During the Termination/Expiration Assistance Period, Vendor shall provide to ACI or, at ACI’s request, to ACI’s designee the reasonable termination/expiration assistance requested by ACI to allow the Services to continue without interruption or adverse effect and to facilitate the orderly transfer of the Services to ACI or its designee (including a competitor of Vendor) (“Termination/Expiration Assistance”).
(b) Charges for Termination/Expiration Assistance constituting continuance of the Services covered by the Monthly Base Charges will be invoiced and paid in the same manner as prior to the Termination/Expiration Assistance Period. Termination/Expiration Assistance Services outside the scope of the Monthly Base Charges that require resources beyond those account resources required to perform such in-scope Services, will be compensated on a time and materials basis at the rates set forth in Schedule C (Charges). In the event of a termination by Vendor pursuant to Section 21.2, ACI shall pay monthly in advance for such Termination/Expiration Assistance and any other Services that ACI requests Vendor to provide. Notwithstanding the foregoing, Vendor agrees that it will provide, at no additional cost to ACI, data extracts, electronic copies of all documentation pertaining to the Services (to the extent available prior to notice of termination), incident histories pertaining to the Services and copies of knowledge databases specific to ACI that are prepared by Vendor in connection with the Services.
(c) Termination/Expiration Assistance shall include the following, provided, Termination/Expiration Assistance can be performed without unreasonably interfering with the Vendor’s ability to perform the Services (unless the ACI provides Vendor in advance with the appropriate written relief from any Service or Service Level commitments or reprioritizes the Services):
Confidential
Master Services Agreement

 

Page 67


 

Execution Copy
(i) Vendor shall provide all reasonable information and assistance necessary to permit the smooth transition of Services and functions being performed by Vendor or its subcontractors to ACI or to ACI’s designee; provided, however, that if any of such information is to be disclosed to ACI’s designee, such designee must first execute Schedule M (Vendor Confidentiality Agreement) prior to receiving such information;
(ii) ACI or its designee shall be permitted to undertake, without interference from Vendor or Vendor subcontractors, to hire any Vendor Personnel primarily performing the Services as of the date of notice of termination, or, in the case of expiration, within the six (6) month period prior to expiration. Vendor shall waive, and shall cause its subcontractors to waive, their rights, if any, under contracts with such personnel restricting the ability of such personnel to be recruited or hired by ACI or ACI’s designee. ACI or its designee shall have reasonable access to such personnel for interviews and recruitment and Vendor and its subcontractors shall not interfere with any such hiring efforts;
(iii) except where the Parties have agreed otherwise in writing with respect to a specific circumstance:
(A) Vendor shall provide ACI will all licenses, sublicenses, and other rights to use any Software to which ACI is entitled pursuant to this Agreement;
(B) Vendor shall (1) obtain any Required Consents pursuant to Section 6.7 from third parties and thereafter assign to ACI or its designee leases for the Equipment that was necessary as of the date of termination or expiration of this Agreement primarily for providing the Services to the extent permitted by such leases, and ACI shall assume the obligations under such leases that relate to periods after such date or buy out the remainder of such lease; and (2) sell to ACI or its designee, at fair market value, all of the Equipment owned by Vendor that, as of the date of termination/expiration of this Agreement, was primarily used for providing the Services; and (3) to the extent assignable, assign to ACI, and ACI shall have and be entitled to, the benefits of any manufacturers’ warranties and indemnities issued with any Equipment sold (or leases to Equipment assigned) to ACI under this subsection 21.9(c)(iii)(B). Vendor shall also provide all user and other documentation relevant to such Equipment which is in Vendor’s possession. ACI shall assume responsibility under any maintenance agreements for such Equipment to the extent such responsibilities relate to periods after the date of termination or expiration of this Agreement; and
(C) Vendor shall obtain any necessary rights and thereafter make available to ACI or its designee, pursuant to reasonable terms and conditions, any third-party services then being utilized by Vendor in the performance of the Services including services being provided through third-party service or maintenance contracts on Equipment and Software. To the extent Vendor has prepaid for third party services, the benefit of which shall be received by ACI after the effective date of termination or expiration of this Agreement, ACI shall reimburse Vendor for the portion of prepayment amount attributable to ACI after such date. Vendor shall be entitled to retain the right to utilize any such third-party services in connection with the performance of services for any other Vendor customer; and
(iv) Vendor shall, within the first thirty (30) days of the Termination/Expiration Assistance Period, begin to provide and thereafter promptly provide capacity planning, consulting services, facilities planning, telecommunications planning, Software configuration, reviewing all System Software with a new service provider, generating machine readable/listings of source code to which ACI is otherwise entitled pursuant to this Agreement, uploading production databases, providing parallel processing, providing application software maintenance and support, providing testing services, and providing Equipment where practical; provided that such services are provided by the then assigned Vendor Personnel.
Confidential
Master Services Agreement

 

Page 68


 

Execution Copy
(d) “Termination/Expiration Assistance Period” means the period beginning (i) as applicable, upon ACI’s notice of termination, ACI’s notice of non-renewal, or six (6) months before the expiration of, this Agreement, or upon notice of termination of the applicable Service Tower, and ending (ii) at a time designated by ACI, which may not be later than eighteen (18) months after the expiration of the Agreement.
(e) As reasonably requested by ACI, Vendor shall provide Termination/Expiration Assistance for any Services that ACI reduces or terminates, or otherwise withdrawals from Vendor’s scope, under this Agreement.
(f) If Vendor has incorporated ACI’s Network into a Vendor proprietary telecommunications Network, or has incorporated proprietary Software, Equipment or other materials into ACI’s Network, then, at ACI’s request, Vendor will provide up to two (2) years’ continued Network services at the then current contract rates for such service.
21.10 Bid Assistance.
In the process of evaluating whether to undertake or allow termination/expiration or renewal of this Agreement, ACI may consider obtaining, or determine to obtain, offers for performance of services similar to the Services following termination or expiration of this Agreement. As and when reasonably requested by ACI for use in such a process, Vendor shall provide to ACI such information and other cooperation regarding performance of the Services as would be reasonably necessary for a third party to prepare an informed, non-qualified offer for such services, and for a third party not to be disadvantaged compared to Vendor if Vendor were to be invited by ACI to submit a proposal. The types of information and level of cooperation to be provided by Vendor shall be no less than those initially provided by ACI to Vendor prior to commencement of this Agreement. Vendor’s support in this respect shall include providing information regarding Equipment, Software, staffing and other matters that Vendor would otherwise provide as part of Termination/Expiration Assistance. Subject to Section 3.5, Vendor shall provide such support at no additional charge.
21.11 Equitable Remedies.
The Parties acknowledge that, if either Party breaches (or attempts or threatens to breach) an obligation related to confidentiality, Intellectual Property Rights, data security or to provide Termination/Expiration Assistance, the other Party may be irreparably harmed. In such a circumstance, the non-breaching Party may proceed directly to court. Nothing contained in this Section 21.11 shall be deemed to prevent a court from imposing substantive provisions or requirements, such as requiring payment for services rendered.
21.12 Charge Adjustment.
Unless otherwise expressly set forth herein, if ACI chooses to terminate this Agreement in part, the Charges payable under this Agreement shall be equitably reduced to reflect those Services which are terminated.
22. COMPLIANCE WITH LAWS
22.1 Compliance with Laws and Regulations Generally.
(a) Each Party shall perform its obligations in a manner that complies with all Applicable Laws that apply to the Parties’ businesses or, in Vendor’s case, those which also directly impact the
Confidential
Master Services Agreement

 

Page 69


 

Execution Copy
performance and use by ACI of the Services (including identifying and procuring required certificates, approvals and inspections). If a claim of non-compliance is made against a Party related to any Applicable Laws, the Party against which the claim is made shall promptly notify the other Party of such charges in writing.
(b) Without limitation to the above, Vendor warrants that it shall comply with those laws that are applicable to Vendor or Vendor’s performance of the Services as a provider of information technology services, including IT Laws, Privacy Laws, U.S. Foreign Corrupt Practices Act, data protection laws, rules and regulations, in connection with the Services and otherwise under this Agreement, including Schedule A (Statement of Work) (together Applicable Laws for which Vendor is responsible under Section 22.1(a), “Vendor Laws”).
(c) Vendor and ACI will work together to identify the effect of changes in Applicable Laws on the provision and receipt of the Services and will promptly discuss the Changes to the Services, if any, required to comply with all Applicable Laws. Vendor will provide all support reasonably required by ACI to comply with Applicable Law, and ACI’s internal audit requirements, which may be more stringent than those imposed by Applicable Law. “ACI Laws” means all laws (i) applicable to ACI’s operation of its business activities or (ii) applicable to corporations generally (i.e., environmental laws) as they may relate to ACI. If there is a change to Vendor Laws or ACI Laws or other Applicable Laws during the Term, and such change impacts the provision of, or ACI’s receipt of the Services, Vendor will work with ACI to determine the appropriate Change in the Services. Any such Change (i) in Vendor Laws increasing the cost of Vendor’s performance of its obligations will be implemented at Vendor’s sole expense and will not impact the Charges paid by ACI under this Agreement and (ii) in other Applicable Laws increasing the cost of Vendor’s performance of its obligations will be implemented at ACI’s request subject to ACI’s payment of such additional Charges as determined to be payable under the Change Control Procedure. Vendor will be responsible for any fines and/or penalties incurred by ACI arising from Vendor’s noncompliance with Vendor Laws, and ACI will be responsible for any fines and/or penalties incurred by Vendor arising from ACI’s noncompliance with ACI Laws.
22.2 Liens.
(a) Vendor hereby waives and forever releases ACI and its Affiliates and their real and personal property (whether owned or leased) from any past, present or future lien notices, lien claims, liens, encumbrances, security interests or other lien rights of any kind based, in whole or in part, on any Services provided of under this Agreement except for any judgment liens obtained by Vendor against ACI in a court of competent jurisdiction. Vendor shall obtain and provide to ACI similar waivers from all of Vendor’s subcontractors and suppliers. Nothing in this Section 22.2 shall apply to, or in any way be deemed to encumber, any of the rights Vendor and its subcontractors have in their own tangible personal and intellectual property, nor act as a release of the underlying debt, if any.
(b) Except for any judgment liens obtained by Vendor against ACI in a court of competent jurisdiction, if any lien claims or liens are filed against ACI or its Affiliates or its or their real or personal property (whether owned or leased) by any of Vendor’s subcontractors or suppliers at any tier, which are based on any work, Services, materials or Equipment provided or to be provided hereunder, then at no cost or expense to ACI, Vendor shall take actions which may be necessary to resolve and discharge as of record any lien claims or liens, including paying the claimant if necessary. If Vendor fails to take such actions in a timely manner, without waiving the breach ACI may do so without notice to Vendor and Vendor shall be responsible for all costs (including attorney’s fees) incurred by ACI in connection therewith.
22.3   Sarbanes-Oxley.
Confidential
Master Services Agreement

 

Page 70


 

Execution Copy
Notwithstanding anything to the contrary set forth in this Agreement, at all times during the Term and continuing thereafter until the completion of the audit of ACI’s financial statements for the fiscal year during which this Agreement expires or is terminated, as directed by ACI, Vendor shall, and shall cause each of its Affiliates to:
(a) maintain in effect and comply with the controls, operations and systems reflected in Schedule A (Statement of Work). Any Changes in the Services from the Effective Date which ACI would require (as ACI may determine) to comply with SOX and Section 404 thereunder shall be subject to the Change Control Procedure;
(b) Comply with the audit and reporting obligations set forth in Article 11;
(c) Promptly cooperate with ACI and its auditors in any other way that ACI and/or its auditors may reasonably request in order to: (i) enable ACI to comply with, and ACI and its auditors to evaluate whether ACI complies with the SOX as it relates to the Services; and (ii) ACI’s auditors to provide the Auditor Attestation; and
(d) generally cooperate with ACI and its auditors in any other way that ACI and/or its auditors may reasonably request in order to enable: (i) ACI to comply with, and ACI and its auditors to evaluate whether ACI complies with the SOX as it relates to the Services; and (ii) ACI’s auditors to provide the Auditor Attestation.
22.4 International Considerations.
If Vendor provides Services from outside of the United States, without limiting any of Vendor’s other obligations set forth in this Agreement and notwithstanding anything to the contrary contained in this Agreement:
(a) Vendor shall be responsible for compliance with all Applicable Laws governing the Services in the location from which the Services will be provided and shall be responsible for compliance with United States export laws and import laws of the location from which Services will be performed;
(b) to the extent that the responsibilities of ACI pertaining to the Services provided hereunder are modified by new or modified ACI Laws (and not to Applicable Laws that apply to Vendor as service provider) Vendor shall modify its performance of the Services, to the extent directed by ACI, as necessary for ACI to comply with such ACI Laws, as so modified or added; and
(c) implementation of the foregoing Services (described in Sections 22.4(a) and 22.4(b)) shall be subject to the Change Control Procedure and may give rise to a Project, as appropriate, and may (in the case new or modified laws arising under Section 22.4(b)) result in additional Charges to ACI and may (in the case new or modified laws arising under Section 22.4(b)) draw on any “pool” of hours or other allocation of Services included in the Charges.
22.5 Privacy Laws.
Without limitation to the provisions of Article 15 and subject to Section 22.4:
(a) Vendor shall comply, as to its performance of the Services, with all Applicable Laws that apply to Vendor as a provider of Services under this Agreement, and as otherwise provided in this Agreement. Subject to the foregoing, with respect to Applicable Laws relating to the confidential information and privacy rights and obligations of ACI to its Affiliates, and/or their customers and
Confidential
Master Services Agreement

 

Page 71


 

Execution Copy
consumers, including Title V of the Gramm-Leach-Bliley Act, 15 USC §6801 et. seq. and the Economic Espionage Act, 18 USC §1831 et. seq., it shall be the obligation of ACI to assure compliance to the extent that any action of ACI that is required for compliance is not included as an express part of the Services described in Schedule A (Statement of Work). Vendor may receive any Personally Identifiable Information. Subject to the foregoing, but notwithstanding any provisions in this Agreement to the contrary, the Parties agree that, if ACI has certain requirements as to its business as a result of such regulated status and Applicable Laws, including Privacy Laws or Privacy Rules, compliance shall be and remain the responsibility of ACI, and the responsibility of Vendor shall be to perform any acts or actions in support of such compliance by ACI as are expressly specified in Schedule A (Statement of Work).
(b) Vendor shall comply with any other Applicable Laws relating to privacy not referred to directly or indirectly in Section 22.5(a) to the extent such laws are applicable to Vendor as a provider of information technology services.
(c) For purposes of this Agreement the term “Data Owner” shall mean the Party having ownership of the data and, as a result, the authority to direct the purposes for which any item of data is processed or used, and the term “Service Provider” shall mean the Party providing services to the Data Owner, including the processing of the data on behalf and upon instruction of the Data Owner. ACI will be and remain the Data Owner of the ACI Data for purposes of this Agreement and all Applicable Laws relating to data privacy, personal data, transborder data flow and data protection, with rights under such laws and under this Agreement to determine the purposes for which the ACI Data is processed. As Data Owner, ACI is directing Vendor to process the ACI Data in accordance with the terms of this Agreement and is consenting to Vendor’s access to the ACI Data solely for such purpose. Vendor agrees to process the ACI Data in accordance with the terms of this Agreement and, in doing so Vendor will be and remain the Service Provider under this Agreement, in addition to complying with its contractual obligations hereunder, and will comply with all responsibilities of a Service Provider under Applicable Law as of the Effective Date. To the extent that such responsibilities of a Service Provider are subsequently modified by new or modified Applicable Laws applying to Vendor in its capacity as a provider of service, such new or modified responsibilities will be considered to be a part of the Services to be provided by Vendor under this Agreement. To the extent that such responsibilities of a Service Provider are subsequently modified by new or modified Applicable Laws applying to the Data Owner and not to the Service Provider in its capacity as a provider of services, Vendor shall perform Services, to the extent directed by Data Owner, as necessary for Data Owner to comply with such Applicable Laws, as so modified or added, but such activities will be subject to the Change Control Procedure.
23. GENERAL
23.1 Binding Nature and Assignment.
This Agreement shall be binding on the Parties and their respective permitted successors and assigns. Neither Party may, or shall have the power to, assign this Agreement without the prior written consent of the other Party, except that ACI may assign its rights and obligations under this Agreement without the approval of Vendor to (a) an entity that acquires all or substantially all of the assets of ACI’s line of business to which the Services relate; (b) any ACI Affiliate; or (c) the successor in a merger or acquisition of ACI; provided that, (i) the assignee assumes and agrees in writing to be bound by the obligations set forth in this Agreement, (ii) is not a Vendor Competitor and (iii) has a credit rating equal to or higher than ACI. Vendor may without approval from ACI elect to assign to a third party the right to receive payment for the performance of the Services. Any Party assigning its rights or obligations to an Affiliate in accordance with this Agreement shall, within ten (10) Business Days after such assignment, provide notice thereof to the other Party together with a copy any relevant provisions of the assignment document. Subject to the foregoing, any assignment by operation of law, order of any court, or pursuant
Confidential
Master Services Agreement

 

Page 72


 

Execution Copy
to any plan of merger, consolidation or liquidation, shall be deemed an assignment for which prior consent is required and any assignment made without such consent shall be void and of no effect as between the Parties.
23.2 Mutually Negotiated.
Each Party acknowledges that the limitations and exclusions contained in this Agreement have been the subject of active and complete negotiation between the Parties and represent the Parties’ agreement based upon the level of risk to ACI and Vendor associated with their respective obligations under this Agreement and the payments to be made to Vendor and credits to be issued to ACI pursuant to this Agreement. The Parties agree that the terms and conditions of this Agreement (including any perceived ambiguity in this Agreement) shall not be construed in favor for or against any Party by reason of the extent to which any Party or its professional advisors participated in the preparation of the original or any further drafts of this Agreement as each Party has been represented by counsel in its negotiation of this Agreement and it represents their mutual efforts.
23.3 Joint Verification
During the ninety (90) day period after the final Service Tower Commencement Date (the “Joint Verification Period”), ACI and Vendor may inventory and validate any information that is reflected in or omitted from the Agreement which is based on the information provided by ACI, such as the Third Party Contracts (including leases, and licenses). If, during such Joint Verification Period, ACI or Vendor discovers inaccuracies in such information contained in the Agreement or inaccuracies because of an omission from the Agreement pertaining to such information, Vendor and ACI will amend the Agreement to provide for an equitable adjustment to the Charges, Baselines, Service Levels and other terms of the Agreement affected by such inaccuracies. If ACI or Vendor disputes the inaccuracy or the equitable adjustment, ACI and Vendor will submit the matter to in accordance with Section 20.1.
23.4 Notices.
All notices, requests, demands and determinations under this Agreement (other than routine operational communications), shall be in writing and shall be deemed duly given: (a) when delivered by hand, (b) on the designated day of delivery after being timely given to an express overnight courier with a reliable system for tracking delivery, (c) when sent by confirmed facsimile or electronic mail with a copy sent by another means specified in this Section 23.3, or (d) six (6) days after the day of mailing, when mailed by United States mail, registered or certified mail, return receipt requested and postage prepaid, and addressed as follows:
     
In the case of ACI:
  with copies to:
 
   
ACI Worldwide, Inc.
  ACI Worldwide, Inc.
Attention: Chief Administrative Officer
  Attention: General Counsel
120 Broadway, Suite 3350
  6060 Coventry Drive
New York, NY 10271
  Omaha, NE 68022
 
   
In the case of Vendor to:
  with copies to:
 
   
International Business Machines Corporation
  International Business Machines Corporation
Attention: Vendor Project Executive
  Office of Associate General Counsel
3613 Ruth Street
  MD4202, Route 100
Indian Trail, NC 28079
  Somers, NY 10589
Confidential
Master Services Agreement

 

Page 73


 

Execution Copy
A Party may from time to time change its address or designee for notification purposes by giving the other prior written notice of the new address or designee and the date upon which it will become effective. Because facsimile numbers and email addresses may change over time and facsimile transmissions and emails may not be treated with the same degree of seriousness as more formal communications, notices given by facsimile or email shall only be deemed effective if responded to by the intended recipient (or his or her successor).
23.5 Counterparts.
This Agreement may be executed in several counterparts, all of which taken together shall constitute but one single agreement between the Parties.
23.6 Headings.
The section headings and the table of contents used in this Agreement are for reference and convenience only and shall not enter into the interpretation of this Agreement.
23.7 Relationship of Parties.
The Parties are acting as independent contractors. Each Party has the sole right and obligation to supervise, manage, contract, direct, procure, perform or cause to be performed, all work to be performed by it under this Agreement. No contract of agency and no joint venture is intended to be created hereby. Neither Party is an agent of the other and has no authority to represent the other Party as to any matters, except as expressly authorized in this Agreement. None of either Party’s employees shall be deemed employees of the other and ACI and Vendor shall be responsible for reporting and payment of all wages, unemployment, social security and other payroll taxes, including contributions from them when required by law for their respective employees. Neither Party shall have actual, potential or any other control over the other Party or its employees.
23.8 Severability.
If any provision of this Agreement conflicts with the law under which this Agreement is to be construed or if any such provision is held invalid by a competent authority, such provision shall be deemed to be restated to reflect as nearly as possible the original intentions of the Parties in accordance with Applicable Law. The remainder of this Agreement shall remain in full force and effect.
23.9 Consents and Approvals.
Where approval, acceptance, consent or similar action by either Party is required under this Agreement, all such consents and approvals will be in writing and shall not be unreasonably delayed or, except where expressly provided as being in the discretion of a Party, withheld. Each Party shall, at the request of the other Party, perform those actions, including executing additional documents and instruments, reasonably necessary to give full effect to the terms of this Agreement.
23.10 Waiver of Default.
A delay or omission by either Party in any one or more instances to exercise any right or power under this Agreement shall not be construed to be a waiver thereof. A waiver by either of the Parties of any of the covenants to be performed by the other or any breach thereof shall not be construed to be a
Confidential
Master Services Agreement

 

Page 74


 

Execution Copy
waiver of any succeeding breach thereof or of any other representation, warranty or covenant contained herein.
23.11 Cumulative Remedies.
Except as otherwise expressly provided in this Agreement, no remedy provided for in this Agreement shall be exclusive of any other remedy and all remedies shall be cumulative and in addition to and not in lieu of any other remedies available to either Party at law or in equity.
23.12 Survival.
Sections 1.2, 2, 3.12, 5.3(g), 7, 11.2, 11.5, 11.6, 13.4, 14.2, 14.3, 14.5, 14.6, 14.7, 14.8, 15.1 through 15.4, 16.6, 16.8, 16.12, 16.14, 16.15, 18, 19.1 through 19.4, 20, 21.8, 21.9, 21.10, 21.11 and this Section 23 (except Section 23.3) and any other provision that by its terms is intended to survive termination or expiration of this Agreement, shall survive any expiration or termination of this Agreement.
23.13 Public Disclosures.
All media releases, public announcements and public disclosures by either Party relating to this Agreement or the subject matter of this Agreement, including promotional or marketing material, but not including announcements intended solely for internal distribution or disclosures to the extent required to meet legal or regulatory requirements beyond the reasonable control of the disclosing Party, shall be coordinated with and approved by the other Party in writing prior to release, and be subject to Section 23.13 below.
23.14 Use of Name.
Each Party agrees that it will not directly or indirectly, without the prior written consent of the other’s corporate communications department, use for the purposes of advertising, promotion or publicity or otherwise, the name of the other Party or any of its divisions, subsidiaries or Affiliates, or any trademarks, trade names, service marks, symbols or any abbreviation or permutation thereof, of or associated with the other Party or of any of its divisions, subsidiaries or Affiliates.
23.15 365(n).
All licenses granted under or pursuant to this Agreement by Vendor to ACI and ACI Affiliates are, and shall otherwise be deemed to be, for purposes of Section 365(n) of the United States Bankruptcy Code (the “Code”), licenses to rights to “intellectual property” as defined in the Code. ACI and ACI Affiliates, as licensee of such rights under this Agreement, shall retain and may fully exercise all of its rights and elections under the Code. In the event of the commencement of bankruptcy proceedings by or against Vendor under the Code, ACI and ACI Affiliates shall be entitled to retain all of its rights under the licenses granted hereunder.
23.16 Third Party Beneficiaries.
This Agreement is entered into solely between, and may be enforced only by, ACI and Vendor, and this Agreement shall not be deemed to create any rights in third parties, including suppliers and customers of a Party, or to create any obligations of a Party to any such third parties.
23.17   Covenant of Good Faith.
Confidential
Master Services Agreement

 

Page 75


 

Execution Copy
Each Party in its respective dealings with the other Party under or in connection with this Agreement, shall act reasonably and in good faith.
23.18 Non-Solicitation.
Except as contemplated under Section 5.2 and Section 21.9(c)(ii), during the Term and for a period of one (1) year thereafter, neither Party will solicit or hire any individual while that individual is an employee or dedicated consultant of the other Party and involved in the provision or management or receipt of the Services. This Section 23.17 will not restrict the right of either Party to solicit or recruit generally in the media or prohibit either Party from hiring an employee of the other who answers any advertisement or who otherwise voluntarily applies for hire by the hiring Party, provided that the hiring Party has not taken any action to intentionally solicit or recruit such employee of the other prior to such employee answering such advertisement or voluntarily applying.
23.19 Order of Precedent.
If there is a conflict among the terms in the various documents within this Agreement to the extent the conflicting provisions can reasonably be interpreted so that such provisions are consistent with each other, such consistent interpretation will prevail. To the extent that consistent interpretations cannot reasonably be derived, then (a) this Agreement (exclusive of its Schedules) will prevail over a conflicting term in its Schedules, (b) a Schedule (exclusive of its Exhibits) will prevail over a conflicting term in the Exhibits to such Schedule and an Exhibit (exclusive of its Attachments) will prevail over a conflicting term in the Attachments to such Exhibit.
23.20 Entire Agreement; Amendment.
This Agreement, including any Schedules and Exhibits referred to in this Agreement and attached to this Agreement, each of which is incorporated in this Agreement for all purposes, constitutes the entire agreement between the Parties with respect to the subject matter contained in this Agreement and supersedes all prior agreements, whether written or oral, with respect to such subject matter. Neither the course of dealings between the Parties nor trade practices shall act to modify, vary, supplement, explain or amend this Agreement. If either Party issues any purchase order, terms or conditions, or other form, it shall be deemed solely for the administrative convenience of that Party and not binding on the other Party, even if acknowledged or acted upon. No change, waiver or discharge hereof shall be valid unless in writing and signed by an authorized representative of the Party against which such change, waiver or discharge is sought to be enforced. There are no promises, representations, warrantees or other commitments relied upon by either Party which are not expressly set forth in this Agreement.
[Signature Page to Follow]
Confidential
Master Services Agreement

 

Page 76


 

Execution Copy
IN WITNESS WHEREOF, the Parties have each caused this Master Services Agreement to be signed and delivered by its duly authorized officer as of the Effective Date.
             
INTERNATIONAL BUSINESS MACHINES CORPORATION   ACI WORLDWIDE, INC.
 
           
By:
  /s/ Arthur G. Gopfert   By:   /s/ David N. Morem
 
           
 
           
Name:
  Arthur G. Gopfert   Name:   David N. Morem
 
           
 
           
Title:
  Director of Services- GTS   Title:   SVP, Global Business Operations
 
           
 
           
Date:
  March 17, 2008   Date:   March 17, 2008
 
           
Confidential
Master Services Agreement

 

Page 77


 

SCHEDULE A
STATEMENT OF WORK
1.0   INTRODUCTION
 
    The following documents comprise the entire Statement of Work (SOW) in the Agreement;
  1.   Exhibit A-1 — Delivery Management Services (Cross Functional)
  1.1.   Attachment A-1 — Services Definitions
  2.   Exhibit A-2 — Asset Services
 
  3.   Exhibit A-3 — Service Desk Services
 
  4.   Exhibit A-4 — End User Services
 
  5.   Exhibit A-5 — Server Systems Management Services (including Mainframe)
 
  6.   Exhibit A-6 — Storage Management Services
 
  7.   Exhibit A-7 — Data Network Services
 
  8.   Exhibit A-8 — Enterprise Security Management Services
 
  9.   Exhibit A-9 — Disaster Recovery and Business Continuity Services
Confidential
Schedule A — Statement of Work

 

Page 1 of 1


 

Execution Copy
EXHIBIT A-1
DELIVERY MANAGEMENT SERVICES (CROSS FUNCTIONAL)
1.   INTRODUCTION
This Exhibit describes the duties and responsibilities of Vendor and ACI related to Vendor’s provision of the Services.
Requirements for New Services will be handled through the Contractual Change Control Procedure and Vendor will work with ACI to assess the impact of these requirements on ACI’s operating environment.
This Exhibit sets forth the Delivery Management Services that the Vendor will provide, as of the Service Tower Commencement Date unless otherwise specified, for all Services that affect multiple Service Towers described in this Exhibit.
2.   SERVICES MANAGEMENT
ACI is working towards basing its Service Management practices on the Information Technology Infrastructure Library (ITIL V3.0), a world’s best-practice framework for the delivery of IT services. Accordingly, ACI requires that Vendor Service Management practices, which are used to support the Services, also be based on the ITIL V3.0 framework.
Vendor responsibilities include the following:
  a.   Deploy a set of service support processes (ITIL V3.0-based) to enable consistent management of process-driven IT services seamlessly across a variable number of vendors.
  (1)   Design processes to enable the effective monitoring and reporting of the IT services in a multi-vendor environment through the appropriate deployment of the relevant tools and procedures globally.
  (a)   The deployment of tools across Vendor and third-party vendor(s) will go through the change management process.
  b.   Coordinate the execution of all the processes across Vendor and all third-party vendor(s) in order that all the individual components that make up the IT services are managed in an end-to-end manner.
  c.   Integrate any systems supporting these processes to provide a seamless view of Service delivery to ACI.
2.1   Process Interface Manual
  a.   The Process Interface Manual will:
  (1)   Document detailed processes requiring interface between the Vendor and ACI (for example, change management process, Problem Management/Incident Management, Asset Management).
Confidential
Exhibit A-1 — Delivery Management Services (Cross Functional)

 

Page 1 of 41


 

  (2)   Be used by Vendor to provide the Services.
 
  (3)   Identify the process interfaces.
 
  (4)   Describe how ACI and Vendor will interact during the Term.
  (5)   Document all operations procedures, Services, Equipment, and Software for which Vendor is responsible.
  (6)   Document, using ACI-provided information Application requirements that affect Operations, along with procedural information and contact information for each Application.
  (7)   Document procedures to be utilized by End Users for the correct use of the Services, Equipment, Software, connectivity, security, and Service Desk.
Until such time as ACI and Vendor complete and ACI approve the Vendor Process Interface Manual, Vendor will use ACI’s current processes and procedures existing as of, and delivered to Vendor prior to, the Effective Date to the extent that such processes and procedures are applicable to the new operating environment. In the event that ACI does not have existing processes and procedures as of the Effective Date or such processes and procedures do not apply to the new operating environment, Vendor will document the processes and procedures for ACI’s environment existing prior to the Effective Date as required by Vendor to perform the Services. The final Vendor Process Interface Manual will supersede all prior processes and procedures unless otherwise specified.
  b.   Vendor Responsibilities
Vendor will:
  (1)   Assign an individual to be the single point of contact to ACI for the Process Interface Manual development and maintenance.
  (2)   Provide ACI the proposed table of contents and format for the Process Interface Manual for ACI’s review and approval.
  (3)   Develop and provide ACI the draft Process Interface Manual, which will be customized by Vendor to reflect the process interfaces between ACI and Vendor.
  (4)   Review ACI feedback and revise the draft Process Interface Manual to incorporate mutually agreed changes.
  (5)   Provide the final version of the Process Interface Manual to ACI.
  (6)   Conduct joint annual process maturity assessments, identify process inhibitors, and propose process improvements to ACI.
  (7)   Jointly review the Process Interface Manual on an annual basis or more frequently, as required, and update and maintain the Process Interface Manual accordingly.
  (8)   Provide appropriate Vendor employees with access to the Process Interface Manual, as required, with electronic copies provided to ACI.
Confidential
Exhibit A-1 — Delivery Management Services (Cross Functional)

 

Page 2 of 41


 

  c.   ACI Responsibilities
ACI will:
  (1)   Assign an individual to be the single point of contact to Vendor for the Process Interface Manual development and maintenance.
  (2)   Review and approve the proposed table of contents and format for the Process Interface Manual.
  (3)   Review and provide to Vendor, in writing, ACI’s comments, questions and proposed changes to the draft Process Interface Manual.
  (4)   Acknowledge ACI’s receipt of the final version of the Process Interface Manual.
  (5)   Identify process inhibitors and propose process improvements to Vendor, as appropriate.
  (6)   Jointly review the Process Interface Manual on an annual basis or more frequently, as required.
  (7)   Provide appropriate ACI employees with access to the Process Interface Manual, as required.
2.2   Processes
Vendor will provide to ACI, and the Parties will mutually agree on and use, the following processes for managing the Services. The Service Management Processes and Service Delivery Processes, set forth below and further defined in the Process Interface Manual, will apply, in some combination, to all the Services and will be implemented, as described in this Exhibit.
The following Service Management Processes will be used by ACI and Vendor for managing the Vendor Services:
2.2.1   CHANGE MANAGEMENT
Change management process is the process for planning, testing, coordinating, implementing and monitoring changes affecting service delivery and the operating environments without adversely impacting service delivery.
Change management will protect the production environment and its services.
  a.   The Vendor responsibilities include the following:
  (1)   Provide development, implementation, and ongoing management of the necessary ACI approved processes, procedures, and management discipline necessary to fulfill the Agreement’s change management process requirements.
Confidential
Exhibit A-1 — Delivery Management Services (Cross Functional)

 

Page 3 of 41


 

  (2)   Communicate the change management process within Vendor’s own organization and to each third-party vendor(s).
  (3)   Verify that the effective execution of the change management process, as well as an appropriate review of planned changes, takes place with due consideration of the business and technology risk of planned changes, taking into consideration all defined criteria (such as complexity of change, the skill level of the individual(s) executing the change, the planned change execution timeframe, the change slot timeframe, the back-out timeframe, and the relevant business processing criticality).
  (4)   With proper authorization, stop any planned changes that, in the professional view of the person(s) performing the Services, would compromise the continuation of Services to ACI, and act as the gatekeeper to production, unless expressly overridden by the ACI’s Operations Manager in accordance with the approved Change Advisory Board escalation process.
  (a)   Assume responsibility for escalating any issues arising from the decision to stop a planned change.
  (5)   Manage and conduct the review of any change failures, and provide a strong interlock between change and Incident Management and Problem Management processes so that post-change issues can be linked to the change activity where relevant.
  (6)   Manage to resolution any deviation from effective change management process, ensuring the purposeful review and closure of failed changes.
  (7)   Facilitate and lead information exchange between and among Vendor and the third-party vendors in order to drive an effective end-to-end change management process.
  (8)   Do not make changes that (i) may adversely affect the function or performance of, or decrease the resource efficiency of the Services, (ii) increase ACI’s costs or fees, (iii) impact its customers or (iv) impact the way in which ACI conducts its business or operations, without obtaining prior ACI approval following ACI procedures.
  b.   ACI will provide Vendor with contact information related to change management process procedures.
Change Management General
  a.   The Vendor responsibilities include the following:
  (1)   Receive and record changes.
 
  (2)   Assess the impact and risk of the proposed changes.
  (3)   Provide and maintain compliance with ACI policies.
Confidential
Exhibit A-1 — Delivery Management Services (Cross Functional)

 

Page 4 of 41


 

  (4)   Perform all changes in ACI’s IT environment pertaining to the Services, including changes to individual components and coordination of changes across all components.
  (5)   Make all changes in accordance with change management process procedures approved by ACI.
 
  (6)   Monitor and report on the change implementation.
 
  (7)   Review and close all changes.
  (8)   Integrate the Vendor change management process with ACI’s change management process and systems, as well as with the third-party vendor(s)’ change management process processes, and with where the processes interact. Cooperate with the Service Desk and third-party vendor(s) for changes across all applications, system components, and parties.
  (9)   Integrate the change management process with other Service Management processes, especially Incident Management, Problem Management, Configuration Management, and IT Service Continuity Management.
  (10)   Deploy workflow-based tools to automate the process of scheduling, describing, authorizing, tracking, and reporting on changes.
 
  (11)   Collect data on every change attempted, including:
  (a)   The reason for change.
 
  (b)   Detailed description of change.
  (c)   Whether the change was successful from the perspective of the authorized users of the system.
  (12)   Summarize the changes made each week, and report the information to ACI on a weekly basis.
  (13)   Capture all ACI change data centrally, and make it available to ACI.
  (14)   Provide an audit trail of any and all changes to the production environment in order to determine the change made and the authorization to make the change.
  (15)   Conduct post implementation reviews (PIR) on failed changes as requested by ACI.
  (16)   Confirm that all changes are performed to ACI’s specifications provided to Vendor as ACI determines necessary to conform to regulations (i.e., Sarbanes/Oxley Act) or requirements.
Confidential
Exhibit A-1 — Delivery Management Services (Cross Functional)

 

Page 5 of 41


 

  (17)   Work diligently to ensure that the change management process achieves:
  (a)   Efficient implementation of changes.
 
  (b)   Clear accountability.
 
  (c)   Minimization of risk.
 
  (d)   Minimization of business disruption.
 
  (e)   Effective coordination and communication.
  b.   ACI will:
  (1)   Record changes in the change management process tool for Applications changes.
  (2)   Provide to Vendor the ACI specifications for conformance to regulations as set forth in the Sarbanes/Oxley Act.
  (3)   Conduct Post Implementation Reviews (PIR) on failed changes as requested by ACI for Applications changes.
  (4)   Provide lead personnel to lead, drive and respond to Application Incidents and Problems.
Management
  a.   The Vendor responsibilities include the following:
  (1)   Develop and implement a standardized method and procedure for the efficient and effective handling of all changes (an overall change management process process), including the Change Advisory Boards (CAB) to manage changes to the Services, subject to approval from ACI, in a way that minimizes risk exposure and maximizes availability of the Services.
  (2)   Coordinate change management process activities across all functions, ACI Locations, regions, and third-party vendor(s) that provide services to ACI.
  (3)   Perform the function of promoting code to production (sometimes called, “move to production”), as requested.
  (4)   Deploy tools to automate the process of scheduling, describing, tracking, and reporting on changes to the environment.
  (5)   Integrate change management process processes with Tivoli Configuration Manager.
  (6)   Make any changes necessary to provide the Services and to meet all required Service Levels, based on ACI-approved change management process procedures.
  (7)   In an emergency, gain approvals from ACI according to change management process procedures.
  (8)   Designate and maintain clear ownership for individual changes throughout the process.
Confidential
Exhibit A-1 — Delivery Management Services (Cross Functional)

 

Page 6 of 41


 

  b.   ACI will manage the control of the Application production libraries.
Process and Procedures
  a.   The Vendor responsibilities include the following:
  (1)   Document the change management process and procedures in accordance with the requirements in the Process Interface Manual and as stated in the Exhibit.
  (2)   On a weekly basis, participate in change management process meetings with ACI’s change manager or designee.
  (3)   Submit proposed changes, based on the impact and risk associated with a change, with non-emergency changes submitted, on average 2 weeks in advance to ACI. At a minimum, each submitted proposed change will include:
  (a)   A description of the change.
  (b)   The purpose and justification for the change, including any corresponding service request, or Incident, or Problem identifiers.
  (c)   A list of Service(s), internal or external customer(s), and third-party vendor(s) potentially affected by the change.
  (d)   The proposed schedule, including implementation date(s) and approximate time(s) for determination of any existing conflict with business events.
 
  (e)   The proposed implementation procedures.
 
  (f)   A rating of the potential risk, business impact, and/or complexity of the change.
  (g)   Where a proposed change represents a potentially high risk or high impact to ACI’s operations or business, or at the request of ACI, Vendor will also:
  (i)   Include a comprehensive end-to-end test plan (including clear change acceptance criteria), notification and escalation lists, and work-around plans.
  (ii)   Include a comprehensive contingency plan, including a back-out plan and procedures (with specific criteria to initiate the execution of the back-out plan).
  (4)   Verify, with ACI’s change manager, compliance with ACI policies.
  (5)   Review proposed changes and schedules with ACI, and obtain all necessary approvals for proposed changes.
  (6)   Coordinate with ACI all affected third parties and designated representatives at Locations potentially affected by a change in order to minimize disruption of normal business processes.
Confidential
Exhibit A-1 — Delivery Management Services (Cross Functional)

 

Page 7 of 41


 

  (7)   Manage system changes and activities required by moves, upgrades, replacements, and migrations for those changes originating from a responsibility of Vendor.
  (8)   Include rollout, testing, and roll-back plans for every request for change.
  (9)   Provide information to ACI in accordance with ACI’s change management process on the outcome of any Request for change and the updated status after each change is implemented.
  (10)   Update all operational and other documentation affected by the change.
  (11)   Report the status of scheduled changes, including maintaining a comprehensive list of projects and dates.
  (12)   Collect data on every change attempted, which includes the following:
  (a)   Include the cause of any Incidents, measures taken to prevent recurrence, and whether the change was successful from the perspective of the End User or Third Party affected by the change.
  (b)   Summarize and report this data to ACI on a weekly basis.
  (13)   Provide an audit trail of any and all changes to all environments, which should include a record of the change made and the authorization to make the change.
  (14)   Conduct Post Implementation Reviews (PIR) on failed changes, if requested by ACI.
  (15)   Provide ACI with the ability to pre-approve certain types of routine operational changes (Standard Changes). Such approvals shall be documented in the Process Interface Manual.
  (16)   Assist ACI in developing test plans and contingency plans for Application changes.
  b.   For Application changes, ACI will:
  (1)   Include a comprehensive end-to-end test plan (including clear change acceptance criteria), notification and escalation lists, and work-around plans.
  (2)   Include a comprehensive contingency plan, including a back-out plan and procedures (with specific criteria to initiate the execution of the back-out plan).
Confidential
Exhibit A-1 — Delivery Management Services (Cross Functional)

 

Page 8 of 41


 

Maintenance Periods
  a.   The Vendor responsibilities include the following:
  (1)   Perform routine maintenance during regular periods scheduled in advance and approved by ACI.
  (2)   Validate that systems will be unavailable during maintenance windows only to the extent necessary for systems maintenance purposes.
  (3)   Provide at least thirty (30) days prior notice to ACI of the maintenance to be performed during scheduled maintenance windows.
  (a)   Change scheduled maintenance windows at ACI’s request and upon reasonable notice.
  (4)   Schedule Outages for maintenance, expansions, and modifications during hours that meet ACI’s business needs and external contractual obligations.
  (a)   Allow ACI, at any time at its discretion, to specify “freeze” periods during which Vendor will not make any changes.
  (5)   If there is a need for emergency systems maintenance, provide ACI with as much notice as reasonably practicable (ACI has the final change authorization), and perform such maintenance so as to minimize interference with the business and operational needs of ACI.
  (6)   Fully test changes to the IT environment and resolve faults, if possible, prior to production startup, including inter-operability testing.
Change Management Reporting
  b.   The Vendor responsibilities include the following:
  (1)   Create and maintain a Forward Schedule of change (FSC) of upcoming releases and changes as part of ACI’s change management process process.
 
  (2)   Provide monthly reports in a format agreed with ACI.
  (3)   Provide a weekly report in a format agreed with ACI that, at a minimum, includes:
  (a)   The status of all changes active at the beginning of the week and all changes raised during the week.
 
  (b)   The changes to be implemented the following week.
 
  (c)   The changes submitted for approval.
  (4)   Participate in or lead regularly scheduled change meetings with ACI and third-party vendor(s).
  (5)   Review proposed changes and schedules through a formal walk-through process with ACI and third-party vendor(s), and obtain all necessary approvals for proposed changes.
Confidential
Exhibit A-1 — Delivery Management Services (Cross Functional)

 

Page 9 of 41


 

2.2.2   Escalation Management
Escalation Management is the process for escalating and resolving issues associated with requests (for example, change requests, incident resolution requests, problem resolutions).
  a.   Vendor responsibilities include:
  (1)   Escalate unresolved Incidents, problems and requests according to procedures approved by ACI, and automatically prioritize high-impact Applications, Software and Equipment so that, when outages occur, they are treated with the highest priority.
  (2)   Define, with ACI, and obtain ACI approval on Escalation procedures that reflect and describe:
  (a)   The Severity Level of the Incident.
  (b)   The Location of the Incident and the name and/or number of affected End User.
  (c)   The elapsed time before a Incident is escalated to the next higher Severity Level.
  (d)   The levels of involvement (and notification) of Vendor management and ACI management at each Severity Level.
  b.   ACI will provide Vendor with definition of high-impact Applications, Software and Equipment.
  c.   Vendor will provide a process for escalating to ACI, or the Vendor management, Incidents not resolved in the time frames appropriate to the severity of the Incident and the priority of the user.
The Vendor responsibilities include the following:
  (1)   Escalate unresolved Incidents according to procedures approved by ACI, and automatically prioritize high-impact Applications, Software, and Equipment, such that they are treated with the highest priority.
  (2)   Implement escalation procedures that reflect and describe the following items:
  (a)   Severity Level of the Incident.
  (b)   Location of the Incident and the name and/or number of affected internal or external customers.
  (c)   Elapsed time before an Incident is escalated to the next higher Severity Level.
Confidential
Exhibit A-1 — Delivery Management Services (Cross Functional)

 

Page 10 of 41


 

  (d)   The levels of involvement (and notification) of Vendor management and ACI management at each Severity Level.
  (e)   Investigative and diagnostic activities to identify workarounds for each Incident.
  (f)   Incident resolution activities to restore normal service in compliance with the Service Levels.
  (g)   Ability to resolve Incidents by matching Incidents to known errors that are stored in a known error database.
  (h)   Ability to resolve Incidents by implementing workarounds that are stored in a knowledge base.
  (i)   Escalation process used to escalate Incidents to appropriate support teams when necessary.
  (j)   Escalation process used to escalate Incidents to Vendor and/or ACI’s management team.
  (k)   Ability to generate change requests where necessary for the implementation of workarounds.
  (l)   Ability to record all information on the details of the Incident and the corrective action for later statistical analysis.
  (3)   Create an audit trail of all activity that creates, changes, or deletes data and user access to systems that contain ACI data.
2.2.3   Incident Management
 
    Incident Management is the process for minimizing the impact of Incidents affecting the availability of the Services and the timely recovery of service delivery, which is accomplished through analysis, tracking, and prevention of Incidents.
 
    General
   a.   The Vendor responsibilities include the following:
  (1)   Provide an Incident Management process that will restore service operation as quickly as possible with minimum disruption to the business, thus enabling the best achievable levels of availability and service quality to be maintained to promote internal or external customer satisfaction.
  (2)   Manage the effective execution of Incident Management to achieve its primary purpose to restore service as quickly as possible with minimal business impact.
  (3)   Implement an Incident Management process that is flexible and facilitates effective communication and coordination across functions, ACI Locations, regions and third-party vendor(s).
Confidential
Exhibit A-1 — Delivery Management Services (Cross Functional)

 

Page 11 of 41


 

  (4)   Integrate the Vendor Incident Management process with the other Service Management processes, especially Problem Management, Configuration Management, and change management process.
  (5)   Validate that the Incident Management process provides an audit trail.
  (a)   It is essential that detailed audit information be recorded of all activity that creates, changes, or deletes data and user access to systems that contain ACI data.
  (b)   Audit information should be comprehensive spanning multiple applications, systems components, or parties, if applicable.
  (6)   Vendor will communicate the Incident Management process to the Vendor organization, ACI, and each third-party vendor(s) involved in the delivery of IT services.
  (7)   Facilitate and lead information exchange between and among Vendor, ACI, and/or third-party vendor(s) to improve end-to-end Incident Management.
  (8)   Develop and document processes regarding interfaces, interaction, and responsibilities between Level 1 support personnel, Level 2 support personnel, and any other internal or external persons or entities that may either raise an Incident, or receive an Incident.
  (9)   Wherever possible, designate end-to-end responsibility and ownership for each Incident to a single Vendor Service Desk staff member, thus minimizing redundant contacts with End Users.
  (10)   Provide a mechanism for expedited handling of Incidents that are of high business priority to ACI and third-party vendor(s), based on the assigned Severity Level, as per escalation processes described in the Incident and Problem Management Procedures.
  (11)   Develop and maintain a process to promote Incidents into the Incident Management process based on the Severity Level of the Incident.
  b.   ACI will validate that the Incident Management process provides an audit trail that meets the mandatory legislative and policy requirements to which ACI must comply.
All Incidents
a. The Vendor responsibilities include the following:
  (1)   Receive and log all Incidents (including submissions received by telephone or electronically) and open an Incident Record.
  (2)   Provide Incident detection, reporting, recording, and initial support.
Confidential
Exhibit A-1 — Delivery Management Services (Cross Functional)

 

Page 12 of 41


 

  (3)   For Incidents other then Application Incidents, provide Incident investigation, diagnosis, impact analysis, and reclassification, (as agreed to by ACI) as reasonably required. For Application Incidents, provide tracking, logging, reporting, Escalation Management, analysis and determination to escalate to ACI, and overall tracking until the Incident is closed.
  (4)   Utilize and update the Incident Management System with all relevant information relating to an Incident.
 
  (5)   Make an initial determination of the potential resolution.
  (6)   Link multiple contacts pertaining to the same Incident to the associated Incident Record.
  (7)   Resolve as many Incidents as possible during the End User’s contact with the Service Desk, without transferring the call or using any escalation.
  (8)   Resolve Incidents requiring Level 1 support and close the Incident after receiving confirmation from the affected End User that the Incident has been resolved.
  (9)   Resolve Incidents arising from or related to the Services, including break/fix Equipment and Software support.
  (10)   Act proactively, and coordinate with all other internal and external third parties to resolve Incidents.
  (11)   Transfer Incidents within specified time limits to the appropriate party without compromising Service Levels or security requirements.
 
  (12)   Provide or coordinate the final resolution.
  (13)   Escalate issues to the appropriate levels for resolution in accordance with escalation procedures approved by ACI.
  (14)   Escalate an Incident where the Incident cannot be resolved within the relevant Service Levels or agreed timeframe.
  (15)   Close an Incident either, after receiving confirmation from the affected End User that the Incident has been resolved, or after 3 unsuccessful attempts to contact the End User.
  (16)   Restore normal service operations as quickly as possible following an Incident, with minimum disruption to ACI’s business operations, and in compliance with Service Levels.
  (17)   Retain overall responsibility and ownership of all Incidents (including monitoring and escalation) until the Incident is closed subject to ACI approval.
Confidential
Exhibit A-1 — Delivery Management Services (Cross Functional)

 

Page 13 of 41


 

  (18)   Track and report the progress of resolution efforts and the status of all Incidents, including:
  (a)   Review the proposed resolution time for each Incident with the appropriate party and update the status accordingly.
  (b)   Coordinate Incident tracking efforts, and provide and maintain regular communications between all parties and internal or external customers until Incident resolution.
  (c)   Keep ACI informed of changes in Incident status throughout the Incident life cycle in accordance with agreed Service Levels.
  (d)   Keep ACI informed of anticipated resolution times for active Incidents.
  (19)   Leverage a knowledge base to assist with the resolution of Incidents, including:
  (a)   Make the knowledge base available online to End Users for user self help.
  (b)   Track the use of the knowledge base and report usage statistics to ACI on a monthly basis, or as requested by ACI (i.e., the number of Incidents resolved using the knowledge base).
Incident Management Reporting
  b.   The Vendor responsibilities include the following:
  (1)   Provide regular progress notifications to ACI on current Severity Level 1 Incidents. The frequency of such notification is determined by the severity of the Incident as defined in the Process Interface Manual (every hour for Severity Level 1).
  (2)   Provide prompt notification via methods to be agreed upon by the Parties of system outages on critical systems; and otherwise provide affected internal or external customers with regular and timely progress updates that clearly indicate the following:
  (a)   Nature of the Incident.
 
  (b)   Estimated time to completion.
 
  (c)   Potential short-term alternatives.
  (3)   Maintain communications and provide reports to ACI, Service Desk and, as necessary, third-party vendor(s) from the time an Incident is identified through resolution, and, as necessary, through any follow-up communication and work required post-resolution.
  (4)   Provide the monthly report in electronic copy in a format agreed to with ACI, which at a minimum includes:
  (a)   Key issues relating to Incident Management.
  (b)   Number of Incidents during the month, grouped by severity, service, region, and classification.
Confidential
Exhibit A-1 — Delivery Management Services (Cross Functional)

 

Page 14 of 41


 

  (c)   List of Incidents, short description, reference number, and a shortcut to detailed description.
 
  (d)   Detailed description, including timing of activities.
  (e)   Trend analysis of the Incidents reported for the past 13 months in accordance with Schedule R (Reports), for reporting as needed.
  (f)   Calculate statistics and provide monthly and annual reports and electronic data to ACI, which include:
  (i)   The number of Incidents.
 
  (ii)   Sources of the Incidents.
  (iii)   Frequency regarding the types or categories of Incidents.
  (iv)   The duration of open Incident (average and quantities by age).
  (v)   Number of Incidents resolved upon first contact.
 
  (vi)   The Service Desk call-abandoned rate.
  (vii)   Other pertinent information regarding Incident resolution, including Service Level measurement reporting.
  (5)   Track and report any backlog of unresolved Incidents on at least a daily basis, or more frequently as requested by ACI.
  (6)   If Vendor believes an Incident cannot be resolved, communicate the nature of the Incident to the appropriate level within ACI as directed by ACI, which includes:
  (a)   Communicate the reasons why Vendor believes the Incident cannot be resolved, and supply ACI with suggested alternatives.
 
  (b)   Obtain ACI approval before closing the Incident.
  (7)   In the event there is a recurrent Incident, at ACI’s request, conduct meetings to address the Vendor Incident Management activities.
  c.   The Measurements and Reporting process provides measurements to management and other service delivery processes to satisfy measurement requirements and comply with strategies, business needs, and key directions (in terms of quality, cost, performance, and resource control). This process is used to deliver contractually required service delivery, contractually required reports and support measurements associated with the Service Levels and includes management and control of the computation, storage, and delivery of formatted data, indicators and reports to the users of such measurements.
Confidential
Exhibit A-1 — Delivery Management Services (Cross Functional)

 

Page 15 of 41


 

2.2.4   Service Requests
The Vendor responsibilities include the following:
  (1)   Perform the same functions and assume the same responsibilities for Service Requests as required for Incident Management, including:
  (a)   Enter all Service Requests.
 
  (b)   Track and manage all Service Requests from End Users.
  (c)   Resolve Service Requests by working with service management teams, business owners, and third-party vendor(s).
  (d)   Provide liaison with change management process to confirm that Service Requests follow the change management process as appropriate.
2.2.5   Recovery Management
  a.   Recovery Management is the process for planning, establishing and testing the recovery procedures required to re-establish the functionality of systems included in the Services in the event of a system failure. This process also addresses the monitoring, assessing, and reporting of the test results to management. The intent of this process is to anticipate and minimize the impact of systems resource failure through the development of predefined, documented procedures and software/Equipment recovery capabilities. ACI and Vendor will agree on the procedures for recovery. Disaster Recovery Management is described more fully in Disaster Recovery SOW.
2.2.6   Availability Management
  a.   Availability Management is the process for coordinating the appropriate skills, information, tools and procedures required to manage the Services including, the availability of interactive networks and their supporting Equipment and software components.
 
      Availability Management will optimize the capability of ACI’s IT infrastructure and the supporting organization to deliver a cost-effective and sustained level of Service.
General
  b.   The Vendor responsibilities include the following:
  (1)   Optimize availability by collecting, monitoring, analyzing, and reporting on all key elements of availability.
  (2)   Predict and design for expected levels of availability based on ACI’ requirements.
 
  (3)   Continuously review and improve availability.
  (4)   Operate and maintain an Availability Management process to plan, implement, measure, and manage the availability and reliability of the Services to confirm that the levels of availability and reliability consistently meet the Service Levels.
Confidential
Exhibit A-1 — Delivery Management Services (Cross Functional)

 

Page 16 of 41


 

  (5)   Integrate the Vendor Availability Management process with ACI’s and Third Party vendor(s)’ Availability Management processes, where the processes interact.
  (6)   Integrate the Availability Management process with other Service Management processes, especially Incident Management, change management process, Capacity Management, and Disaster Recovery.
Requirements
  c.   The Vendor responsibilities include the following:
  (1)   Provide the levels of availability and reliability of the Services in compliance with the Service Levels.
  (2)   Produce availability plans using requirements, as specified by ACI, that address ACI’s business forecasts for availability and reliability, and capitalize on any technology changes that may cost-effectively improve levels of availability and reliability.
 
  (3)   Implement the availability plans after their approval by ACI.
  (4)   Produce availability and reliability impact assessments with respect to Requests for change and Service Requests in accordance with Service Levels.
 
  (5)   Produce Availability and reliability trend analyses.
  (6)   Manage the monthly number of availability-related Incidents in accordance with the Service Levels.
  (7)   Cooperate with ACI and its third-party vendor(s) to provide end-to-end availability and reliability of the Services.
  (8)   Retain the availability and reliability source data to enable trend analysis and to make such data available to ACI.
  (9)   Provide early warning or advice to ACI of potential or actual availability and reliability issues. Vendor will provide additional advice as the potential increases and as the threat becomes more imminent.
Reporting
  d.   Reports are defined in Schedule R (Reports). The Vendor responsibilities include the following:
  (1)   Provide regular reporting of service Outages related to the Services that affect End Users irrespective of where the Outage occurred.
Confidential
Exhibit A-1 — Delivery Management Services (Cross Functional)

 

Page 17 of 41


 

  (2)   Provide a monthly report in a format agreed upon with ACI that, at a minimum, includes the following:
  (a)   Compare performance and Availability statistics for each Application with planned performance and Availability.
  (b)   Provide a list of all outages, linked to an Incident, including the date and time the outage commenced, its duration, and the affected infrastructure and Applications.
  (c)   Provide trend analysis of the performance for each Application and Environment for the past 13 months in accordance with Schedule R (Reports), in order to provide data reporting as needed.
  (d)   Report on proposed preventative maintenance activities.
  (3)   Adhoc reports as occasionally requested by ACI and provide ACI with recommendations of preventative maintenance options.
  (4)   Provide a written report containing the findings and recommendations of each outage analysis.
2.2.7   Backup and Recovery Management
  a.   Backup and Recovery Management is the process for backing up data files and recovering such data to its original location in the event of data loss and includes planning, testing, and implementing procedures and standards required to provide the Services in the event of a failure.
2.2.8   Batch Management
  a.   Batch Management is the process for controlling production batch applications, including the scheduling of resources and the processing set up for data and transactions.
2.2.9   Capacity Management
  a.   Capacity Planning is the process for planning for adequate IT resources required to fulfill current and future resource requirements and includes planning for the efficient use of existing IT resources and identifying any change in the type and quantity of IT resources necessary to perform the Services.
Capacity Management will assess the future business requirements (the required service delivery), the organization’s operation (the current service delivery), the IT infrastructure (the means of service delivery), and will confirm that all current and future capacity and performance aspects of the business requirements are provided cost-effectively.
General
  b.   Capacity Management, as described in this Exhibit, is the primary responsibility of Vendor.
Vendor will apply Capacity Management to all aspects of the Services.
Confidential
Exhibit A-1 — Delivery Management Services (Cross Functional)

 

Page 18 of 41


 

Requirements
  c.   Vendor responsibilities include the following:
  (1)   Formally review capacity requirements as part of ACI’s normal business planning cycle.
  (2)   Verify that there is adequate IT capacity to meet the required levels of service.
 
  (3)   Manage IT capacity to demand for the Services.
  (4)   Work with ACI governance to achieve optimal utilization of IT capacity.
  (5)   Provide additional capacity or advise ACI regarding the need for additional capacity, as appropriate.
  (6)   Monitor resources and system performance, system utilization, capacity limits, and expected capacity needs, and record appropriately to meet ACI’s reporting requirements in accordance with Schedule R (Reports).
  (7)   Produce regular management reports, including current usage of resources, trends and forecasts, and exceptions.
  (8)   Determine capacity requirements of all new systems to determine the necessary computer and network resources required, and then size such new systems taking into account Equipment utilization, performance Service Levels, and cost (minimizing cost to ACI).
  (9)   Utilize new Equipment and software products in Capacity Management in order to improve the efficiency and effectiveness of the process, as part of the continuous improvement and evolution of the Services.
  (10)   Carry out performance testing of new systems to confirm that such systems meet planned performance and utilization expectations and requirements.
  (11)   As requested by ACI, or as needed to deliver the Services, propose Service Levels that are maintainable and cost-justified.
  (12)   Tune systems to achieve optimum use of all Equipment and system software resources.
  (13)   Resolve non-Application performance-related Incidents and Problems.
  (14)   Perform capacity studies as reasonably requested by ACI or as needed to deliver the Services.
  (15)   In support of Application Development and Maintenance (ADM) activities, estimate applicable resource requirements, including impact on the capacity of the server environment, network environment, end-user computing environment, etc., as reasonably requested by ACI.
Confidential
Exhibit A-1 — Delivery Management Services (Cross Functional)

 

Page 19 of 41


 

  (16)   Deploy proactive Capacity Management processes wherever practicable to do the following:
  (a)   Minimize Incidents and Problems related to resource utilization.
 
  (b)   Trend current system and resource utilization.
  (c)   Validate and verify that planned changes affect only the expected resource impact.
  (17)   Utilize reactive Capacity Management whenever necessary to facilitate successful performance of the Services.
  (18)   Investigate new technology applicable to the Services and with ACI approval, incorporate technological development, advances, and evolution into the Services.
  (19)   Align Capacity Management and the Vendor IT business plan with ACI’s Long-Range IT Plan.
  (20)   Apply Capacity Management’s tools, data, reports, and disciplines to Incident and Problem relating to poor performance as an active member of teams working to resolve such Incidents and Problems.
  (21)   Align Capacity Management outputs with the Service Levels and other performance requirements documented in the Agreement.
  (22)   Actively include Capacity Management in the change management process to assess all changes for their impact on the capacity of the systems and provide appropriate feedback to those submitting changes.
  (23)   Incorporate work schedules and dependencies between elements of the Services into Capacity Management planning.
  (24)   Perform short-term demand management as required to maintain delivery of the Services during failures, spikes in demand, or other spontaneous events.
  d.   ACI will, in support of Application Development and Maintenance (ADM) activities, estimate applicable resource requirements, including impact on the capacity of the server environment, network environment, end-user computing environment, etc., as required.
Capacity Planning
  a.   Vendor responsibilities include the following:
  (1)   Assist ACI in forecasting ACI’s capacity requirements and in monitoring and validating the capacity forecast against ACI’s actual utilization.
  (2)   Proactively develop and deliver to ACI forecasts of growth and other changes in response to the projected ACI business and operational needs disclosed by ACI to Vendor on an annual basis, or more frequently as ACI may reasonably require.
Confidential
Exhibit A-1 — Delivery Management Services (Cross Functional)

 

Page 20 of 41


 

  (3)   Work with ACI to maintain knowledge base of future demand for the Services, and predict the effects of demand on Service Levels.
  (4)   Review ACI’s requirements, based upon ACI’s review of their business strategies, business plans, and financial plans and validate that Capacity Management requirements align with those plans.
  (5)   On an agreed schedule, or as requested by ACI, revise the capacity planning model based on actual performance.
  (6)   Using Commercially Reasonable Efforts, work with ACI to use Vendor’s modeling capabilities to assist ACI in long range planning.
The Capacity Plan
  b.   The Capacity Plan will document the current levels of resource utilization and Service performance, and forecast future requirements accounting for ACI business strategies and plans. The plan must clearly document assumptions and include recommendations quantified in terms of resources required, costs, benefits, impact, etc.
The Vendor responsibilities include the following:
  (1)   Produce or update the Capacity Plan in conjunction with ACI’s business planning cycle.
  (2)   Include the Capacity Plan in the Vendor annual publication of the IT business plan.
  (3)   Incorporate ACI’s capacity planning recommendations into the Capacity Plan.
  (4)   Be forward-looking by eighteen (18) months unless otherwise specified by ACI.
Business Capacity Management
  c.   ACI employs business Capacity Management to facilitate alignment between its future IT requirements and future business requirements.
Vendor will participate as needed in ACI’s business Capacity Management planning processes.
Vendor participation in business Capacity Management will be sufficiently responsive so as not to impede ACI’s normal business planning cycles.
As part of ACI’s service level management, as requested by ACI, Vendor shall provide ACI with service level targets that have the ability to be monitored and upon which the design of the Services has been based.
Confidential
Exhibit A-1 — Delivery Management Services (Cross Functional)

 

Page 21 of 41


 

Service Capacity Management
  d.   Vendor is responsible for service Capacity Management (the management of the capacity of the Services. Vendor responsibilities include the following:
  (1)   Investigate and research threshold breaches and near misses to determine what remedial action should be taken; then plan and perform such remedial actions through the change management process.
  (2)   Employ regular monitoring, identification of exceptions, and manual review of reports and trends.
Resource Capacity Management
  e.   Vendor is responsible for resource Capacity Management (the management of the capacity of the components comprising the Services). The Vendor responsibilities include the following:
  (1)   Maintain an understanding of the capacity and utilization of each of the IT components that Vendor manages, including Equipment, Software, and data circuits.
  (2)   As necessary to provide optimum resource usage (Equipment, circuits, etc.) in the delivery of the Services, install Equipment monitors, properly configure those monitors, and collect the resultant data.
  (3)   Upon request, estimate the resource and utilization effects of planned changes.
  (4)   Reactively respond to Incidents that are caused by a lack of resource or an inefficient use of a resource.
  (5)   Proactively identify components that are susceptible to failure, and recommend cost-effective solutions for ACI’s consideration and possible approval.
  (6)   Publish regular Capacity Management reports to ACI. Such reports will include current/recent utilization (and trends) compared to normal utilization, Service Levels, and previously identified baselines.
2.2.10   Configuration Management
  a.   Configuration Management is the process for designing, planning, and maintaining the physical and logical configuration of mainframe, midrange, server and desktop Equipment and software as well as network components and the way these resources are interrelated in ACI’s environment.
Configuration Management will provide a logical model of the IT infrastructure by identifying, controlling, maintaining, and verifying the versions of all configuration items (CI) in existence.
Confidential
Exhibit A-1 — Delivery Management Services (Cross Functional)

 

Page 22 of 41


 

General
  a.   The Vendor responsibilities include the following:
  (1)   Use a Configuration Management process to:
  (a)   Maintain accurate configuration data for the configuration items including operations documents, Equipment, Software and applications used to provide the Services.
  (b)   Verify that only authorized and identifiable configuration items including operations documents, Equipment, Software and applications are accepted and recorded from receipt to disposal.
  (c)   Reproduce the configuration status of the configuration items — including operations documents, Equipment, Software and applications at any point in time throughout its life cycle.
  (d)   Conduct reviews and audit to verify the physical existence of Configuration Items including operations documents, Equipment, Software, and applications and to check that they are correctly recorded in the configuration management Tool.
  (e)   Produce and maintain current Equipment and Software, configuration documentation for issue to ACI upon request.
  (2)   Integrate the Vendor Configuration Management process with ACI’s and third-party vendor(s)’ Configuration Management processes, where the processes interact.
  (3)   Integrate the Configuration Management process with its other Service Management processes, especially Incident Management, Problem Management, change management process, and Asset Management.
  (4)   Use the Configuration management process to identify, control, maintain, and verify the configuration items approved by ACI as comprising the Equipment and Software to provide the Services.
  (5)   Verify that all CIs approved by ACI for the Equipment, Software, are incorporated into the configuration management tool. Vendor must complete this incorporation on a continuous basis.
  (6)   For each ACI-approved CI, use at least the attributes specified by ACI.
  (7)   Validate that any change to any CI record in the configuration management tool is the result of an approved Request for change.
  (a)   Validate the integrity and currency of the configuration management tool by continually validating the content of the configuration management tool against the CIs that provide the Services.
  (b)   If a discrepancy is found, take corrective action.
Confidential
Exhibit A-1 — Delivery Management Services (Cross Functional)

 

Page 23 of 41


 

  (8)   Maintain the configuration management tool to meet performance standards, to maximize efficiency, and to minimize outages, as necessary.
  (9)   Maintain, update, and implement the configuration management tool archive processes and procedures needed to recover from an outage or corruption in a timely manner in order to meet the Service Levels.
  (10)   Provide configuration management tool physical database management support, including providing backups and restores of data in a timely manner.
  (11)   Install, maintain, and support configuration management tool - -related database Software products.
  (12)   Test and implement configuration management tool database environment changes, as approved by ACI.
  (13)   Proactively provide capacity planning for the configuration management tool to prevent situations caused by lack of capacity (i.e., dataset or table space capacity events, full log files, etc.).
  (14)   In the event of unusual activity, correct situations caused by lack of configuration management tool capacity in a timely manner (i.e., dataset or table space capacity events, full log files, etc.).
  (15)   Perform physical audits of all Equipment and Software configurations used to provide the Services in order to:
  (a)   Verify the existence of CIs recorded in the configuration management tool.
  (b)   Check the accuracy and completeness of the records in the configuration management tool.
  (c)   Identify any CIs not recorded in the configuration management tool.
  (16)   Take corrective action if a physical audit identifies any deficiency in the accuracy or completeness of the records in the configuration management tool.
  (17)   Control master copies of digital CIs in secure electronic libraries.
  (18)   Establish a baseline of CIs before a release into a development, test, or production environment.
  (19)   Verify release and configuration documentation before changes are made to the live environment.
  (20)   Maintain a secure audit trail of all configuration management tool transactions.
  (21)   With assistance from ACI, manage the process that gathers and compiles CIs and their attributes during the transition process.
Confidential
Exhibit A-1 — Delivery Management Services (Cross Functional)

 

Page 24 of 41


 

  b.   ACI will
  (1)   Provide, with assistance from Vendor, configuration items.
  (2)   Provide with assistance from Vendor, configuration attributes.
Reporting
  c.   The Vendor responsibilities include the following:
  (1)   Provide a monthly report on configuration changes made to the infrastructure, Equipment, and Software.
  (2)   Provide the following monthly report in a format agreed by ACI as described in Schedule R (Reports). This report includes:
  (a)   Number and classification of configuration changes made.
  (b)   Trend analysis of the configuration changes made for the past 13 months, for reporting in accordance with Schedule R (Reports).
  (3)   Provide a report containing the results of the biannual audit of the configuration management tool to ACI within ten (10) Business Days of each audit covering, at a minimum:
  (a)   Number of differences between the records and audit findings.
  (b)   Number of occasions on which a configuration was found to be unauthorized.
  (c)   Recommended corrective actions to resolve any process deficiencies or failures identified.
  (d)   Number of occasions on which a recorded CI could not be located.
  (e)   Statistical information about the structure and composition of the Equipment and Software.
2.2.11   Database Management
  a.   Physical Database Management is the process for the design, development, deployment, maintenance, and administration of ACI production databases used to support Vendor’s delivery of the Services.
2.2.12   Data Center Infrastructure Facilities Planning
  a.   Data Center Infrastructure Facilities planning is the process that defines the activities associated with the planning for and administration of dedicated Equipment facilities, including raised floor rooms, server rooms, labs and network closets.
Facilities management will provide proper maintenance and safe operation of IT infrastructure facilities.
Confidential
Exhibit A-1 — Delivery Management Services (Cross Functional)

 

Page 25 of 41


 

The Vendor responsibilities include the following:
  (1)   Establish and maintain proper and adequate facilities commensurate with a Tier 3 data center; Equipment (including Equipment supplied by ACI); and supplies at Vendor-owned locations, as well as a properly trained and appropriately sized management and support staff.
  (2)   Properly manage, coordinate, and oversee (and inform ACI of the results of) all maintenance, testing, and monitoring of facilities systems, air handlers and uninterruptible power supply systems at Vendor-owned facilities and ACI facilities operated by Vendor.
  (3)   Provide guidance, coordination and required installations for all activities during Equipment installations, routine maintenance, Incident and crisis management including interfacing with facilities and technology groups, third-party vendor(s) and other relevant groups.
  (4)   Provide physical security for the Vendor-owned facilities as described in the physical security requirements of the Security SOW.
 
  (5)   Comply with ACI security policies.
  (6)   Provide any and all data communication connectivity and capability that is required at Vendor-owned facilities (or between Vendor-owned Locations and ACI Locations) in order to provide the Services.
  (7)   Create, update, and maintain complete documentation of the Equipment that is located in Vendor-operated Data Center(s) (for example inventories, cabling, and installed Equipment diagrams) using computer-aided drafting (CAD) Software tools for changes to existing documentation and newly created documentation.
  (8)   Provide physical access procedures and standards for the Data Centers.
  (9)   At Vendor-operated Data Centers, initiate and track requests for space, power, and other Data Center modifications in support of Equipment installations.
  (10)   Provide requests to ACI sixty (60) days in advance for space and power modifications in support of Equipment at an ACI Data Center(s), computer room(s) and LAN closet(s) operated by Vendor.
  (11)   Allow physical access and facilitate inspections by government authorities with statutory authority for auditing the conduct of government business.
Confidential
Exhibit A-1 — Delivery Management Services (Cross Functional)

 

Page 26 of 41


 

  (12)   Integrate its Facilities Management process with ACI’s and other vendor’s Facilities Management processes, where the processes interact.
  (13)   Integrate its Facilities Management process with Service Management processes, especially IT Service Continuity Management and Availability Management.
2.2.13   Deskside Support
  a.   Deskside Support is the process for providing technical assistance for End User requests that require a Vendor technician to provide on-site services at the End User’s Location.
2.2.14   Email and Collaboration Services
  a.   E-mail and Collaboration Services is the process that supports both actual product support, for Lotus Notes e-mail, Domino Web Access and Active Directory, and servers for Lotus Notes e-mail, Active Directory, BlackBerry, Sametime, FAX and SMTP (“E-mail and Collaboration Services”).
The Vendor responsibilities include the following:
  (1)   Administer and maintain e-mail and Collaborative Applications services and systems.
  (2)   Deploy and support the e-mail and Collaborative Applications environment within ACI, including the underlying infrastructure and Equipment necessary for use of the Collaborative Applications.
  (3)   Proactively seek opportunities to deploy collaborative technology in ACI, including developing proposals for ACI businesses and functions.
  (4)   Provide consulting on the effective use of collaborative technologies.
  (5)   Monitor and manage logical security and access-related to e-mail and Collaborative Applications.
  (6)   Immediately report potential security issues related to e-mail and Collaborative Applications to ACI and take necessary steps to eliminate security breaches.
  (7)   Administer and maintain user IDs and passwords to enable the use of e-mail and Collaborative Applications.
  (8)   Assist End Users with problems, questions, or requests related to e-mail and Collaborative Services.
Confidential
Exhibit A-1 — Delivery Management Services (Cross Functional)

 

Page 27 of 41


 

Messaging, Strategy, Architecture and Design
Throughout this section, Vendor may, depending on scope, perform in a primary or secondary role in the design or development of strategies, architecture, policies, and/or standards for Messaging Services.
In either role, it is ACI’s expectation that Vendor will obtain ACI’s approval before proceeding with the design, development, or implementation of Messaging strategies, architecture, policies, or standards.
  b.   The Vendor responsibilities include the following:
  (1)   Assist ACI in architecting, designing and implement Active Directory, Lotus Notes e-mail, Domino Web Access and related Software.
  (2)   Implement policies and standards, developed by ACI, for the following Messaging Services; Active Directory, Lotus Notes e-mail, Domino Web Access, Sametime and Fax, via Internet and Intranet (collectively “Messaging Services”).
  (3)   Assist ACI on an as-requested basis in designing architecture for integrating business applications with Messaging Services and assist ACI in developing and implementing internal ACI e-mail usage policies.
  (4)   Document and coordinate ACI’s approval for any exceptions to messaging standards.
  (5)   Develop or assist in developing directory access methodology for multiple platforms (e.g., MS Windows, MacOS, Unix, etc.).
  (6)   Develop or assist in developing and implement a directory integration strategy.
Messaging — Procedures
  c.   The Vendor responsibilities include the following:
  (1)   Implement procedures, developed by Vendor in response to ACI requirements, for managing Messaging Services and e-mail usage.
  (2)   Provide End User training documentation to ACI for training or updating End Users on functionality changes related to Messaging Services.
  (3)   Implement messaging account administration process and systems, designed by ACI.
  (4)   Obtain ACI approval for any new or updated procedures that impact End Users.
Messaging — Technical Support
  d.   The Vendor responsibilities include the following:
  (1)   Provide evaluation and testing support, including:
  (a)   Procure and maintain a test environment for messaging testing, rebuilding, as required.
  (b)   Recommend and deploy messaging service Software.
Confidential
Exhibit A-1 — Delivery Management Services (Cross Functional)

 

Page 28 of 41


 

  (c)   Evaluate and test compatibility and integration of new products or standards, architecture, and design with existing infrastructure and applications.
  (d)   Test, certify, and coordinate installation, of service packs, hot fixes, Anti-Virus Software, and definition upgrades for all systems supporting all Messaging Services.
  (2)   Provide technical administration support, including:
  (a)   Create regional administrative and service messaging accounts and assign roles to these accounts.
  (b)   Create and manage the top-level Public Folder and assign rights as requested by ACI.
  (c)   Create, maintain and assign rights to the distribution lists and global distribution list management.
  (d)   Provide support and implementation of certificates on Messaging Services systems, based on the ACI requirement, provided to Vendor.
  (e)   Initiate and audit DNS records by working with the ACI telecom and architecture teams.
  (3)   Provide Messaging Server support, including:
  (a)   Support and maintain all server replication functionality.
  (b)   Administer and manage all database agents running on Lotus Notes e-mail server, Domino Web Access server, Sametime server and Blackberry server.
  (c)   Maintain virus protection Software on messaging servers.
  (d)   Provide support of servers used for web-based email services from the Internet.
  (4)   Provide Active Directory (“AD”) Services, which include the following:
  (a)   Provide LDAP directory resources (Lightweight Directory Access Protocol).
 
  (b)   Connect to enterprise directory.
  (c)   Authenticate service requests using enterprise directory structure.
  (d)   Provide authentication for all AD-provided services (file and print, mail, desktop, etc.).
  (e)   Provide and manage trust relationships to existing business-unit domains.
  (f)   Provide direction for group policy creation and management.
 
  (g)   Remove objects from AD as requested by ACI.
Confidential
Exhibit A-1 — Delivery Management Services (Cross Functional)

 

Page 29 of 41


 

  (5)   Optimize disaster recovery procedures for Messaging Services and recommend enhancements if appropriate.
 
  (6)   Provide support to Messaging Operations, including:
  (a)   Develop, implement, and maintain Messaging Services monitoring and alerting strategy.
  (b)   Perform Lotus Notes E-mail server mailbox load balancing.
 
  (c)   Maintain and troubleshoot internal mail routing.
  (d)   Assist End-User Computing support group(s) with installation, configuration, and troubleshooting of Lotus Notes e-mail, Sametime, Domino Web Access, Blackberry (as it relates to server support only), and Active Directory.
  (e)   Work with third-party and other companies on Lotus Notes e-mail delivery issues.
  (f)   Escalate messaging issues to third-party service providers as required.
 
  (g)   Perform virus and hoax assessments.
Messaging — Operations
  e.   The Vendor responsibilities include the following:
  (1)   Manage Active Directory, Lotus Notes e-mail, Domino Web Access and Sametime.
  (2)   Monitor gateways and connectors and troubleshoot both Intranet and Internet Lotus Notes e-mail, delivery issues.
End User Support
  f.   The Vendor responsibilities include the following:
  (1)   Perform mailbox, mail item restores as requested by ACI.
 
  (2)   Support workflow applications using Active Directory.
  (3)   Move mailboxes between regions, sectors, divisions, and groups.
  (4)   Provide technical support for Lotus Notes e-mail, Domino Web Access and Sametime.
 
  (5)   Assist with creation of Lotus Notes E-mail forms.
 
  (6)   Correct errors found in the global address book.
  (7)   Assist with creation/maintenance of, and troubleshoot/resolve issues with conference rooms, public folders, calendars, mail lists, mailboxes, and other accounts required to support the business requirements.
Confidential
Exhibit A-1 — Delivery Management Services (Cross Functional)

 

Page 30 of 41


 

  (8)   Provide search and data restore as requested by ACI departments such as Legal, Security, Audit, HR, and intellectual property discovery requests.
  (9)   Assist in coordination, building, formatting, sending, and processing of corporate-wide messages.
2.2.15   File and Directory Services (Active Directory)
  a.   File and Directory Services is the process used to support requirements for Microsoft Active Directory (AD), profiles and shares.
2.2.16   IMAC Coordination
  a.   IMAC Coordination is the process used for installation, move, add, change, and removal of End User Equipment and Software, including the coordination of various activities required to facilitate an upgrade or relocation.
2.2.17   IT Security Management
  a.   IT Security Management is the process for providing security protection for logical and physical inventory and assets that are associated with delivery of the Services.
2.2.18   Network Management
  a.   Network Management is the process used for the installation, administration, maintenance, monitoring, troubleshooting, restoration, and documentation of in-scope network devices within the Vendor-managed network.
2.2.19   Performance Management
Performance Management is the process for monitoring, measuring, analyzing, tuning and reporting systems performance to meet agreed upon Service Levels.
  a.   Vendor will:
  (1)   Monitor, measure, analyze and tune system performance to meet agreed upon Service Levels.
  (2)   Recommend changes (i.e., Equipment and/or Software upgrades, configuration changes) to ACI to meet or exceed ACI’s expected performance levels and/or provide a reduction in costs.
  (3)   Provide recommendations for consolidations or other conversions to improve the efficiency/effectiveness of the environment.
  (4)   Define performance indicators and monitor systems performance against such indicators, providing trend analysis of the data for the past 13 months in accordance with Schedule R (Reports), for reporting as needed.
  (5)   Install management agents approved by ACI.
Confidential
Exhibit A-1 — Delivery Management Services (Cross Functional)

 

Page 31 of 41


 

  (6)   Review configuration data and usage patterns monthly, or at ACI’s request.
  (7)   Establish performance thresholds and exception reporting procedures, reviewing with ACI quarterly with recommendations for resolution.
  (8)   With ACI’s assistance, establish a schedule for performing system maintenance (for example, virus detection, backup, and disk space cleanup) and modifications and enhancements so as maintain agreed upon Service Levels.
  (9)   Perform required system configurations and modifications necessary to enable Vendor to meet the Service Levels.
  (10)   Advise ACI of any recommended system configurations and modifications necessary to enable Vendor to meet the Service Levels.
  (11)   Provide system and subsystem performance reports, detailing key performance parameters and metrics, highlighting measurements that exceed thresholds, and trend analysis of the data for the past 13 months in accordance with Schedule R (Reports), for reporting as needed.
  b.   ACI will:
  (1)   Evaluate, approve recommendations (i.e., hardware and/or software upgrades), as appropriate, to enable system performance improvement.
 
  (2)   Provide requirements and approval for performance thresholds.
2.2.20   Print Management
  a.   Print Management is the process of maintaining the midrange server print queues for local printers.
2.2.21   Project Management
  a.   Project Management is the process used to initiate, execute and complete a project in accordance with the defined project scope, budget, timeline and completion criteria.
2.2.22   Technology Strategy and Refresh Management
  a.   Technology Strategy and Refresh Management is the process used to provide research, planning, and administrative support for periodically refreshing ACI’s IT environment with minimal disruption to ACI’s business objectives and business cycles.
 
      Refresh is described in Schedule H (Existing Equipment).
 
      Regardless of Equipment ownership, all Equipment, including storage and network devices, shall be covered by a maintenance agreement that is recognized by the manufacturer as a legitimate maintenance. 
Confidential
Exhibit A-1 — Delivery Management Services (Cross Functional)

 

Page 32 of 41


 

Refresh and Technical Currency
General
  b.   The Vendor responsibilities include the following:
  (1)   Upgrade and replace Equipment and Software (“Refresh”) as required throughout the Term, in accordance with the refresh table in Schedule H (Existing Equipment).
  (2)   Deploy Equipment and Software associated with any Refresh in accordance with the standards of ACI’s technical architecture and Long-Range IT Plan.
  (3)   Provide Refresh within the timeframes and other requirements associated with Refresh, as well as the financial responsibility for the underlying assets, as described in Exhibit C-2 (Financial Responsibility and Ownership Matrix) to Schedule C (Charges), including:
  (a)   Perform Refresh throughout the Term in accordance with the timeframes and other requirements.
  (b)   ACI reserves the right to modify the Refresh timeframes and requirements during the Term based on its business requirements, subject to the Contractual Change Control Procedures.
Refresh Responsibility
  c.   Vendor responsibilities include the following:
  (1)   Where Vendor is financially responsible for Equipment and Software used in conjunction with the Services, as listed in Exhibit C-2 (Financial Responsibility and Ownership Matrix) to Schedule C (Charges), the Vendor responsibilities include the following:
  (a)   Refresh the assets during the Term, including responsibility for the assets, the implementation, and ongoing support.
  (2)   Where ACI is financially responsible for Equipment and Software used in conjunction with the Services, Vendor will implement and support the new assets provided by ACI.
  (3)   Regardless of the ownership of underlying assets, the Vendor responsibilities include the following:
  (a)   Provide personnel who are adequately trained in the use of the Equipment or Software to be deployed as part of the Refresh, and provide such training prior to the Refresh.
Confidential
Exhibit A-1 — Delivery Management Services (Cross Functional)

 

Page 33 of 41


 

  (b)   Provide minimal disruption to ACI’s business operations associated with technology Refresh.
  (c)   Use best practices and effective automation tools during Refresh deployment.
  (d)   Perform all changes to Equipment and Software in accordance with change management process procedures.
  (e)   Dispose of assets no longer required in accordance with the regional regulations and provide certification that disks have been cleansed prior to disposal.
Software Currency and Release Levels
  d.   The Vendor responsibilities include the following:
  (1)   Unless otherwise directed by ACI, provide and support Software under the Vendor operational responsibility at the N Release Level.
  (2)   As directed by ACI, also support release N-1 Release Level, the N-2 Release Level, and earlier versions of the Software for the longer of the following:
  (a)   The thirty-six (36) month period following version N Release Level’s general public availability.
  (b)   The time the third-party vendor ceases to support such version.
  (3)   Use Commercially Reasonable Efforts to support Software that is no longer supported by the third-party vendor.
  (4)   Provide support for all Software versions and release levels that exist as of the Effective Date until otherwise directed by ACI.
  (5)   Version upgrades for Systems Software (i.e., XP to Vista) may be done as a Project as agreed by the Parties. Maintain a standard current level of Software on ACI computing platforms, including:
  (a)   Following each new N Release Level issued by a vendor:
 
      Within an agreed upon period after the release of a new N Release Level by a Third-Party vendor, test and evaluate the new release in preparation for upgrading the global End User environment to the new standard level.
 
      Engage with ACI Application teams to understand the End User workload required to migrate the production environments to the new Software revision.
 
      Within an agreed upon period build a deployment strategy and plan, obtain ACI approval of that strategy and plan, and begin deployment in compliance with the ACI-approved deployment strategy and plan.
Confidential
Exhibit A-1 — Delivery Management Services (Cross Functional)

 

Page 34 of 41


 

  (b)   In partnership with the Software manufacturer(s), build and maintain a schedule of anticipated releases of major and minor releases of Systems Software; and communicate these schedules to the ACI Application Teams to build awareness and preparedness to perform the necessary testing and porting of Applications into the new standard environments.
Refresh Planning
  e.   The Vendor responsibilities include the following:
  (1)   Develop an annual plan for Refresh, including:
  (a)   Within ninety (90) days after the Effective Date and then within sixty (60) days prior to ACI’s annual planning process meetings, review the asset inventory and produce a report that lists the assets that are due to be refreshed in the upcoming plan year, and provide such report to ACI’s annual planning process.
  (b)   Vendor and ACI will consider the usability of the assets and review alternatives to replace, re-lease, consolidate, or retain the assets. Based on the results of this review, Vendor will deliver the initial recommendations regarding such assets to ACI within thirty (30) days after the review.
  (c)   For Vendor-owned assets, Vendor and ACI will mutually determine whether Vendor will replace an asset and the appropriate replacement date.
  (d)   If Software changes are required due to replacement of assets, Vendor, in consultation with the ACI, will review alternatives for making changes to such Software.
  (e)   In accordance with Exhibit C-2 (Financial Responsibility and Ownership Matrix) and Schedule B (Service Levels), such replacement of the assets and Software will be at Vendor expense if the replacement is required to facilitate achievement of the agreed upon Service Levels or because the asset is obsolete (i.e., replacement parts cannot be acquired or the asset has become unserviceable).
  (f)   For ACI-owned and leased assets, based on the planning process outcome and direction established by ACI, Vendor will provide a proposal for refresh of those assets (replacement at ACI’s expense) to ACI.
  (2)   Adhere to ACI’s approved plan, and execute that plan utilizing established procurement processes, to initiate refresh and retirement activities.
  (a)   Provide monthly reports 180 days prior to lease expiration date showing assets to be refreshed with latest data.
  (b)   Notify ACI monthly of all open agreements related to assets that are retired or will retire within 180 days of the report date.
Confidential
Exhibit A-1 — Delivery Management Services (Cross Functional)

 

Page 35 of 41


 

  (3)   Track and report on the completion progress of asset Refresh by lease-end date.
 
  (4)   Update and archive asset records after retirement.
  f.   For ACI owned or leased assets ACI will provide Vendor with Equipment purchase dates and/or Equipment lease expiration information for inclusion in the Refresh Plan.
2.2.23   Long-Range Planning
  a.   The Vendor responsibilities include the following:
  (1)   Assist in developing and updating the long-range, comprehensive plan for ACI’s information technology (IT) systems, processes, technical architecture and standards (“Long-Range IT Plan”). While ACI will be primarily responsible for this plan, Vendor will serve as a key collaborator. The Long-Range IT Plan will be developed on an annual basis, and will include a rolling three (3) year projection of anticipated changes (subject to ACI business and planning requirements).
  (2)   With ACI’s input regarding future business requirements Vendor will assist in developing IT requirements.
  (3)   Assist in projecting future volume, technology, and geographic changes that could impact ACI’s systems and technical architecture.
  (4)   Identify candidates and requirements for the deployment of new technology or the automation of tasks associated with the Services and/or ACI’s business processes.
  (5)   Proactively submit proposals regarding new technology, tools and automation to ACI for its review and approval.
  (6)   Proactively seek to automate manual tasks associated with the Services and advise ACI of such opportunities.
  (7)   Support ACI in the discussion and presentation of potential new technology product and service offerings.
  (8)   Facilitate and encourage active cross-functional, cross-group, and cross-location coordination and communication related to new technology and automation.
  (9)   Proactively identify strategies and approaches for future IT service delivery that Vendor believes will provide ACI with competitive advantages and that may result in increased efficiency, performance, or cost savings.
Confidential
Exhibit A-1 — Delivery Management Services (Cross Functional)

 

Page 36 of 41


 

  (10)   As part of each annual planning cycle, provide specific, short-term steps and schedules for projects or changes expected to occur within the first twelve (12) months of each plan.
  (11)   Help to identify the projects to be performed, define associated high-level schedules, and perform cost benefit analyses.
  (12)   Help to specify the Equipment and Software architecture and standards, and participate in continuously keeping ACI’s technical architecture current.
  (13)   Provide access to specialists within the Vendor organization, as needed, to assist ACI in developing and updating the Long-Range IT Plan.
  (14)   Identify industry and technological trends that may impact ACI’s plan.
  (15)   Gather and incorporate the data and lessons learned from the operating environment that may impact ACI’s plan.
  (16)   Perform trend analysis from the resource consumption data to project future demand that may impact ACI’s plan.
  (17)   Cooperate with ACI in researching and implementing automated tools to improve Service Levels and/or performance of the distributed computing environment (including end-to-end performance associated with the server, networks, and End-User Computing (EUC) environments). Tool selection will be in accordance with ACI standards and technical architecture.
2.2.24   Evaluation and Testing
  a.   The Vendor responsibilities include the following:
  (1)   With direction and final approval from ACI, assume primary responsibility for evaluating and testing Equipment, Software, and related products or Services prior to their use or deployment in ACI’s environment.
  (2)   Participate in evaluations involving new third-party products and services.
  (3)   Upon request, provide corporate reports, summaries, or results of its evaluation and testing of Third-Party products and services.
  (4)   Benchmark new types of Equipment and Software (including testing of various configurations and combinations of Equipment and Software) that may be considered for deployment within ACI.
  (5)   Determine interoperability and performance measures for specific configurations of Equipment and/or Software, including unit testing, systems integration testing, connectivity testing, load testing.
Confidential
Exhibit A-1 — Delivery Management Services (Cross Functional)

 

Page 37 of 41


 

  (6)   Identify, support, and coordinate as necessary with other ACI IT functions and third-party vendors, any specific Equipment, Software, and/or telecommunications required for interoperability and performance testing.
  (7)   Provide a complete test plan, for Vendor proposed changes, for ACI’s approval prior to testing.
 
  (8)   Report test findings and recommendations to ACI.
  (9)   Establish criteria that will be used to support the evaluation, technology selection, and testing for ACI’s review and approval.
  b.   ACI will:
  (1)   Assist Vendor in evaluating and testing Equipment, Software, and related products or services prior to their use or deployment in ACI’s environment.
  (2)   Determine interoperability and performance measures for specific configurations of Equipment and/or Software, including, applications integration testing.
2.2.25   User ID Administration
  a.   User ID Administration is the process for administering and handling ACI and Vendor User ID requests, including granting, changing, or deleting a user’s access rights, password resets or user group creation, deletion, or modification.
3.   SERVICE HOURS
Vendor will provide each of the Services during the Service Hours specified in the following table to be refined during Transition and incorporated into the Process Interface Manual. All times are local times as indicated below. Local time is defined as the time at the location receiving the Services, unless otherwise noted. For example, desktop support will be provided in New York between the hours of 8:00 AM and 5:00 PM New York time.
         
Services   Service Hours   Notes
ASSET SERVICES
       
Initial Asset Inventory
  8:00 a.m. to 5:00 p.m., Local Time Zone,
Monday through Friday, excluding Holidays
  Location Based
Asset Tracking
  8:00 a.m. to 5:00 p.m., Local Time Zone,
Monday through Friday excluding Holidays
  Local time zone in Argentina
Asset Inventory Capture
  8:00 a.m. to 5:00 p.m., Local Time Zone,
Monday through Friday, excluding Holidays
  Location Based
SERVICE DESK SERVICES
       
Service Desk
  7 / 24    
Self Help
  7 / 24    
END USER SERVICES
       
Confidential
Exhibit A-1 — Delivery Management Services (Cross Functional)

 

Page 38 of 41


 

         
Services   Service Hours   Notes
Deskside Support
  8:00 a.m. to 5:00 p.m., Local Time Zone,
Monday through Friday, excluding Holidays
  Location Based
IMAC
  8:00 a.m. to 5:00 p.m., Local Time Zone,
Monday through Friday, excluding Holidays
  Location Based, at dedicated support sites only
Refresh
  8:00 a.m. to 5:00 p.m., Local Time Zone,
Monday through Friday, excluding Holidays
  Location Based, at dedicated support sites only
Electronic Software Distribution
  7 / 24    
SERVER SYSTEMS MANAGEMENT SERVICES
       
Mainframe Services –Monitoring (Vendor System z)
  7 / 24    
 
  8:00 a.m. to 5:00 p.m., Local Time Zone,
Monday through Friday, excluding Holidays
   
Linux (Intel
  7/ 24    
Intel and UNIX Server Services (includes HP Non-stop) – Monitoring
  7/24, except as otherwise stated in the Exhibit C-1 (Base Charges, Baselines, ARC/RRC Rates and Termination Charges)    
Stratus
       
STORAGE MANAGEMENT SERVICES
       
Managed Storage
  7/24    
Media Management
  8:00 a.m. to 5:00 p.m., Local Time Zone,
Monday through Friday, excluding Holidays
   
DATA NETWORK SERVICES
       
LAN management
  7 / 24    
WAN management
  7 / 24    
Firewall management
  7 / 24    
ENTERPRISE SECURITY MANAGEMENT SERVICES
       
Security Compliance and Regulatory
  8:00 a.m. to 5:00 p.m., Local Time Zone,
Monday through Friday, excluding Holidays
  Local Time Zone is Boulder
Infrastructure Protection
  7 / 24    
Authorized and Access
  7 / 24   Via Service Desk
Confidential
Exhibit A-1 — Delivery Management Services (Cross Functional)

 

Page 39 of 41


 

         
Services   Service Hours   Notes
DISASTER RECOVERY SERVICES — Declaration
  7 / 24    
DISASTER RECOVERY SERVICES — Testing
  Yearly   As scheduled
Business Continuity Testing
  Yearly    
4.   TOOLS
  a.   Vendor will provide, install, configure, test, if applicable, and maintain the Tools listed in Schedule I (Vendor Supported Software) to enable Vendor to provide the Services.
 
  b.   ACI will:
  (1)   Allow Vendor to install the Tools that may be required by Vendor to provide the Services.
  (2)   Provide the system and network capacity and connectivity required to support the Tools.
  (3)   Sign the appropriate vendor license agreement (including Vendor’s), if required, for Vendor to install Tools on ACI ‘s equipment and/or premises.
  (4)   On expiration or termination of the Agreement, unless otherwise mutually agreed and stated in the Agreement, return all Tools in working order to Vendor.
5.   OPERATIONS DOCUMENTATION
All documentation maintained by Vendor will be subject to approval by ACI and will conform to the documentation standards and format agreed upon between ACI and Vendor. Vendor will develop documentation in accordance with the requirements in the Process Interface Manual to Schedule S (Governance).
  a.   The Vendor responsibilities include the following:
  (1)   Develop and maintain documentation on all operations procedures, Services, Equipment, and Software for which Vendor is responsible.
  (2)   Incorporate Application requirements that affect Operations, along with procedural information and contact information for each Application into Process Interface Manual.
  (3)   Document procedures to be utilized by internal IT for the correct use of the Services, Equipment, Software, connectivity, security, and Service Desk.
Confidential
Exhibit A-1 — Delivery Management Services (Cross Functional)

 

Page 40 of 41


 

  (4)   Make all documentation available in paper copies and electronically, and, wherever possible, using documentation that is Web-enabled for access by ACI.
  (5)   Audit documentation regularly for completeness and accuracy, and verify that all documentation is present, organized, readable, and updated.
  (6)   Report the resultant audit findings to ACI on a regular basis, and where it is determined that documentation is inaccurate (for example, erroneous or out of date), correct and replace such documentation.
  b.   ACI will document and provide to Vendor, Application requirements that affect operations, along with procedural information and contact information for each Application.
6.   BUSINESS DIVESTURES, ACQUISITIONS, CONSOLIDATIONS, AND RELOCATIONS
From time to time, ACI has, and intends to, acquire or divest businesses (or parts of businesses) and relocate or consolidate businesses (or parts of business); such activities referred to in this section as “business structure event(s)”. Vendor will perform certain functions at the request of ACI.
Vendor will conform to the requirements and provide the Services associated with divestitures and acquisitions as described in the MSA.
Confidential
Exhibit A-1 — Delivery Management Services (Cross Functional)

 

Page 41 of 41


 

EXHIBIT A-2
ASSET SERVICES
1.   INTRODUCTION
Vendor will provide the following Asset Services to ACI during Service Hours, unless otherwise mutually agreed by ACI and Vendor. Vendor will implement the process for the acquisition of assets and for tracking the status, Location and ownership of such assets. Vendor will conduct an initial, complete wall to wall inventory of all Equipment, at ACI Locations and will conduct additional electronic Equipment inventories on an annual basis. The initial Software inventory will be conducted electronically, as will all annual subsequent Software inventories.
Vendor will provide and ACI will approve the initial inventory before final implementation as well as the automated Asset Inventory and Management System. ACI will have view capabilities to the Asset Inventory and Management System monthly reports via IMPACT. Vendor will also define and support the processes required for the capture of any changes and will incorporate such changes into the asset database.
2.   INITIAL ASSET INVENTORY
  a.   During the Transition Period, Vendor will:
  (1)   conduct a planning session with ACI (or location-specific planning sessions for Locations with a sizable inventory) to review the plan for performing the inventory (the “Inventory Plan”). ACI will approve and sign-off on the plan. The Inventory Plan will document the following:
  (a)   the assets Vendor will inventory, types of data Vendor will collect, and the level asset are to be tracked, including all IT assets, whether such assets are owned or leased by ACI or the Vendor
 
  (b)   any Location-specific requirements and hours of access;
  (c)   required Location data (for example, floor plans, storage areas, equipment and software access requirements, safety and security requirements);
  (d)   Locations and End Users that Vendor will inventory using, for example, mail-in data collection kits as well as the respective return deadline date for each Location (to be returned before completion of the inventory at the applicable Location) (see table attached which will specify those Locations for which Vendor will perform a physical wall-to-wall inventory; all other ACI Locations will receive mail-in kits);
Confidential
Exhibit A-2 — Asset Services

 

Page 1 of 7


 

  (e)   any inventory prerequisites as well as any procedures that Vendor and ACI will follow during the inventory and that ACI needs to communicate or that ACI’s business units and End Users need to perform;
 
  (f)   a tentative inventory schedule (by Location);
  (g)   a virus escalation process, including the name and telephone and pager numbers of the ACI Focal Point for use by Vendor in the event Vendor incidentally discovers viruses during an electronic inventory process;
  (h)   the user demographic information Vendor will collect (subject to the capabilities of the inventory tools, if applicable); and
  (i)   the electronic inventory tools and the asset (hardware and software) recognition capabilities of the electronic inventory tools as well as the alternative inventory techniques Vendor will use, if any, in the event Vendor cannot electronically inventory the assets;
  (2)   notify the ACI Focal Point per the virus escalation process if Vendor incidentally discovers viruses during the inventory process;
  (3)   coordinate and perform the asset inventory (using a combination of electronic and physical inventory techniques as determined by Vendor and agreed to by ACI to verify or establish the asset database;
  (4)   conduct a physical inventory of stand-alone machines (collected information should consist of a numeric or alphanumeric asset type, and may also include: manufacturer (for example, Vendor, HP, Apple); product description (for example, desktop, server); serial number or asset tag number, as applicable; asset location (for example, building address, room number, city and state); and demographic information);
  (5)   notify the ACI Focal Point of any obstacle that prevents Vendor from performing an initial electronic inventory of an asset, including:
  (a)   unavailability of, or failure to disable, a power-on or screen saver password;
  (b)   refusal by an End User to permit Vendor to perform the electronic asset inventory;
 
  (c)   untimely admittance to Locations or other areas;
 
  (d)   an operating failure of the desktop; or
  (e)   desktop executing software at the time of the scheduled inventory and the End User is unavailable to save open data;
Confidential
Exhibit A-2 — Asset Services

 

Page 2 of 7


 

  (6)   if the initial electronic inventory attempt is unsuccessful due to an obstacle, perform a second attempt while in the same area to electronically audit the asset. If the second attempt is also unsuccessful due to an obstacle, perform a physical inventory of the asset;
 
  (7)   Collect serial numbers of inventoried equipment, as required,;
  (8)   prepare mail-in data collection kits and forward the kits to the ACI Focal Point for distribution to the Locations and End Users identified in the Inventory Plan;
  (9)   if applicable, provide and install the required software agent(s) to enable electronic scanning of assets to capture future asset database information;
  (10)   on completion of the inventory, reconcile the collected asset data including identifying and correcting (to the extent within Vendor’s control) the following, as applicable:
  (a)   missing and duplicate serial numbers;
  (b)   missing, duplicate and incorrect length of asset tag numbers;
 
  (c)   missing demographic information; and
  (d)   discrepancies resulting from IMAC activity performed during the inventory process,
  (11)   utilize ACI’s process to track and capture any IMACs performed during an asset inventory;
 
  (12)   obtain ACI’s approval for the asset inventory results; and
  (13)   establish the asset database within IMPACT to which ACI will have browser and adhoc reporting privileges (i.e., load the asset information obtained during the initial asset inventory) or validate the asset information provided by ACI using the information obtained during the asset inventory.
  b.   During the Transition Period, ACI will:
  (1)   Review with Vendor the Inventory Plan and provide final approval (or rejection) of such plan no later than ten days before the first Location inventory;
 
  (2)   at least ten days before each scheduled Location inventory:
  (a)   provide a listing of the contacts who will perform administrative responsibilities, including the ACI Focal Point, and ensure their availability, as required, for status meetings during the inventory;
  (b)   provide an estimate of the number of assets to be inventoried at each Location;
  (c)   provide current floor plans for each floor of each Location to be inventoried;
Confidential
Exhibit A-2 — Asset Services

 

Page 3 of 7


 

  (d)   provide a soft copy listing (i.e., mail merge capable file) including the names of and mailing addresses for those End Users at each Location using mail-in collection kits;
  (e)   distribute mail-in data collection kits to the Locations and End Users identified in the Inventory Plan; and
  (f)   distribute the Vendor-supplied inventory worksheets to End Users with instructions to complete the demographic information sections of the worksheet before the scheduled date of the inventory.
  (3)   during the initial asset inventory:
  (a)   ensure the ACI Focal Point is available:
  (i)   to accompany Vendor on a walk-through of the Location;
 
  (ii)   in the event Vendor incidentally discovers viruses during the electronic inventory process;
 
  (iii)   to review and accept collected data on a daily basis; and
 
  (iv)   upon inventory completion at each Location, provide sign-off that the inventory process has been completed;
  (b)   provide a temporary work room that is large enough to accommodate the inventory team and provides access to a collection server, a printer on which to generate reports, a telephone with outside capability, and an analog phone line for modem dial out;
  (c)   provide reasonable and timely access to equipment to be inventoried;
 
  (d)   prohibit (or restrict) IMAC activity; and
  (e)   track and collect all mail-in data collection kits and forward all completed kits to Vendor before the completion of the inventory at the applicable Location; and
  (4)   provide the initial End User related data (i.e., name, phone number, location address, department number, network connection) in an electronic format required to establish End User records; and
  (5)   approve the asset inventory results for loading to the assets database.
3.   ASSET TRACKING
Vendor will define and implement the process for tracking assets throughout their life cycle from acquisition to disposal, including any changes performed for such assets. ACI will review, provide feedback and provide final approval for the process.
Confidential
Exhibit A-2 — Asset Services

 

Page 4 of 7


 

  a.   Vendor will:
  (1)   define and implement the asset tracking process
  (2)   maintain the asset database capturing changes Vendor or ACI made as a result of:
  (a)   receipt of new assets;
  (b)   data scrubbing and validation (i.e., checking for nomenclature and data entry discrepancies such as validating that the asset type is numeric or alphanumeric);
  (c)   IMAC, hardware maintenance, and deskside support Services activity;
 
  (d)   asset storage, retirement, and disposal; and
  (e)   changes to End User-related data (for example, name, phone number, location address, department number, network connection).
  (3)   perform electronic inventory and/or bar code scans on hardware in conjunction with performing on-site Services (for example, deskside support, IMAC, hardware maintenance) and update the asset database;
  (4)   add assets for which no record is found to the asset database as such assets are located during an inventory or are otherwise discovered, for example, during a Service Desk support call, and notify the ACI Focal Point of such additions;
  (5)   coordinate and perform periodic physical or electronic asset validations and report the results to ACI;
  (6)   forward information on all asset discrepancies and/or issues to the ACI Focal Point for resolution;
  (7)   provide reasonable assistance to ACI in resolving asset database discrepancies or issues;
  (8)   provide a monthly standard report and annual rollup report to ACI, as well as provide “as needed” reports in a mutually agreed upon timeframe; and
  (9)   Electronically link asset management tools, processes, and the Asset Inventory and Management System to the Incident Management System, Change Management procedures, and other Service Desk tools and processes in order to effectively leverage the information contained therein.
  b.   ACI will:
  (1)   assist Vendor in the definition of the asset tracking process;
  (2)   provide Vendor changes ACI made to the assets as a result of:
Confidential
Exhibit A-2 — Asset Services

 

Page 5 of 7


 

  (a)   Asset disposal in sites where there is no on-site Vendor support;
  (b)   changes to End User-related data (for example, name, phone number, Location address, department number, network connection);
  (3)   ensure End Users perform their responsibilities in accordance with the established process during an asset validation or inventory;
  (4)   maintain responsibility for software license management (for example, auditing for compliance to vendor terms and conditions) for all software owned by or licensed to ACI;
  (5)   resolve all ACI asset policy discrepancies and issues and notify Vendor of the resolution; and
  (6)   Provide Vendor with information regarding what to maintain with respect to the asset records ACI deems necessary to meet ACI’s audit requirements and financial obligations.
4.   LEASE TRACKING
  a.   The Vendor’s responsibilities include the following:
  (1)   Include within the asset tracking processes the capture of ACI-provided lease data as it relates to assets tracked
  (2)   Prepare and provide lease management reporting as required by ACI.
5.   REDEPLOYMENT AND DISPOSAL OF EQUIPMENT
  a.   Vendor’s responsibilities include the following for ACI Locations where there is on-site Vendor support:
  (1)   Perform de-installation and/or re-deployment of Equipment in accordance with change management procedures, including:
  (a)   Comply with backup requirements.
  (b)   Provide permanent removal of any ACI Software or data that may exist on storage media (fixed, removable, or shared).
  (2)   Upon redeployment or disposal of Equipment, make the necessary changes in the asset inventory and management system.
  (3)   Work with ACI to establish an financial approval process to remove PCs;
 
  (4)   Package the equipment for shipment and coordinate pick-up;
Confidential
Exhibit A-2 — Asset Services

 

Page 6 of 7


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT
THE PORTIONS OF THIS DOCUMENT DENOTED BY
BOXES AND ASTERISKS BE ACCORDED
CONFIDENTIAL TREATMENT PURSUANT TO RULE
24b-2 PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1934.
  (5)   To the extent the Equipment is owned or leased by ACI, the Vendor’s responsibilities include the following:
  (a)   Return the Equipment to a central location at the ACI Location or immediately re-deploy Equipment as requested by ACI.
  (b)   If the Equipment is to be disposed of and is in usable condition, dispose of the Equipment as directed by ACI
  (c)   Dispose of unusable Equipment in an appropriate, environmentally responsible manner. Erase, overwrite or destroy all data and configuration information resident in the computer system, storage components, and/or devices in such a manner that makes the data irretrievable prior to disposing of equipment. If the Equipment is sold for salvage, provide any salvage value to ACI.
  b.   ACI’s responsibilities include the following:
 
      For ACI Locations where there is on-site Vendor support:
  (1)   Pay for the transportation and disposal costs via locally approved disposal or salvage process;
  (a)   In countries where Asset Services are supported, Vendor will offer transportation and disposal Services either as separate Pass-Through Expenses or via direct ACI contracts with third parties.
  c.   For ACI Locations where there is no on-site Vendor support, Vendor will, at ACI’s request, dispatch support for asset disposal assistance. Travel for such assistance will be a Pass-Through Expense.
 
  Table 1:   Physical Wall to Wall Inventory Locations
Physical Wall to Wall Locations

[*]
  Table 2:   Mail-in Inventory Locations
Mail-in Inventory Locations

[*]
Confidential
Exhibit A-2 — Asset Services

 

Page 7 of 7


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT
THE PORTIONS OF THIS DOCUMENT DENOTED BY
BOXES AND ASTERISKS BE ACCORDED
CONFIDENTIAL TREATMENT PURSUANT TO RULE
24b-2 PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1934.
EXHIBIT A-3
SERVICE DESK SERVICES
1.   INTRODUCTION
  a.   As of the Service Tower Commencement Date, Vendor will provide Service Desk Services in accordance with this Exhibit.
  b.   Vendor shall be the single point of contact for End Users regarding Incidents and requests, which include events that cause or may cause an interruption or reduction of service for internal or external users of ACI’s IT Services along with any requests for service originating from End Users.
  c.   Vendor will staff an organization to act as a single point of contact for End Users who require assistance in the resolution of IT-related problems, concerns, and questions and to request Services (the “Service Desk”).
  d.   Vendor will provide Service Desk support in English only.
2.   SERVICE DESK SERVICES
2.1   General
  a.   Vendor will:
  (1)   provide the Service Desk service on a 24 x 7 x 365 basis;
  (2)   provide the capability for End Users to submit Incidents via telephone, electronic mail and secure web site;
  (3)   provide a Service Desk with processes for Service Delivery and Service Management that are [ * ];
  (4)   deliver Service Desk services that meet ACI’s established business continuity and disaster recovery requirements;
  (5)   provide Service Desk personnel who have the appropriate competencies to provide Service Desk services and have been provided with an orientation to ACI’s business to understand ACI processes and standard infrastructure and are appropriately trained to provide one call support of problem resolution, where feasible;
  (6)   provide Service Desk support using terms that are clearly understood by the End Users and consistent with those used by ACI;
Confidential
Exhibit A-3 — Service Desk Services

 

Page 1 of 5


 

  (7)   provide a Service Desk that is in a location off-site from and approved by ACI;
  (8)   where more than one site is proposed by Vendor for the delivery of Service Desk services, including for the support of ACI’s business continuity and disaster recovery requirements, execute any switching between the sites in a manner transparent to customers of the Service Desk service;
  (9)   provide a toll free telephone number for calls to the Service Desk originating in the United States and Canada. For calls originating outside the US and Canada, the ACI voice network will be used to connect to the US toll free telephone number, for End Users calling from outside the US or Canada who require Service Desk assistance;
  (10)   handle via the escalation management process agreed upon by Vendor and ACI any problem that can not be resolved by telephone, and on a specified basis provide reports to ACI on these escalated problems;
  (11)   provide, program and maintain the automatic call distribution equipment Vendor requires to provide the Services;
  (12)   receive, log and dispatch or transfer calls, as appropriate;
  (13)   open an Incident record to document all Incidents. This record will include End User information, Incident record number, date and time opened, service requested, problem description or symptoms, assignment (for example, level 2, level 3), status, and Incident resolution and closure information;
  (14)   prioritize calls in accordance with the Severity Levels established by ACI and Vendor under this Agreement;
  (15)   perform problem analysis, including identification of the source of the problem;
  (16)   provide call status as the End User requests;
  (17)   perform password resets, except for password resets on Application IDs which ACI has retained, on a basis approved by ACI when requested by End Users;
  (18)   dispatch or arrange for on-site support or depot service, if required, for problem determination and/or resolution;
  (19)   notify the ACI Focal Point of systems or equipment failures, or of an emergency, according to the Process Interface Manual;
  (20)   provide a systems status recording and provide system status broadcast messages on the web portal and via e-mail for in-scope systems with status information such as known major Incidents and estimated recovery times;
Confidential
Exhibit A-3 — Service Desk Services

 

Page 2 of 5


 

  (21)   interface with and coordinate problem determination and resolution with the ACI Focal Point and/or Third Party service providers, as appropriate;
  (22)   monitor problem status to facilitate problem closure within defined Service Level criteria and/or escalate in accordance with the escalation management process;
  (23)   provide input to ACI on End User training requirements based on problem Call tracking and analysis;
  (24)   with ACI’s assistance, establish and maintain Call prioritization guidelines and escalation procedures;
  (25)   develop Service Desk operational processes and procedures and provide to ACI for distribution;
  (26)   maintain a contact list of Vendor Focal Points, including names and telephone, pager and fax numbers, and provide to ACI for distribution;
  (27)   communicate to the ACI Focal Point on available Services and the procedures for accessing such Services;
  (28)   provide Level 1, and manage Level 2 and Level 3 support for the Equipment and Software;
  (29)   provide a standard monthly report to ACI summarizing the Incidents (by status code) received and handled by the Service Desk for the prior month;
  (30)   provide monthly reports to ACI, as further described in Schedule R (Reports);
  (31)   Conduct random surveys of End Users in accordance with Schedule K (User Satisfaction Survey Guidelines); and
  (32)   Provide information to ACI on Call trends and make recommendations (for example, additional End User training requirements), where appropriate.
  b.   ACI will:
  (1)   be responsible for all End User training in use of ACI hardware and software;
  (2)   for ACI-retained systems, provide systems status information to the Service Desk and updates as they occur. Vendor will maintain such information for up to five Business Days or until ACI is notified by Vendor within the five Business Days, after which time Vendor will delete it unless ACI requests otherwise;
  (3)   maintain and distribute a ACI contact list, including names and telephone, pager and fax numbers, for use by Service Desk staff to contact appropriate ACI personnel for problem determination assistance and escalation and ensure such personnel are available as required;
Confidential
Exhibit A-3 — Service Desk Services

 

Page 3 of 5


 

  (4)   assist Vendor in establishing Call prioritization guidelines and escalation procedures;
  (5)   ensure End Users have a basic level of understanding of the Service Delivery Processes and adhere to such processes for accessing the Services;
  (6)   communicate support responsibilities and procedures to the ACI Focal Point and Third Party service providers (for example, providing Call status and resolution to the Service Desk) and ensure adherence to such procedures;
  (7)   assist Vendor, as requested and in a time frame commensurate with the assigned problem Severity Levels and associated Service Level commitment, in the resolution of recurring problems which are the result of End User error;
  (8)   resolve any ACI Third Party services provider performance problems affecting Vendor’s provision of the Services for any service provider arrangements that have not been assigned to Vendor;
  (9)   be responsible for all ACI Third Party support costs (for example, help lines);
  (10)   be responsible for the resolution or closure of all Incidents related to products and services that are not within the Services;
  (11)   authorize all system access;
  (12)   reset passwords and perform logon ID administration for application IDs; and
  (13)   allow Vendor to utilize remote access capability to remotely diagnose End User problems.
2.2   Performance Standards and Reporting for Service Desk
Vendor shall meet performance standards for the Service Desk services as defined in Schedule B (Service Levels). Reporting requirements for all Services are defined in Schedule R (Reports).
Confidential
Exhibit A-3 — Service Desk Services

 

Page 4 of 5


 

2.3   Self Help
  a.   Vendor will provide tools and a web services portal to enable the End Users to:
  (1)   perform self help knowledge searches;
  (2)   submit problem and service request tickets;
  (3)   view online problem and service request ticket status; and
  (4)   view current system outages.
  b.   ACI will:
  (1)   provide and maintain an authentication methodology as part of ACI’s security guidelines;
  (2)   provide ACI’s existing processes and content to assist Vendor in providing self help Services; and
  (3)   promote and ensure the use of the self help Tools and processes to End Users.
Confidential
Exhibit A-3 – Service Desk Services

 

Page 5 of 5


 

EXHIBIT A-4
END USER SERVICES
1.   INTRODUCTION
Upon the Service Tower Commencement Date, Vendor will provide the following End User Services to ACI during the Service Hours, unless otherwise mutually agreed by ACI and Vendor.
2.   DESKTOP SUPPORT SERVICES
Vendor will provide problem determination and problem resolution at the End User’s work location within a facility using on-site services which are a combination of deskside support and hardware related support such as break/fix (i.e., hardware maintenance). Vendor will not provide such on-site services to End Users in Locations in Malaysia until Contract Year 3.
For equipment that is eligible for hardware maintenance Services and that is assigned to Mobile End Users and/or Remote End Users, Vendor will provide such Services as depot services only, that is, performed at an Vendor-designated repair location. Vendor will identify the designated depot services location and provide ACI the processes Mobile End Users and Remote End Users will follow in obtaining such Services. Where no Vendor repair centre is available Vendor will either replace equipment or provide a loan machine and make good repairs on the defective system. In those instances when physical presence is required to perform desktop services and no on-site resource is available, Vendor will engage and dispatch personnel to address the request and/or resolve the issue. If services are performed by a third party, ACI would be billed directly by the third party. If Services are performed by Vendor, Vendor will invoice ACI for travel and living expenses as Pass-Through Expenses and labor performed by non-ACI dedicated personnel would be billed via the rate card in Schedule C (Charges).
2.1   Deskside Support Services
  a.   Vendor will:
  (1)   provide problem source identification, problem impact validation, and problem determination;
  (2)   with ACI’s approval, implement the deskside support Services operational procedures including the criteria for deployment of deskside support Services personnel;
  (3)   be responsible for all End User data migration, backup and restore, conversion, and erasure, as required, before and following the provision of deskside support Services;
Confidential
Exhibit A-4 — End User Services

 

Page 1 of 12 


 

  (4)   provide deskside support Services for Supported Desktop Standard Products at the End User’s work location within a End User Location in accordance with the established procedures;
  (5)   provide support Services for Supported Desktop Products at remote End User’s work location via network assist;
  (6)   manage the problem to resolution or closure, as appropriate, including:
  (a)   applying emergency software fixes in support of problem resolution; or
  (b)   performing virus eradication on the desktop device; or
  (c)   completely rebuild the system back to its original standard.
  (7)   update the status of the deskside support Services call to the Service Desk through to completion;
  (8)   When a new employee is hired, Vendor will receive from ACI an IMAC request with the End User requirements for a new Employee.
  (9)   on completion of the deskside support Services:
  (a)   close the ticket; and
  (b)   update the asset database;
  (10)   at ACI’s request, provide deskside support Services for Nonstandard Products on a Commercially Reasonable Efforts basis and based upon available resources. (See definition of “Nonstandard Product” in Attachment A-1 (Services Definitions)); and
  (11)   provide a monthly standard report using available problem management data to ACI summarizing the deskside support Services Vendor provided during the prior month.
  b.   ACI will:
  (1)   assist Vendor in implementing the deskside support Services operational procedures including the criteria for deployment of deskside support Services personnel;
  (2)   provide adequate and secure space for depot assets; and
  (3)   provide authorization and be responsible for all charges for deskside support Services Vendor provides at ACI’s request for Nonstandard Products and out-of-scope services (for example, ad hoc End User training, how to assistance).
2.2   Hardware Maintenance Services
  a.   Vendor will:
  (1)   coordinate hardware support for Maintained Equipment including the repair or exchange of such Maintained Equipment, as appropriate;
Confidential
Exhibit A-4 — End User Services

 

Page 2 of 12


 

  (2)   at ACI’s request, coordinate hardware support for, Equipment not on warranty and without a maintenance agreement, including the repair or exchange of such Equipment as appropriate, on a Commercially Reasonable Efforts basis and based upon available resources;
  (3)   with ACI’s approval, implement the hardware maintenance Services operational procedures including the criteria for deployment of hardware maintenance Services personnel;
  (4)   coordinate and schedule maintenance activities with the ACI Focal Point or the requesting End User;
  (5)   dispatch hardware maintenance service personnel in accordance with the established procedures;
  (6)   document and provide recovery procedures to maintenance personnel necessary to recover the Equipment to its original state including foreign operating systems and individual country dictionaries;
  (7)   using ACI-provided warranty documentation, maintain the records necessary to support warranty service of Equipment on warranty installed as of the Effective Date (for example, serial number, program number, install date, location) within the asset database;
  (8)   coordinate warranty repair service with the appropriate equipment manufacturer;
  (9)   track and report observed failure trends for Critical Functions;
  (10)   on notice from ACI, perform service or provide instructions pertaining to OEM recall programs for ACI-owned Maintained Equipment consistent with the terms and conditions and instructions the manufacturer specifies;
  (11)   provide the procedures Mobile End Users and Remote End Users are to follow to obtain depot hardware maintenance Services for Supported Desktops to the ACI Focal Point for distribution to such End Users;
  (12)   update the status of the hardware maintenance Services calls to the Service Desk through to completion;
  (13)   on completion of hardware maintenance Services:
  (a)   close the ticket; and
  (b)   update the asset database;
  (14)   perform any required pre- and post maintenance activities before permitting and following hardware maintenance Services on equipment (for example, backup, remove, protect, and restore programs, data and removable storage media, remove and reload funds);
  (15)   on Vendor’s discovery of hardware Standard Products not included in the asset database, notify the ACI Focal Point of the same, so that ACI can place such hardware on maintenance, and update the asset database;
Confidential
Exhibit A-4 — End User Services

 

Page 3 of 12


 

  (16)   at ACI’s request, provide hardware maintenance Services for Nonstandard Products on a Commercially Reasonable Efforts basis and based upon available resources;
  (17)   at ACI’s request, provide hardware maintenance Services on an hourly basis to repair or restore Maintained Equipment damaged as a result of:
  (a)   ACI’s misuse, accident, ACI’s modification, unsuitable physical environment in a End User Location, or a Force Majeure Event, or
  (b)   the provision of hardware maintenance services by other vendor, or
  (c)   the inappropriate use of, inadequate use of, or failure to use, appropriate supplies by ACI, or
  (d)   other actions by ACI not covered under a maintenance agreement or warranty services; and
  (18)   provide a monthly standard report to ACI, using available problem management data that summarizes the hardware maintenance Services Vendor provided during the prior month;
  (19)   notify ACI of any warranty issues;
  (20)   implement the hardware maintenance Services operational procedures including the criteria for deployment of hardware maintenance Services personnel.
  b.   ACI will:
  (1)   Provide warranty or maintenance agreements on all Supported Desktops and Nonstandard Products;
  (2)   Be financially responsible, for equipment not covered under warranty
  (3)   approve the hardware maintenance Services operational procedures including the criteria for deployment of hardware maintenance Services personnel;
  (4)   provide a suitable environment for the equipment to be maintained, as the equipment’s manufacturer specifies;
  (5)   provide Service Desk representatives with the information required for hardware maintenance Services (for example, machine type, serial number), and such other information, as requested, including location address, building and office number and contact name and phone number;
  (6)   coordinate and schedule maintenance activities with ACI’s internal support functions, as required;
Confidential
Exhibit A-4 — End User Services

 

Page 4 of 12


 

  (7)   provide Vendor with manufacturers’ warranty documentation (for example, warranty certificate, type of warranty, duration, applicable terms and conditions) for Maintained Equipment installed as of the Effective Date and for equipment Vendor will maintain that ACI procures directly after such date;
  (8)   ensure all hardware that is procured by or for ACI after the Effective Date has the maximum warranty available or on schedule with the refresh cycle on all parts and labor (i.e., three-year on-site service, parts and labor warranty or equivalent) and warranty services are consistent with the Service Hours and applicable Service Levels;
  (9)   provide all hardware upgrades, maintenance parts, or replacement equipment not provided under a warranty or maintenance agreement;
  (10)   provide and maintain the inventory of all End User consumable supplies, such as paper, toner, printer cartridges, diskettes, compact disks, tapes, batteries, and other such items that comply with original equipment manufacturer’s specifications, and distribute or install such supplies as End Users require;
  (11)   provide the guidelines relative to and the spare parts inventory for Critical Functions, and the appropriate and secured storage area for such inventory;
  (12)   provide authorization and be responsible for all charges for hardware maintenance Services Vendor provides at ACI’s request to repair or restore Maintained Equipment damaged as a result of ACI action under Section 2.2(a)(17) of this Exhibit A-4;
  (13)   provide authorization and be responsible for all charges for hardware maintenance Services Vendor provides at ACI’s request for Nonstandard Products.
3.   INSTALL, MOVE, ADD, CHANGE SERVICES
  a.   Vendor will:
  (1)   coordinate and perform IMACs for the Standard Products;
  (2)   with ACI’s approval, implement the IMAC Services operational procedures including the development of an IMAC checklist that defines the completion criteria for each IMAC Service;
  (3)   receive requests for IMAC Services via the established procedures and create the required documentation (for example, work order, call record update);
  (4)   schedule the IMAC perform date with the ACI Focal Point and the requesting End User;
Confidential
Exhibit A-4 — End User Services

 

Page 5 of 12


 

  (5)   before the scheduled IMAC date, communicate to the ACI Focal Point any IMAC prerequisites and any procedures that need to be followed after the IMAC is completed;
  (6)   notify the ACI Focal Point of the required IMAC components that need to be available and site preparations (facilities and telecommunications modifications) that need to be completed before the scheduled IMAC date;
  (7)   perform the required pre delivery preparation for any new systems to be installed, including:
  (a)   build and configure the system in accordance with ACI-provided configuration specifications;
 
  (b)   run diagnostics on all configuration components;
  (c)   load and configure specified software Standard Products and replicate loading for site-licensed software Standard Products using the ACI-provided master diskette or compact disk;
  (d)   perform configuration testing, including operating system testing functions;
  (e)   perform hardware burn-in for the designated period of time for such hardware; and
  (f)   repackage the fully assembled and tested system, including configuration documentation and any vendor-provided operations manuals or other applicable documentation, in one container or as a banded unit, apply shipping labels, generate appropriate shipping documentation, and ship to the designated End User Location;
  (8)   before the scheduled IMAC date, verify with the End User, that he or she has complied with all IMAC prerequisites, all site modifications are complete, and that the necessary IMAC components have been received and will be available at the End User’s work location on the scheduled IMAC date . The ACI Focal Point will be contacted in the event that there is an issue related to the IMAC;
  (9)   perform the IMAC Services for desktop Standard Products according to the criteria specified in the IMAC checklist;
  (10)   obtain concurrence from the End User or the ACI Focal Point that the IMAC was completed in accordance with the IMAC checklist;
  (11)   assist ACI in resolving on a timely basis any issues impacting IMAC activity;
  (12)   prepare displaced hardware (i.e., wrap cords) and software and, if applicable, move to a designated staging area within the End User Location for removal by ACI;
Confidential
Exhibit A-4 — End User Services

 

Page 6 of 12


 

  (13)   update the status of the IMAC Services call to the Service Desk through to completion;
  (14)   on completion of an IMAC:
  (a)   close the call; and
  (b)   collect the appropriate configuration data and update the asset database;
  (15)   implement a mutually agreed process for consolidating IMACs, when possible, into Projects;
  (16)   be responsible for all End User data migration, backup and restore, conversion, or erasure, as required, before and after the IMAC Service;
  (17)   provide a monthly standard report to ACI summarizing the IMAC Services Vendor performed during the prior month, including the current status of any IMAC Services requests that are in progress or pending;
  (18)   implement the IMAC Services operational procedures including the development of an IMAC checklist that defines the completion criteria for each IMAC Service;
  (19)   after the completion of the IMAC, return all services to operational status; and
  (20)   ensure all required IMAC components are at the designated staging area within the facility or at the End User’s work location, as applicable, on the scheduled IMAC date; escalate to ACI Focal Point if required
  b.   ACI will:
  (1)   Approve the IMAC Services operational procedures including the IMAC checklist that defines the completion criteria for each IMAC Service;
  (2)   provide to Vendor, via the established procedures, an authorized IMAC Services request that clearly defines all IMAC requirements and includes all information Vendor requests;
  (3)   provide all Equipment and Software components (for example, hardware, software and any associated components) necessary to perform an IMAC;
  (4)   through the ACI Focal Point:
  (a)   coordinate the activities related to and the completion of all required facilities and data telecommunications modifications before the scheduled IMAC date;
Confidential
Exhibit A-4 — End User Services

 

Page 7 of 12


 

  (b)   at Vendor’s request, provide the status on ACI-retained activities (for example, anticipated completion date of site modifications) related to or impacting an IMAC;
  (c)   ensure End User compliance with all IMAC Services prerequisites, as set forth in the IMAC checklist or as Vendor or ACI otherwise communicates, before the scheduled IMAC date;
  (d)   at Vendor’s request, verify the completion of all End User IMAC prerequisites, site readiness, and the availability of all IMAC components; and
  (5)   define and provide Vendor the escalation procedures for situations where End Users have not completed the communicated IMAC prerequisites or where site preparations have not been completed within the defined time frames or in accordance with specifications;
  (6)   for IMAC activity not directly requested by the End User, notify the affected End User(s) of such planned IMAC activity;
  (7)   track End User software licenses and be responsible for End User compliance with all software vendor license terms and conditions;
  (8)   for new systems for which Vendor is providing pre-delivery preparation Services:
  (a)   define the configuration specifications;
  (b)   provide copies (via diskettes, compact disks, tapes or other approved media) of any site licensed software Standard Products, including the master to be loaded as part of a Standard Configuration;
  (c)   communicate to Vendor any applicable software vendor license terms and conditions;
  (d)   adhere to all software vendor license terms and conditions for any site licensed software Standard Products; and
  (e)   provide the ship-to location address for each system unit and the name and phone number of a designated contact person at such location;
  (9)   provide necessary End User orientation and education;
  (10)   provide all transportation of IMAC components to, between, and within Facilities and all transportation associated with the disposal or relocation of displaced hardware and software;
  (11)   be responsible for all costs and compliance with regulatory requirements for the disposal or relocation of packing materials and displaced or discontinued hardware and software and related materials (for example, batteries, manuals, supplies, cathode ray tubes);
Confidential
Exhibit A-4 — End User Services

 

Page 8 of 12


 

  (12)   provide the packing materials and prepare all displaced hardware and software for shipping;
  (13)   provide a secure staging or storage area within the End User Location to store IMAC components to be used for a scheduled IMAC and the hardware and software (and associated documentation) displaced by an IMAC;
  (14)   assist Vendor to resolve on a timely basis any issues impacting an IMAC; and
  (15)   provide authorization and be responsible for all charges for IMAC Services Vendor provides at ACI’s request for Nonstandard Products.
4.   REFRESH SERVICES
Vendor will provide Refresh Services to ACI at depot locations as an IMAC and as set forth below and in Schedule V (In-Flight Projects). A planned Refresh IMAC request that includes more than ten (10) concurrent IMAC events (i.e., IMACs to be performed during the same time period, within the same business unit or location) will be considered a Project, if ACI agrees on a case-by-case basis. ACI will have the option to request multi-desktop refreshes to be implemented on a staggered basis using staff already assigned to the ACI account with no increase in charges.
  a.   Vendor will:
  (1)   schedule the Refresh perform date with the ACI Focal Point and the requesting End User, and communicate any End User prerequisites prior to the scheduled Refresh date (according to the agreed Refresh plan);
  (2)   de-install and remove the End User’s existing Supported Desktop and configure, install and test the new system at the mutually agreed location (for example, desk or office);
  (3)   perform data backup from the End User’s existing Supported Desktop;
  (4)   perform electronic data migration up to two gigabyte from End User’s existing Supported Desktop to the new system; and
  (5)   update the image(s), as required.
  b.   ACI will:
  (1)   ensure the End User is available to Vendor during the Refresh process to provide any necessary information (for example, passwords); and
  (2)   define the content of the updated image(s) to deploy to all systems taking into consideration the needs of the various combinations of operating systems, hardware, and business unit applications.
Confidential
Exhibit A-4 — End User Services

 

Page 9 of 12


 

5.   ELECTRONIC SOFTWARE DISTRIBUTION (ESD)
  a.   Vendor will:
  (1)   with ACI’s assistance, define the ESD processes and procedures;
  (2)   provide the ESD processes and procedures including any ACI support requirements to the ACI Focal Point for distribution to ACI-designated personnel (for example, operators, systems engineers, problem support personnel);
  (3)   with ACI’s assistance, establish a distribution plan before each ESD including:
  (a)   the mutually agreed software Standard Products (consistent with the Supported Desktop Software standards) to be distributed;
  (b)   the schedule for distribution;
  (c)   any ESD prerequisites and post install procedures that need to be completed by End Users and ACI’s business units; and
  (d)   any End User training requirements related to the changes that will result from an ESD;
  (4)   communicate to the ACI Focal Point any ESD prerequisites and post install procedures that need to be completed by End Users and ACI’s business units;
  (5)   schedule and coordinate ESD activities with the ACI Focal Point;
  (6)   develop the how-to procedures End Users will follow to download the distributed software Standard Products from a Supported Server to the Supported Desktop and provide an electronic change notice to all End Users regarding upcoming distributions prior to the distribution itself;
  (7)   before an ESD, configure and test the software standard image included in the ESD to verify compatibility with existing Supported Server and Supported Desktop hardware and software configurations and directory structures and compliance with ACI policy;
  (8)   manage and administer the ESD, including:
  (a)   monitoring the ESD to verify the successful completion of the process; and
  (b)   taking corrective action, as appropriate, for problems resulting from the ESD to correct error conditions and facilitate application stability;
  (9)   communicate to the ACI Focal Point any problems that occurred during the distribution and a list of unsuccessful distributions;
  (10)   resolve unsuccessful distributions to the Supported Servers attributable to Vendor’s error;
Confidential
Exhibit A-4 — End User Services

 

Page 10 of 12


 

  (11)   provide verification of each completed ESD to the ACI Focal Point;
  (12)   on completion of the ESD, update the asset database, as appropriate; and
  (13)   ensure Supported Servers are equipped with the required hardware and software and that sufficient network capacity and connectivity (i.e., end-to-end connectivity and telecommunications link with minimum capacity of 256 kb) exist to allow for centralized electronic software distribution;
  (14)   before an ESD, resolve configuration conflicts between software products existing on the Supported Servers and Supported Desktops and the software Standard Products included in the scheduled ESD;
  (15)   install software Standard Products that cannot be electronically distributed on a Project basis; and.
  (16)   Apply patches on periodic basis according to the ACI policies and procedures
  b.   ACI will:
  (1)   provide all software Standard Products (new and upgrades) included in an ESD or distributed on a Project basis;
  (2)   document and provide to Vendor ACI’s standard configuration and policy requirements;
  (3)   assist Vendor in establishing a distribution plan before each ESD;
  (4)   assist Vendor in testing the ESD process;
  (5)   ensure required End User training occurs before the scheduled ESD date;
  (6)   perform file conversion for application files, ACI proprietary application files, and End User data files;
  (7)   provide the necessary system support (for example, scheduling system downtime, if required) during an ESD;
  (8)   ensure compliance by End Users and ACI’s business units with the communicated ESD prerequisites and post install procedures;
  (9)   resolve unsuccessful distributions to the Supported Servers or Supported Desktops not attributable to Vendor’s error;
  (10)   provide to Vendor any software vendor license terms and conditions and maintenance requirements for newly distributed software Standard Products that could affect the ESD Services;
  (11)   notify Vendor of any distribution time frames specified by any regulatory agency that need to be met to accomplish compliance with ACI Regulatory Requirements;
Confidential
Exhibit A-4 — End User Services

 

Page 11 of 12


 

  (12)   notify Vendor of any software to be deinstalled by Vendor (through the IMAC process or on a Project basis) in conjunction with an ESD; and
  (13)   dispose of all deinstalled software and discontinue the license and maintenance, if applicable, for such software.
Confidential
Exhibit A-4 — End User Services

 

Page 12 of 12


 

EXHIBIT A-5
SERVER SYSTEMS MANAGEMENT SERVICES (INCLUDING MAINFRAME)
1.   GENERAL SERVICES
Upon the Service Tower Commencement Date, Vendor will provide ACI the following Server Systems Management Services during the Service Hours. However, in no case will Vendor’s availability be limited to the Service Hours when a Severity 1 incident is reported.
1.1   Introduction
Vendor will establish and maintain a properly trained and adequately staffed Data Center population (i.e., management and support staff) to provide the Supported Server Services to ACI. Unless otherwise agreed by ACI and Vendor, such Services will be provided during the Service Hours, excluding the regularly scheduled maintenance periods.
1.2   Platform Support
  a.   Vendor will:
  (1)   provide server operation Services including the management of the Supported Server environment using the appropriate processes set forth in the Process Interface Manual;
  (2)   engineer, order, provision and deliver server services eliminating single points of failure and including redundant data paths, hot-swappable components, mirrored disk, and/or high availability services to provide a level of service that meets or exceeds the Service Levels;
  (3)   create, maintain and delete volumes and directory structures;
  (4)   define, implement and execute required backup and recovery procedures, specific to the individual server or as part of a logical group of servers utilizing common storage;
  (5)   test and validate data restoration and backout procedures, at least annually, or as required by customer contracts;
  (6)   ensure server services required for system monitoring are configured and available throughout the systems runtime;
  (7)   provide connectivity as defined by ACI to enable ACI to access their customer sites for problem resolution;
  (8)   modify file system sizes and permissions;
  (9)   verify mount point availability;
  (10)   repair defective file systems;
Confidential
Exhibit A-5 — Server Systems Management Services

 

Page 1 of 13 


 

  (11)   assign account, work group and print managers;
  (12)   administer directory distribution and replication; and
  (13)   define and manage resources and domains.
  b.   ACI will:
  (1)   provide the information, as requested by Vendor, required for Vendor’s initial evaluation of ACI’s operating system environment, such as an updated inventory of devices and their configuration; and
  (2)   support trusted Third Party security servers (for example, authentication).
1.3   Software
Software license management, for ACI owned or licensed Software, is retained by ACI.
1.3.1   Installation, Upgrades and Changes
  a.   Vendor responsibilities include the following:
  (1)   Install, upgrade, and change all Software as required and in accordance with ACI technical architecture standards, and with ACI’s approval;
  (2)   Interface with retained ACI staff and other Third Parties to promote the compatibility of Software products;
  (3)   Unless otherwise directed by ACI, install, upgrade, and change Software to prescribed release levels;
  (4)   Provide installation of department or internal IT-specific Software as requested by ACI;
  (5)   Install vendor-supplied corrections for vendor Software problems, which include installation of vendor-supplied Software patches as required, and with ACI’s approval;
  (6)   Prior to the start of each calendar quarter, give written notice to ACI of all upgrades and Software changes that are proposed to occur in the following quarter. The Parties will mutually agree in writing on the timing for the implementation of upgrades;
  (7)   Coordinate testing, installation, customization, and support of Software with Application Development and Maintenance (ADM) personnel, and other Third Parties as required;
  (8)   Observe Change Management procedures while implementing changes, upgrades, or enhancements;
  (9)   For any changes, upgrades, or enhancements, advise ACI of any additional Equipment, network, environmental, or other requirements needed during integration testing and/or otherwise known to be necessary for the implementation;
Confidential
Exhibit A-5 — Server Systems Management Services

 

Page 2 of 13


 

  (10)   Proactively provide ADM staff, ACI, and other Third Parties with support for Equipment and System Software used to support ADM activities;
  (11)   Prior to implementation or changes to Application Software, proactively provide ADM staff, ACI staff, and other Third Parties with information and constraints related to Equipment, System Software, and network requirements; and
  (12)   Assist ACI with production testing and implementation activities for Application Software with the ADM staff, ACI staff, and other Third Parties as required in order to successfully promote Application Software into the production environment.
  b.   ACI will:
  (1)   Provide Vendor with the ACI technical architecture standards; and
  (2)   Perform production testing and implementation activities for Application Software with the ADM staff, ACI staff, and other Third Parties as required in order to successfully promote Application Software into the production environment (except in certain cases where Vendor may be responsible for production moves).
1.3.2   Software Support
  a.   Vendor responsibilities include the following:
  (1)   Support all Software, excluding Applications supported by ACI’s retained staff or other Third Parties, as required and in accordance with ACI’s technical architecture standards, and with ACI’s approval;
  (2)   Support Software at prescribed release levels or as directed by ACI;
  (3)   Apply patches to Software as required, with ACI’s approval;
  (4)   For Systems Software, provide Level 1, Level 2, and Level 3 Support;
  (5)   Provide ACI internal with Software support, advice, and assistance;
  (6)   Maintain a library of Vendor-supplied and Vendor-developed documentation that identifies the Software supported by Vendor and the operational support procedures associated with the Software; and
  (7)   Maintain master copies of the ACI standard Software in a secure, central location.
Confidential
Exhibit A-5 — Server Systems Management Services

 

Page 3 of 13


 

1.3.3   Virus Protection
  a.   Vendor responsibilities include the following:
  (1)   Install, update, operate, and maintain virus protection Software including but not limited to malware, Trojans, and spyware on all Equipment used to deliver or support the Services;
  (2)   Maintain subscription to the anti-virus Software support in order to proactively receive virus engine and pattern updates;
  (3)   Install thoroughly tested and change-controlled updates to virus-protection Software as needed or as directed by ACI, according to the Service Levels required by ACI, as defined in Schedule B (Service Levels) and its Exhibits, no later than twenty-four (24) hours after such updates are made available to Vendor (or qualified Third Parties selected by Vendor) and have been approved by ACI;
  (4)   Perform virus scans on all e-mails;
  (5)   Upon detection of a virus, take immediate steps to notify the Service Desk, including:
  (a)   Assess the scope of damage;
  (b)   Arrest the spread and progressive damage from the virus;
  (c)   Eradicate the virus; and
  (d)   Restore all data and Software to its original state (to the greatest extent possible);
  (6)   Develop any plans necessary to provide virus protection;
  (7)   Provide consulting services for virus protection;
  (8)   Respond to virus Incidents;
  (9)   Provide proactive alerts to End Users relative to current virus threats either specific to ACI’s environment, encountered in the Vendor environment, or based on industry information;
  (10)   Provide additional temporary resources in the event of a major computer virus outbreak so ACI’s performance does not degrade because of an unavailability of Vendor resources; and
  (11)   Provide daily and monthly reports that contain a summary of the number of viruses detected and cleaned, as well as a list of viruses caught.
1.4   Server Operations
  a.   System Operations
  (1)   Vendor will:
  (a)   manage server (including mainframe servers) resource availability for server and peripheral hardware and software;
  (b)   execute recovery procedures, as required, for server resources;
Confidential
Exhibit A-5 — Server Systems Management Services

 

Page 4 of 13


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT
THE PORTIONS OF THIS DOCUMENT DENOTED BY
BOXES AND ASTERISKS BE ACCORDED
CONFIDENTIAL TREATMENT PURSUANT TO RULE
24b-2 PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1934.
  (c)   provide support for servers supporting both production operations and application development in routine and emergency situations, including, but not limited to, problem diagnosis assistance, level 2 server and mainframe support data access, program testing, and promotion of data/programs from test into production; and
  (d)   provide server operating status, as requested. This includes but is not limited to version(s), patch level(s), logs, uptime statistics, performance data, utilization statistics, and historical data.
  (2)   ACI will:
  (a)   provide requirements and approval for incident escalation and change processes, expected incident response times, resolution times, and ACI contacts where appropriate; and
  (b)   notify Vendor of any planned or emergency changes to ACI’s environment affecting Vendor’s provision of the Services.
1.5   Operations Support
  a.   Vendor will perform the following console activities, utilizing automation where appropriate, during the Service Hours:
  (1)   console monitoring and message filtration;
  (2)   system and application restart and recovery; and
  (3)   automated problem reporting and paging.
  b.   ACI will:
  (1)   be consulted when any restore procedure needs to be performed;
  (2)   in those Locations where there is no Vendor staff on-site, assist Vendor, using ACI personnel, with server restarts, as reasonably requested (e.g., [ * ]). At no time will Vendor restart an application, service or device without a procedure defined or assistance or approval from ACI to perform such restart; and
  (3)   provide requirements and approval for application restart and recovery procedures.
Confidential
Exhibit A-5 — Server Systems Management Services

 

Page 5 of 13


 

1.6   Server Planning Support
  a.   Vendor will:
  (1)   collect and analyze planned server requirements and workloads for development and production (includes, but is not limited to, server hardware, system software, server configuration, storage requirements and configuration, network requirements and middleware requirements);
  (2)   identify potential single points of failure and either a) provide a plan that remediates all SPOF’s or b) document acceptance of the SPOF and the specific exposures and predicted frequency of failure;
  (3)   schedule, order, install, configure, and deliver hardware and software based on ACI’s requirements; and
  (4)   use Commercially Reasonable Efforts in responding to requests for accelerated provisioning of server resources, based on customer support requirements, unplanned demand, or unanticipated workloads.
  b.   ACI will approve planned requirements for server resources based on planned development and production activities.
1.6.1   Hardware and Facilities Planning
  a.   Vendor will:
  (1)   coordinate with site facilities management to provide specified power to equipment, raised floor space, rack placement, and other physical environmental requirements for the Vendor Data Centers;
  (2)   coordinate hardware availability for scheduled maintenance (i.e., microcode updates, engineering changes); and
  (3)   maintain physical configuration plan.
  b.   ACI will assist Vendor in conducting system space planning and in assessing hardware and facility requirements for equipment located in ACI Locations.
1.6.2   Installation and Maintenance Services
In those instances when physical presence is required to perform installation and/or maintenance services and no on-site resource is available, Vendor will engage and dispatch Services personnel to address the request and/or resolve the issue. If services are performed by a Third Party, ACI would be billed directly by the Third Party. If Services are performed by Vendor, Vendor will invoice ACI for travel and living expenses as Pass-Through Expenses, and labor performed by non-ACI dedicated personnel would be billed via the rate card in Schedule C (Charges).
  a.   Vendor will:
  (1)   install, configure, and perform cumulative maintenance to Supported Server Standard Products, including the base operating system, operating system utilities, functions, features, program products, and other supported products, BIOS, firmware (storage, and peripheral devices), and hardware with ACI’s final approval of the implementation;
Confidential
Exhibit A-5 — Server Systems Management Services

 

Page 6 of 13


 

  (2)   establish a test and implementation plan, including backout contingencies, before each system upgrade Project;
  (3)   schedule and coordinate system testing and implementation with the ACI Focal Point; and
  (4)   communicate to the ACI Focal Point, via the change management process set forth in the Process Interface Manual, any installation prerequisites and any post install procedures that need to be followed after the installation is completed.
b.   ACI will:
  (1)   provide Vendor with system requirements for each supported platform with specific customization, maintenance levels, and/or additional products required;
  (2)   assist Vendor in establishing a test and implementation plan before each system version upgrade; the final approval of any hardware/software upgrade rests on ACI;
  (3)   ensure compliance by End Users and ACI’s business units, via the change management process set forth in the Process Interface Manual, with any communicated change prerequisites and post change procedures; and
  (4)   before the system maintenance or upgrade scheduled date, or upon Vendor’s request, verify to Vendor via the ACI Focal Point that all communicated prerequisites have been completed.
1.7   Database Subsystem Support
1.7.1   Database Software Support and Operations
  a.   Vendor will:
  (1)   install, upgrade and maintain the Database Systems Software and associated utilities on all managed servers per ACI’s requirements;
  (2)   manage database subsystem resource availability;
  (3)   execute backup and recovery procedures, as required, for database subsystem resources;
  (4)   provide database subsystem status, as requested; and
  (5)   provide reports on database availability, utilization and performance, including trending, on a monthly basis, with trend analysis of the data for the past 13 months in accordance with Schedule R (Reports), to support ACI reporting as needed.
Confidential
Exhibit A-5 — Server Systems Management Services

 

Page 7 of 13


 

  b.   ACI will:
  (1)   provide requirements and approval for handling all planned and unplanned outages affecting the database environment including review, approval, communication and proper documentation; and
  (2)   notify Vendor of any planned or emergency changes to ACI’s environment affecting Vendor’s provision of the Services.
1.7.2   Physical Database Administration
  a.   Vendor will:
  (1)   provide physical support of Oracle, SQL Server, C-tree, Informix and DB2 application databases which includes:
  (a)   creation of physical database objects (i.e., DDL, DBD, ACB, files);
  (b)   management and performance of physical database maintenance, modifications and enhancements in accordance with the mutually agreed schedule;
  (c)   maintaining mutually agreed database backup procedures, provided by ACI, to recover from database destruction or corruption or outage in accordance with the mutually agreed schedule;
  (d)   maintaining and implementing mutually agreed database archive processes and procedures;
  (e)   testing data recovery/backout procedures at least annually;
  (f)   monitoring and reporting of database performance and space utilization, with database reorganization and/or expansion as required, and trend analysis of the data for the past 13 months in accordance with Schedule R (Reports), to support ACI reporting as needed;
  (g)   recommending modifications for improved performance and implementing as approved by ACI; and
  (h)   interacting and interfacing with logical DBA’s providing support for their design and implementation(s).
  (2)   setup and retain exclusive use of DBMS system administration IDs and privileges;
  (3)   provide physical database maintenance for development and test environments;
  (4)   assist ACI in planning for database modifications as a result of changes in ACI’s business environment (i.e., growth, application development projects) and review ACI’s plans on a regular basis;
  (5)   promote ACI-approved database changes into the production environment;
Confidential
Exhibit A-5 — Server Systems Management Services

 

Page 8 of 13


 

  (6)   develop, implement and maintain appropriate backout processes for changes where required; and
  (7)   perform access grants to database objects as requested by ACI.
  b.   ACI will:
  (1)   provide requirements and approval for performing production database maintenance, modifications, enhancements and backups;
  (2)   develop plan(s) for database modifications as a result of changes in ACI’s business environment (i.e., growth, application development projects) and review such plans with Vendor on a regular basis;
  (3)   provide Vendor the approved database changes;
  (4)   define database backup and recovery requirements;
  (5)   perform logical database design and data modeling and cooperate with Vendor during physical database design and review; and
  (6)   provide ACI’s access requirements (for example, name and authorization level) for database objects.
1.8   Data Communication Software Support and Operations
  a.   Vendor will:
  (1)   install, upgrade and maintain the Systems Software;
  (2)   manage the data communication subsystem resource availability;
  (3)   execute recovery procedures, as required, for data communication subsystem resources;
  (4)   install, test and implement software/microcode/hardware maintenance per vendor-specified schedules and approved by ACI; and
  (5)   provide data communication subsystem status, utilization, and availability data as requested.
  b.   ACI will:
  (1)   assist Vendor in developing procedures for handling all planned and unplanned outages affecting the data communication environment including review, approval, communication and proper documentation by providing requirements and approval; and
  (2)   notify Vendor of any planned or emergency changes to ACI’s environment affecting Vendor’s provision of the Services.
Confidential
Exhibit A-5 — Server Systems Management Services

 

Page 9 of 13


 

1.9   Middleware Software Support and Operations
  a.   Vendor will:
  (1)   install, upgrade and maintain the Systems Software;
  (2)   manage the middleware subsystem resource availability;
  (3)   execute recovery procedures, as required, for middleware subsystem resources;
  (4)   provide middleware subsystem status, utilization, and availability data as requested;
  (5)   administer security resource definitions (for example, specific User IDs and group IDs); and
  (6)   monitor and manage messages remaining in the system dead letter queue after deadline scheduling queue (i.e., DLQ Handler) processing.
  b.   ACI will:
  (1)   assist Vendor in developing procedures for handling all planned and unplanned outages affecting the middleware environment including review, approval, communication and proper documentation by providing requirements and approval; and
  (2)   notify Vendor of any planned or emergency changes to ACI’s environment affecting Vendor’s provision of the Services.
1.10   Production Batch Operations
1.10.1   Production Batch Job Scheduling
  a.   Vendor will:
  (1)   perform production batch job set-up and scheduling tasks, such as:
  (a)   identification of critical paths based on statistics of execution;
  (b)   identification of jobs eligible for parallel processing (on same CPU or multiple CPUs) and reorganization of normal batch schedules;
  (c)   support of special batch schedules (e.g., for known peak periods); and
  (d)   recommend scheduling improvements and implement, as approved by ACI;
  (2)   resolve batch scheduling conflicts;
  (3)   based on ACI’s requirements and with ACI’s approval, develop and maintain standards for job acceptance and implementation;
  (4)   schedule batch jobs, as requested by ACI, which require expedited execution, subject to applicable Service Levels attainment relief; and
  (5)   develop and maintain any operational scripts required for the delivery of operational services by Vendor (e.g., backup/restore scripts).
Confidential
Exhibit A-5 — Server Systems Management Services

 

Page 10 of 13


 

  b.   ACI will:
  (1)   provide ACI’s production batch scheduling requirements and procedures and any updates as they occur;
  (2)   assist Vendor in developing standards for job acceptance and implementation;
  (3)   provide required information (for example, requested time frames and priority sequence) for expedited batch job requests; and
  (4)   evaluate and approve scheduling improvement recommendations.
1.10.2   Production Batch Monitoring and Restart
  a.   Vendor will:
  (1)   monitor scheduled production batch jobs;
  (2)   resolve batch scheduling conflicts;
  (3)   monitor scheduler related incidents and develop and recommend changes to the scheduler database;
  (4)   schedule batch jobs, as requested by ACI, that require expedited execution; and
  (5)   perform job restarts, as necessary, in accordance with resolution and restart procedures.
  b.   ACI will:
  (1)   provide ACI’s resolution and restart procedures; and
  (2)   provide required information for expedited batch job requests.
1.10.3   Application Library Management
  a.   Vendor will:
  (1)   assist ACI in defining and documenting application code (i.e., JCL and application program elements) promotion standards and acceptance criteria for moving application code from test libraries into production libraries; and
  (2)   promote application code from development and/or test environments to production, including QA and UAT where required.
  b.   ACI will:
  (1)   promote application code from development and/or test environments to production, including QA and UAT where required;
  (2)   assist Vendor in defining application code (i.e., JCL and application program elements) promotion standards and acceptance criteria for moving application code from test libraries into production libraries; and
  (3)   provide ACI’s application code promotion requirements and procedures.
Confidential
Exhibit A-5 — Server Systems Management Services

 

Page 11 of 13


 

2.   MAINFRAME SERVICES
2.1   Introduction
Vendor will establish and maintain a properly trained and adequately staffed Data Center population (i.e., management and support staff) to provide the Mainframe Services to ACI. Unless otherwise agreed by ACI and Vendor, such Services will be provided during the Service Hours, excluding the regularly scheduled maintenance periods.
2.2   Platform Support
  a.   Vendor will:
  (1)   provide technical support and advice for ACI’s application development and database administration personnel according to the following standards:
  (a)   Vendor will provide and support Systems Software products as listed in Schedule I (Vendor Supported Software), to support the development of Applications Software. Vendor will not discontinue use of such software products without ACI’s approval; provided, that ACI will assume support expenses for Systems Software products that ACI requires Vendor to retain after the manufacturer withdraws its support;
  (b)   in the event that Vendor desires to discontinue use of such products, Vendor may offer to migrate ACI onto another product having similar functions at Vendor’s expense, and ACI will not unreasonably withhold its approval of such migration; and
  (c)   if ACI requests additional application development support products, such request may be considered a New Service, unless it is replacing an existing service;
  (2)   provision, order, install, configure, upgrade and maintain the Systems Software with ACI’s direction and approval;
  (3)   perform preventive maintenance (patching) within specifications from the vendor and with agreement with ACI as to frequency and scheduling;
  (4)   install corrective maintenance as required to resolve defects, and/or to address issues discovered in the development or customer environments; and
  (5)   operate the Applications Software ACI selects, provided such Applications Software conforms to the operating environment standards specified in Schedule J (ACI Policies and Standards).
Confidential
Exhibit A-5 — Server Systems Management Services

 

Page 12 of 13


 

  b.   ACI will:
  (1)   for Applications Software:
  (a)   select or define the requirements for all Applications Software;
  (b)   provide user exits existing as of the Country Effective Date. If ACI requests additional user exits, such requests may be considered a New Service;
  (c)   retain responsibility for maintenance, support and all license and related charges for Applications Software;
  (d)   retain responsibility for all license and related charges, including maintenance fees, and for prioritizing the AD/M workload necessary to maintain and support Applications Software; and
  (e)   have the right to audit, control and approve new Applications Software before its promotion into production; and
  (2)   for Application verification:
  (a)   with Vendor’s assistance, verify the results of Applications Software on-line and batch system support processing;
  (b)   provide Applications Software program problem determination and resolution, including providing support for application Abends and job recovery;
  (c)   attempt to minimize outages caused by application program failures;
  (d)   verify and evaluate any operating Systems Software and hardware changes recommended by Vendor;
  (e)   follow the existing change management process for all application changes, before submission or installation into the system;
  (f)   follow the problem management process, according to published problem resolution criteria set forth in the Process Interface Manual, and document problem resolution and closure;
  (g)   certify, in cooperation with Vendor, that existing applications function correctly when Vendor installs new Systems Software or upgrades to or new releases of current Systems Software;
  (h)   enhance applications as indicated by performance evaluations by ACI at the request of Vendor; and
  (i)   review, in conjunction with Vendor, that new applications or functions adhere to the standards specified in Schedule J (ACI Policies and Standards).
Confidential
Exhibit A-5 – Server Systems Management Services

 

Page 13 of 13


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT
THE PORTIONS OF THIS DOCUMENT DENOTED BY
BOXES AND ASTERISKS BE ACCORDED
CONFIDENTIAL TREATMENT PURSUANT TO RULE
24b-2 PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1934.
EXHIBIT A-6
STORAGE MANAGEMENT SERVICES
1.   GENERAL SERVICES
Upon the Services Tower Commencement Date, Vendor will provide ACI the following Storage Management Services during the Service Hours. However, in no case will Vendor’s availability be limited to the Service Hours when a Severity Level 1 Incident is reported.
1.1   Operations Support
  a.   Vendor will perform the following activities:
  (1)   monitoring;
  (2)   storage recovery; and
  (3)   problem reporting and paging.
1.2   Storage Planning Support
1.2.1   Hardware and Facilities Planning
  a.   Vendor will:
  (1)   collect and analyze planned storage requirements and workloads for development and production;
  (2)   [ * ]; and
  (3)   schedule, order, install, configure, and deliver Equipment and Software based on the defined requirements.
  b.   ACI will:
  (1)   provide planned requirements for storage resources based on planned development and production activities.
1.2.2   Installation and Maintenance Services
  a.   Vendor will:
  (1)   install, configure, maintain and perform cumulative hardware, software and microcode maintenance to supported storage environments, in accordance with the Change Control Procedure;
  (2)   schedule and coordinate storage testing and implementation with the ACI Focal Point; and
Confidential
Exhibit A-6 — Storage Management Services

 

Page 1 of 7 


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT
THE PORTIONS OF THIS DOCUMENT DENOTED BY
BOXES AND ASTERISKS BE ACCORDED
CONFIDENTIAL TREATMENT PURSUANT TO RULE
24b-2 PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1934.
  (3)   communicate to the ACI Focal Point, via the change management process set forth in the Process Interface Manual, any installation prerequisites and any post install procedures that need to be followed after the installation is completed.
  b.   ACI will:
  (1)   provide Vendor with storage installation and customization requirements;
  (2)   assist Vendor in establishing a test and implementation plan before each storage upgrade; the final approval of any hardware/software upgrade rests on ACI;
  (3)   ensure compliance by End Users and ACI’s business units, via the change management process set forth in the Process Interface Manual, with any communicated change prerequisites and post change procedures; and
  (4)   before the storage maintenance or upgrade scheduled date, or upon Vendor’s request, verify to Vendor via the ACI Focal Point that all communicated prerequisites have been completed.
1.3   Data Replication Software Support and Operations for the [ * ]
  a.   Vendor will:
  (1)   install, upgrade and maintain the data replication Software;
  (2)   manage the data replication subsystem resource availability;
  (3)   provide replication services as specified by ACI;
  (4)   execute recovery procedures, as required, for data replication subsystem resources;
  (5)   install, test and implement software/microcode/hardware maintenance per vendor-specified schedules and approved by ACI; and
  (6)   provide data replication subsystem status, utilization, and availability data as requested.
  b.   ACI will:
  (1)   define replication specifications;
Confidential
Exhibit A-6 — Storage Management Services

 

Page 2 of 7


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT
THE PORTIONS OF THIS DOCUMENT DENOTED BY
BOXES AND ASTERISKS BE ACCORDED
CONFIDENTIAL TREATMENT PURSUANT TO RULE
24b-2 PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1934.
  (2)   assist Vendor in developing procedures for handling all planned and unplanned outages affecting the data replication environment including review, approval, communication and proper documentation; and
  (3)   notify Vendor of any planned or emergency changes to ACI’s environment affecting Vendor’s provision of the Services.
2.   MANAGED STORAGE
2.1   Vendor will:
  a.   manage storage on all of ACI’s server platforms including, but not limited, to [ * ] and
  b.   manage storage in the ACI Locations listed in Schedule P (Locations).
2.2   File Management
  a.   Vendor will:
  (1)   manage files on the Equipment, including:
  (a)   managing non-root application file systems;
  (b)   modifying file system sizes;
  (c)   verifying mount point availability;
  (d)   repairing defective file systems; and
  (e)   modifying file system permissions;
  (2)   keep files under Vendor’s control, current and available during scheduled access times;
  (3)   initiate and complete required data processing activities concerning data integrity (for example, handling line transmission errors) of all processed files;
  (4)   verify the receipt of incoming files and the processing and transmission of outgoing files;
  (5)   conduct routine monitoring and corrective action according to procedures Vendor prepares and ACI approves for intermediate files used for on-line and batch processing;
  (6)   verify availability of adequate file space for processing; and
  (7)   report to ACI on ACI’s disk space utilization and requirements for ACI’s capacity planning purposes.
  b.   ACI will define requirements for job recovery management.
Confidential
Exhibit A-6 — Storage Management Services

 

Page 3 of 7


 

2.3   Raw Storage Management
  a.   Vendor will:
  (1)   manage raw storage on the Equipment, including verifying raw storage availability;
  (2)   keep raw storage under Vendor’s control, current and available during scheduled access times;
  (3)   initiate and complete required data processing activities concerning data integrity (for example, handling line transmission errors) of all processed raw storage;
  (4)   verify availability of adequate raw storage space for processing; and
  (5)   report to ACI on ACI’s disk space utilization and requirements for ACI’s capacity planning purposes.
2.4   Storage Environment Management
  a.   Vendor will:
  (1)   perform storage device preparation and initialization;
  (2)   manage storage space through the implementation and customization of storage management software;
  (3)   manage space and utilization rate of storage hardware;
  (4)   verify availability and sufficient capacity of Vendor controlled file systems and raw devices during scheduled service times; and
  (5)   provide ACI reports of space utilization at a logical disk or DASD level on a monthly basis and as reasonably requested by ACI.
  b.   ACI will provide requirements for the storage environments (e.g., application or database file size or file layout).
2.5   Backup and Restore
  a.   Vendor will:
  (1)   based on ACI’s requirements and ACI’s approval, define the frequency, security, and types of required data backup as well as the retention periods for the data;
  (2)   document, maintain and, as appropriate, update and execute mutually approved backup and recovery procedures;
  (3)   provide the required on-site secure tape storage facilities at IBM Locations and off-site secure tape storage facilities for all Locations;
  (4)   perform data backup and recovery for all managed devices, including interfacing with on-site or off-site tape storage facilities, if any;
Confidential
Exhibit A-6 — Storage Management Services

 

Page 4 of 7


 

  (5)   provide secure transport for any media transported outside the secure data center environments;
  (6)   perform daily review of backup logs, resolving all backup failures the day of occurrence;
  (7)   track the success or failure of backup and recovery processes;
  (8)   provide standard backup reports to ACI monthly including, but not limited to, a list of backup jobs with the details of data sets and schedules, success and failure rates of backup processes, failures and their resolutions;
  (9)   provide a recovery procedure for restoring the data image to a previous level within a mutually agreed time frame;
  (10)   conduct regularly scheduled backup and recovery processes as specified in the Process Interface Manual and as prioritized by ACI (for example, data set restore), so as to avoid impacting scheduled operations;
  (11)   perform test restores of selected data sets as required to demonstrate data integrity with input from ACI and review of the output by ACI; test results to be provided by Vendor to ACI;
  (12)   provide to ACI a full inventory report of backup tapes, their contents and locations, on a monthly basis and as reasonably requested;
  (13)   provide media destruction services for media that becomes defective or is retired from service and provide monthly reporting and certification of such media destruction; and
  (14)   provide recommendations to ACI regarding backup and recovery considerations such as improved levels of protection, efficiencies and cost reductions.
  b.   ACI will:
  (1)   with Vendor’s assistance, define the frequency, security, encryption level, and types of required data backup as well as the retention periods for the data;
  (2)   provide the required on-site secure tape storage facilities for ACI Locations; and
  (3)   specify which data sets to test restore and review the results.
Confidential
Exhibit A-6 — Storage Management Services

 

Page 5 of 7


 

3.   MEDIA MANAGEMENT
3.1 Tape Media Management and Operations
  a.   Vendor will:
  (1)   retain tapes for a mutually agreed retention period for auditing purposes;
  (2)   provide to ACI a full inventory report of backup tapes, their contents and locations on a monthly basis and as reasonably requested by ACI;
  (3)   provide media destruction services for media that becomes defective or is retired from service;
  (4)   rotate tapes, as required, for off-site storage;
  (5)   log and track physical tapes that are checked in and out of the Data Center by ACI or a Third Party;
  (6)   notify the Vendor or Third Party tape storage provider when it is time to scratch or return a tape;
  (7)   complete tape mounts in sufficient time to meet production processing requirements in accordance with the Service Levels;
  (8)   provide tape specifications to ACI;
  (9)   maintain adequate supplies for the tape environment and provide a sufficient scratch tape pool to service required processing needs, and notify ACI when additional tapes and other supplies are required;
  (10)   retrieve archived tapes and restore required files and data sets within mutually agreed time frames; and
  (11)   report tape utilization to ACI.
  b.   ACI will provide tapes as Vendor requests that meet the Vendor-provided tape specifications.
3.2   Portable Media Handling
  a.   Vendor will:
  (1)   develop and implement processes and procedures to control and manage ACI portable media inventory, secure handling and movement of such media, and destroy residual information;
  (2)   perform an initial inventory of ACI portable media and annually reconcile, as appropriate; and
  (3)   provide environmental protection for ACI portable media in accordance with the established procedures.
  b.   ACI will approve initial inventory of ACI portable media and provide any updates as they occur.
Confidential
Exhibit A-6 — Storage Management Services

 

Page 6 of 7


 

3.3   Offsite Storage
  a.   Vendor will:
  (1)   provide the required on-site tape storage facilities for Vendor Locations and provide off-site secure tape storage facilities for Vendor Locations and ACI Locations;
  (2)   interface with on-site or off-site tape storage facilities, if any;
  (3)   store tapes and paper documentation, as appropriate, at the off-site storage facility;
  (4)   manage off-site storage of tape media for vital records, back-up and recovery;
  (5)   pack, label, scan and track all tape output and distribute to the mutually agreed drop point; and
  (6)   securely transport tapes from a non-Disaster Recovery off-site storage location to a designated facility.
  b.   ACI will:
  (1)   define requirements for off-site tape storage and archiving; and
  (2)   provide the required on-site tape storage facilities for ACI Locations.
Confidential
Exhibit A-6 — Storage Management Services

 

Page 7 of 7


 

EXHIBIT A-7
DATA NETWORK SERVICES
1.0   INTRODUCTION
As of the Service Tower Commencement Date, the Vendor will assume full operational and management responsibility for the “ACI Data Network”, as defined by the Data Network Diagrams in this Exhibit and as referenced in tab II.B Monthly Resource Baselines of Exhibit C-1 (Base Charges, Baselines, ARC/RRC Rates and Termination Charges) of Schedule C (Charges). Vendor will provide the Data Network Services during the Service Hours and in accordance with the Service Levels.
During Transition, the Parties will identify the ACI client circuits that Vendor will support, and Schedule C (Charges) will be updated accordingly to include those client circuits. Vendor support for the ACI client circuits will begin upon completion of the move from the NCR/Savvis Locations.
2.0   COMMON DATA NETWORK SERVICES
2.1   Physical Scope
2.1.1   Locations
The Vendor will perform the Services at Locations as defined in this Exhibit and as required to meet ACI Service Levels. The Locations are listed in Schedule P (Locations), as amended from time to time.
2.1.2   Demarcation Boundaries of the Services
The Vendor will perform the Services within the physical boundaries of the WAN and LAN (including Supported Servers and transport, as listed in the Circuit Listing in Exhibit C-1 (Base Charges, Baselines, ARC/RRC Rates and Termination Charges), associated with video conferencing) as depicted in the Data Network Diagrams in this Exhibit, which describe components and boundaries of these Data Network Services.
2.2   General Services
2.2.1   General Management Services
The Vendor’s responsibilities include the following:
  a.   Vendor will:
  1.   Act as a single point of contact for the management of the Data Network;
  2.   Develop and implement approved Data Network strategies in accordance with Change Management procedures;
Confidential
Exhibit A-7—Data Network Services

 

Page 1 of 22 


 

  3.   Provide End Users with technical support and advice regarding the proper use and functionality of Data Network Services;
  4.   Analyze and propose cost-effective Data Network Service alternatives; and
  5.   Support all telecommunication protocols that are approved for use by ACI.
  b.   ACI will provide requirements and approve Data Network strategies.
2.2.2   General Administration Services
  a.   The Vendor’s responsibilities include the following:
  1.   Administer all Data Network requirements and activities, including processing change requests and resolving Incident tickets;
  2.   Document all aspects of the Data Network Services for ACI, including:
  2.1.   Escalation procedures for all Data Network-related teams (including but not limited to data center vendor support teams, VAR/reseller team, network equipment vendor, and ACI teams that support services that interact with the network);
  2.2.   Service acceptance procedures;
  2.3.   Topology documentation;
  2.4.   Contact information for all Data Network-related teams (including but not limited to data center vendor support teams, VAR/reseller team, network equipment vendor, and ACI teams that support services that interact with the network); and
  2.5.   Inventory of network devices;
  3.   Document operations procedures and services; and
  4.   Update site logs.
  b.   ACI will:
  1.   provide Vendor with design criteria and standards for Data Network Services; and
  2.   assist Vendor in developing escalation procedures for all Data Network-related teams.
2.2.3   Third-Party Vendor Management and Coordination
  a.   The Vendor’s responsibilities include the following:
  1.   Manage and coordinate the activities of all third-party vendors where:
  1.1.   The third-party vendor provides services to ACI in direct support of the in-scope Data Network components; and
  1.2.   The activities of the third-party vendor directly impact the performance or availability of the Data Network;
Confidential
Exhibit A-7—Data Network Services

 

Page 2 of 22


 

  2.   Maintain technical support relationships with third-party vendors to resolve Incidents and problems with the Data Network and to provide answers to technical questions and requirements related to the use of its products or services; and
  3.   Monitor third-party vendor service delivery and performance in regard to the Data Network, including:
  3.1.   Monitor the third-party vendor’s compliance with any service levels contained in any agreement between ACI and the third-party vendor;
  3.2.   Provide integrated compliance reporting for the monitoring and management of service levels contained in any agreement between ACI and the third-party vendor when the third-party vendor is contractually required to provide compliance reporting data in a mechanized format;
  3.3.   Integrate reporting from any and all subcontractors supporting network Equipment so that ACI receives consistent and comprehensive reports identified in Schedule R (Reports);
  3.4.   Notify ACI and the third-party vendor of each third-party vendor failure to perform in accordance with the provisions of its agreement; and
  3.5.   Evaluate and recommend retention, modification, or termination of a third-party vendor based on the performance or cost benefits to ACI as tracked by the Vendor.
  b.   ACI will:
  1.   Provide Vendor with all Data Network third-party vendor contracts; and
  2.   Provide Vendor with contact information for all Data Network third-party vendors.
  2.3   Planning and Design Services
  a.   The Vendor’s responsibilities include the following:
  1.   Develop and propose new or enhanced Data Network plans and designs in conjunction with the ACI communicated strategic plans. This process would be initiated by ACI, will have requirements specified by ACI, and will be reviewed and approved by ACI. Vendor will be responsible for the design aspects of any such effort.
  2.   Conduct regular capacity planning reviews, identifying both the current state of the Data Network and long-term projected needs;
  3.   Provide plans and design for the following components:
  3.1.   Overall Data Network Topology, including the physical and logical layout of the Data Network (included in this Exhibit);
  3.2.   Addressing schemes;
Confidential
Exhibit A-7—Data Network Services

 

Page 3 of 22


 

  3.3.   Optimal telecommunications protocols within the Data Network as necessary to satisfy ACI’s Service Levels, in accordance with this Exhibit and as follows:
  3.3.1.   Develop documented recommendations and plans for optimized network performance & measurements environment;
  3.3.2.   Assess and analyze ACI’s current network architecture and strategy to enable the design of business requirements into a network solution;
  3.3.3.   Define, document and acquire the, hardware and software for dedicated and/or shared network performance and measurements environment;
  3.3.4.   Provide network utilization and performance exception reports to ACI on a monthly basis (standard reports provided);
  3.3.5.   Define and document performance indicators;
  3.3.6.   Implement and maintain network performance measurement procedures; and
  3.3.7.   Where feasible and as approved by ACI, standardized (nonproprietary) protocols should be used;
  3.4.   Data Network Equipment;
 
  3.5.   Data Network Software;
 
  3.6.   Data transport systems; and
  3.7.   Cabling and wiring, which will be jointly coordinated between Vendor and ACI — in general the work will be contracted to a Third Party on an as-needed basis and, if coordinated by Vendor, Third Party Expenses would appear as a pass through;
  4.   Document the criteria and assumptions used to develop plans and designs, including:
  4.1.   Interoperability considerations and assumptions for all Equipment and Software potentially affected by the Data Network plans and design, including Equipment and Software in other Towers;
  4.2.   Data Network bandwidth and/or volume assumptions and projections;
  4.3.   Expected Data Network performance and quality of service based on designs and plans, and minimum performance and quality of service expectations; and
  4.4.   Expected Data Network availability, based on designs and plans for redundancy, and minimum availability expectations;
  5.   Utilize Data Network design techniques to appropriately prevent broadcast congestion and outages, including:
  5.1.   Design segmentation of Equipment, Data Network traffic, and design features to sufficiently control and contain Data Network traffic levels; and
  5.2.   Design sufficient redundancy and alternative routing to meet the Service Levels and ACI’s security and IT service continuity management requirements;
Confidential
Exhibit A-7—Data Network Services

 

Page 4 of 22


 

  6.   Work cooperatively with third-party vendors, and ACI staff to facilitate effective planning and design of the Data Network Services; and
  7.   Provide reasonably requested analysis related to the potential operational and financial impact of ACI business plans on network capacity and performance.
  b.   The agreed upon network architecture is delineated in the attached Data Network Diagram. ACI will:
  1.   Provide Vendor with future business requirements for the purpose of Data Network plans and designs; and
  2.   Provide Vendor with Data Network strategy and architecture.
2.4   Performance Monitoring and Management Services
2.4.1   General Monitoring and Management
  a.   The Vendor’s responsibilities include the following:
  1.   Monitor and manage continuous end-to-end (router-to-router) performance of the Data Network, including:
  1.1.   Monitor the Data Network through to the End User Computing Equipment or other non-Data Network Equipment (e.g., mainframe or server Equipment) to measure and monitor end-to-end performance of the Data Network. From the data center perspective, specifically for bank/FI (Financial Institution) private network lines, monitor from the ACI network to the bank/FI side router and/or bank/FI side server(s). The service would be based upon the total number of end points on the network;
  1.2.   Monitor the level and quality of service of the Data Network, including monitoring compliance with Service Levels;
  1.3.   Monitor and manage the Data Network for service degradation, including detection, isolation, diagnosis, and correction of Incidents during the Service Hours;
  1.4.   Monitor physical and logical connections to the Data Network;
  1.5.   Provide all necessary monitoring, diagnostic, and maintenance systems and Software to meet Data Network monitoring and management requirements;
  1.6.   Support Data Network remote operations and monitoring, including remote diagnostics; remote administration; and remote Incident resolution and, if necessary, travel to remote sites;
  1.7.   Identify actual and potential Data Network bottlenecks;
  1.8.   Provide troubleshooting support for Data Network issues (including general issues where the Data Network issues need to be eliminated as a contributing factor);
Confidential
Exhibit A-7—Data Network Services

 

Page 5 of 22


 

  1.9.   Employ element management system tools to monitor events that exceed Data Network design thresholds, as well as:
  1.9.1.   Use the tools to provide automated alarms and indication of Data Network Incidents when thresholds are exceeded; and
  1.9.2.   Integrate the tools to automatically generate an Incident within the Incident management system;
  1.10.   Detect other Data Network-exceeded thresholds or component faults;
  1.11.   Define reporting and corrective action procedures approved by ACI in the event design thresholds are exceeded;
  1.12.   On at least a monthly basis, proactively report to ACI on Data Network performance, resource shortages, utilization statistics, and trends; and
  1.13.   Provide a Web-based service, through the Service Desk Web portal or email or voice, if appropriate, and notices of current system outages to include the Data Network.
2.4.2   Capacity and Configuration Management
  a.   The Vendor’s responsibilities include the following:
  1.   Manage Data Network capacity based on current usage and forecasted demand, including:
  1.1.   Monitor Data Network capacity utilization as it relates to established capacity thresholds;
  1.2.   Identify future loads that could impact performance on the Data Network as requested by ACI with a minimum forward view of six (6) months, based on forecasts driven by the work authorization system, demand surveys, and analytical forecasting;
  1.3.   Propose to ACI for its approval, changes to improve performance in anticipation of such future loads, including performance improvement expectations;
  1.4.   Appropriately size inter-location and intra-location Data Network Equipment, Software, and data transport systems; and
  1.5.   Upgrade, remove, or add capacity as otherwise necessary to meet ACI’s requirements, or proactively recommend capacity changes where Vendor is not financially responsible for a specific Data Network component;
  2.   Develop, maintain, and adhere to configuration standards as approved by ACI; and
  3.   Participate in joint quarterly capacity planning reviews with ACI and any third-party vendor designated by ACI.
  b.   ACI will:
  1.   Provide Vendor with requirements for new demands of Data Network resources; and
  2.   Notify Vendor of any future project or change requests that may have a Data Network impact.
Confidential
Exhibit A-7—Data Network Services

 

Page 6 of 22


 

2.4.3   Performance Optimization
  a.   The Vendor’s responsibilities include the following:
  1.   Optimize and improve the performance and design of the Data Network using data gathered from performance monitoring and forecasting activities;
  2.   Perform regular optimization analyses on at least a quarterly basis, and prior to and following any major transitions or changes;
  3.   Optimize cost-effectiveness and cost-efficiency, without sacrificing performance or the ability to meet the Service Levels;
  4.   Use modeling and other analysis tools where applicable to determine methods of improving the performance;
  5.   Assess and implement alternate methods and procedures to reduce Data Network errors and Data Network downtime; and
  6.   Review optimization activities and plans with ACI on at least a quarterly basis.
2.5   Data Transport Support Services
2.5.1   Data Transport Services
  a.   The Vendor’s responsibilities include the following:
  1.   Where the Vendor is financially responsible for data transport Services, as indicated in Exhibit C-2 (Financial Responsibility and Ownership Matrix) to Schedule C (Charges):
  1.1.   The Vendor is entirely responsible for the procurement and delivery of data transport Services to ACI; and.
  1.2.   The Vendor is entirely responsible for managing the existing data transport Services that are in place for office and data center networks, including managing the relationship and managing any direct or pass-through costs for any data transport Services owned/managed by external vendors.
2.5.2   Data Transport Systems
  a.   The Vendor’s responsibilities include the following:
  1.   Schedule, coordinate, and perform support activities for data transport systems in accordance with schedules approved by ACI, including:
  1.1.   Coordinate and manage the installation, testing, and support activities of transport vendors and vendors who contract with data transport vendors;
  1.2.   Perform additions and upgrades to data transport systems;
 
  1.3.   Perform changes to data transport systems; and
Confidential
Exhibit A-7—Data Network Services

 

Page 7 of 22


 

  1.4.   Perform deletions to data transport systems;
  2.   Check that data transport vendors acknowledge orders on a timely basis;
  3.   Provide Level 1 and 2 technical support for the data transport systems;
  4.   Review and report monthly on the load and latency of data transport systems;
  5.   Provide a monthly acceptance report, including quality assurance information, prior to accepting billing for newly installed data transport Services;
  6.   Track and update relevant data transport system information in the Data Network management systems and asset inventory and management system;
  7.   Promptly disconnect the data transport systems upon the termination or reduction of data transport Services at a Location;
  8.   Ensure billing has promptly ceased upon the termination or reduction of data transport Services at a Location;
  9.   Remove all applicable Equipment upon the termination or reduction of data transport Services at a Location, or arrange for return of any ACI (bank/FI) owned Equipment; and
  10.   Verify that ACI will not be responsible for data transport Services payments associated after applicable data transport Services have been terminated or reduced.
2.6   Data Network Connectivity and Operations Services
2.6.1   Data Network Control and Connectivity Services
  a.   The Vendor’s responsibilities include the following:
  1.   Obtain approval from ACI prior to establishing Connectivity from the ACI Data Network to Vendor facilities or external networks;
  2.   Manage and control Connectivity to and between all Locations and external networks, including dedicated and all remote access connectivity; and
  3.   Manage and operate all Data Network Equipment and Software necessary to enable Connectivity, (or manage vendor actions for any vendor-managed Data Network Equipment and Software), including:
  3.1.   Configure Data Network Equipment, Software, data transport systems, and cabling;
  3.2.   Install Data Network Equipment, Software, data transport systems, and cabling;
  3.3.   Test Data Network Equipment, Software, data transport systems, and cabling;
  3.4.   Implement Data Network Equipment, Software, data transport systems, and cabling;
  3.5.   Support and monitor Data Network Equipment, Software, data transport systems, and cabling;
Confidential
Exhibit A-7—Data Network Services

 

Page 8 of 22


 

  3.6.   De-install and remove Data Network Equipment, Software, data transport systems, and cabling as required;
  3.7.   Verify Connectivity of the Infrastructure and all other directly connected devices; and
  3.8.   For production data centers, ensure that all Data Network Equipment and Software is supported under a vendor maintenance agreement and replacement parts are available on-site in time for Vendor to meet the Service Levels.
2.6.2   Other Data Network Operations Services
  a.   The Vendor’s responsibilities include the following:
  1.   Develop acceptance test procedures for installation and changes to the Data Network, and for verifying restoration of availability following problems with the Data Network;
  2.   Manage media, including off-site storage;
  3.   Manage the naming and addressing of all Data Network devices based on schemes approved by ACI, including:
  3.1.   Document the current addressing scheme; and
  3.2.   Implement, coordinate, and update new addressing schemes, including developing associated migration plans;
  4.   Compose, edit, and download configuration files to Equipment using administration platforms designed to provide a single point of control, dissemination, and rollback capability; and
  5.   When installing or conducting changes to Data Network Equipment and Software at Locations, implement protection against lightning strikes (in accordance with industry practices), electric noise, power surges, and unauthorized access in accordance with the Change Management procedures and ACI’s security requirements.
  b.   ACI will provide requirements and approval to Vendor for naming and addressing schemes.
2.7   Installs, Moves, Adds and Changes (IMACs) Services
  a.   The Vendor’s responsibilities include the following:
  1.   Plan, schedule, manage, and/or perform IMACs as requested and approved by ACI at the Locations and Vendor-managed Locations on all hardware and software supported by the Vendor, including:
  1.1.   “Hard IMACs” (Hard IMACs are for Equipment); and
  1.2.   “Soft IMACs” (Soft IMACs are for Software, firmware or microcode and are done remotely);
  2.   Receive, validate, and track all IMAC orders from End Users;
Confidential
Exhibit A-7—Data Network Services

 

Page 9 of 22


 

  3.   Install, maintain, and upgrade connections;
  4.   Use an automated system accessible to End Users by means of an online browser to track IMAC activity and produce reports on these activities on a monthly basis;
  5.   Monitor client satisfaction and closely monitor Service Levels throughout the IMAC activity;
  6.   With respect to authorized IMAC requests, execute the IMAC including:
  6.1.   Coordinate Vendor, ACI, and any third-party vendors to achieve high-quality execution of all IMACs;
  6.2.   Obtain or procure all required components and services necessary to perform IMAC Services;
  6.3.   Coordinate space requirements and logistics;
  6.4.   Coordinate, with the ACI Focal Point, pre-installation Location surveys to confirm that the Locations are properly surveyed and prepared to prevent delays in IMAC activities;
  6.5.   Coordinate and install changes to the cabling and other Infrastructure or Equipment for which the Vendor is responsible;
  6.6.   Schedule and dispatch technicians;
 
  6.7.   Perform related Software installs and upgrades;
 
  6.8.   Perform backups and reloads of data and Software;
 
  6.9.   Perform configuration functions;
  6.10.   For Hard IMACs, perform on-site operational testing, and provide appropriate back-out procedures as required;
  6.11.   Coordinate with the ACI Focal Point, for the End Users to test and verify the operation of all applications that utilize or depend on the Data Network resources being modified;
  6.12.   Provide on-site support as required to resolve Incidents associated with large-scale installations or moves (whether BAU or Project to be determined by the project scope and/or by mutual agreement based on the nature of the Incident);
  6.13.   Update the asset inventory and management system in a timely manner when any Data Network Equipment or Software changes are made by the Vendor or reported by ACI, along with all other related documentation (network topology maps in particular); and
  6.14.   Set up security, file access, and other administrative procedures associated with IMACs.
  b.   ACI will provide an ACI Focal Point for pre-installation Location surveys for IMAC activity.
Confidential
Exhibit A-7—Data Network Services

 

Page 10 of 22


 

2.8   Physical Network Environment Services
2.8.1   Site Information and Documentation Services
  a.   The Vendor’s responsibilities include creating and maintaining the following:
  1.   Based upon the asset inventory and other site information provided to Vendor by ACI, document the current physical environment at the Locations, including:
  1.1.   Data transport systems;
 
  1.2.   Data Network Equipment;
 
  1.3.   Data Network connections (virtual and physical);
  1.4.   Demarcation of responsibilities and physical environment comprising the WAN and LAN;
  1.5.   Power, UPS, and overall space requirements;
 
  1.6.   Cabling and wiring;
 
  1.7.   Data transport vendor point of entry; and
  1.8.   Other relevant environmental requirements and/or attributes that are unique to a Location;
  2.   Document Location survey information and asset information in the asset inventory and management system.; and
  3.   Maintain Locations lists, Data Network diagrams, and other Data Network documentation and information.
  b.   ACI will provide Vendor with Location survey and physical environment information.
2.8.2   Power Supply
  a.   The Vendor’s responsibilities include the following:
  1.   Connect and maintain Equipment at ACI’s facilities to uninterruptible power supplies (UPS), as required by ACI;
  2.   When required, install UPS which may be on a Project basis; and
  3.   For production data centers:
  3.1.   Monitor and ensure continual uptime of all power supplies, including both primary and secondary power supplies on Data Network Equipment.
2.8.3   Cabling and Wiring Services
Cabling and wiring will be jointly coordinated between Vendor and ACI — in general the work will be contracted to a Third Party on an as-needed basis and, if coordinated by Vendor, the Third Party charges will appear as a Pass-Through Expense.
Confidential
Exhibit A-7—Data Network Services

 

Page 11 of 22


 

To the extent that ACI’s Third Party cable and wiring vendors’ contracts cover all of the tasks listed in this Section 2.8.3, the Vendor’s responsibilities include coordinating the following:
  1.   Plan, procure, install, operate, administer, maintain, and manage the cabling and intra-floor and inter-floor wiring, within the Vendor physical demarcation boundaries as depicted in the Data Network Diagrams in this Exhibit;
  2.   Operate and maintain systems, including the physical cable plant, cable plant switching devices, encryption/security devices, intelligent/non-intelligent wiring hubs, and the various monitoring devices;
  3.   Provide for demarcation extensions from telco demark point to the ACI network;
  4.   Manage cable installations, repairs, and removal using a Software-based cable plant management system where applicable (i.e., in large installations with five (5) or more demarcations);
  5.   Interact with ACI real estate, landlord management, and other End Users so that cabling and wiring requirements are properly communicated and managed;
  6.   Coordinate with data transport vendor representatives for the planning, delivery, and maintenance of circuits; demarcation points; termination equipment; power and air conditioning (A/C) (if original building specification is at capacity and subject to agreed-upon funding by ACI); rack space; wall space; and plywood or other backboard materials needed for mounting distribution frames;
  7.   For each new installation, communicate accurate cabling and wiring specifications and costs to ACI real estate representatives no less than four (4) weeks in advance of installation;
  8.   Document changes to the cabling and wiring plan in the Location survey records, and all changes thereto in the asset inventory and management system;
  9.   Comply with ACI cabling and wiring standards;
  9.1.   In the absence of an ACI standard, use industry standards that meet or exceed local code or other requirements of applicable authorities;
  10.   Document, label, and map cable runs in the appropriate Location survey records;
  11.   Use ACI-approved and certified cable and wire installers to perform cabling and wiring Services;
  12.   Maintain up-to-date cable records in communications closets, wiring distribution rooms, and other areas where a high concentration of cabling exists; and
  13.   Maintain a secure, clean, well-lit, clutter-free cabling environment in all telecommunications closets and cable plant areas.
Confidential
Exhibit A-7—Data Network Services

 

Page 12 of 22


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT THE
PORTIONS OF THIS DOCUMENT DENOTED BY BOXES
AND ASTERISKS BE ACCORDED CONFIDENTIAL
TREATMENT PURSUANT TO RULE 24b-2
PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1934.
If ACI requires any of the tasks listed above that are not currently provided in one of ACI’s cabling or wiring Third Party vendor contracts, Vendor will work with the Third Party vendor to solution those tasks as a Project or New Service.
2.9   Software Currency and Support Services
  a.   The Vendor’s responsibilities include the following:
  1.   Interface with other ACI third-party vendors to promote compatibility of Data Network systems, and manage the subcontractors that provide Software support to Data Network products for which the Vendor is responsible;
  2.   Fully test all code revisions, which also should have been used in the commercial marketplace, before their installation on the Data Network (e.g., version 1.xx);
  3.   Proactively notify ACI of availability of new versions of Software, including analysis of impact and/or value of the new version of Software (e.g., fixes and new features applicable to ACI technical and business environments); and
  4.   Coordinate that production levels are fully supported by third-party vendors; maintain a record (for each product in production) of version history and associated availability, as well as of any announced end-of-support or end-of-availability dates.
2.10   Network Security Services
  a.   A [ * ] MPLS closed network used for internal purposes will satisfy current requirements. In addition, the non-MPLS network (solution includes provisioning and support of both MPLS and non-MPLS circuits) which includes encryption in the firewall (a supported piece of Equipment) also satisfies current requirements. The Vendor’s responsibilities include the following:
  1.   Implement and maintain security tools, procedures, and systems required to protect the integrity, confidentiality, and availability of the ACI Data Network and data on the Data Network;
  1.1.   ACI will approve the selection of the security tools;
  2.   Comply with ACI’s Data Network security policies (described in Schedule J (ACI Policies and Standards), whereby the Vendor will follow the best practices of either ACI or Vendor, whichever requires greater security based on reasonable and prudent standard practices, with approval by ACI;
  3.   Perform quarterly assessments of risk exposure including:
  3.1.   Gap analyses to indicate exposure to security threats;
Confidential
Exhibit A-7—Data Network Services

 

Page 13 of 22


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT THE
PORTIONS OF THIS DOCUMENT DENOTED BY BOXES
AND ASTERISKS BE ACCORDED CONFIDENTIAL
TREATMENT PURSUANT TO RULE 24b-2
PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1934.
  3.2.   Action plans to address gaps; and
  3.3.   Ratings to gauge progress against closure of gaps;
  4.   Provide access to and/or assist ACI’s designated third-party vendors in performing vulnerability assessments (of the Vendor support network infrastructure) [ * ] from ACI;
  5.   Perform reactive security assessments and Incident and problem determination in accordance with ACI network security policies;
  6.   Activate appropriate security monitoring tools, and back up and analyze the logs from these tools, in accordance with ACI security requirements;
  7.   Provide recommendations to remediate the gaps identified by analyzing the logs;
  8.   Utilize Access Control Lists (ACLs) on all networking devices in accordance with ACI network security policies;
  9.   Ensure proper isolation and separation of LAN and WAN traffic originating from and destined for ACI’s and remote sites (i.e., ensure and prevent individual bank/FI traffic from being able to be routed to other bank/FI locations or ACI Locations);
  10.   Take reasonable and appropriate action designed to prevent unauthorized access to the Data Network, in accordance with ACI’s requirements. This will include the following, where appropriate:
  10.1.   Use IPSEC security protocols for access for external networks that use IPSEC. The release and version of the selected software should stay [ * ] as agreed to by ACI; and
  10.2.   Shut down the Services to prevent further unauthorized access based upon joint agreement with the ACI Security group; and
  11.   Monitor usage patterns and investigate and report significant discrepancies in those patterns no later than [ * ] after their detection.
3.0   WIDE AREA NETWORK (WAN) SERVICES
The Vendor shall provide Wide Area Network Services (WAN) for ACI’s Data Network in accordance with this Exhibit and in addition to the Common Network Services.
Confidential
Exhibit A-7—Data Network Services

 

Page 14 of 22


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT THE
PORTIONS OF THIS DOCUMENT DENOTED BY BOXES
AND ASTERISKS BE ACCORDED CONFIDENTIAL
TREATMENT PURSUANT TO RULE 24b-2
PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1934.
3.1   WAN Services — Technical Requirements
  a.   The Vendor’s responsibilities include the following:
  1.   Comply with or improve (subject to ACI’s approval) the WAN technical specifications as supplied by ACI, and as modified during the Term;
  2.   Install and maintain WAN Connectivity for approved End Users at all applicable Locations, as listed in Schedule P (Locations);
  3.   Manage a multi-protocol WAN, to include:
  3.1.   Manage the currently supported ACI protocols [ * ] and
  3.2.   Manage application-specific network addressing schemes [ * ] and
  4.   Provide a data transport Services profile that complies with applicable open system standards and specifications [ * ].
  b.   The following items are part of new client addition activities that will be handled as a Project or BAU as agreed by the Parties on a case-by-case basis:
  1.   Provide WAN options to ACI’s bank/FI customers including (but not limited to) Frame Relay, MPLS, T1, and site-to-site (B-to-B) VPN;
  2.   On-site assistance or dispatch for on-site assistance for customer-owned equipment;
  3.   Rack and cabling new equipment;
  4.   All activities related to planning and conducting network equipment replacements and upgrades;
  5.   Escalations to network equipment vendors and all activities for information gathering and troubleshooting failures and issues;
  6.   Configuration and troubleshooting of equipment;
  7.   Sniffer/packet capture and analysis;
  8.   Deploy, manage, and support ACI-managed bank/FI customer routers;
  9.   Follow ticket and escalation process and work with [ * ] to deploy, manage, and support [ * ] routers;
  10.   Bank/FI customer routers and dispatches for on-site assistance; and
  11.   Follow ticket and escalation process and work with [ * ] for dispatches for on-site assistance.
3.2   WAN Services – Internet Access Services
  a.   The Vendor’s responsibilities include the following:
  1.   Configure, install, test, support, monitor and maintain the Data Network and Data Network Equipment used to access the Internet;
Confidential
Exhibit A-7—Data Network Services

 

Page 15 of 22


 

  1.1.   This will include Connectivity support of high-speed servers to the Internet, and Connectivity with firewall protection in accordance with ACI’s information security standards; and
  1.2.   For production data center environments, ensure that all Data Network Equipment and Software is supported under a vendor maintenance agreement and replacement parts are available on-site in time for Vendor to meet the Service Level;
  2.   Manage Internet access and redundant data transport facilities;
  3.   Manage routes and filtering as necessary, working in conjunction with the ACI Security group to determine specific filtering levels. The ACI Security group should be provided management access to all logs involved; and
  4.   Deliver DNS services for domains required by the Vendor to manage the Equipment.
3.3   WAN Services – Extranet Access
  a.   The Vendor’s responsibilities include the following:
  1.   Support and maintain the Extranet and WAN DMZ environments between ACI and its partners, Third Party vendors, and customers;
  2.   Support and maintain high-speed circuits in a shared DMZ environment, and provide Connectivity with firewall protection in accordance with ACI’s information security standards;
  3.   Assist ACI with defining any security policies, permission, etc. that may be applicable specifically to the shared DMZ between ACI and other parties;
  4.   Configure, install, test, operate, and maintain ACI’s Extranet for all applicable End User computing devices or servers;
  5.   Use connection-based, session-based, or message-based services as appropriate, depending on the specific requirements of each End User, and support minimal and optional features as follows:
  5.1.   Employ appropriate encryption measures, such as Triple DES, IPSEC, AES, etc.;
  5.2.   Provide for and maintain confidentiality of transmitted data;
 
  5.3.   Provide authentication of parties exchanging data; and
 
  5.4.   Ensure no user account sharing is allowed;
  6.   Manage Extranet access and transport, inclusive of related Internet access and transport;
  7.   Configure, install, test, operate, monitor and maintain high-speed transport facilities to Internet servers for Extranet data access and file transfers; and
  8.   Manage routes and filtering as necessary to operate the Extranet Access Service, working in conjunction with the ACI Security group to determine specific filtering levels. The ACI Security group should be provided management access to all logs involved.
Confidential
Exhibit A-7—Data Network Services

 

Page 16 of 22


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT THE
PORTIONS OF THIS DOCUMENT DENOTED BY BOXES
AND ASTERISKS BE ACCORDED CONFIDENTIAL
TREATMENT PURSUANT TO RULE 24b-2
PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1934.
4.0   LOCAL AREA NETWORK (LAN) SERVICES
The Vendor shall provide LAN Services for ACI’s Data Network in accordance with this Exhibit and in addition to the Common Network Services.
4.1   LAN Services – Technical Requirements
  a.   The Vendor’s responsibilities include the following:
  1.   Install and maintain LAN Connectivity for approved End Users at all applicable Locations, as listed in Schedule P (Locations);
  2.   Provide ACI with a TCP/IP LAN network;
  3.   Manage the currently supported ACI protocols [ * ]
  4.   Manage ACI’s application-specific network addressing schemes [ * ]
  5.   Provide Vendor transmission Services profile that complies with applicable open system standards and specifications [ * ]
  6.   Use intelligent Data Network devices and systems to monitor LANs remotely; and
  7.   For production data centers, ensure that all Data Network Equipment and Software is supported under a vendor maintenance agreement and replacement parts are available on-site in time for Vendor to meet the Service Levels.
4.2   LAN Services – Installation and Removal Services
  a.   The Vendor’s responsibilities include the following:
  1.   Deploy new LAN Equipment and related Software to meet the Service Levels and in accordance with the IMAC process definitions;
  2.   Implement LAN connection(s) for new End Users as specified in the IMAC process;
  3.   Implement a dual LAN connection for production servers and network equipment, such as to provide connectivity to two physically separate network switches;
  4.   Configure and activate the appropriate LAN Equipment monitoring agent; and
 
  5.   Test LAN Equipment after implementation to include remote monitoring through agents and monitoring systems.
Confidential
Exhibit A-7—Data Network Services

 

Page 17 of 22


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT THE
PORTIONS OF THIS DOCUMENT DENOTED BY BOXES
AND ASTERISKS BE ACCORDED CONFIDENTIAL
TREATMENT PURSUANT TO RULE 24b-2
PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1934.
5.0   VIDEO CONFERENCING SERVICES
The Vendor shall provide support for the Supported Servers and transport, as listed in the Circuit Listing in Exhibit C-1 (Base Charges, Baselines, ARC/RRC Rates and Termination Charges), that are associated with video conferencing. ACI will retain responsibility for the support of video conferencing equipment, software and facilities.
6.0 REMOTE ACCESS SERVICES
Upon the Service Tower Commencement Date, Vendor will support ACI’s current environment which provides for ACI employees to remotely access (non-direct wired connections) to the ACI corporate network. These remote access services are defined as follows:
  1.   SSL via multiple network appliance devices [ * ] scattered geographically throughout the network;
  2.   Secure Broadband connectivity via Third Party vendor services [ * ]; and
  3.   Dial-up connectivity globally via Third Party vendor services [ * ] in which calls are placed through local numbers and routed via [ * ] services into the ACI corporate network.
There are specific security requirements (checked by either the network appliance or the Third Party vendor’s software) to ensure a minimum of:
  1.   OS level and service patch;
  2.   A running copy of Antivirus Software; and
  3.   Antivirus definition files that are within [ * ] of the current date.
During Transition, Vendor will initiate a project to replace the existing ACI remote access technology. Upon completion of the replacement project, Vendor will provide a standardized [ * ] remote access service. This service will provide:
  1.   SSL via a standard set of AT&T supported VPN devices which include [ * ] These devices will be centralized;
  2.   Secure Broadband connectivity using [ * ]and
  3.   Dial-up connectivity globally via [ * ] in which calls are placed through local numbers and routed via AT&T services into the ACI corporate network.
Confidential
Exhibit A-7—Data Network Services

 

Page 18 of 22


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT THE
PORTIONS OF THIS DOCUMENT DENOTED BY BOXES
AND ASTERISKS BE ACCORDED CONFIDENTIAL
TREATMENT PURSUANT TO RULE 24b-2
PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1934.
7.0 DATA NETWORK DIAGRAMS
Attached below are the Data Network Diagrams as of the Effective Date.
[ * ]
*  Represents four pages of redacted tabular data
Confidential
Exhibit A-7 – Data Network Services

 

Page 19 of 22


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT
THE PORTIONS OF THIS DOCUMENT DENOTED BY
BOXES AND ASTERISKS BE ACCORDED
CONFIDENTIAL TREATMENT PURSUANT TO RULE
24b-2 PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1934.
EXHIBIT A-8
ENTERPRISE SECURITY MANAGEMENT SERVICES
1.   INTRODUCTION
Vendor will maintain security controls that are consistent with the security controls implemented at ACI as of the Service Tower Commencement Date. Vendor will work with ACI to detail ACI’s existing security controls, if necessary, and to develop a detailed document that will define the mutually agreed security controls that Vendor will implement at ACI. Such document will include, at a minimum, the security responsibilities listed below. Any effort to transform ACI’s existing security controls implemented as of the Effective Date to the mutually agreed security controls, unless specifically and explicitly included in the Agreement, will be considered a New Service.
2.   SECURITY COMPLIANCE AND REGULATORY
2.1   Security Policy Management
  a.   Vendor will:
  (1)   with ACI’s assistance, gather information to document the security controls ACI has in place as of the Effective Date to establish ACI’s IT security baseline and to define the technical specifications for the systems managed by Vendor;
  (2)   perform a gap analysis between the security controls ACI has in place as of the Effective Date and the Information Security Controls Document;
  (3)   provide an initial threat identification summary based on the gap analysis and update the threat identification summary every 18 months thereafter; such summary will contain:
 
  (a)   identified threats organized by the [ * ] clauses, and
 
  (b)   suggested remediation actions for each identified threat;
  (4)   with ACI’s assistance, develop and implement the security document that is used to capture the security policies and technical controls that Vendor will implement, as requested by ACI, on Vendor managed systems, servers and networks (“Information Security Controls (ISeC) Document”); this is a critical deliverable and is to be included in the Process Interface Manual;
Confidential
Exhibit A-8 — Enterprise Security Management Services

 

Page 1 of 15


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT
THE PORTIONS OF THIS DOCUMENT DENOTED BY
BOXES AND ASTERISKS BE ACCORDED
CONFIDENTIAL TREATMENT PURSUANT TO RULE
24b-2 PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1934.
  (5)   define and document the privileged User IDs in the platform-specific technical specifications set forth in the Information Security Controls Document; and
  (6)   on a periodic basis, review the Information Security Controls Document with ACI and update, as appropriate. Interim changes can be accepted but a formal review and update will be performed only [ * ].
  b.   ACI will:
  (1)   assist Vendor in documenting the security controls ACI has in place as of the Effective Date;
  (2)   provide contact, security policies and IT infrastructure information and any updates as they occur;
  (3)   assist Vendor in developing the Information Security Controls Document;
  (4)   review the threat identification summary and take action, as appropriate; and
  (5)   on a periodic basis, review the Information Security Controls Document with Vendor and provide recommended updates, as appropriate. Interim changes can be accepted but a formal review and update will be performed only every 18 months.
2.2   Security Compliance Support
  a.   Vendor will:
  (1)   perform periodic security reviews to validate compliance (for example, validating access authorization per ACI’s instruction, the correct use of logical control features) based on ACI’s security framework; and
  (2)   identify and manage security risks and exposures within Vendor’s control as part of the Services based on ACI’s security framework;
  (3)   in the course of their day-to-day support of the ACI security services, advise ACI in the event that a process appears to be non-compliant with Vendor’s understanding of industry-wide conventions;and
  (4)   as a part of its annual technology review and its 18 month security review, provide industry perspective on security compliance trends and regulatory changes and provide an industry update on security and regulatory changes.
Confidential
Exhibit A-8 — Enterprise Security Management Services

 

Page 2 of 15


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT
THE PORTIONS OF THIS DOCUMENT DENOTED BY
BOXES AND ASTERISKS BE ACCORDED
CONFIDENTIAL TREATMENT PURSUANT TO RULE
24b-2 PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1934.
  b.   ACI will identify and interpret legal, regulatory or other security requirements applicable to ACI’s business and provide those requirements to Vendor for implementation.
2.3   Security Audit Management
  a.   Vendor will:
  (1)   provide a Vendor Focal Point with responsibility for account security audits;
  (2)   notwithstanding anything in the Agreement to the contrary, [ * ];
 
  (3)   communicate with and respond to auditor’s requests;
  (4)   provide relevant data for security audits and reviews such as SAS70 Type II Audits described in the MSA and [ * ] as necessary;
  (5)   perform non-compliance support audit activities for Vendor internal audits, external client reviews and Third Party reviews; and
  (6)   coordinate issues resolution identified during the security audit process and provide recommendations for resolution, and provide resolution as it pertains to the scope of Vendor’s responsibility.
  b.   ACI will:
  (1)   provide an ACI Focal Point with responsibility for account security audits;
  (2)   during the Transition Period, perform a review of each Rebadged Employee’s system access authorizations to confirm the need for the same access requirements following the Effective Date and advise Vendor of any required changes which are congruent with applicable global privacy laws and regulations; and
  (3)   provide Vendor with ACI’s security audit history (both internal and external) and security policies, standards and practices in effect as of the Effective Date and any updates as they occur.
Confidential
Exhibit A-8 — Enterprise Security Management Services

 

Page 3 of 15


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT
THE PORTIONS OF THIS DOCUMENT DENOTED BY
BOXES AND ASTERISKS BE ACCORDED
CONFIDENTIAL TREATMENT PURSUANT TO RULE
24b-2 PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1934.
2.4   Regulatory Program Management
  a.   Vendor will:
  (1)   assist ACI in the development of testing criteria for ACI-identified regulatory controls and implement them, as appropriate in accordance with Vendor’s and ACI’s security framework;
  (2)   utilize Vendor processes, tools, and infrastructure, as appropriate, and maintain supporting documentation in support of ACI-identified regulatory controls;
  (3)   in accordance with the ACI-identified regulatory controls, manage regulatory training for Vendor and maintain supporting documentation; and
  (4)   notwithstanding anything in the Agreement to the contrary, provide [ * ]. For purposes of clarity, [ * ].
  b.   ACI will:
  (1)   provide ACI-identified regulatory controls; and
  (2)   develop, with Vendor’s assistance, testing criteria for ACI-identified regulatory controls.
3.   SECURITY MANAGEMENT
  a.   Vendor will:
  (1)   provide a Vendor Focal Point with responsibility for day-to-day security management;
  (2)   review changes made or requested by ACI to its security policies and standards and advise ACI whether or not such changes:
  (a)   can be implemented; and
  (b)   if implemented, will be considered a New Service;
  (3)   perform risk and issue management, including:
  (a)   establishing procedures for logging, alarming and reporting of security violations and issues;
  (b)   managing to resolution security risks identified as a result of reviews and audits; changes in Vendor or ACI environment; and changes in operating practices, processes or technology;
  (c)   notify relevant parties of the risks, their potential impact and actions to mitigate the impact; and
  (d)   provide security procedures and knowledge transfer for ACI Focal Point on Vendor security management methodology and tools; and
Confidential
Exhibit A-8 — Enterprise Security Management Services

 

Page 4 of 15


 

  (4)   provide monthly security reports as required under this Agreement.
  b.   ACI will:
  (1)   provide an ACI Focal Point with responsibility for day-to-day security management;
  (2)   communicate the security procedures to End Users (for example, login procedures, password requirements, use of Antivirus programs, data and Equipment security procedures);
  (3)   notify Vendor of changes ACI plans to make to its security policies and standards before implementation; and
  (4)   provide any additional or unique resources (for example, hardware, software or other components, personnel) and perform any site modifications required to enable Vendor to implement ACI’s security requirements per ACI’s access policies and standards.
4.   INFRASTRUCTURE PROTECTION
4.1   Emergency Response Services
  a.   Vendor will:
  (1)   provide telephone support for remote security Incident response;
  (2)   perform initial security Incident consultation (scope and roles to be defined separately in Process Interface Manual);
  (3)   with ACI’s assistance, develop customized emergency response plans to help minimize the effect of future attacks; and
  (4)   provide advice and guidance on such topics as Internet security Incident assessment, preparedness, management, and response.
  b.   ACI will:
  (1)   assist in the development of customized emergency response plans;
  (2)   declare a security Incident;
  (3)   determine if a security Incident is a commercial privacy breach and implement emergency response plan, as appropriate;
  (4)   escalate declared security Incidents in the ACI organization, as appropriate; and
  (5)   provide contact and IT infrastructure information and any updates as they occur.
Confidential
Exhibit A-8 — Enterprise Security Management Services

 

Page 5 of 15


 

4.2   X-Force Threat Analysis Services
  a.   Vendor will:
  (1)   manage daily security threats through comprehensive evaluation of global online threat conditions and detailed analyses tailored for ACI;
  (2)   provide daily summaries of current, and forecast assessments for, active vulnerabilities, viruses, worms and threats, including links to recommended fixes and security advice;
  (3)   provide customized and configurable notifications and current alert status; and
  (4)   provide alert trending and attack metrics.
  b.   ACI will:
  (1)   provide a list of End User e-mail addresses to be monitored and any updates as they occur; and
  (2)   maintain a list of End User notification preferences.
4.3   Managed Intrusion Detection
  a.   Vendor will:
  (1)   monitor, manage, configure and support network intrusion detection sensors;
  (2)   actively and passively monitor network traffic and block known malicious activity in accordance with the security policy configuration;
  (3)   escalate security events and Incidents via e-mail or the web portal, as appropriate;
  (4)   report findings following each escalation;
  (5)   provide high-level and in-depth reporting via the web portal on the security of ACI’s networks;
  (6)   assist ACI with resolving and remediating security events; and
  (7)   perform security policy configuration changes needed to resolve network connectivity issues and critical attacks.
  b.   ACI will:
  (1)   have access to IDS information;
  (2)   be responsible for resolving and remediating security events;
  (3)   provide information regarding ACI’s IT infrastructure and notify Vendor of changes made to such infrastructure that could impact the Services; and
  (4)   request policy configuration changes needed to resolve network connectivity issues.
Confidential
Exhibit A-8 — Enterprise Security Management Services

 

Page 6 of 15


 

4.4   Managed Protection Services
4.4.1   Server
  a.   Vendor will:
  (1)   monitor, manage and configure Vendor Internet Security Systems (“ISS”) protection agents;
  (2)   provide server-based protection securing the underlying operating system by preventing attackers from exploiting the operating system and application level vulnerabilities;
  (3)   monitor all traffic to and from the servers:
  (a)   in compliance with ACI’s security framework, provided to Vendor (specifically PCI);
  (b)   to detect and prevent inbound and outbound attacks; and
  (c)   block new and unknown attacks such as Trojans, brute force attacks, unauthorized access and worms;
  (4)   escalate security events via e-mail or the web portal, as appropriate;
  (5)   implement virtual patches which provide active blocking capabilities so ACI is secure until patching of servers;
  (6)   provide Incident report following each escalation;
  (7)   assist ACI with resolving and remediating security events; and
  (8)   provide high-level and in-depth reporting via the web portal on the security of ACI’s servers.
  b.   ACI will:
  (1)   be responsible for resolving and remediating security events (ACI and Vendor roles to be defined separately);
  (2)   provide information regarding ACI’s IT infrastructure and notify Vendor of changes made to such infrastructure that could impact the Services.
Confidential
Exhibit A-8 — Enterprise Security Management Services

 

Page 7 of 15


 

ACI WORLDWIDE, INC. RECEIVED CONFIDENTIAL
TREATMENT FOR THE PORTIONS OF THIS AGREEMENT
DENOTED BY BOXES AND ASTERISKS PURSUANT TO
RULE 24b-2 PROMULGATED UNDER THE SECURITIES
EXCHANGE ACT OF 1934 PURSUANT TO AN ORDER
FROM THE SECURITIES AND EXCHANGE COMMISSION
ISSUED ON MAY 6 2008.
4.5   Security Event and Log Management Services
For the number of servers listed in the Event Log Collection resource unit (estimated to be approximately [ * ] servers),
  a.   Vendor will:
  (1)   collect security or log data in a text-based format;
  (2)   archive, analyze, correlate and trend events and logs, while managing response and remediation workflow;
  (3)   provide security events and log data online for one year; and
  (4)   analyze security events from select intrusion detection and intrusion prevention devices and provide alerts via the web portal.
  b.   ACI will:
  (1)   provide a list of devices and other required information (i.e., platform, software revision and version, IP addresses, log retention period per device) for which events and logs will be collected;
  (2)   update access control lists (ACLs) and firewall rules required for identified devices to communicate with Vendor; and
  (3)   install universal log agent on data sources, as applicable.
4.6   URL Filtering
  a.   Vendor will:
  (1)   with ACI’s assistance, develop, implement and maintain the URL filtering policy, including violation reporting procedures;
  (2)   install, test, configure and maintain the URL filtering environment;
  (3)   in accordance with the URL filtering policy, control End User access to web sites (i.e., allow or block access based on person(s), groups, time of day, IP addresses, bandwidth or time allotment);
  (4)   notify ACI, in accordance with the established procedures, of URL filtering violations; and
  (5)   provide monthly URL monitoring reports.
  b.   ACI will:
  (1)   provide ACI’s business guidelines for End User Internet access and any updates as they occur;
  (2)   assist Vendor in developing and implementing the URL filtering policy, including violation reporting procedures; and
  (3)   provide contact and IT infrastructure information and any updates as they occur.
4.7   E-mail Security
  a.   Vendor will:
  (1)   for anti-spam:
  (a)   with ACI’s assistance, develop, implement and maintain the e-mail security policy, including violation reporting procedures;
Confidential
Exhibit A-8 — Enterprise Security Management Services

 

Page 8 of 15


 

  (b)   scan ACI’s inbound e-mail for spam;
  (c)   provide ACI with the capability to create filters to prevent spam and allow e-mail (i.e., black list, white list);
  (d)   using ACI provided black list and white list, identify spam and take action in accordance with the e-mail security policy (i.e., tag, redirect, delete);
  (e)   provide secure password access to a proprietary Internet-based reporting and management tool which allows ACI to view data and statistics and offers a number of configuration and management facilities; and
  (f)   provide weekly and monthly security reports via e-mail.
  (2)   for porn filtering:
  (a)   with ACI’s assistance, develop, implement and maintain the e-mail security policy, including violation reporting procedures;
  (b)   scan ACI’s inbound and outbound e-mail to detect potentially suspected pornographic images;
  (c)   implement sensitivity settings and routing options in accordance with the e-mail security policy (for example, e-mail containing suspect images can be logged only, tagged, sent or copied to a designated system administrator or deleted);
  (d)   provide secure password access to a proprietary Internet-based reporting and management tool which allows ACI to view data and statistics and offers a number of configuration and management facilities; and
  (e)   provide weekly and monthly security reports via e-mail.
  (3)   for e-mail Antivirus:
  (a)   with ACI’s assistance, develop, implement and maintain the e-mail security policy, including violation reporting procedures;
  (b)   scan ACI’s Internet level e-mail to detect viruses (i.e., known and unknown);
  (c)   notify appropriate contact (for example, e-mail sender, intended recipient, e-mail administrator), in accordance with the established procedures, if an e-mail or attachment contains a virus;
  (d)   handle infected e-mail in accordance with the established procedures;
  (e)   notify ACI of any virus infected e-mail that Vendor was unable to intercept;
Confidential
Exhibit A-8 — Enterprise Security Management Services

 

Page 9 of 15


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT
THE PORTIONS OF THIS DOCUMENT DENOTED BY
BOXES AND ASTERISKS BE ACCORDED
CONFIDENTIAL TREATMENT PURSUANT TO RULE
24b-2 PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1934.
  (f)   provide secure password access to a proprietary Internet-based reporting and management tool which allows ACI to view data and statistics as well as offers a number of configuration and management facilities; and
  (g)   provide weekly and monthly security reports via e-mail.
  b.   ACI will:
  (1)   configure an anti-spam black list and white list;
  (2)   provide ACI’s business guidelines for End User e-mail security and any updates as they occur;
  (3)   assist Vendor in developing and implementing the e-mail security policy, including violation reporting procedures;
  (4)   address any virus infected e-mail that Vendor was unable to intercept; and
  (5)   provide contact and IT infrastructure information and any updates as they occur.
5.   SYSTEM CURRENCY
5.1   System Security Checking
  a.   Vendor will:
  (1)   install, test and maintain security policy verification software;
  (2)   perform system security checks of managed mainframes, mid-range servers, network devices, and system tools to validate compliance with the technical specifications documented in the [ * ]. System security checks will be performed on a sample of systems. Checks will verify that:
  (a)   Antivirus software is functional and operating on Supported Servers;
  (b)   technical controls to enforce operating system password policy are in place; and
  (c)   logs of privileged access and log-on/log-off activities are being captured as defined in the Information Security Controls Document technical specifications; and
  (3)   document identified issues and take corrective action on the findings, as appropriate.
  b.   ACI will permit Vendor to access systems as necessary to perform system security checks per ACI’s access policy, processes and standards.
Confidential
Exhibit A-8 — Enterprise Security Management Services

 

Page 10 of 15


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT
THE PORTIONS OF THIS DOCUMENT DENOTED BY
BOXES AND ASTERISKS BE ACCORDED
CONFIDENTIAL TREATMENT PURSUANT TO RULE
24b-2 PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1934.
5.2   Security Advisory and Integrity
  a.   Vendor will for operating systems, software tools, and network infrastructure systems and devices (including desktop Equipment) managed by Vendor:
  (1)   monitor security patches;
  (2)   notify ACI within 3 Business Days of Vendor-rated high severity security patches or earlier depending on the criticality identified by the Vendor CERT team;
  (3)   install ACI-approved security patches within the following security change window parameters:
  (a)   minimum [ * ] security change window;
  (b)   [ * ] servers thereafter; and
  (c)   In the case of a high CERT criticality, implement the patch as per the CERT guidelines.
  b.   ACI will:
  (1)   evaluate advisory notifications from Vendor and approve security patches for installation at least one Business Day before scheduled implementation date; and
  (2)   provide an environment for testing security patches and perform such tests, as appropriate.
5.3   Malware Defense Management
  a.   Vendor will:
  (1)   install, test and maintain anti-malware software on Supported Servers and Windows Supported Desktops;
  (2)   push anti-malware definitions, vendor product updates, and policy and configuration updates to Supported Servers and Supported Desktops, as appropriate;
  (3)   if malware is detected, take corrective action in accordance with the Information Security Controls Document (i.e., prevent, detect and remove malware infections and respond to malware security incidents);
Confidential
Exhibit A-8 — Enterprise Security Management Services

 

Page 11 of 15


 

  (4)   notify ACI, in accordance with the established procedures, if malware is detected on a Supported Server or Supported Desktop;
  (5)   perform virus definition, pattern file updates and policy configuration; and
  (6)   provide monthly malware defense management reports.
  b.   ACI will provide ACI’s security policy and any updates as they occur.
5.4   Vulnerability Management Services
  a.   Vendor will:
  (1)   maintain a list of ACI IP addresses to scan;
  (2)   identify vulnerabilities within the network perimeter using Vendor policies;
  (3)   perform historical trending of vulnerability data;
  (4)   provide vulnerability scanning reports which include:
  (a)   scan results reflecting identified vulnerabilities for corrective action to be taken, as appropriate; and
  (b)   summary reports and trend analysis provided via the web portal;
  (5)   with ACI’s assistance, schedule and perform scans;
  (6)   develop and maintain the scanning profile containing the following:
  (a)   system and network devices to be scanned;
  (b)   frequency of scanning;
  (c)   type of scan;
  (d)   vulnerabilities that are not security policy violations; and
  (e)   time frames when scans will be executed.
  b.   ACI will:
  (1)   assist Vendor in developing the scanning profile containing the following:
  (a)   system and network devices to be scanned;
  (b)   frequency of scanning;
  (c)   type of scan;
  (d)   vulnerabilities that are not security policy violations; and
  (e)   time frames when scans will be executed; and
  (2)   be responsible for resolving application-related issues discovered during a vulnerability scan.
Confidential
Exhibit A-8 — Enterprise Security Management Services

 

Page 12 of 15


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT
THE PORTIONS OF THIS DOCUMENT DENOTED BY
BOXES AND ASTERISKS BE ACCORDED
CONFIDENTIAL TREATMENT PURSUANT TO RULE
24b-2 PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1934.
6.   IDENTITY AND ACCESS
6.1   Management of Privileged User IDs and Vendor User IDs
  a.   For the operating systems, software tools and network infrastructure systems and devices under Vendor management, Vendor will:
  (1)   with ACI’s assistance, perform a baseline inventory of access IDs;
  (2)   perform the following provisioning and compliance activities:
  (a)   provision and manage User IDs for Vendor personnel to include special access and emergency access needs;
  (b)   perform employment verification upon hire and termination for Vendor personnel and remove Vendor User IDs, as appropriate;
  (c)   administer passwords for Vendor User IDs and privileged User IDs;
  (d)   provision and manage the Vendor and ACI privileged User IDs as defined in the platform-specific technical specifications set forth in the Information Security Controls Document;
  (e)   revalidate privileged authorizations annually and remove privileged User IDs, as appropriate; and
  (f)   provide ACI a list of ACI privileged User IDs for revalidation on request;
  (3)   maintain audit records for privileged User ID approvals, verifications and revalidations and retain such records for two years;
  (4)   provide for ACI’s review and approval, as appropriate, non-expiring passwords and policy exception requests; and
  (5)   capture system security logs of privileged access and log-on/log-off activities as defined in the Information Security Controls [ * ].
  b.   ACI will:
  (1)   assist Vendor in performing a baseline inventory of access IDs for the systems for which Vendor has security responsibility;
  (2)   authorize and manage non-privileged User IDs and passwords for ACI personnel for the operating systems, software tools and network infrastructure systems and devices under Vendor management;
Confidential
Exhibit A-8 — Enterprise Security Management Services

 

Page 13 of 15


 

  (3)   revalidate ACI privileged User IDs; and
  (4)   approve non-expiring passwords and policy exception requests, as appropriate.
6.2   Password Management for ACI User IDs
  a.   Vendor will:
  (1)   perform password resets for User IDs using ACI-provided and maintained employee authentication data; and
  (2)   investigate ACI User ID password issues, as identified by ACI.
  b.   ACI will:
  (1)   provide and maintain employee authentication data for ACI User IDs; and
  (2)   establish the criteria for resetting passwords and disclosing such passwords to authorized personnel.
6.3   ACI User ID Lifecycle Administration
  a.   For the operating systems, software tools and network infrastructure systems and devices under Vendor management, Vendor will:
  (1)   provision and manage ACI-identified User IDs for ACI personnel; and
  (2)   investigate ACI User ID security issues, as identified by ACI.
  b.   ACI will:
  (1)   identify ACI User IDs; and
  (2)   provide approved provisioning requests for User IDs for ACI personnel.
6.4   ACI User ID Administration Compliance Support
  a.   For ACI User IDs in-scope for ACI User ID Lifecycle Administration Services, Vendor will:
  (1)   perform annual employment verification and User ID revalidation for ACI personnel and remove User IDs, as appropriate;
  (2)   perform annual revalidation of privileges and access to shared User IDs and remove such privileges and access, as appropriate;
  (3)   maintain audit records for User ID and privileged User ID approvals, verifications and revalidations and retain such records for two years; and
  (4)   provide for ACI’s review and approval, as appropriate, non-expiring passwords and policy exception requests.
Confidential
Exhibit A-8 — Enterprise Security Management Services

 

Page 14 of 15


 

  b.   ACI will:
  (1)   revalidate ACI User IDs, privileges and access to shared User IDs; and
  (2)   approve non-expiring passwords and policy exception requests, as appropriate.
6.5   Physical Security and Access Management
  a.   Vendor will:
  (1)   provide the following physical security controls at Vendor facilities:
  (a)   define controlled areas, perform a physical security assessment and document any identified control and audit issues;
  (b)   identify ownership of control and audit issues and manage closure of Vendor-owned issues;
  (c)   perform initial access baseline review and execute formal revalidation for new protected and restricted areas;
  (d)   develop and implement the access authorization processes;
  (e)   manage the implementation of the physical security environment for the controlled areas;
  (f)   perform maintenance, testing and daily operations of the physical security environment; and
  (g)   manage permanent and temporary access authorization devices.
  b.   ACI will:
  (1)   provide and manage physical security controls at the ACI Facilities;
  (2)   manage closure of ACI-owned control and audit issues; and
  (3)   protect LAN servers and infrastructure devices on ACI premises from unauthorized access.
7.   ADDITIONAL SECURITY TERMS
7.1   General
ACI acknowledges that the Services described herein constitute authorized access to ACI’s networks and computer systems.
Confidential
Exhibit A-8 — Enterprise Security Management Services

 

Page 15 of 15


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT
THE PORTIONS OF THIS DOCUMENT DENOTED BY
BOXES AND ASTERISKS BE ACCORDED
CONFIDENTIAL TREATMENT PURSUANT TO RULE
24b-2 PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1934.
EXHIBIT A-9
DISASTER RECOVERY AND BUSINESS CONTINUITY SERVICES
1.   INTRODUCTION
From the period beginning with the Effective Date of the Agreement, Vendor will provide Disaster Recovery capabilities either using ACI’s existing disaster recovery plan, if available and applicable, or on a Commercially Reasonable Efforts basis.
Prior to the completion of transition for any services, Vendor will develop and present to ACI for approval either a Disaster Recovery Plan specifically addressing the service(s) for which transition has been completed, or provide a high-level business continuity plan for the delivery of the service from the designated Vendor Location (for the purpose of clarity, prior to the service commencement for Service Desk, Vendor will provide to ACI the Vendor internal high-level business continuity plan that addresses the procedures that Vendor will follow in the event that service can not be delivered from its service Location for Service Desk and network operations center).
Following the Transition Period, Vendor will be responsible for the provision of Disaster Recovery and Vendor business continuity capability and services to ACI as set forth in this Exhibit and further described in Attachment 1 to this Exhibit.
         
Requirement   RTO   RPO
[ * ]
     
    *  Represents one page of redacted tabular data
     
    *  Note: These RTO/RPO times are committed, to the extent supportable by the ACI architecture/infrastructure
2.   DISASTER RECOVERY PLAN
  a.   Vendor Responsibilities
Delivery of the Disaster Recovery Plan is a critical deliverable. Vendor will:
  (1)   during Transition, develop the Disaster Recovery Plan , which will be ready at the end of each phase of Transition and will include the following:
  (a)   a brief description of the critical services and functions, including a prioritized listing of the Critical Functions;
  (b)   the agreed recovery times (RTO/RPO) for each Critical Function;
  (c)   the hardware and Software composing the Configuration;
Confidential
Exhibit A-9 — Disaster Recovery and Business Continuity Services

 

Page 1 of 13


 

  (d)   the Equipment and Software, including some existing ACI Equipment, necessary for connection to the ACI Data Network;
  (e)   Vendor’s and ACI’s recovery roles and responsibilities;
  (f)   contact listings of ACI and Vendor key employees;
  (g)   identification of recovery teams;
  (h)   recovery scenarios;
  (i)   criteria for Disaster declaration, recovery and testing;
  (j)   names of those individuals who are authorized by ACI and Vendor to declare a Disaster;
  (k)   backup process and components;
  (l)   the location and schedule for the periodic tape backup of Critical Functions;
  (m)   the location and schedule for off-site storage of the tape backups;
  (n)   notification procedures;
  (o)   recovery information, procedures, and schedules;
  (p)   testing results and any required corrective action plans;
  (q)   procedures for maintaining the Disaster Recovery Plan; and
  (r)   procedures for restoration back to original location or another permanent location;
  (2)   provide a representative who is knowledgeable in Disaster Recovery planning and the Disaster Recovery Plan to serve as a single point of contact for ACI’s Disaster Recovery-related communications and activities. The Vendor representative will be responsible for the development and maintenance of the Disaster Recovery Plan and will provide safe storage and distribution of copies as follows:
  (a)   off-site vital records storage;
  (b)   ACI’s Disaster Recovery coordinator; and
  (c)   Vendor’s Disaster Recovery coordinator;
  (3)   in cooperation with ACI, review and update, if necessary, the Disaster Recovery Plan on an annual basis or as warranted by business and/or technical changes to validate compatibility with ACI’s and Vendor’s overall Disaster Recovery strategies and related plans;
  (4)   in cooperation with ACI, test the Disaster Recovery Plan initially within 180 days after the Disaster Recovery Plan is completed, or the earliest time after 180 days that the Recovery Center is available, and annually thereafter to validate that the Disaster Recovery Plan and ACI-specific tests remain practicable and current;
Confidential
Exhibit A-9 — Disaster Recovery and Business Continuity Services

 

Page 2 of 13


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT
THE PORTIONS OF THIS DOCUMENT DENOTED BY
BOXES AND ASTERISKS BE ACCORDED
CONFIDENTIAL TREATMENT PURSUANT TO RULE
24b-2 PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1934.
  (5)   conduct a Disaster Recovery test for EB On Demand by the start of the third quarter of 2008 using the Disaster Recovery Plan that is in place at that time;
  (6)   [ * ], unless more time is required to complete a successful test at the Vendor Recovery Center, for testing ACI’s Mainframe Test/Dev Disaster Recovery Plan;
  (7)   [ * ] unless more time is required to complete a successful test (ACI financially responsible for any additional [ * ] fees in the event more time is required), at the [ * ];
  (8)   [ * ], unless more time is required to complete a successful test (ACI financially responsible for any additional [ * ] fees in the event more time is required), for testing the [ * ];
  (9)   provide ACI with a report of the test results following each Disaster Recovery Plan test;
  (10)   remediate any issues uncovered during the test and retest if requested by ACI; and
  (11)   develop and maintain the Disaster Recovery Plan for network connectivity and recovery in the event of a Disaster.
Any additional updates to the Disaster Recovery Plan that are necessary as a result of actions by or changes requested by ACI will be considered a New Service.
  b.   ACI Responsibilities
ACI will provide a representative who is knowledgeable in Disaster Recovery planning and the Disaster Recovery Plan to serve as a single point of contact for ACI and who will:
  (1)   act as the primary interface to Vendor’s Disaster Recovery representative;
  (2)   be available on a continuous basis in the event a Disaster is declared;
  (3)   assist Vendor in the development of the Disaster Recovery Plan;
  (4)   in cooperation with Vendor, test the Disaster Recovery Plan; and
  (5)   provide the Vendor Disaster Recovery representative with ACI’s updates to the Disaster Recovery Plan to ensure the Disaster Recovery Plan remains current.
Confidential
Exhibit A-9 — Disaster Recovery and Business Continuity Services

 

Page 3 of 13


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT
THE PORTIONS OF THIS DOCUMENT DENOTED BY
BOXES AND ASTERISKS BE ACCORDED
CONFIDENTIAL TREATMENT PURSUANT TO RULE
24b-2 PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1934.
3.   DISASTER RECOVERY
  a.   Vendor Responsibilities
In the event of a declared Disaster, Vendor will:
  (1)   deliver the data and Software archived in off-site storage to the Recovery Center designated in the Disaster Recovery Plan or at such other location as may be established by Vendor thereafter;
  (2)   reroute the affected data communications circuits from the Data Center to the Recovery Center;
  (3)   operate the Critical Functions on the Configuration at the Recovery Center; and
  (4)   pay all travel and living expenses Vendor incurs in the performance of Vendor’s Disaster Recovery responsibilities.
  b.   ACI Responsibilities
In the event of a declared Disaster, ACI will:
  (1)   perform its Disaster Recovery responsibilities as set forth in this Exhibit and the Disaster Recovery Plan;
  (2)   comply with recovery procedures, including those for safety and security;
  (3)   pay all costs associated with the storage of data and Software at locations other than the Data Centers, including all storage facility charges and charges for transporting such data and Software to, from and between the storage facility, the Data Centers and/or the Recovery Center; and
  (4)   pay all travel and living expenses ACI incurs in the performance of ACI’s Disaster Recovery responsibilities.
4.   NETWORK RECOVERY
Vendor will reroute the affected data communications circuits from the Data Center to the Recovery Centers. Upon [ * ], Vendor will be responsible for all network Disaster Recovery Services, including any costs associated with Vendor managed connectivity and support. ACI, in cooperation with Vendor, will develop a network recovery plan to be included in the Disaster Recovery Plan. The network recovery plan will use the strategy for redundancy in place at the time of a declared Disaster and will include recoverability only to the extent the Configuration includes the necessary network connectivity to ACI’s control units.
Confidential
Exhibit A-9 — Disaster Recovery and Business Continuity Services

 

Page 4 of 13


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT
THE PORTIONS OF THIS DOCUMENT DENOTED BY
BOXES AND ASTERISKS BE ACCORDED
CONFIDENTIAL TREATMENT PURSUANT TO RULE
24b-2 PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1934.
5.   DISASTER RECOVERY FOR ACI-HOSTED SERVERS
  a.   ACI will be responsible for the provision of disaster recovery services for the ACI-hosted server environment, excluding the specific list of Equipment Vendor is providing Disaster Recovery Services for identified in this Exhibit, including any costs associated with backup, connectivity and support of Supported Desktops, Supported Servers and affected networks.
  b.   In the event a declared Disaster interrupts the Services Vendor provides to ACI, Vendor will make [ * ]to provide the Services during such Disaster.
  c.   Vendor will cooperate with ACI in the development of ACI’s distributed environment disaster recovery plan as it pertains to the Services Vendor provides under the Agreement. If ACI requests Vendor to provide distributed environment disaster recovery services, Vendor will provide such services as a New Service in accordance with Schedule C (Charges).
6.   END USER RECOVERY
ACI will be financially responsible for all End User recovery services, including any costs associated with connectivity, equipment, alternate site relocation and support.
Vendor will assist ACI in developing, maintaining and testing the End User disaster recovery plans and will assist ACI in the event that such a disaster recovery event occurs.
7.   RESOURCES AND GROWTH
The resources for Disaster Recovery Services are the capacities of the Configuration listed in Section 9 (Configuration) below and the connectivity required to connect the Recovery Center to the Data Center. Growth in the Configuration will be provided at a rate necessary to support the percent of growth, if any, for each affected Baseline set forth in Schedule C (Charges) without increasing the charges to ACI.
8.   NEW SERVICE
ACI’s request for additional services, functions or capacity beyond that specified in this Exhibit will be considered a New Service.
Confidential
Exhibit A-9 — Disaster Recovery and Business Continuity Services

 

Page 5 of 13


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT
THE PORTIONS OF THIS DOCUMENT DENOTED BY
BOXES AND ASTERISKS BE ACCORDED
CONFIDENTIAL TREATMENT PURSUANT TO RULE
24b-2 PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1934.
9.   CONFIGURATION
In the event a Disaster renders Vendor incapable of providing the processing Services, Vendor will move its operations to the designated Recovery Center and provide the Services to ACI with data processing equipment and connectivity in a Configuration equivalent to [ * ] to be determined in order to support the then-existing Baselines. The Configuration will be compatible with and support the Systems Software platform so Vendor may operate and deliver Services for ACI’s Critical Functions at the levels of service attainable on such Configuration capacity.
In the event of a Disaster, Vendor will provide the Services to ACI from the Recovery Center using the Configuration set forth below.
         
Machine Description   Machine Type   Machine Model
[ * ]
*  Represents five pages of redacted tabular data
     
Note:   The software Configuration will be the Systems Software specified in Schedule I (Vendor Supported Software).
Confidential
Exhibit A-9 — Disaster Recovery and Business Continuity Services

 

Page 6 of 13


 

ATTACHMENT 1
IBM DISASTER RECOVERY / BUSINESS CONTINUITY
Business Continuity Overview
IBM recognizes that protection of its assets is a major responsibility to its stockholders and customers. IBM further recognizes the importance of establishing methods that allow its customers to maintain business continuity and service to their customers in the event of a disruption. It is the policy of IBM that any system supporting a vital business process has a business continuity plan. Extensive procedures have been developed to support the resumption of disrupted critical business and service operations.
If a circumstance should occur in an IBM Service Location such that IBM will be impeded for providing services for an extended period of time, IBM will initiate commercially reasonable efforts to establish a capability to deliver the contract of services within a reasonable amount of time.
Service levels will not approach those being provided in a normal processing environment. However, every attempt will be made to restore the environment back to normal status as soon as possible.
Responding to the problem
In a disruption, the first priority is the safety of human life. Once certain that everyone in the area is safe and accounted for, the business continuity plan will be executed as per instruction from the IBM management action team.
Management Action Team
All relevant information will be communicated to the IBM management action team. This team will act as the focal point for all communications both internally and externally, coordinate recovery actions and make the decision to declare a disaster.
The IBM Delivery Executives for each customer will be responsible for direct communications with the customer as to the status of the situation. In the event the IBM Delivery Executive is not available, the Project Engagement Executive or Service Delivery Manager will assume the Delivery Executive’s role.
Confidential
Exhibit A-9 — Disaster Recovery and Business Continuity Services

 

Page 11 of 13


 

Initial communications to the customer will take place assuming that communication channels are operational. Communications will include the initial assessment of the damage to the IBM physical facility and an assessment as to when the customers’ services will be up and running.
Once the decision has been made to declare, all recovery resources are assembled and recovery activities are executed. As tasks are completed, they are reported back to the IBM management.
Business Continuity Plan Testing and Maintenance
For a business continuity plan to be effective, it must be current. IBM confirms that its business continuity plans are current in two ways:
1. Maintenance of the plans regularly updates the information necessary for a successful recovery.
2. Testing will check the procedures and information stored in the plans for accuracy and suitability to the tasks of recovery.
Plan Testing
Testing is vital to the continued success of the business continuity plan. The following are testing objectives:
1. To ensure the accuracy, completeness and validity of recovery procedures.
2. To verify the capabilities of the team members executing the recovery procedures.
3. To validate the information stored in the business continuity plans.
4. To verify that the time estimates for recovery are realistic.
5. To ensure that all changes in the technical and business environment have been reflected in the business continuity plan.
6. To validate assumptions.
Confidential
Exhibit A-9 — Disaster Recovery and Business Continuity Services

 

Page 12 of 13


 

As a general guideline, IBM conducts tests as follows:
• At least once a year, the business continuity team conducts a walk-through of the business continuity plan. This test will verify that the plan is consistent with the team members’ expectations and that it can work regardless of the type of disruption.
Maintenance
The business continuity plan for each account is maintained by the front line manager for that account. Maintenance of the business continuity plan depends on the regular review of the plan. To maintain the plan properly, the following is done:
Annually:
• Copies of the contact lists are circulated to each business continuity team member. The team members review the lists for known changes.
• A copy of the staff list is sent to human resources to review for changes and deletions. Deletions must be replaced by the new jobholders.
• Copies of the business continuity procedures are circulated to each applicable team member. The team members note their changes on the procedures directly and return them to the front line manager.
• Major changes in hardware, software and personnel are reflected in the plan as soon as they happen.
Training for the Recovery Teams
Training of the recovery team will be accomplished during the normal course of maintenance and testing of the business continuity plan. Normal maintenance of the plan includes regular reviews of the information lists and procedures of the plan. Testing will exercise many of the plan’s procedures and information lists.
New employees review the business continuity plan as part of their service indoctrination program.
Confidential
Exhibit A-9 — Disaster Recovery and Business Continuity Services

 

Page 13 of 13


 

SCHEDULE B
SERVICE LEVELS
1.0   GENERAL
As of the Service Tower Commencement Date (or as otherwise specified in this Schedule and the Exhibits to this Schedule), the Vendor will perform the Services to which Service Levels apply so that the Service Level Performance will, in each month of the Term, meet, or exceed, the Service Levels.
The achievement of the Service Levels by the Vendor may require the coordinated, collaborative effort of the Vendor with other third-party vendors. The Vendor shall provide a single point of contact for the prompt resolution of all Service Level Defaults and all failures to provide high quality Services to ACI, regardless of whether the reason for such Service Level Defaults, or failure to provide high quality Services to ACI, was caused by the Vendor.
The defined terms in this Schedule B will be set forth in Schedule D.
2.0   EXHIBITS
The following Exhibits are provided with this Schedule and are hereby incorporated by reference:
Exhibit B-1 Service Levels Matrix. This Exhibit sets forth the quantitative measurements and effective dates associated with Critical Service Levels, Key Measurements, and Critical Deliverables.
Exhibit B-2 Critical Service Level and Key Measurements Descriptions. This Exhibit sets forth the descriptions and definitions of Critical Service Levels and Key Measurements and Critical Deliverables along with describing the methodology and measuring tools to be used.
Exhibit B-3 Critical Deliverables Descriptions. This Exhibit sets forth the descriptions and definitions of Critical Deliverables along with describing the methodology and measuring tools to be used.
Exhibit B-4 Severity Levels. This Exhibit provides a description of the Severity Levels associated with the in-scope Services.
3.0   MEASUREMENT
Service Level Performance shall commence being measured by Vendor as soon as possible after the Effective Date for the Service Levels identified herein. The method of measuring the Service Level Performance will be agreed upon by the parties.
Confidential
Schedule B — Service Levels

 

 


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT THE
PORTIONS OF THIS DOCUMENT DENOTED BY BOXES AND
ASTERISKS BE ACCORDED CONFIDENTIAL TREATMENT
PURSUANT TO RULE 24b-2 PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1934.
Service Level Credits shall apply from the Service Tower Commencement Date or as otherwise specified in Exhibit B-1 referencing the column “SCD + mos**”. The numbers used in the column “SCD +mos**” are in the format X where “X” represents the number of months after the Service Tower Commencement Date (the “Grace Period”) when Supplier will be responsible to meet the Service Level and provide measurement data in support of the Service Level, but Service Level Credits shall not be applicable until the month immediately following the Grace Period. If the notation in column “SCD + Mos**” is “SCD” the obligation will commence on the Service Tower Commencement Date (or, if later, the date on which Supplier assumes responsibility for the Services in question in accordance with the Transition Plan), based on an agreement as of Effective Date as to the expected and minimum Service Levels.
During the Transition and any Grace Period relating to a Service Level, the Parties shall gather and review performance data and baselines relating to each Service Level. As requested by either Party, the other Party shall discuss in good faith such data and baselines for the purpose of determining whether the Service Levels set forth in Exhibit B-1 should be adjusted. As mutually agreed in writing (such agreement not to be unreasonably withheld), the Parties shall revise Service Levels during the Transition Period and any applicable Grace Period. If the Parties fail to mutually agree on any revisions to the Services Levels, the Service Levels in Exhibit B-1 will remain in place but will not be subject to Service Level Credits and either Party may escalate such dispute in accordance with the Agreement. For the purpose of clarity, those Service Levels marked “SCD” will not be included in this adjustment process.
Service Level Performance will be measured on a monthly basis unless otherwise specified in Service Levels Matrix.
The measuring methodologies set forth in Service Levels Descriptions shall be used by the Vendor to measure the Service Levels from the Date specified herein.
Tools for new Service Levels and changes to tools for existing Service Levels will be implemented in accordance with the Change Control Procedure. The amount of increase to the Charges, if any, shall be determined via the Change Control Procedure.
If a tool changes, the Parties may, by written agreement, adjust the Service Level measurements as necessary to account for any increased or decreased sensitivity in the new measuring tool. However, it is not anticipated that changes in the monitoring tools will drive changes in Service Levels; rather, the need to collect and accurately reflect the performance data should drive the development or change in monitoring tools.
ACI and the Vendor shall work together to agree on acceptable measuring tools and methodologies for the Critical Service Levels designated prior to the date such tools and methodologies are needed.
If the Service Provider fails to measure Service Level Performance for a Critical Service Level so that it is not possible to confirm whether the Critical Service Level has been achieved then, unless such failure to measure was excused in writing by ACI, the Service Level Performance for the Service Level shall be deemed to be [ * ] value for that Critical Service Level and that value will be used in all Earnback calculations.
[ * ]
Confidential
Schedule B — Service Levels

 

 


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT THE
PORTIONS OF THIS DOCUMENT DENOTED BY BOXES
AND ASTERISKS BE ACCORDED CONFIDENTIAL
TREATMENT PURSUANT TO RULE 24b-2
PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1934.
4.0   REPORTING
The Vendor shall provide to ACI, as part of the Vendor’s monthly performance reports, a set of hard- and soft-copy reports to verify the Vendor’s performance and compliance with the Service Levels and, until all Critical Deliverables are received and approved by ACI, the Critical Deliverables.
The Vendor shall provide detailed supporting information for each report to ACI in machine-readable form suitable for use on a personal computer. The data and detailed supporting information shall be ACI’s and Vendor Confidential Information, and ACI may access such information online and in real-time, where technically feasible, at any time during the Term.
5.0   SERVICE LEVEL CREDITS
In the event of a Service Level Default, the Vendor shall provide ACI credits as defined below:
  1.   Subject to Item 5 of this Section 5 and Sections 6 and 7, Vendor will provide ACI a Service Level Credit if a Service Level Default has occurred.
  2.   [ * ] However, if the Vendor fails to meet the applicable Minimum Service Level for a Key Measurement, [ * ].
  3.   Service Levels Descriptions to this Exhibit sets forth the information required to calculate the Service Level Credit in the event of a Service Level Default. For each Service Level Default, the Vendor shall pay to ACI, subject to Item 5 of this Section 5 below, a Service Level Credit that will be computed in accordance with the following formula:
 
      [ * ]
 
      *  Represents one page of redacted text
  4.   [ * ]
  5.   [ * ]
  6.   The total amount of Service Level Credits that the Vendor shall be obligated to pay to ACI, with respect to any Service Level Defaults occurring in a month shall be reflected on the invoice following the month during which the Service Level Default(s) giving rise to such credit(s) occurred.
  7.   [ * ]
  8.   [ * ]
6.0   EXCEPTIONS
  1.   If any events or periods that are measured as part of a Service Level are not successfully achieved in accordance with the relevant performance standard specified in the Service Level and the Vendor demonstrates that such failure would not have occurred but for any of the following, then such events or periods shall be disregarded for the purpose of calculating the relevant Service Level (and shall be excluded from both the numerator and the denominator for the purposes of calculating whether the Service Level has been achieved):
 
  1.1.   ACI’s (or an ACI third-party vendor’s) breach of this Agreement including ACI’s acts, errors, or omissions, which are inconsistent with its obligations under the Agreement.
  1.2.   Infringements of third-party proprietary rights by ACI or a ACI third-party Vendor.
  1.3.   Willful misconduct or violations of law by ACI or a ACI third-party vendor.
  1.4.   Service or resource reductions requested or approved by ACI and agreed to by the Parties through the Change Control procedures; provided that the Vendor has previously notified ACI in writing as part of such Change Control procedures that the implementation of such request would result in such failure to meet the Service Level.
  1.5.   Failure to conduct repair on Equipment that has been identified and agreed in writing by ACI to be unserviceable equipment. Such agreement shall have been made identifying the equipment as unserviceable equipment prior to any failure incident qualifying as an exception.
  1.6.   [*]
  1.7.   Service Level failures due to any Equipment or Software failures and where Vendor has not otherwise failed to comply with its obligations under the Agreement.
 
  1.8   [ * ]
  2.   For purposes of calculating actual uptime and availability, all planned downtime shall be excluded (for example, preventive maintenance, circuit upgrades, etc.). The Vendor shall maintain Availability during such periods to the extent reasonably practicable as agreed to by the Parties.
Confidential
Schedule B — Service Levels

 

 


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT THE
PORTIONS OF THIS DOCUMENT DENOTED BY BOXES
AND ASTERISKS BE ACCORDED CONFIDENTIAL
TREATMENT PURSUANT TO RULE 24b-2
PROMULGATED UNDER THE SECURITIES EXCHANGE ACT OF 1934.
7.0   EARNBACK
The Vendor shall have Earnback opportunities with respect to Service Level Credits as follows:
    [ * ]
8.0   CHANGES TO SERVICE LEVELS
 
8.1   Continuous Improvement
 
    [ * ]
 
*   Represents one page of redacted text
 
8.2   Additions, Deletions, and Modifications
  1.   Subject to the remainder of this Section 8.2 and Section 8.3, ACI may, by sending written notice to the Vendor at least 90 calendar days prior to the effective date of the change:
 
  1.1.   Add or delete Performance Categories.
 
  1.2.   Add, modify, or delete Critical Service Level allocations between Performance Categories.
 
  1.3.   Add or delete Service Levels.
 
  1.4.   Change Service Levels from Critical Service Levels to Key Measurements or from Key Measurements to Critical Service Levels.
 
  1.5.   Modify the Service Level Credit Allocation Percentages for any Critical Service Levels.
 
  2.   The addition or substitution of new Performance Categories, Critical Service Levels and Key Measurements by ACI in accordance with Item 1 above shall be in order to achieve a fair, accurate, and consistent measurement of the Vendor's performance of the Services. For example, such additions or substitutions may occur in conjunction with changes to the environment and the introduction of new Equipment or Software or means of Service delivery; provided, however, that where such Equipment or Software or such means of Service delivery is a replacement or upgrade of existing technology, there shall be a presumption of equivalent or improved performance.
 
  3.   [ * ]
 
  4.   [ * ]
 
  5.   [ * ]
8.3   Performance Standards for Additional Service Levels
If ACI adds a Service Level in accordance with Item 1 of Section 8.2, the Expected Service Levels and Minimum Service Level commitments for such Service Level shall be agreed by the Parties. Should the Parties not agree, they shall be computed as follows:
  1.   [ * ]
 
  2.   [ * ]
 
  3.   If the measurements do not exist and the Parties fail to agree in accordance with Item 2 above, then:

[ * ]
 
  4.   [ * ]
9.0   CRITICAL DELIVERABLES
  1.   Certain of the Vendor’s obligations under the Agreement are one-time or periodic obligations to deliver Critical Deliverables. Exhibit B-1 (Service Level Matrix) to this Schedule sets forth the Deliverable Credits that shall be payable by the Vendor to ACI in the event the Vendor fails to deliver any of the Critical Deliverables by the due date, specified in Exhibit B-1 (Service Level Matrix) to this Schedule. In this regard:
  1.1   [ * ]
 
  1.2   [ * ]
 
  1.3   [ * ]
 
  1.4   [ * ]
 
  1.5   [ * ]
Confidential
Schedule B — Service Levels

 

 


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT THE
PORTIONS OF THIS DOCUMENT DENOTED BY BOXES
AND ASTERISKS BE ACCORDED CONFIDENTIAL
TREATMENT PURSUANT TO RULE 24b-2
PROMULGATED UNDER THE SECURITIES EXCHANGE ACT OF 1934.
EXHIBIT B-1
SERVICE LEVEL MATRIX
INTRODUCTION
This Exhibit B-1 to Schedule B (Service Levels) sets forth the following:
1   For Critical Service Levels
 
    [ * ]
2   For Key Measurements
 
    [ * ]
3   For Critical Deliverables
 
    [ * ]
Introduction
Page 1

 

 


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT
THE PORTIONS OF THIS DOCUMENT DENOTED
BY BOXES AND ASTERISKS BE ACCORDED
CONFIDENTIAL TREATMENT PURSUANT TO
RULE 24b-2 PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1934.
EXHIBIT B-1
SERVICE LEVEL MATRIX
[*]
                                 
Exhibit B-2   Allocation of Pool Percentage   [*]       Measurement       % of  
Section Reference   Sever Availability - Performance Category   SCD + mos**   Expected   Minimum   Window   Allocation*   invoice  
1.1
                               
1.1.1
                               
1.1.2
      [*]                        
1.1.3
                               
1.1.4
                               
1.1.5
                               
 
    Allocation of Pool Percentage   [*]       Measurement       % of  
    Incident Management - Performance Category   SCD + mos**   Expected   Minimum   Window   Allocation*   invoice  
1.2
                               
1.2.1
                               
1.2.2
      [*]                        
1.2.3
                               
1.2.4
                               
1.2.5
                               
 
    Allocation of Pool Percentage   [*]       Measurement       % of  
    End User/Service Desk - Performance Category   SCD + mos**   Expected   Minimum   Window   Allocation*   invoice  
1.3
                               
1.3.1
                               
1.3.2
      [*]                        
1.3.3
                               
1.3.4
                               
1.3.5
                               
 
    Allocation of Pool Percentage   [*]       Measurement       % of  
    Network Management - Performance Category   SCD + mos**   Expected   Minimum   Window   Allocation*   invoice  
1.4
                               
1.4.1
                               
1.4.2
      [*]                        
1.4.3
                               
1.4.4
                               
1.4.5
                               
     
Notes:   [*]
Critical Service Levels
Page 2

 

 


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT
THE PORTIONS OF THIS DOCUMENT DENOTED
BY BOXES AND ASTERISKS BE ACCORDED
CONFIDENTIAL TREATMENT PURSUANT TO
RULE 24b-2 PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1934.
EXHIBIT B-1
SERVICE LEVEL MATRIX
                     
Exhibit B-2                    
Section Reference   Incident Management - Performance Category   SCD + mos**   Expected   Minimum   Measurement Window
2.1
                   
2.1.1
      [*]            
2.1.2
                   
2.1.3
                   
                     
    Change Management - Performance Category   SCD + mos**   Expected   Minimum   Measurement Window
2.2
                   
2.2.1
      [*]            
2.2.2
                   
                     
    Reporting - Performance Category   SCD + mos**   Expected   Minimum   Measurement Window
2.3
                   
2.3.1
      [*]            
                     
    Project Management - Performance Category   SCD + mos**   Expected   Minimum   Measurement Window
2.4
                   
2.4.1
      [*]            
2.4.2
                   
                     
    Asset Management - Performance Category   SCD + mos**   Expected   Minimum   Measurement Window
2.5
                   
2.5.1
      [*]            
                     
    User Satisfaction - Performance Category   SCD + mos**   Expected   Minimum   Measurement Window
2.6
                   
2.6.1
      [*]            
                     
    Asset Management - Performance Category   SCD + mos**   Expected   Minimum   Measurement Window
2.7
                   
2.7.1
      [*]            
2.7.2
                   
2.7.3
                   
2.7.4
                   
2.7.5
                   
Key Measurements
Page 3

 

 


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT
THE PORTIONS OF THIS DOCUMENT DENOTED
BY BOXES AND ASTERISKS BE ACCORDED
CONFIDENTIAL TREATMENT PURSUANT TO
RULE 24b-2 PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1934.
EXHIBIT B-1
SERVICE LEVEL MATRIX
CRITICAL DELIVERABLES
                   
Exhibit B-3       Due   Deliverable   Deliverable  
Section Reference   CRITICAL DELIVERABLES   Date   Milestone Payment   Milestone Payment  
 
  [*]              
Critical Deliverables
Page 4

 

 


 

EXHIBIT B-2
CRITICAL SERVICE LEVELS AND KEY MEASUREMENTS
1.0   CRITICAL SERVICE LEVELS — INTRODUCTION
This Section sets forth qualitative descriptions of the Critical Service Levels. The numerical Minimum Service Levels, Expected Service Levels and commencement of obligations associated with such Critical Service Levels are set forth in Exhibit B-1 (Service Level Matrix) to Schedule B (Service Levels).
  1.1   Performance Category — Server Availability
1.1.1   Server Availability — High Category
“Server Availability — High Category” shall mean, with respect to all designated High Availability (HA) Servers (generally all external client facing servers) (a) System Scheduled Uptime minus Scheduled System Downtime, divided by (b) System Scheduled Uptime with the result expressed as a percentage. For purposes of clarity, the designation High Availability is not limited to, nor does it necessarily include the ACI high availability servers (HP non-stop hardware); it is defined as those servers requiring high availability due to their usage. This Critical Service Level represents an average Availability for all servers meeting the description of HA Servers. During Transition, the HA Servers will be identified and documented.
  1.   “Available for Use” with respect to all High Category Servers shall mean that the System—including the processor and associated storage devices, cabling, peripherals, and other equipment—is running properly so as to enable the proper execution of transactions on those Applications scheduled to run on such System and access to updated current data that is intended to be used in conjunction with such Applications.
  2.   “System Scheduled Uptime” shall mean the amount of minutes within the applicable Measurement Window for the System as set forth in Exhibit B-1 (Service Level Matrix). The hours of scheduled uptime are designated in the Service Delivery Statement of Work.
  3.   “System Downtime” shall mean the total time per calendar month out of the System Scheduled Uptime, as measured in minutes, that the System for which availability is being computed is not Available for Use.
  4.   “Scheduled System Downtime” shall mean the total time per month that this classification of server is allowed to be unavailable for use to ACI and/or its clients so that the Vendor may perform routine maintenance. For High Category servers [ * ] is acceptable ([ * ] is acceptable for those servers not having the ability to do maintenance while the application remains available to the client) but by [ * ], no Scheduled System Downtime will be the requirement to the extent all HA Servers have the ability to do maintenance while the application remains available to the client.
Confidential
Exhibit B-2 — Critical Service Levels and Key Measurements

 

Page 1 of 15


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT THE
PORTIONS OF THIS DOCUMENT DENOTED BY BOXES AND
ASTERISKS BE ACCORDED CONFIDENTIAL TREATMENT
PURSUANT TO RULE 24b-2 PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1934.
1.1.2   Server Availability — Medium Category
“Server Availability — Medium Category” shall mean, with respect to all designated Medium Availability Servers (a) System Scheduled Uptime minus System Downtime, divided by (b) System Scheduled Uptime with the result expressed as a percentage.
This Critical Service Level represents an average Availability for all servers meeting the description of Non-HA Servers. During Transition, the Medium Availability Servers will be identified and documented.
  1.   “Available for Use” with respect to all Medium Category Servers shall mean that the System—including the processor and associated storage devices, cabling, peripherals, and other equipment—is running properly so as to enable the proper execution of transactions on those Applications scheduled to run on such System and access to updated current data that is intended to be used in conjunction with such Applications.
  2.   “System Scheduled Uptime” shall mean the amount of minutes within the applicable Measurement Window for the System as set forth in Exhibit B-1 (Service Level Matrix).
  3.   “System Downtime” shall mean the total time per calendar month out of the System Scheduled Uptime, as measured in minutes, that the System for which availability is being computed is not Available for Use.
  4.   “Scheduled System Downtime” shall mean the total time per month that this classification of server is allowed to be unavailable for use to ACI and/or its clients so that the Vendor may perform routine maintenance. For Medium Category servers this is to be [ * ] per month.
1.1.3   Server Availability — Low Category
“Server Availability — Low Category” shall mean, with respect to all designated Low Category Servers (a) System Scheduled Uptime minus System Downtime, divided by (b) System Scheduled Uptime with the result expressed as a percentage. In general Low Category Servers are those utility or infrastructure servers residing in regional offices where there are specific hours of operation.
Confidential
Exhibit B-2 — Critical Service Levels and Key Measurements

 

Page 2 of 15


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT THE
PORTIONS OF THIS DOCUMENT DENOTED BY BOXES AND
ASTERISKS BE ACCORDED CONFIDENTIAL TREATMENT
PURSUANT TO RULE 24b-2 PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1934.
This Critical Service Level represents an average Availability for all servers meeting the description of Non-HA Servers. During Transition, the Server Availability — Low Category Servers will be identified and documented.
  1.   “Available for Use” with respect to all Low Category Servers shall mean that the System—including the processor and associated storage devices, cabling, peripherals, and other equipment—is running properly so as to enable the proper execution of transactions on those Applications scheduled to run on such System and access to updated current data that is intended to be used in conjunction with such Applications.
  2.   “System Scheduled Uptime” shall mean the amount of minutes within the applicable Measurement Window for the System as set forth in Exhibit B-1 (Service Level Matrix).
  3.   “System Downtime” shall mean the total time per calendar month out of the System Scheduled Uptime, as measured in minutes, that the System for which availability is being computed is not Available for Use.
  4.   “Scheduled System Downtime” shall mean the total time per month that this classification of server is allowed to be unavailable for use to ACI and/or its clients so that the Vendor may perform routine maintenance. For Low Availability servers this is to be [ * ] per month.
1.1.4   Percent of Processing Delivered On-Time
Processing Delivered refers to those Systems and schedules jobs identified by ACI during Transition. Vendor will be responsible for those Systems and scheduled job steps identified and the specific completion requirements.
Percent of Processing Delivered On Time is calculated as the total number of scheduled job steps that complete within the scheduled batch processing measurement window for the month, divided by the total number of scheduled batch job steps for the month with the result expressed as a percentage.
Scheduled jobs include normally scheduled and recurring production jobs, as well as production jobs that are run on an as-needed basis. Development, system test, and user acceptance test jobs are not included. Only those job steps that complete outside the batch Measurement Window are counted as not being delivered on time.
Confidential
Exhibit B-2 — Critical Service Levels and Key Measurements

 

Page 3 of 15


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT THE
PORTIONS OF THIS DOCUMENT DENOTED BY BOXES AND
ASTERISKS BE ACCORDED CONFIDENTIAL TREATMENT
PURSUANT TO RULE 24b-2 PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1934.
Example 1. Assume that there is one batch job, which contains 10 batch job steps, and the job is scheduled each day during a 30-day month. On four of the runs during the month, three of the runs have two job steps each that do not complete at their scheduled time, but the entire batch job completes within the batch Measurement Window. On the remaining exception run, the last job step does not complete successfully within the batch Measurement Window. The calculation is as follows:
((10 job steps x 30 times) — 1)
/ (10 job steps x 30 times)
= 99.67%
1.1.5   System Backups Completed
System Backups Completed is calculated as the total number of scheduled System Backups that complete successfully within the scheduled time frame allowed for the month, divided by the total number of scheduled System Backups for the month with the result expressed as a percentage.
  1.2   Performance Category — Incident Management
1.2.1   Time to Respond — Severity 1 & 2
Time to Respond — Severity 1 & 2 is calculated as the percentage of Severity 1 & 2 Incidents reported to the Vendor Service Desk that are responded to within specified minutes during the reporting period. Severity Level 1 (as defined in Exhibit B-4) Incidents must be responded to within [ * ] and Severity Level 2 (as defined in Exhibit B-4) Incidents must be responded to within [ * ].
1.2.2   Restoration of Service — Severity 1 Incidents
Restoration of Service means that the Service or System has been restored to an operating level that is consistent with its operation prior to the Incident.
Restoration of Service — Severity 1 Incidents is calculated as the percentage of Severity 1 Incidents reported to the Vendor Service Desk for which service has been restored or a workaround moving the Severity 1 Incident to a Severity 2, 3 or 4 Incident within [ * ] after the Incident was reported to the Vendor’s Service Desk during the reporting period.
Confidential
Exhibit B-2 — Critical Service Levels and Key Measurements

 

Page 4 of 15


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT THE
PORTIONS OF THIS DOCUMENT DENOTED BY BOXES AND
ASTERISKS BE ACCORDED CONFIDENTIAL TREATMENT
PURSUANT TO RULE 24b-2 PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1934.
1.2.3   Restoration of Service — Severity 2 Incidents
Restoration of Service means that the Service or System has been restored to an operating level that is consistent with its operation prior to the Incident.
Resolution of Severity 2 Incident is calculated as the percentage of Severity 2 Incidents reported to the Vendor Service Desk for which service has been restored within [ * ] after the Incident was reported to the Vendor’s Service Desk during the reporting period.
1.2.4   Root Cause Problem Analysis
Root Cause Problem Analysis & Resolution is calculated as the percentage of Root Cause Problem Analysis (preliminary and final) that are successfully completed within the timeframes as described below.
The preliminary Root Cause Problem Analysis is due to ACI according to the following schedule:
Severity 1 within [ * ] of restoration of service
Severity 2 within [ * ] of restoration of service
Severity 3 & 4 — as requested by ACI within agreed upon timeframe
Final root cause analysis due within [ * ] or mutually agreed upon timeframe.
1.2.5   Severity 1 and 2 Problem Resolution
Severity 1 and 2 Problem Resolution is calculated as the percentage of Severity Level 1 and 2 problem resolutions that are successfully implemented as per agreed upon timeframe within the measurement period divided by the total number of problem resolutions that were scheduled for implementation during the measurement period.
  1.3   Performance Category — End User / Service Desk
1.3.1   Service Desk Speed to Answer
The Service Desk Speed to Answer Critical Service Level shall be the average time the Service Desk responds to Calls from Authorized Users who select the option to speak to a Service Desk agent.
Confidential
Exhibit B-2 — Critical Service Levels and Key Measurements

 

Page 5 of 15


 

The Service Desk Speed to Answer Critical Service Level shall be calculated as the total number of Calls to the Service Desk during a month for which the Calls were answered by a Service Desk Agent (after selection of the option on the automated menu to speak to a Service Desk Agent) prepared to work on the problem without delay in less than 30 seconds divided by the total number of Calls to the Service Desk that month that resulted in an Authorized User selection of the option on the automated unit’s menu to speak to a Service Desk Agent, with the result expressed as a percentage to two (2) decimal places.
This Service Level shall be measured as the time between the Authorized User’s selection of the option on the Voice Response Unit’s (VRU) menu to speak to a Service Desk Agent and the time that a Service Desk Agent answers the Call.
1.3.2   Service Desk Call Non-Abandon Rate
The Service Desk Call Non-Abandon Rate Critical Service Level shall be the percentage of Authorized User calls that are not abandoned after either selecting Voice Response Unit to speak to a Service Desk agent or the option to leave a voice mail message for the Service Desk. The Service Desk Call Non-Abandon Rate Critical Service Level shall be calculated as the total number of Calls in which an Authorized User selects either (i) option from the Voice Response Unit (VRU) to speak to a Service Desk Agent, or (ii) selects option to leave a voice mail message and then does not terminate the Call prior to answer by a Service Desk Agent, divided by the total number of Calls placed to the Service Desk within a month, with the result expressed as a percentage to two (2) decimal places.
Calls in which the Authorized User elects to leave a voice mail message initially instead of waiting for a Service Desk representative shall be excluded from the measurement. Also, Calls that are routed to automated messages will be excluded from the measurement.
1.3.3   Service Desk First-Call Incident Resolution
The Service Desk First-Call Incident Resolution Critical Service Level will be the percentage of calls resolved by the Service Desk that can be resolved on the first Call.
The Service Desk First-Call Incident Resolution Critical Service Level shall be calculated as the total number of Calls that can be resolved on the first Call by the Service Desk without escalation to Level 2, divided by the total number of Incidents that can be resolved on the first Call received by the Service Desk during the month, with the result expressed as a percentage to two (2) decimal places.
Call. For purposes of clarification, a Call shall be “actually resolved” during the Authorized User’s first Call to the Service Desk, as used in the previous sentence, only if the person who first answers the phone Call resolves the problem, not if the first person who answers the phone Call passes off the caller to another party who resolves the problem.
Confidential
Exhibit B-2 — Critical Service Levels and Key Measurements

 

Page 6 of 15


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT THE
PORTIONS OF THIS DOCUMENT DENOTED BY BOXES AND
ASTERISKS BE ACCORDED CONFIDENTIAL TREATMENT
PURSUANT TO RULE 24b-2 PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1934.
All Problems with redirection to Level 0, or those that are Level 0 candidates, received by the Service Desk will be included in the performance calculation and will be tracked and reported separately. Vendor will also report on Level 0 redirects and user adoption rate.
This metric will exclude service requests and only apply to Calls that can be resolved on the first Call.
1.3.4   Hard IMAC Completion Time
The Hard IMAC Completion Time Critical Service Level shall be calculated as the number of Hard IMAC requests that were successfully completed within [ * ] of the receipt of the Client-Approved Request at the Service Desk for Campus locations and [ * ] for remote locations, divided by the total number of Hard IMAC requests received by the Service Desk within a month, with the result expressed as a percentage to two percentage points. The elapsed time will be measured as the time from the submission of a properly completed Client-Approved Request to the Vendor’s Service Desk and the ACI’s acceptance of the installation and proper performance of the System.
Completion time includes the time necessary to install, configure, test, and otherwise implement Equipment and Software required to complete the IMAC request. IMACs will be completed when the installation/move/add/change that was requested is ready for use by the Authorized User per the request’s requirements.
A request for a Hard IMAC that involves different items for the same Authorized User (e.g., a change of the personal computer and a change in a peripheral device) shall constitute a single IMAC, so long as the request for all such items is made on the same IMAC request and all such items are requested to be made as of the same date.
Project IMACs and electronic software distributions are excluded from this service level calculation.
Requests that require delivery of additional Equipment or software, which is not included in the spare parts inventory, will not include the time waiting for delivery of the ordered component as part of the completion time.
In the event all components are not available for installation as of the same date:
  a.   There will be a separate MAC for each item to be installed.
  b.   These MACs will be excluded from the performance calculation.
Confidential
Exhibit B-2 — Critical Service Levels and Key Measurements

 

Page 7 of 15


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT THE
PORTIONS OF THIS DOCUMENT DENOTED BY BOXES AND
ASTERISKS BE ACCORDED CONFIDENTIAL TREATMENT
PURSUANT TO RULE 24b-2 PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1934.
1.3.5   Service Desk/Deskside Support Request Completion Time
The Service Desk/Deskside Support Request Completion Time Critical Service Level shall be calculated as the number of support requests (requests as defined below) that were successfully completed within the timeframes as indicated below, calculated from the receipt of the request at the Service Desk, divided by the total number of these type of requests received by the Service Desk within a month, with the result expressed as a percentage to two percentage points. Each measurement below is to be tallied separately and any failure to meet the service level of that particular measurement will constitute a failure of that particular service level. The elapsed time will be measured as the time from the receipt of the request at the Service Desk (with all required information being supplied correctly to the Service Desk rep) and the user acknowledgement that the issue has been resolved. This measure addresses the request types as defined in the listing below:
Exception requests will be measured against an agreed upon timeframe.
                 
Desktop Support   Measurement     Measurement  
Measurement Description   Value     Frequency  
Exception Requests
    [ * ]       [ * ]  
Centralized Supported Desktop support — All locations (Campus, Metro and Remote)
    [ * ]       [ * ]  
Deskside Support / Software Break/Fix — Campus
    [ * ]       [ * ]  
Deskside Support / Software Break/Fix — Metro
    [ * ]       [ * ]  
Deskside Support / Software Break/Fix — Remote
    [ * ]       [ * ]  
Confidential
Exhibit B-2 — Critical Service Levels and Key Measurements

 

Page 8 of 15


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT THE
PORTIONS OF THIS DOCUMENT DENOTED BY BOXES AND
ASTERISKS BE ACCORDED CONFIDENTIAL TREATMENT
PURSUANT TO RULE 24b-2 PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1934.
1.3.6   Anti-Virus/Security Critical Updates
Anti-Virus/Security Critical Updates - The anti-virus/security updates Critical Service Level shall be calculated as follows: (a) the actual number of Supported Servers updated with the critical anti-virus or security Software update within [ * ]of the critical anti-virus or security Software update being available from the applicable third party vendor divided by the number of Supported Servers available for the anti-virus or security updates with the result expressed as a percentage to two (2) decimal points; and (b) the actual number of connected clients (desktops/laptops) updated with the critical anti-virus or security Software update within [ * ] of the critical anti-virus or security Software being available on the connected clients (desktops/laptops) divided by the number of number of connected clients (desktops/laptops) available for the anti-virus/security Software updates with the result expressed as a percentage to two (2) decimal points.
  1.4   Performance Category — Network Management
1.4.1   Site Availability — Client to Prod Data Center
The Service Level for Site Availability — Client to Prod Data Center is the percentage of time the Data Center Locations are Available to ACI external clients using Vendor managed circuits during the applicable Measurement Period. Critical Uptime for this Service Level is determined by multiplying the total minutes in the Measurement Period by the existing number of Client connections to the Data Center. Actual Uptime for this Service Level is aggregate of the total minutes in the Measurement Period during which each connection is Available. The Service Level calculation will be (the number of minutes the Data Center is available to any external client connection) divided by (the total minutes in the Measurement Period multiplied by the number of client connections Site Availability — Dev Centers.
1.4.2   Site Availability — Dev Center
The Service Level for Site Availability — Dev Center is the percentage of time the Development Center Locations are Available during the applicable Measurement Period. Critical Uptime for this Service Level is determined by multiplying the total minutes in the Measurement Period by the then existing number of Locations. Actual Uptime for this Service Level is aggregate of the total minutes in the Measurement Period during which each Site is Available. The Service Level calculation will be (the number of minutes the Development Center Locations are available) divided by (the total minutes in the Measurement Period multiplied by the number Locations).
Confidential
Exhibit B-2 — Critical Service Levels and Key Measurements

 

Page 9 of 15


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT THE
PORTIONS OF THIS DOCUMENT DENOTED BY BOXES AND
ASTERISKS BE ACCORDED CONFIDENTIAL TREATMENT
PURSUANT TO RULE 24b-2 PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1934.
1.4.3   End to End Transaction Response Time — Retail
End to End Response Time — Retail is calculated for the ACI retail Application transactions as the average total response time to the client of all transactions executed for the measurement period. Expected and minimum averages are as listed in Exhibit B-1 Service Level Matrix. Vendor is only accountable for End to End Transaction Response Time for those elements within its direct control.
This measure is the total response time observed by a user, including any network time. Excluded within the measure is the average application processing time, calculated by ACI using its application measuring tools, thereby holding the vendor accountable for the infrastructure and networking component of the response time.
For example, assuming that the application transaction processing time is calculated by ACI and validated by the Vendor to be [ * ], that the Vendor will be responsible for the remainder of the transaction time.
1.4.4   Network Response Time — Client to Prod Data Center
End-to-end Network Response Time is the average round trip propagation delay from client router to Vendor data center router. These measurements will be taken every [ * ] on [ * ] basis
1.4.5   Network Response Time — Dev Centers
End-to-end Network Response Time is the average round trip propagation delay from development center routers to the Vendor data center router. These measurements will be taken every [ * ] on [ * ] basis.
2.0   KEY MEASUREMENTS — INTRODUCTION
This Section sets forth qualitative descriptions of the Key Measurements. The numerical Minimum Service Levels, Expected Service Levels and commencement of obligations associated with such Key Measurements are set forth in Exhibit B-1 (Service Level Matrix) to Schedule B (Service Levels).
Confidential
Exhibit B-2 — Critical Service Levels and Key Measurements

 

Page 10 of 15


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT THE
PORTIONS OF THIS DOCUMENT DENOTED BY BOXES AND
ASTERISKS BE ACCORDED CONFIDENTIAL TREATMENT
PURSUANT TO RULE 24b-2 PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1934.
  2.1   Performance Category — Incident Management
2.1.1   Time to Respond — Severity 3 & 4
Time to Respond — Severity 3 & 4 is calculated as the percentage of Severity 3 & 4 Incidents allocated to Vendor by the Service Desk that are responded to within the specified timeframes listed below during the reporting period. Severity 3 Incidents must be responded to within [ * ] and Severity 4 Incidents must be responded to within [ * ]
2.1.2   Restoration of Service — Severity 3 & 4 Incidents
Restoration of service means that the service or System has been restored to an operating level that is consistent with its operation prior to the Incident.
Restoration of Service — Severity 3 & 4 Incidents is calculated as the percentage of Severity 3 & 4 Incidents reported to the Vendor Service Desk for which service has been restored within the following timeframes during the reporting period:
[ * ]
2.1.3   Severity 3 and 4 Problem Resolution
Severity 3 and 4 Problem Resolution is calculated as the percentage of severity 3 and 4 problem resolutions that are successfully implemented as per agreed upon timeframe within the measurement period divided by the total number of problem resolutions that were scheduled for implementation during the measurement period.
  2.2   Performance Category — Change Management
2.2.1   Change Management Effectiveness
The Change Management Effectiveness Service Level is calculated as the number of successful scheduled promotion to production jobs for the month divided by the number of scheduled promotion to production jobs for the month. Development, system test, and user acceptance test jobs are not included. The integrity of code, meaning source matching prod binaries is included in the definition of a successful promotion.
Confidential
Exhibit B-2 — Critical Service Levels and Key Measurements

 

Page 11 of 15


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT THE
PORTIONS OF THIS DOCUMENT DENOTED BY BOXES AND
ASTERISKS BE ACCORDED CONFIDENTIAL TREATMENT
PURSUANT TO RULE 24b-2 PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1934.
2.2.2   Timely Patch Application
The Vendor will integrate, test, document, distribute, and install patches within the prescribed timeframes as defined in the Process Interface Manual. This measurement is calculated on a monthly basis.
Timely Patch Application is calculated as the total number of patches that were completed during the period and within the prescribed timeframe divided by the total number of patches expected to be completed during the period.
  2.3   Performance Category — Reporting
2.3.1   Report Delivery
Report Delivery is calculated as the total number of reports that are delivered as scheduled for the month, divided by the total number of scheduled reports for the month with the result expressed as a percentage.
  2.4   Performance Category — Project Management
2.4.1   Milestones Delivered On-Time
Milestones Delivered On-Time is calculated as the total number of Project Milestones delivered in the period on or before the scheduled date divided by the total number of Project Milestones expected to be completed during the reporting period. Milestones and applicable completion criteria are identified prior to the start of each Project and reported by Vendor during the period.
2.4.2   Proposals Delivered On-Time
A Proposal is the initial investigation of an idea or concept to provide to ACI with the required deliverables to decide whether the idea will be committed for further development performed through a Project.
Proposals Delivered On-Time is calculated as the number of requested Proposals accepted as completed on-time ([ * ]) by ACI during the period divided by the total number of Proposals expected to be completed during the period.
Confidential
Exhibit B-2 — Critical Service Levels and Key Measurements

 

Page 12 of 15


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT THE
PORTIONS OF THIS DOCUMENT DENOTED BY BOXES AND
ASTERISKS BE ACCORDED CONFIDENTIAL TREATMENT
PURSUANT TO RULE 24b-2 PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1934.
  2.5   Performance Category — Asset Management
2.5.1   Hardware and Software Asset Management
Vendor shall conduct an initial inventory, as described in Schedule A (Statement of Work).
Vendor shall maintain the accuracy of ACI’s Equipment and Software inventory (the “ACI Inventory”) over the Term of the Agreement in accordance with the accuracy commitments described in Schedule A (Statement of Work).
Upon reasonable prior written notice and subject to confidentiality and security policies at Vendor Locations, ACI shall have the right to audit Vendor’s ACI Inventory at any time during the Term of the Agreement to determine whether the ACI Inventory satisfies the ACI Inventory Service Levels.
Measurement. The Hardware and Software Asset Management Service Level shall be measured as the percentage of accuracy of ACI Inventory records in the ACI Inventory database.
The Hardware and Software Asset Management Service Level shall be calculated as the number of randomly selected accurate ACI Equipment and/or ACI Software items, as applicable, for which the inventory information required in for service delivery is accurately reflected in Vendor’s ACI Inventory (as shown by ACI’s audit), divided by the total number of ACI Equipment and/or ACI Software items measured in the audit, with the result expressed as a percentage to two (2) decimal places.
  2.6   Performance Category — User Satisfaction
2.6.1   User Satisfaction Rating
Measurement. The Service Desk Authorized User Satisfaction Rating Service Level shall be the average rating on the Point of Service Customer Satisfaction Survey and the Executive Customer Satisfaction Survey. The average satisfaction rating shall be [ * ].
Calculation. The Service Desk Authorized User Satisfaction Rating Service Level shall be calculated as the average satisfaction rating on a [ * ] measured on each of the surveys conducted. The Service Desk Authorized User Satisfaction Rating Service Level shall be calculated by summing the satisfaction ratings for all survey responses, and dividing the sum by the total number of responses received in the month, with the result expressed as an average rating to two (2) decimal places. The annual Executive Customer Satisfaction Survey results will be incorporated in the overall tally in the month after its completion.
Confidential
Exhibit B-2 — Critical Service Levels and Key Measurements

 

Page 13 of 15


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT THE
PORTIONS OF THIS DOCUMENT DENOTED BY BOXES AND
ASTERISKS BE ACCORDED CONFIDENTIAL TREATMENT
PURSUANT TO RULE 24b-2 PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1934.
In general survey recipients will be asked to rate the services on the following scale: [ * ]. This Authorized User Satisfaction process is described in Schedule K — User Satisfaction Survey.
  2.7   Performance Category — Network Management
2.7.1   Internet Connectivity
Internet Connectivity is a measure of the availability of Internet connectivity between each ACI site and the Internet. This calculation is the total number of sites multiplied by the total number of minutes of actual connectivity divided by the total number of possible minutes of connectivity for the measurement period. [ * ]
2.7.2   WAN Outages
WAN Outages is measured as the number of WAN outages (including any substantial degradation of performance) experienced by any office during the measuring period.
2.7.3   Site Availability — Corporate Offices
The Service Level for Corporate Offices (non-data center and non-development centers) is the percentage of time the Corporate Office Locations are Available during the applicable Measurement Period. Critical Uptime for this Service Level is determined by multiplying the total minutes in the Measurement Period by the then existing number of Locations. Actual Uptime for this Service Level is aggregate of the total minutes in the Measurement Period during which each Site is Available.
2.7.4   Network Response Time — Corporate Offices
End-to-end Network Response Time- Corporate Offices the average round trip propagation delay from corporate Locations other than data center and development center Locations to the data center Location. [ * ] The standards that are to be used for this calculation will be the standards as published by the appropriate service provider (meaning the one providing the actual circuit) An average calculation will be made for each point to point circuit (i.e. router port to router port) using the samples collected during the measuring period. The number of average calculations meeting or exceeding the applicable standard will be divided by the total number of averages for the period, with the result expressed in the form of two decimal places.
Confidential
Exhibit B-2 — Critical Service Levels and Key Measurements

 

Page 14 of 15


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT THE
PORTIONS OF THIS DOCUMENT DENOTED BY BOXES AND
ASTERISKS BE ACCORDED CONFIDENTIAL TREATMENT
PURSUANT TO RULE 24b-2 PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1934.
2.7.5   Internal VPN Access Response Time
End-to-end Internal VPN Access Response Time is the average round trip propagation delay across the Internal VPN managed by the Vendor from ACI office Location routers to the Vendor data center routers. [ * ] The standards that are to be used for this calculation will be the standards as published by appropriate service providers (e.g. [ * ]) in their point to point specifications guides. An average calculation will be made for each point to point circuit using the samples collected during the measuring period.
* * * * *
Confidential
Exhibit B-2 — Critical Service Levels and Key Measurements

 

Page 15 of 15


 

EXHIBIT B-3
CRITICAL DELIVERABLES
1.0   INTRODUCTION
 
    This Exhibit B-3 sets forth certain obligations of the Vendor regarding Critical Deliverables. If the Vendor fails to deliver to ACI any Critical Deliverables as described below in format and content specified in this Exhibit B-3, and such failure is solely as a result of Vendor’s failure to perform its obligations, the associated Deliverable Credit set forth in Exhibit B-1 (Service Level Matrix) will be paid to ACI.
 
    Unless otherwise specified below, the Vendor shall provide each Critical Deliverable set forth in Exhibit B-1 (Service Level Matrix) to Schedule B (Service Levels) on or before the date specified in Exhibit B-1 or this Exhibit B-3, as applicable.
 
2.0   COMPLETE ANNUAL DR TEST — RE-TEST IF TEST FAILS
 
    The Vendor will complete a successful annual Disaster Recovery (DR) Test as described in the Disaster Recovery Plan. If the DR Test fails and such failure was the result of Vendors actions or inactions, the Vendor will at its expense re-test until the DR Test is successful. The first annual test will be conducted on the anniversary of the Server Systems Management Services Service Tower Commencement Date.
 
3.0   DELIVER ANNUAL SAS 70 TYPE II REPORT
 
    The Vendor will deliver an annual SAS 70 Type II audit report as specified in Section 11.3 of the Master Services Agreement.
 
4.0   PROVIDE PROCESS INTERFACE MANUAL/KNOWLEDGE BASE
 
4.1   Provide Process Interface Manual
 
    Vendor shall deliver to ACI, on or before the required date indicated in Exhibit B-1 (Service Level Matrix), the completed and approved final Process Interface Manual which will describe the following:
    Organizational overview;
 
    Performance management procedures;
 
    Financial management procedures;
 
    Contract management procedures;
 
    Relationship management procedures; and
 
    Vendor operational procedures.
Confidential
Exhibit B-3 — Critical Deliverables

 

Page 1 of 3


 

4.2   Knowledge Base
Vendor shall demonstrate to ACI prior to the assumption of responsibilities for the Service Desk, in accordance with the criteria specified in the Transition Plan, that it has developed and implemented a comprehensive knowledgebase to support its Service Desk. Included in the knowledgebase will be the major elements of the Process Interface Manual, accessible to its Service Desk agents in an automated fashion.
5.0   PROVIDE INITIAL DISASTER RECOVERY PLAN
Vendor will complete and deliver to ACI a Disaster Recovery Plan. This plan will address the technology process and procedures the Vendor will implement to assist ACI in ensuring continuity of IT Services to support any ACI or Vendor declared disaster or emergency. The plan shall be consistent with Vendor’s methodology, and contain a level of detail normally expected for efforts of this complexity.
6.0   COMPLETE INITIAL WALL TO WALL HARDWARE INVENTORY & INITIAL ELECTRONIC SOFTWARE INVENTORY
The accuracy and timeliness of Vendor’s obligation to record inventories of hardware and Software assets with each tracked separately for purposes of Critical Service Level compliance) is essential to the satisfactory provision of Services. Vendor shall conduct an inventory of ACI’s equipment and software assets, as described in Exhibit A-2 (Asset Management) so as to meet the requirements set forth in Exhibit B-1 (Service Level Matrix).
Upon completion of the inventory Vendor shall provide the inventory to ACI for review and approval. ACI shall have the right to audit the inventory within ten (10) business days of the date that the inventory report, or mutually agreed upon portion of inventory report, has been received.
The inventory, or portion of the inventory, submitted shall be deemed accepted at such time as either (i) ACI sends notice as provided above that it accepts the inventory or (ii) ACI fails to send a notice regarding such inventory within a ten (10) Business Day period following receipt of the portion described above.
If the inventory report is provided in mutually agreed upon portions, with some portions being provided earlier than others, the satisfaction of this deliverable will not be complete until all portions have been provided, reviewed, and approved.
If Vendor fails to submit an entire inventory for the equipment and software as set forth in Exhibit A-2 (Asset Management) on or before the date indicated in Exhibit B-1 (Service Level Matrix), then the deliverable will be deemed to be missed and the Deliverable Credit will become due.
Confidential
Exhibit B-3 — Critical Deliverables

 

Page 2 of 3


 

7.0   CONDUCT ANNUAL INVENTORY AND PROVIDE REPORT
 
    The Vendor will conduct on an annual basis the electronic Equipment and software inventory as described in Exhibit A-2 Asset Management, and will provide the report to ACI.
 
8.0   PROVIDE ANNUAL PLANNING REPORTS
 
    The Vendor will provide on an annual basis the annual planning reports as described in the Statements of Work and Schedule S (Governance).
 
9.0   DELIVER INITIAL MONTHLY REPORTS
 
    Vendor will deliver the first set of monthly reports including the Service Level reports in accordance with the Service Level Methodology and Schedule R (Reports). The Service Level report(s) will indicate Service Levels (Critical Service Levels, Critical Deliverables, and Key Measurements) for which Vendor is responsible, the actual attainment of the associated Expected Service Levels and Minimum Service Levels as well as attainment of the Critical Deliverables and any Service Level Credit(s) that may apply.
 
    Vendor will provide standard report(s) after the completion of the second full calendar month of providing Service after Service implementation has been completed.
 
10.0   CONDUCT THREAT IDENTIFICATION SUMMARY ASSESSMENT
 
    The Vendor shall complete a vulnerability assessment at the level and frequency described in Exhibit A-8 (Enterprise Security Management Services) and provide a report to ACI that identifies any serious vulnerabilities along with a mitigation plan.
 
11.0   DELIVERY OF A DETAILED TRANSITION PLAN
 
    Within 60 days after the Effective Date, Vendor is to provide a detailed Transition Plan.
 
12.0   TRANSITION COMPLETION
 
    The Vendor will complete all stages of Transition by the applicable “Go-Live” date specified in the Transition Plan in accordance with the completion criteria to be developed during Transition.
Confidential
Exhibit B-3 — Critical Deliverables

 

Page 3 of 3


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT THE
PORTIONS OF THIS DOCUMENT DENOTED BY BOXES AND
ASTERISKS BE ACCORDED CONFIDENTIAL TREATMENT
PURSUANT TO RULE 24b-2 PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1934.
EXHIBIT B-4
SEVERITY LEVELS
INTRODUCTION
Each Incident and Problem will be assessed in terms of its impact upon the business of ACI and the urgency with which ACI requires the Incident or Problem to be resolved or a work around to be implemented. The Incident or Problem shall be assigned a Severity Level based on this assessment along with any specific needs identified by ACI at the time of the incident. Severity levels are assigned based on the Incident’s or Problem’s impact and ACI’s agreement.
Changes to Severity Level classifications or designations can only done after consultation with and agreement between ACI and Vendor.
This Exhibit B-4 sets forth qualitative descriptions of Severity Levels associated with the Services.
1.1   Severity Level 1
An Incident or Problem will be assigned as “Severity Level 1” if the Incident or Problem is characterized by the following:
• [ * ]
1.2   Severity Level 2
An Incident or Problem will be assigned as “Severity Level 2” if the Incident or Problem is characterized by the following:
• [ * ]
1.3   Severity Level 3
An Incident or Problem will be assigned as “Severity Level 3” if the Incident or Problem is characterized by the following:
• [ * ]
Confidential
Exhibit B-4 — Severity Levels

 

Page 1 of 2


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT THE
PORTIONS OF THIS DOCUMENT DENOTED BY BOXES AND
ASTERISKS BE ACCORDED CONFIDENTIAL TREATMENT
PURSUANT TO RULE 24b-2 PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1934.
1.4   Severity Level 4
An Incident or Problem will be assigned as “Severity Level 3” if the Incident or Problem is characterized by the following:
    [ * ]
The assignment of Severity Levels to an Incident or Problem will be recorded in the [ * ]. In the event that an Incident or Problem is not resolved within the applicable resolution time set forth in the Service Levels, such Incident or Problem [ * ].
Confidential
Exhibit B-4 — Severity Levels

 

Page 2 of 2


 

SCHEDULE C
CHARGES
1.0   GENERAL
In addition to the requirements specified in the Agreement, this Schedule C contains pricing and financial provisions related to the Agreement and any associated Service Levels, and is valid in the countries specified in the Agreement. The following Exhibits are attached to this Schedule C and are hereby incorporated by reference:
    Exhibit C-1 (Base Charges, Baselines, ARC/RRC Rates and Termination Charges) - Specifies the details of the Charges: the Monthly Base Charges for each Service, the monthly resource baseline volume levels included in the Monthly Base Charges (“Resource Volume Baselines”), the Charges related to performance of the Transition (“Transition Fees”), the incremental Charges to ACI in the event that the number of Resource Units utilized exceeds the Resource Volume Baselines (“ARC”), the incremental credits due to ACI in the event that the number of Resource Units actually utilized are below the Resource Volume Baselines (“RRC”), and defines the fees to be charged by the Vendor in the event of termination for convenience by ACI (“Termination Charges”).
    Exhibit C-2 (Financial Responsibility and Ownership Matrix) — This exhibit describes the financial responsibility of ACI and the Vendor for functions and assets associated with the Services.
    Exhibit C-3 (Form of Invoice) — Sample of the invoice to be provided on a monthly basis by Vendor.
    Exhibit C-4 (Base Case) — Defines the financial scope of what is assumed by Vendor and retained by ACI. This exhibit contains ACI’s projection of its expenses associated with the Services if ACI were not to enter into this Agreement with the Vendor.
Monthly Base Charges together with the Hardware and Software charges in Exhibit C-1 include all of the Charges, including one-time Charges, required to perform the Services.
2.0   SERVICES CHARGES
2.1   General
Confidential
Schedule C — Charges

 

 


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT THE
PORTIONS OF THIS DOCUMENT DENOTED BY BOXES
AND ASTERISKS BE ACCORDED CONFIDENTIAL
TREATMENT PURSUANT TO RULE 24b-2
PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1934.
2.1.1   This Schedule C defines the Resource Units, Charges, pricing provisions, Resource Volume Baselines and the ARCs and RRCs should the actual volume of Resource Units utilized by ACI vary from the Resource Volume Baselines.
2.1.2   [ * ]
2.2 Transition Fees
The Transition Fees for Transition are set forth in Exhibit C-1.
[ * ]
2.3   Base Service Charges
2.3.1   General. The Monthly Base Charge for each contract month is set forth in Exhibit C-1, and is the firm fixed Charge to ACI for Vendor’s provision of the Services for the applicable Resource Volume Baselines after the applicable Service Tower Commencement Date, subject to the provisions of this Schedule C. [ * ]
2.3.2   Monthly Invoice. In accordance with the Agreement, Vendor shall invoice ACI on a monthly basis for the Monthly Base Charges.
    [ * ]
 
2.4   Resource Units
The Resource Units associated with the Services are defined below:
2.4.1   Mainframe Services
[ * ] except as otherwise noted in Exhibit C-2, Financial Responsibility and Ownership Matrix.
The mainframe Services pricing is based on the Resource Volume Baselines contained in Exhibit C-1.
The mainframe billable Resource Units are defined as follows: [ * ]
1. Development Mainframe Charge
[ * ]
2. Allocated Development DASD GB
[ * ]
3. Mainframe Hosting Fee
[ * ]
4. Tape Mounts
[ * ]
5. Tape Volumes in Storage — Onsite
[ * ]
6. Tape Volumes in Storage — Offsite
[ * ]
2.4.2 Application and Utility Server Management Services.
[ * ]
* Represents 3 pages of redacted text
2.7   Storage Management
 
    [ * ]
 
*   Represents 1 page of redacted text.
 
2.8   Data Base Services
 
    [ * ]
 
2.9   Middleware Services
 
    [ * ]
 
2.10   Hardware Services Charge
 
    [ * ]
*     Represents 3 pages of redacted text.
Confidential
Schedule C — Charges

 

 


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT THE
PORTIONS OF THIS DOCUMENT DENOTED BY BOXES
AND ASTERISKS BE ACCORDED CONFIDENTIAL
TREATMENT PURSUANT TO RULE 24b-2
PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1934.
  2.4.3   Messaging Services
  1.   The Messaging Services pricing is based on the Resource Volume Baselines contained in Exhibit C-1.
  2.   The messaging billable Resource Units are defined as follows:
  2.1   Notes Messaging Services
 
      [ * ]
 
  2.4.4   Network Management Services
  1.   The Network Management Services pricing is based on the Resource Volume Baselines contained in Exhibit C-1.
 
  2.   The Network Management billable Resource Units are defined as follows:
 
 
  2.1   WAN Management
 
  2.1.1.   The WAN Management pricing is based on the Resource Volume Baselines contained in Exhibit C-1.
 
  2.1.2.   Vendor Managed
 
  2.1.2.1.   Complex Device
 
      i.)      [ * ]
 
  2.1.2.2.   Standard Device
 
      i.)      [ * ]
 
  2.1.2.3.   Simple Device
 
      i.)      [ * ]
 
  2.1.3.   Vendor Owned and Managed
 
  2.1.3.1.   Complex Device
 
      i.)      [ * ]
 
  2.1.3.2.   Standard Device
 
      i.)      [ * ]
 
  2.1.3.3.   Simple Device
 
      i.)      [ * ]
 
  2.2   LAN Management
 
  2.2.1   The LAN Management pricing is based on the Resource Volume Baselines contained in Exhibit C-1.
 
  2.2.2   Vendor Managed
 
  2.2.2.1   Complex Device
 
      i.)      [ * ]
 
  2.2.2.2   Standard Device
 
      i.)      [ * ]
 
  2.2.2.3   Simple Device
 
      i.)      [ * ]
 
  2.2.3   Vendor Owned and Managed
 
  2.2.3.1   Complex Device
 
      i.)      [ * ]
 
  2.2.3.2   Standard Device
 
      i.)      [ * ]

 

 


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT THE
PORTIONS OF THIS DOCUMENT DENOTED BY BOXES
AND ASTERISKS BE ACCORDED CONFIDENTIAL
TREATMENT PURSUANT TO RULE 24b-2
PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1934.
 
  2.2.3.3   Simple Device
 
      i.)      [ * ]
 
  2.3   Firewall Management
 
  2.3.1   The Firewall Management pricing is based on the Resource Volume Baselines contained in Exhibit C-1.
 
  2.3.2   Vendor Managed
 
  2.3.2.1   Complex Device
 
      i.)      [ * ]
 
  2.3.2.2   Standard Device
 
      i.)      [ * ]
 
  2.3.2.3   Simple Device
 
      i.)      [ * ]
 
  2.3.3   Vendor Owned and Managed
 
  2.3.3.1   Complex Device
 
      i.)      [ * ]
 
  2.3.3.2   Standard Device
 
      i.)      [ * ]
 
  2.3.3.3   Simple Device
 
      i.)      [ * ]
  2.4   Network Management IMAC
 
  2.4.1   [ * ]
 
  2.4.2   [ * ]
  2.4.5   Network Transport Services
  1.   The Network Transport Services pricing is based on the Resource Volume Baselines contained in Exhibit C-1
 
  2.   The Network Transport billable Resource Units are defined as follows:
 
  2.1.   MPLS Transport
 
  2.1.1.   [ * ]
 
  2.1.2.   The speeds for the above are as documented in Exhibit C-1.
 
  2.2.   Other Connectivity
 
      [ * ]
 
  2.2.1   [ * ]
 
  2.2.2   The speeds for the above are as documented in Exhibit C-1.
Confidential
Schedule C — Charges

 

 


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT THE
PORTIONS OF THIS DOCUMENT DENOTED BY BOXES
AND ASTERISKS BE ACCORDED CONFIDENTIAL
TREATMENT PURSUANT TO RULE 24b-2
PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1934.
  2.3.   Internet Connectivity
 
  2.3.1   [ * ]
 
  2.3.2   The speeds for the above are as documented in Exhibit C-1.
  2.4.6   Security Services
  1.   The Security Services pricing is based on the Resource Volume Baselines contained in Exhibit C-1.
 
  2.   The Security billable Resource Units are defined as follows:
 
  2.1   [ * ]
 
  2.2   [ * ]
 
  2.3   [ * ]
 
  2.4   [ * ]
 
  2.5   [ * ]
 
  2.6   [ * ]
 
  2.7   [ * ]
  2.4.7   Disaster Recovery Services
  1.   The Disaster Recovery Services pricing is based on the Resource Volume Baselines contained in Exhibit C-1
 
  2.   The Disaster Recovery billable Resource Units are defined as follows:
 
  2.1   [ * ]
 
  2.2   [ * ]
  2.4.8   End-User Computing Services
  1.   The End-User Computing Services pricing is based on the Resource Volume Baselines contained in Exhibit C-1
 
  2.   [ * ]
 
  3.   [ * ]
 
  4.   [ * ]
 
  5.   [ * ]
  2.4.9   Help Desk Services
  1.   The Help Desk Services pricing is based on the Resource Volume Baselines contained in Exhibit C-1.
 
  2.   The Help Desk billable Resource Units are defined as follows:
 
  2.1.   Help Desk Services
 
  2.2   [ * ]
 
  3.   [ * ]
  2.4.10   Projects
The Projects Charges are based on a Resource Volume Baseline of hours as defined in Exhibit C-1
  1.   Project Pool
Confidential
Schedule C — Charges

 

 


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT THE
PORTIONS OF THIS DOCUMENT DENOTED BY BOXES
AND ASTERISKS BE ACCORDED CONFIDENTIAL
TREATMENT PURSUANT TO RULE 24b-2
PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1934.
Vendor shall perform Projects requested and approved by ACI as part of the Services. The in-scope resources (as delineated in the Base Case Exhibit C-4) have historically provided a level of project work to ACI. As such, this volume of project work is included in the scope of Services and is represented by a pool of hours (“Project Pool”).
Vendor work efforts that consist of the following activities would not be counted against the Project Pool:
    IT work efforts that relate to Vendor’s support or maintenance (e.g., patches, memory upgrades, or database re-indexing) of Equipment, Software or other elements of the ACI IT environment used by Vendor to deliver the Services (including as necessary to meet Service Levels); or
    IT work efforts that relate to Vendor’s support, maintenance, enhancement or refresh of Equipment, Software or other elements of the Vendor Service infrastructure used by Vendor to deliver the Services (including as necessary to meet Service Levels)
    IT work efforts that result in an increase in or new Resource Units consumed as provided for in Schedule C
Any new work activities that require Vendor to acquire additional or different resources, or new work activities that affect Vendor’s ability to deliver Services according to the Service Levels (e.g. ACI office moves, ACI data center build outs, and other activities as agreed by the Parties) would be activities that are counted against the Project Pool.
  2.   As part of the Services, [ * ]. The Resource Volume Baseline for Projects can be adjusted on an annual basis, based on a request by ACI, as a part of the annual technology planning process. Any adjustment to the Resource Volume Baseline of Project hours will result in a corresponding adjustment in the monthly service Charge for Projects with the calculation to be based on the Base unit rates for Projects as defined in Exhibit C-1. In addition, in Contract Year One, Vendor will provide an ARC rate for any hours requested by ACI in excess of the Resource Volume Baseline.
  3.   It is envisioned that the Vendor will perform most new infrastructure Projects using hours from the Project Pool until such time that the hours are exhausted or that ACI requests an alternative proposal. If and to the extent ACI authorizes Vendor to exceed the applicable Baseline Project Hours in any Contract Year, ACI shall pay Vendor for such
Confidential
Schedule C — Charges

 

 


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT THE
PORTIONS OF THIS DOCUMENT DENOTED BY BOXES
AND ASTERISKS BE ACCORDED CONFIDENTIAL
TREATMENT PURSUANT TO RULE 24b-2
PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1934.
additional FTEs at the rates specified in the rate card in Exhibit C-1. At ACI’s request, Vendor shall provide fixed pricing for Projects without utilizing the Baseline Project Hours. In such instances, the fixed price proposed by Vendor shall be no less favorable to ACI than the price obtained by multiplying the FTE rates specified in the Rate Card Tab set forth in Exhibit C-1 (“Rate Card”) by the projected level of effort.
  4.   [ * ] These Projects will be viewed as separate events requiring separate pricing. Nothing in this provision should be interpreted as limiting ACI’s right to perform itself or have third parties perform Projects regardless of their size.
  5.   All Projects, regardless of whether the hours are to come from the Project Pool or from the rate card, will be estimated and a cost estimate provided to ACI for approval prior to work commencing. Where practical, the Vendor will provide fixed cost (or fixed hours) pricing for a given Project. [ * ]
  6.   For Projects that cannot be easily quantified at the outset, Vendor pricing may be established, based on ACI written approval, on a time and materials basis utilizing the Rate Card.
 
  7.   [ * ]
  8.   Vendor shall report monthly on Projects in accordance with Schedule R. Such reports shall specify, among other things, the Vendor Charges, hours, resources and expenses for each Project for the applicable month and Contract Year and any other pertinent information reasonably requested by ACI.
 
  9.   Items Not Separately Billable
      [ * ]
 
* Represents one page of redacted text
3.0   ADDITIONAL AND REDUCED RESOURCE CHARGES (ARCS AND RRCS)
3.1   The Vendor shall track the number of Resource Units actually utilized by ACI during [ * ]
3.2   ARC — Additional Resource Charge: [ * ]
3.3   RRC — Reduced Resource Credit: [ * ]
4.0   RETAINED EXPENSES
Retained expenses are those expenses, which ACI will retain and pay directly. The initial estimation of the retained expenses is shown under the “Retained” portion Exhibit C-4.
Confidential
Schedule C — Charges

 

 


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT THE
PORTIONS OF THIS DOCUMENT DENOTED BY BOXES
AND ASTERISKS BE ACCORDED CONFIDENTIAL
TREATMENT PURSUANT TO RULE 24b-2
PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1934.
The Parties may subsequently agree to treat a retained expense as a Pass-Through Expense.
5.0   INCENTIVES TO REDUCE COSTS
ACI is continually seeking ways to reduce and minimize its expenses, including retained and Pass-Through Expenses. Accordingly, ACI encourages the Service Provider to explore and identify opportunities to improve the Services and reduce the cost of Services being provided under the Agreement
The Service Provider will advise ACI’s IT management of each opportunity that is identified and estimate the potential savings.
6.0   ECONOMIC CHANGE ADJUSTMENT
6.1   [ * ] 
6.2   [ * ] 
6.3   The following indices are applicable to the Services provided by Vendor to ACI under the Agreement.
 
    [ * ]
 
6.4   [ * ]
 
6.5   [ * ]
 
6.6   [ * ]
 
6.7   [ * ]    * Represents one page of redacted text
7.0   OTHER CHARGES, CREDITS, AND SERVICES
 
7.1   Telecommunication Transport Charges
 
    Vendor will assume responsibility for the Charges for ACI to ACI [ * ]
 
7.2   Third Party Charges
 
    Vendor will assume responsibility for all Charges for the [ * ] as of the Service Tower Commencement Date.
 
7.3   Termination Charges
 
    Exhibit C-1 sets forth the amounts payable by ACI in the event that ACI terminates the Agreement under the circumstances specified in the Agreement.
Confidential
Schedule C — Charges

 

 


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT THE
PORTIONS OF THIS DOCUMENT DENOTED BY BOXES
AND ASTERISKS BE ACCORDED CONFIDENTIAL
TREATMENT PURSUANT TO RULE 24b-2

PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1934.
8.0   OTHER ITEMS
8.1   Resource Unit Classification for New Technologies
 
    ACI and Vendor will review, on a quarterly basis, the impact of new technologies on the existing Resource Units. Specifically, this is necessary for Resource Units that are categorized into Complex, Standard, and Simple Devices.
 
8.2   Vendor Travel
 
    [ * ] as specified in Schedule A (Statement of Work) and the Exhibit C-2 (Financial Responsibility and Ownership Matrix). To the extent that ACI requires the Vendor to travel for approved billable Projects, the Vendor will bill these travel related expenses as Pass-Through Expenses.
 
8.3   Rebadged Employee Equipment
 
    Rebadged Employees will continue to use their existing personal computer equipment and software (subject to software license restrictions) until such point that Equipment or Software is due for refresh. [ * ] The Vendor shall perform [ * ] (Statement of Work). [ * ]
* * * *
Confidential
Schedule C — Charges

 

 


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT
THE PORTIONS OF THIS DOCUMENT DENOTED
BY BOXES AND ASTERISKS BE ACCORDED
CONFIDENTIAL TREATMENT PURSUANT TO
RULE 24b-2 PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1934.
SCHEDULE C-1
BASE CHARGES, BASELINES, ARC/RRC RATES AND TERMINATION CHARGES
[ * ]
*  Represents 27 pages of redacted tabular data
ACI Worldwide Confidential

 

 


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT THE
PORTIONS OF THIS DOCUMENT DENOTED BY BOXES AND
ASTERISKS BE ACCORDED CONFIDENTIAL TREATMENT
PURSUANT TO RULE 24b-2 PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1934.
SCHEDULE C-2
FINANCIAL RESPONSIBILITY AND OWNERSHIP MATRIX
MEANING OF HEADINGS
[ * ]
*  Represents seven pages of redacted tabular data
     
ACI Worldwide Confidential   Meaning of Headings

 

Page 1


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT THE
PORTIONS OF THIS DOCUMENT DENOTED BY BOXES AND
ASTERISKS BE ACCORDED CONFIDENTIAL TREATMENT
PURSUANT TO RULE 24b-2 PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1934.
SCHEDULE C-2
FINANCIAL RESPONSIBILITY AND OWNERSHIP MATRIX
[ * ]
*  Represents one page of tabular data
     
ACI Worldwide Confidential   Personnel

 

 


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT THE PORTIONS OF
THIS DOCUMENT DENOTED BY BOXES AND ASTERISKS BE
ACCORDED CONFIDENTIAL TREATMENT PURSUANT TO RULE
24b-2 PROMULGATED UNDER THE SECURITIES EXCHANGE ACT
OF 1934.
SCHEDULE C-2
FINANCIAL RESPONSIBILITY AND OWNERSHIP MATRIX
[ * ]
*  Represents one page of tabular data
     
ACI Worldwide Confidential   Equipment

 

 


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT
THE PORTIONS OF THIS DOCUMENT DENOTED
BY BOXES AND ASTERISKS BE ACCORDED
CONFIDENTIAL TREATMENT PURSUANT TO RULE
24b-2 PROMULGATED UNDER THE SECURITIES
EXCHANGE ACT OF 1934.
SCHEDULE C-2
FINANCIAL RESPONSIBILITY AND OWNERSHIP MARTIX
[ * ]
*  Represents one page of tabular data
     
ACI Worldwide Confidential   Software

 

 


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT THE
PORTIONS OF THIS DOCUMENT DENOTED BY
BOXES AND ASTERISKS BE ACCORDED
CONFIDENTIAL TREATMENT PURSUANT TO RULE
24b-2 PROMULGATED UNDER THE SECURITIES
EXCHANGE ACT OF 1934.
SCHEDULE C-2
FINANCIAL RESPONSIBILITY AND OWNERSHIP MARTIX
[ * ]
*  Represents one page of tabular data
     
ACI Worldwide Confidential   Facilities

 

 


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT
THE PORTIONS OF THIS DOCUMENT DENOTED
BY BOXES AND ASTERISKS BE ACCORDED
CONFIDENTIAL TREATMENT PURSUANT TO
RULE 24b-2 PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1934.
SCHEDULE C-2
FINANCIAL RESPONSIBILITY AND OWNERSHIP MARTIX
[ * ]
*  Represents one page of tabular data
     
ACI Worldwide Confidential   Other

 

 


 

ACI WORLDWIDE, INC. HAS REQUESTED
THAT THE PORTIONS OF THIS DOCUMENT
DENOTED BY BOXES AND ASTERISKS BE
ACCORDED CONFIDENTIAL TREATMENT
PURSUANT TO RULE 24b-2
PROMULGATED UNDER THE SECURITIES
EXCHANGE ACT OF 1934.
Exhibit C-3
FORM OF INVOICE
(IBM LOGO)
                 
Please Direct Inquiries
  Invoice       Page
And Correspondence To:
  Number   Date   Number
IBM Corporation
  [*]   April 1, 2008   1  
1501 Windward Concourse
               
Alpharetta, GA 30005
               
Attn: Loyd Simpson
               
 
               
Phone:
  Account #   A/R BO   IBM BO
[*]
  [*]   [*]   [*]  
 
               
Installed At:
  Invoice To:            
ACI Worldwide, Inc.
  ACI Worldwide, Inc.            
 
  120 Broadway St.            
Omaha, NE
  New York, NY 10002            
 
               
Payment Terms:
  Comments:            
 
               
[*]
  [*]            
[*]
         
Other Adjustments:
       
 
       
Service Tax:
  $ 0.00  
 
       
ILLUSTRATIVE INVOICE — PLEASE PAY THIS AMOUNT:
  $ 0.00  
See Attached Detail for Service Tax Calculation

 

 


 

     
    ACI WORLDWIDE, INC. HAS REQUESTED THAT
THE PORTIONS OF THIS DOCUMENT DENOTED
BY BOXES AND ASTERISKS BE ACCORDED
CONFIDENTIAL TREATMENT PURSUANT TO
RULE 24b-2 PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1943.
     
(IBM LOGO)
  Page
Number

2
     
Invoice Number:
  [*]
Invoice Date:
  4/1/2008
U.S. Service Tax Summary Invoice — ACI Worldwide, Inc.
         
Total Non-Taxable Service Charge:
  $ 0.00  
 
       
Total Taxable Service Charge:
  $ 0.00  
             
    Number of        
U.S. STATE   Users   Taxable Charge   Tax Amount
[*]
  [*]   [*]   [*]
[*]   [*]   [*]   [*]
             
             
             
             
             
Taxable Totals:   xxxx   $0.00   $0.00
         
Total US Service Tax: 
  $ 0.00  
Non — U.S. Service Tax Summary Invoice — ACI Worldwide, Inc.
         
Total Non-Taxable Service Charge:
  $ 0.00  
 
       
Total Taxable Service Charge:
  $ 0.00  
             
[*]
  [*]   [*]   [*]
             
             
             
             
         
Total Service Tax:
  $ 0.00  
 
       
TOTAL AMOUNT DUE:
  $ 0.00  

 

 


 

     
    ACI WORLDWIDE, INC. HAS REQUESTED THAT
THE PORTIONS OF THIS DOCUMENT DENOTED
BY BOXES AND ASTERISKS BE ACCORDED
CONFIDENTIAL TREATMENT PURSUANT TO
RULE 24b-2 PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1943.
(IBM LOGO)   June 1, 2xxx
[*]
     
*   Represents 1 page of redacted tabular text
         
IBM/AmerisourceBergen Confidential   EXAMPLE — FOR ILLUSTRATIVE PURPOSES ONLY   Page 3 of 8

 

 


 

     
    ACI WORLDWIDE, INC. HAS REQUESTED THAT
THE PORTIONS OF THIS DOCUMENT DENOTED
BY BOXES AND ASTERISKS BE ACCORDED
CONFIDENTIAL TREATMENT PURSUANT TO
RULE 24b-2 PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1943.
(IBM LOGO)   June 1, 2xxx
[*]
     
*   Represents 1 page of redacted tabular data
         
IBM/AmerisourceBergen Confidential   EXAMPLE — FOR ILLUSTRATIVE PURPOSES ONLY   Page 4 of 8

 

 


 

     
    ACI WORLDWIDE, INC. HAS REQUESTED THAT
THE PORTIONS OF THIS DOCUMENT DENOTED
BY BOXES AND ASTERISKS BE ACCORDED
CONFIDENTIAL TREATMENT PURSUANT TO
RULE 24b-2 PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1943.
(IBM LOGO)   June 1, 2xxx
[*]
     
*   Represents 1 page of redacted tabular data
         
IBM/AmerisourceBergen Confidential   EXAMPLE — FOR ILLUSTRATIVE PURPOSES ONLY   Page 5 of 8

 

 


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT THE
PORTIONS OF THIS DOCUMENT DENOTED BY BOXES AND
ASTERISKS BE ACCORDED CONFIDENTIAL TREATMENT
PURSUANT TO RULE 24b-2 PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1934.
[*]

 

 


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT
THE PORTIONS OF THIS DOCUMENT DENOTED BY
BOXES AND ASTERISKS BE ACCORDED
CONFIDENTIAL TREATMENT PURSUANT TO RULE
24b-2 PROMULGATED UNDER THE SECURITIES
EXCHANGE ACT OF 1934.
EXHIBIT C-4
BASE CASE
[ * ]
*  Represents 45 pages of redacted tabular data

 

 


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT
THE PORTIONS OF THIS DOCUMENT DENOTED
BY BOXES AND ASTERISKS BE ACCORDED
CONFIDENTIAL TREATMENT PURSUANT TO
RULE 24b-2 PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1943.
DEFINITIONS
SCHEDULE D
Unless otherwise specified, all Section references are references to the Master Services Agreement.
  1.   Abend” means, with respect to computer processing, abnormal end of task.
  2.   ACI” is defined in the preamble to the Agreement, subject to Section 2.2.
  3.   ACI Competitors” means [*]
  4.   ACI Confidential Information” is defined in Section 15.3.
  5.   ACI Contract Executive” is defined in Section 12.
  6.   ACI Contractor Agreements” is defined in Section 5.2.
  7.   ACI Contractor Personnel” is defined in Section 5.2.
  8.   ACI Data” means all data regarding ACI’s personnel, subcontractors or other aspects of ACI’s business made available to Vendor or entered in any Software or Equipment, together with any data derived from such data, including Personally Identifiable Information.
  9.   ACI Equipment” means machines that are: (i) owned, leased or rented by ACI on or after the Effective Date; (ii) used by Vendor to provide the Services; and (iii) listed in Schedule H (Existing Equipment) of the Agreement.
  10.   ACI Focal Point” means the individual designated by ACI to act as the single point of contact within a specified Services area or Location to whom Vendor may direct all communications related to such Services area.
  11.   ACI Indemnitees” is defined in Section 18.1.
  12.   ACI Information Security Requirements” is defined in Section 15.2.
  13.   ACI IT Standards” is defined in Section 3.9.
  14.   ACI Laws” is defined in Section 22.1.
  15.   ACI Office Space” is defined in Section 8.1.
  16.   ACI-Provided Product” means any equipment, system, program, product, or business process provided to Vendor by ACI under the Agreement [*].
  17.   ACI Provided Technology” is defined in Section 18.2.
  18.   ACI Risk Control Requirements” is defined in Section 15.4.
Confidential
Schedule D — Definitions

 

 


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT
THE PORTIONS OF THIS DOCUMENT DENOTED
BY BOXES AND ASTERISKS BE ACCORDED
CONFIDENTIAL TREATMENT PURSUANT TO
RULE 24b-2 PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1943.
  19.   ACI Software” means Software owned by ACI or its Affiliates.
  20.   Additional Resource Charge” or “ARC” is defined in Schedule C (Charges).
  21.   Adjustment” is defined in Section 11.2.
  22.   Affected Employees” means those Potentially Rebadged Employees identified in Schedule T (Human Resources).
  23.   [*]
  24.   Agreement” means the Master Services Agreement to which this Schedule D is attached, including its Schedules, Exhibits and Attachments, as the same may be amended by the Parties from time to time.
  25.   [*]
  26.   Applicable Law” means any United States and non-United States federal, state or local law (including common law), statute, ordinance, rule, regulation (including NASD rules, regulations and notices as well as any and all rules, pronouncements and interpretations issued by self regulatory authorities), order, decree writ, injunction, judgment, permit, governmental agreement, member advisory bulletins or decree of a government entity applicable to the Party or other entity indicated by the context, including, as applicable, to such Party’s or entity’s Affiliates, assets, directors, employees and agents in such capacities.
  27.   Applications Software” or “Applications” means the programs, including all supporting documentation, source code, and media that: (i) perform specific data processing and telecommunication tasks, and (ii) are licensed or owned by ACI.
  28.   Approved Subcontractors” means those subcontractors of Vendor (i) approved by ACI prior to the Effective Date and identified in Schedule N (Approved Subcontractors) and (ii) any other subcontractors and Affiliates of Vendor approved by ACI in accordance with Section 10.7, unless and until approval of such subcontractor or Affiliate is rescinded by ACI in accordance with Section 10.7.
  29.   Asset Services” means the Services set forth in Exhibit A-2 (Asset Services) of Schedule A (Statement of Work) of the Agreement.
  30.   [*]
  31.   Auditors” is defined in Section 11.3.
  32.   Benchmarker” is defined in Section 13.7.
  33.   Business Day” means every Monday through Friday, [*] In the Agreement references to days that do not specifically refer to Business Days are references to calendar days and, unless otherwise provided, any specified number of days that expires on a day other than a Business Day will be automatically extended to the next following Business Day.
Confidential
Schedule D — Definitions

 

 


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT
THE PORTIONS OF THIS DOCUMENT DENOTED
BY BOXES AND ASTERISKS BE ACCORDED
CONFIDENTIAL TREATMENT PURSUANT TO
RULE 24b-2 PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1943.
  34.   Business Hours” means the normal business hours for the facility being audited.
  35.   Change” is defined in Schedule U (Change Control Procedure).
  36.   Change Control Procedure” is defined in Section 3.10(b).
  37.   Changed Service Level” is defined in Section 9.6.
  38.   Charges” is defined in Section 13.1.
  39.   Code” is defined in Section 23.15.
  40.   Commencement Date” means the Effective Date or [*].
  41.   Commercially Available Software” means software provided or licensed to the public under standard terms and conditions, early release or beta test versions of such software and any correction code applied to such software in order to resume the proper operation of such software.
  42.   [*]
  43.   Confidential Information” is defined in Section 15.3.
  44.   Configuration” means the hardware and Software designated for support of the Critical Functions during a declared Disaster.
  45.   Contract Year” means any twelve (12) month period commencing on the Effective Date or any anniversary thereof.
  46.   Contractual Change Control Procedure” is defined in Section 10.6.
  47.   Control” and its derivatives mean with regard to any entity, the legal, beneficial or equitable ownership, directly or indirectly, of more than fifty percent (50%) of such entity’s voting rights.
  48.   CPU” means central processing unit.
  49.   Critical Deliverables” are the deliverables set forth in Exhibit B-1 (Service Level Matrix) under the heading “Critical Deliverables”.
  50.   [*]
  51.   [*]
  52.   Critical Service Levels” is defined in Section 9.3.
  53.   DASD” means direct access storage device.
  54.   Data Center” means both the Vendor Data Center and the ACI Data Center.
Confidential
Schedule D — Definitions

 

 


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT
THE PORTIONS OF THIS DOCUMENT DENOTED
BY BOXES AND ASTERISKS BE ACCORDED
CONFIDENTIAL TREATMENT PURSUANT TO
RULE 24b-2 PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1943.
  55.   Data Network” means the Equipment, associated attachments, features and accessories, Software, lines and cabling used to connect, transmit and receive data between the Data Center(s) and ACI locations listed in Schedule P (Locations) of the Agreement, including communication controllers, multiplexers, lines and modems/digital service units, but excluding End User Equipment.
  56.   Data Network Services” means the Services set forth in Exhibit A-7 (Data Network Services) of Schedule A (Statement of Work) of the Agreement.
  57.   Data Owner” is defined in Section 22.5.
  58.   Database Management Software” shall mean computer programs designed to create and administer a database, and store, modify and extract structured data from that database on behalf of numerous users.
  59.   Delivery Management Services” means the Services set forth in Exhibit A-1 (Delivery Management Services (Cross Functional)) of Schedule A (Statement of Work) of the Agreement.
  60.   Developed ACI Software” is defined in Section 7.4.
  61.   Developed Vendor Software” is defined in Section 7.4.
  62.   Disaster” means any unplanned interruption of information processing for ACI, due to causes beyond the control of ACI or Vendor that significantly impairs the ability of Vendor to operate the Critical Functions at the Data Center. Examples are: (i) loss of the building to fire; (ii) loss of power to the facility due to hurricane damage; and (iii) inability to access the facility due to a chemical spill.
  63.   Disaster Recovery” means the restoration, at a Recovery Center, of the Critical Functions following a declared Disaster.
  64.   Disaster Recovery Plan” means the mutually agreed upon plan for recovering the Critical Functions at a Recovery Center.
  65.   Disaster Recovery Services” means the Services set forth in Exhibit A-9 (Disaster Recovery and Business Recovery Services) of Schedule A (Statement of Work) of the Agreement.
  66.   Dispute Date” is defined in Section 20.1.
  67.   DM” is defined in Section 20.1.
  68.   DR/BC Plans” is defined in Section 19.5.
  69.   [*]
  70.   Effective Date” is defined in the preamble to the Agreement.
Confidential
Schedule D — Definitions

 

 


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT
THE PORTIONS OF THIS DOCUMENT DENOTED
BY BOXES AND ASTERISKS BE ACCORDED
CONFIDENTIAL TREATMENT PURSUANT TO
RULE 24b-2 PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1943.
  71.   Electronic Software Distribution or ESD” means the electronic distribution of a defined set of software Standard Products (but excluding operating system and network operating system software) bundled as a package and distributed to Supported Servers through a single, centralized electronic distribution process.
  72.   End User Equipment” means all workstations, terminals, printers and associated peripheral equipment located at Locations.
  73.   End User Locations” means locations at which the Services are received or used by the End Users.
  74.   End User Services” means the Services set forth in Exhibit A-4 (End User Services) of Schedule A (Statement of Work) of the Agreement.
  75.   End Users” is defined in Section 3.10(a).
  76.   Enhancement Activities” is defined in Section 10.8.
  77.   Enterprise Security Management Services” means the Services set forth in the Exhibit A-8 (Enterprise Security Management Services) of Schedule A (Statement of Work) of the Agreement.
  78.   Equipment” means the [*]. Equipment includes the following: (i) computer equipment, including associated attachments, features, accessories, peripheral devices, front end devices, and other computer equipment, and (ii) telecommunications equipment, including private branch exchanges, multiplexors, modems, hubs, bridges, routers, switches and other telecommunications equipment.
  79.   Executive Steering Committee” is defined in Section 10.2.
  80.   Existing Third Party Systems Software” means Third Party Systems Software that exists on the Effective Date and was being utilized by ACI or its Affiliates immediately prior to the Effective Date [*].
  81.   [*]
  82.   Extraordinary Event” is defined in Section 13.5.
  83.   Firewall Device” means a device to control access across the Data Network to keep ACI’s network secure and used by Vendor to provide firewall management Services as set forth in Exhibit A-7 (Data Network Services) of Schedule A (Statement of Work) of the Agreement. Firewall Device(s) will be identified in Schedule H (Existing Equipment) of the Agreement.
  84.   Force Majeure Event” is defined in Section 19.6.
  85.   Go Live Date” means the last Service Tower Commencement Date.
  86.   Holidays” means the days specified in the Process Interface Manual.
Confidential
Schedule D — Definitions

 

 


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT
THE PORTIONS OF THIS DOCUMENT DENOTED
BY BOXES AND ASTERISKS BE ACCORDED
CONFIDENTIAL TREATMENT PURSUANT TO
RULE 24b-2 PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1943.
  87.   I-9” is defined in Section 16.13.
  88.   Incident” means an event that deviates from normal operation of the Services and that causes, an interruption to, or a reduction in, the performance of such Services.
  89.   Including” and its derivatives (such as “include” and “includes”) means “including, without limitation.” This term is as defined, whether or not capitalized in the Agreement.
  90.   Information Security Controls (ISeC) Document” has the meaning set forth in Exhibit A-8 (Enterprise Security Management Services) of Schedule A (Statement of Work) of the Agreement.
  91.   Install, Move, Add, Change or IMAC” means Install, Move, Add, Change events.
  92.   Intel and UNIX Server Services” means the Services set forth in Exhibit A-5 (Server Systems Management Services (including Mainframe)) of Schedule A (Statement of Work) of the Agreement.
  93.   Intellectual Property Rights” means all rights, title, and interest arising under U.S. common and statutory law and the laws of other countries to all (i) patents and all filed, pending or potential applications for patents, including any reissue, reexamination, division, continuation, or continuation-in-part applications throughout the world now or hereafter filed; (ii) trade secret rights and equivalent rights (including know-how); (iii) copyrights, moral rights, other literary property or authors’ rights; (iv) proprietary indicia, trademarks, trade names, symbols, logos, or brand names; and (v) mask works and mask work rights.
  94.   Internet” means a worldwide network of TCP/IP-based networks.
  95.   Inventory Plan” has the meaning set forth in Exhibit A-2 (Asset Services) of Schedule A (Statement of Work) of the Agreement.
  96.   ISV Software” means those programs and programming (including the supporting documentation, media, on-line help facilities and tutorials) that perform specific functions in connection with the Services [*], including development tools specific to a particular item of ISV Software that is provided by the licensor of such ISV Software. [*]
  97.   IT” means information technology.
  98.   Joint Verification Period” is defined in Section 23.3.
  99.   Key Measurements” is defined in Section 9.7.
  100.   Key Rebadged Employees” is defined in Section 5.2.
  101.   Key Vendor Positions” is defined in Section 5.1.
Confidential
Schedule D — Definitions

 

 


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT
THE PORTIONS OF THIS DOCUMENT DENOTED
BY BOXES AND ASTERISKS BE ACCORDED
CONFIDENTIAL TREATMENT PURSUANT TO
RULE 24b-2 PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1943.
  102.   LAN Device” means a network connection device on a LAN such as a bridge, hub, router, or switch located within a Location for which Vendor will provide the Data Network Services and such device will be set forth in Schedule H (Existing Equipment) of the Agreement.
  103.   [*]
  104.   [*]
  105.   [*]
  106.   [*]
  107.   Local Area Network or LAN” means the configuration (hardware components, software, and communications devices) used to transmit and receive data signals within a Location. The LAN configuration for each Location for which Vendor will provide the Services is listed in Schedule P (Locations) of the Agreement.
  108.   Local Area Networks” or “LANs” means the equipment, software, telecommunications facilities, lines, wireless technology, interconnect devices (e.g., bridges, routers, hubs, switches, gateways), wiring, cabling, and fiber that are used to create, connect, and transmit data, voice, and video signals within and among ACI’s network segments (e.g., ethernet, token ring). LANs commence with the interface to a Network interconnect device (e.g., router) and end with and include the LAN interface points (e.g., Network interface cards (“NICs”) that are in LAN-connected equipment (e.g., desktop equipment, servers).
  109.   Location” means any location: [*]; and (ii) that is listed in Schedule P (Locations) of the Agreement.
  110.   Losses” means all losses, fines, punitive awards, monetary sanctions, restitution, liabilities, damages and claims, payable to unaffiliated third parties and/or governmental or regulatory agencies, and all related third-party costs and expenses.
  111.   Mainframe Services” means the Services set forth in Exhibit A-5 (Server Systems Management Services (including Mainframe)) of Schedule A (Statement of Work) of the Agreement.
  112.   Maintained Equipment” means the Equipment listed in Schedule H (Existing Equipment) of the Agreement [*]
  113.   [*]
  114.   Mandatory Employment Period” is defined in Section 5.2.
  115.   Minimum Revenue Commitment” or “MRC” is defined in Section 3.6(a).
  116.   [*]
  117.   [*]
Confidential
Schedule D — Definitions

 

 


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT
THE PORTIONS OF THIS DOCUMENT DENOTED
BY BOXES AND ASTERISKS BE ACCORDED
CONFIDENTIAL TREATMENT PURSUANT TO
RULE 24b-2 PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1943.
  118.   Mobile End User” means an End User who has direct access to a LAN at a Location from within that Location as well as dial-up access to a LAN.
  119.   [*]
  120.   Monthly Performance Report” is defined in Section 10.3.
  121.   Network” means the equipment, software, telecommunications facilities, lines, interconnect devices, wiring, cabling and fiber that are used to create, connect and transmit data, voice and video signals between and within (i) ACI’s LANs and (ii) non-ACI facilities that do business with ACI and for which Vendor is responsible for providing connectivity.
  122.   New Entity” is defined in Section 3.14.
  123.   New Services” is defined in Section 13.6.
  124.   [*]
  125.   Nonstandard Product” means hardware or software, which is not a Standard Product. Vendor at its option may provide commercially reasonable problem determination and resolution support efforts for a Nonstandard Product based upon available resources.
  126.   Notice of Election” is defined in Section 18.4.
  127.   OEM” means original equipment manufacturer.
  128.   On Demand” means the current ACI Retail on demand environment and the EB on demand environment delivered prior to the Effective Date[*]
  129.   [*]
  130.   Party” means either ACI or Vendor and “Parties” means both ACI and Vendor.
  131.   Pass-Through Expenses” is defined in Section 13.2.
  132.   PDP” means pre delivery preparation.
  133.   [*]
  134.   Performance Information” is defined in Section 9.7.
  135.   Personally Identifiable Information” means any nonpublic personal information, as defined under any Applicable Law.
  136.   [*]
  137.   Potentially Rebadged Employees” is defined in Section 5.2.
Confidential
Schedule D — Definitions

 

 


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT
THE PORTIONS OF THIS DOCUMENT DENOTED
BY BOXES AND ASTERISKS BE ACCORDED
CONFIDENTIAL TREATMENT PURSUANT TO
RULE 24b-2 PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1943.
  138.   Privacy Laws” means all Applicable Laws set forth in Section 22.5.
  139.   Procedures Manual” is defined in Section 10.5. The Procedures Manual is sometimes referred to as the “Process Interface Manual”.
  140.   Process Interface Manual” means the manual (electronic or hard copy) which describes the Service Delivery Processes and Service Management Processes and governs the performance of the Services.
  141.   [*]
  142.   Rebadged Employees” is defined in Section 5.2.
  143.   Recovery Center” means the facility other than the Data Center at which Disaster Recovery Services will be provided.
  144.   [*]
  145.   [*]
  146.   Relocation Notice” is defined in Section 3.13.
  147.   Remote End User” means an End User who has only dial-up access to a LAN.
  148.   Required Consents” means such consents as may be required or desirable for the assignment to Vendor, or the grant to Vendor of rights of use, of resources provided for in the Agreement.
  149.   [*]
  150.   [*]
  151.   [*]
  152.   Retained ACI Equipment” means the Equipment listed on Schedule H (Existing Equipment).
  153.   Retained Processes” is defined in Section 3.15.
  154.   Retained Systems” is defined in Section 3.15.
  155.   RMON” means remote network monitoring.
  156.   SAS 70 Type II Report” is defined in Section 11.3.
  157.   Schedule” means any of the schedules attached to the Agreement as the same may be amended by the Parties from time to time in accordance with the Agreement.
  158.   [*]
Confidential
Schedule D — Definitions

 

 


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT
THE PORTIONS OF THIS DOCUMENT DENOTED
BY BOXES AND ASTERISKS BE ACCORDED
CONFIDENTIAL TREATMENT PURSUANT TO
RULE 24b-2 PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1943.
  159.   Section 404” means Section 404 of SOX and the rules and regulations promulgated thereunder.
  160.   Security Plan” is defined in Section 15.2.
  161.   Server Systems Management Services” means the Services set forth in Exhibit A-5 (Server Systems Management Services (including Mainframe)) of Schedule A (Statement of Work) of the Agreement.
  162.   Service Delivery Processes” means the processes set forth in the section entitled “Service Delivery Processes” of Schedule A (Statement of Work) of the Agreement.
  163.   Service Desk” has the meaning set forth in Exhibit A-3 (Service Desk Services) of Schedule A (Statement of Work) of the Agreement.
  164.   Service Desk Services” means the Services set forth in Exhibit A-3 (Service Desk Services) of Schedule A (Statement of Work) of the Agreement.
  165.   Service Hours” means the hours during which Vendor will provide each of the Services as set forth in Exhibit A-1 (Delivery Management Services (Cross Functional)) of Schedule A (Statement of Work) of the Agreement.
  166.   [*]
  167.   Service Level Credits” is defined in Section 9.3.
  168.   [*]
  169.   Service Level Descriptions” means Exhibit B-2 (Critical Service Levels and Key Measurements).
  170.   [*]
  171.   Service Level Performance” means, in respect of each Service Level, the Vendor’s actual performance of the Services against such Service Level in the relevant period.
  172.   Service Levels” is defined in Section 9.1.
  173.   Service Locations” means locations at which Services are performed by any Vendor Personnel.
  174.   Service Management Processes” means the processes set forth in Exhibit A-1 (Delivery Management Services (Cross Functional)) of Schedule A (Statement of Work) of the Agreement.
  175.   Service Provider” is defined in Section 22.5.
  176.   [*]
Confidential
Schedule D — Definitions

 

 


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT
THE PORTIONS OF THIS DOCUMENT DENOTED
BY BOXES AND ASTERISKS BE ACCORDED
CONFIDENTIAL TREATMENT PURSUANT TO
RULE 24b-2 PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1943.
  177.   Service Tower Commencement Date” means the date on which Vendor is scheduled to commence the provision of Services with respect to an applicable Service Tower (set forth in the Transition Plan), or such other date as agreed by the Parties. The Service Tower Commencement Date may be different for each Service Tower.
  178.   Services” is defined in Section 3.1.
  179.   Severity Code” means the severity designation assigned to a problem call (for example, Severity Level 1, Severity Level 2).
  180.   Severity Level 1” is defined in Exhibit B-4 (Severity Levels).
  181.   Severity Level 2” is defined in Exhibit B-4 (Severity Levels).
  182.   Severity Level 3” is defined in Exhibit B-4 (Severity Levels).
  183.   Severity Level 4” is defined in Exhibit B-4 (Severity Levels).
  184.   SNMP” means simple network management protocol.
  185.   Software” means Applications Software and Systems Software, collectively.
  186.   Software Capital Costs” is defined in Section 6.5.
  187.   Software Operational Support Costs” is defined in Section 6.5.
  188.   SOX” means the Sarbanes Oxley Act of 2002, as amended, and the rules and regulations promulgated thereunder.
  189.   Stand-alone Machines” means distributed technology equipment that is: (i) in use, but not dedicated to a particular desktop configuration, such as shared printers, hubs, and routers; or (ii) in inventory, stored, or otherwise not in use.
  190.   Standard Configuration” means the set of hardware and Software components comprising a particular system configuration for which Vendor will provide the Services and that are to be documented during Transition and incorporated into the Agreement.
  191.   Standard Products” means the hardware and software for which Vendor will provide the End User Services and Server Systems Management Services and that are to be documented during Transition and incorporated into the Agreement.
  192.   [*]
  193.   Storage Management Services” means the Services set forth in Exhibit A-6 (Storage Management Services) of Schedule A (Statement of Work) of the Agreement.
Confidential
Schedule D — Definitions

 

 


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT
THE PORTIONS OF THIS DOCUMENT DENOTED
BY BOXES AND ASTERISKS BE ACCORDED
CONFIDENTIAL TREATMENT PURSUANT TO
RULE 24b-2 PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1943.
  194.   Straddle Agreements” means Third Party Contracts with ACI or a ACI Affiliate as they exist on the Effective Date, including enterprise agreements, which relate both to the Services and to assets and activities retained by ACI and its Affiliates that do not form a part of the Services.
  195.   Supported Desktop” means an End User free-standing or portable microcomputer, which consists of a system unit, a display monitor, a keyboard, a mouse, and internal fixed disk storage for which Vendor will provide the End User Services. Supported Desktops are described in Schedule H (Existing Equipment) of the Agreement.
  196.   Supported Desktop Software” means the software residing on a Supported Desktop, including all supporting documentation and media that Vendor will support. Supported Desktop Software is listed in Schedule I (Vendor Supported Software) of the Agreement.
  197.   Supported Server” means a device that provides shared LAN resources (for example, printer, fax, application, mail, data backup, and associated peripheral equipment some of which may be connected to Supported Desktops) for which Vendor will provide the Server Systems Management Services. Supported Servers are listed in Schedule H (Existing Equipment) of the Agreement.
  198.   Supported Server Software” means those programs and programming operating on the Supported Servers, including all supporting documentation and media, that perform tasks basic to the functioning of the Supported Servers (including communications with Supported Desktops and the Data Network) or otherwise support the provision of Services by Vendor. Supported Server Software is listed in Schedule I (Vendor Supported Software) of the Agreement.
  199.   Systems Software” means the programs, supporting documentation and media that: (i) perform tasks basic to the functioning of data processing and telecommunication; (ii) are required to operate the Applications Software; and (iii) are listed as Systems Software in Schedule I (Vendor Supported Software) of the Agreement.
  200.   Technology Plan” is defined in Section 10.8.
  201.   Term” is defined in Section 4.1.
  202.   [*]
  203.   Termination/Expiration Assistance” is defined in Section 21.9.
  204.   Termination/Expiration Assistance Period” is defined in Section 21.9.
  205.   Third Party or Third Parties” means any entity or person other than Vendor and ACI and their respective Affiliates, directors, officers, and employees.
  206.   Third Party Applications Software” means ISV Software that is Applications Software.
  207.   Third Party Contracts” means agreements pursuant to which any third party agrees with Vendor, ACI or any of their Affiliates to provide products or services constituting or used in providing the Services, including contracts for the services of non-employee personnel to provide Services. [*]
Confidential
Schedule D — Definitions

 

 


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT
THE PORTIONS OF THIS DOCUMENT DENOTED
BY BOXES AND ASTERISKS BE ACCORDED
CONFIDENTIAL TREATMENT PURSUANT TO
RULE 24b-2 PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1943.
  208.   Third Party Systems Software” means ISV Software that is Systems Software.
  209.   Tools” means the items listed in Schedule I (Vendor Supported Software) of the Agreement.
  210.   Transformation” means the portion of the Transition Services detailed in the Transformation Plan.
  211.   Transformation Period” means the portion of the Transition Period during which the Transformation occurs.
  212.   Transformation Plan” means the section of the Transition Plan that describes the transformation activities.
  213.   Transition” is defined in Section 3.8.
  214.   [*]
  215.   Transition Period” means the period, defined in the Transition Plan, [*]
  216.   Transition Plan” is defined in Section 3.8.
  217.   Use” means to use, copy, maintain, modify, enhance or create derivative works.
  218.   User ID” means a string of characters (i.e., a user name or a password) that uniquely identifies a user to a system and enables access to a system or specific data residing on a system.
  219.   Vendor Competitors” means [*]
  220.   Vendor Data Center” means the Equipment and Software and Data Network to be located at a Vendor Location or at such other Locations as Vendor may establish thereafter and the data line connecting the Vendor Data Center to the designated Location specified in Schedule P (Locations) of the Agreement.
  221.   Vendor Developed IP” is defined in Section 7.4.
  222.   Vendor Focal Point” means the individual designated by Vendor to act as the single point of contact within a specified Services area or Location to whom ACI may direct all communications related to such Services area or Location.
  223.   Vendor” is defined in the preamble to the Agreement, subject to Section 2.2.
  224.   Vendor Indemnitees” is defined in Section 18.2.
  225.   Vendor Laws” is defined in Section 22.1.
Confidential
Schedule D — Definitions

 

 


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT
THE PORTIONS OF THIS DOCUMENT DENOTED
BY BOXES AND ASTERISKS BE ACCORDED
CONFIDENTIAL TREATMENT PURSUANT TO
RULE 24b-2 PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1943.
  226.   Vendor Personnel” means employees of Vendor and its subcontractors who perform the Services pursuant to the Agreement.
  227.   Vendor Preexisting IP” is defined in Section 7.4.
  228.   Vendor Delivery Project Executive” is defined in Section 5.1.
  229.   Vendor Provided Technology” means the Equipment, Software, technology and processes Vendor utilizes, or provides to ACI, in connection with the Services or otherwise under the Agreement (regardless of when developed).]
  230.   Vendor Software” means the Software that is owned or exclusively licensed to Vendor or its Affiliates and that is used in provision of the Services.
  231.   Vendor Software Operational Support Services” will consist of the following activities [*]
  232.   Vendor Supported Software” means that Software specified in Schedule I (Vendor Supported Software.
  233.   Vendor Transition Manager” is defined in Section 5.1.
  234.   Virus” means (i) program code, programming instruction or set of instructions intentionally or unintentionally constructed with the ability to damage, interfere with or otherwise adversely affect computer programs, data files or operations, whether or not technically known as a “virus” (e.g., worms, Trojan horses, trap doors, etc.); or (ii) other code typically designated as a virus.
  235.   WAN Device” means a set of hardware components controlled by software (for example, switches, routers, gateways) that allows a number of devices to connect to each other or to be connected to other LANs via routers and communicate using various data types, formats and communications protocols. Typically, a WAN Device connects devices such as client workstations, servers, printers, or communications controllers across a telecommunications provider facility. WAN Devices will be set forth in Schedule H (Existing Equipment) of the Agreement.
  236.   Wide Area Network” or “WAN” means the equipment, software, transmission facilities, interconnect devices, cabling and wireless technology that are used to create, connect and transmit data, voice and video signals between and among ACI points of presence.
  237.   [*]
  238.   Work Product” is defined in Section 7.4.
  239.   [*]
Confidential
Schedule D — Definitions

 

 


 

SCHEDULE E
INTENTIONALLY LEFT BLANK

 

 


 

SCHEDULE F
INTENTIONALLY LEFT BLANK

 

 


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT THE
PORTIONS OF THIS DOCUMENT DENOTED BY BOXES AND
ASTERISKS BE ACCORDED CONFIDENTIAL TREATMENT
PURSUANT TO RULE 24b-2 PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1934.
SCHEDULE G
THIRD PARTY CONTRACTS
1. INTRODUCTION
This Schedule lists ACI’s Third Party Contracts for which Vendor will be financially and administratively and operationally responsible as of the Service Tower Commencement Date. This Schedule will be verified and updated, as required, during the Joint Verification Period described in Section 23.3 of the Master Services Agreement.
2. LICENSES
2.1 Financial, Administrative and Operational Responsibility
                                                         
Item
#
  Services
Tower
    Software
Vender
Name
    Description     Monthly
License
Maintenance
Expense
    Annual
License
Maintenance
Expense
    License
Expiration
Date
    License
Maintenance
#
 
 
                           
*  Represents five pages of redacted tabular data
3. OTHER CONTRACTS
3.1 Financial, Administrative and Operational Responsibility
                                                         
Item
#
  Services
Tower
    Vender
Name
    Description     Monthly
Expense
    Annual
Expense
    Expiration
Date
    Contract
#
 
 
                           
*  Represents 13 pages of redacted tabular data
Confidential
Schedule G — Third Party Contracts

 

 


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT THE PORTIONS OF
THIS DOCUMENT DENOTED BY BOXES AND ASTERISKS BE
ACCORDED CONFIDENTIAL TREATMENT PURSUANT TO RULE 24b-2
PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1934.
SCHEDULE H
EXISTING EQUIPMENT
1. Introduction
This Schedule H (Existing Equipment) sets out the existing Equipment lists, provided to Vendor by ACI, as of the Effective Date, that Vendor will use to provide to the Services to ACI in accordance with Section 3.7 of the MSA. This Schedule will be updated after the completion of a wall-to-wall inventory.
2. Mainframe Existing Equipment
This following table lists the existing mainframe Equipment located in the [ * ]
                         
Machine Type   Machine
Model
    Qty     Description  
 
           
[ * ]
3. Security Existing Equipment
This following table lists the existing security Equipment located in ACI Locations.
                         
Machine Type   Machine
Model
    Qty     Description | Location  
 
           
[ * ]
4. Midrange/Server Existing Equipment
The following Exhibits list the existing midrange/server Equipment.
    Exhibit H-1 (ACI US Midrange Inventory)
    Exhibit H-2 (ACI Toronto Server Room Inventory)
    Exhibit H-3 (EMEA Server Equipment)
    Exhibit H-4 (ACI AP Midrange Inventory)
5. Network Existing Equipment
Exhibit H-5 (Network Inventory) lists the existing Network Equipment.
6. End User Services Existing Equipment
The following table and Exhibit H-6 (People Counts by Location) list the existing End User machine quantities.

[ * ]
Confidential
Schedule H — Existing Equipment

 

Page 1 of 3


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT THE PORTIONS OF
THIS DOCUMENT DENOTED BY BOXES AND ASTERISKS BE
ACCORDED CONFIDENTIAL TREATMENT PURSUANT TO RULE 24b-2
PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1934.
7. Refresh Of Existing Equipment
The following table lists Vendor’s general Refresh plan for the existing Equipment.
     
Service Tower   Refresh Plan
 
   
[ * ]
More specifically, the Vendor will apply the following refresh schedule until all ACI hardware is on the standard schedule:
–    [ * ]
Confidential
Schedule H — Existing Equipment

 

Page 2 of 3


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT
THE PORTIONS OF THIS DOCUMENT DENOTED BY
BOXES AND ASTERISKS BE ACCORDED
CONFIDENTIAL TREATMENT PURSUANT TO RULE
24b-2 PROMULGATED UNDER THE SECURITIES
EXCHANGE ACT OF 1934.
EXHIBIT H-1
ACI US MIDRANGE INVENTORY
[ * ]
*  Represents 26 pages of redacted tabular data

 

 


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT THE
PORTIONS OF THIS DOCUMENT DENOTED BY BOXES
AND ASTERISKS BE ACCORDED CONFIDENTIAL
TREATMENT PURSUANT TO RULE 24b-2
PROMULGATED UNDER THE SECURITIES EXCHANGE
ACT OF 1934.
EXHIBIT H-2
ACI TORONTO SERVER ROOM INVENTORY
[ * ]
*  Represents four pages of redacted tabular data

 

 


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT
THE PORTIONS OF THIS DOCUMENT DENOTED BY
BOXES AND ASTERISKS BE ACCORDED
CONFIDENTIAL TREATMENT PURSUANT TO RULE
24b-2 PROMULGATED UNDER THE SECURITIES
EXCHANGE ACT OF 1934.
EXHIBIT H-3
EMEA SERVER EQUIPMENT
[ * ]
*  Represents 14 pages of redacted tabular data
 

 

 


 

ACI WORLDWIDE, INC. HAS REQUESTED
THAT THE PORTIONS OF THIS DOCUMENT
DENOTED BY BOXES AND ASTERISKS BE
ACCORDED CONFIDENTIAL TREATMENT
PURSUANT TO RULE 24b-2 PROMULGATED
UNDER THE SECURITIES EXCHANGE ACT OF
1934.
EXHIBIT H-4
ACI AP MIDRANGE INVENTORY
[ * ]
*  Represents four pages of tabular data

 

 


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT THE
PORTIONS OF THIS DOCUMENT DENOTED BY BOXES AND
ASTERISKS BE ACCORDED CONFIDENTIAL TREATMENT
PURSUANT TO RULE 24b-2 PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1934.
EXHIBIT H-5
NETWORK INVENTORY
[ * ]
*  Represents seven pages of redacted tabular data

 

 


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT
THE PORTIONS OF THIS DOCUMENT DENOTED
BY BOXES AND ASTERISKS BE ACCORDED
CONFIDENTIAL TREATMENT PURSUANT TO
RULE 24b-2 PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1934.
EXHIBIT H-6
PEOPLE COUNTS BY LOCATION
[ * ]
*  Represents two pages of redacted tabular data

 


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT THE PORTIONS
OF THIS DOCUMENT DENOTED BY BOXES AND ASTERISKS BE
ACCORDED CONFIDENTIAL TREATMENT PURSUANT TO RULE
24b-2 PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1934.
SCHEDULE I
VENDOR SUPPORTED SOFTWARE
1. ACI Systems Software Introduction
This Schedule I (Vendor Supported Software) sets out the existing ACI Systems Software lists, provided to Vendor by ACI, as of the Effective Date, that Vendor will use to provide the Services to ACI as well as the Vendor System Software that Vendor will use to provide the Services. This Schedule will be verified and updated after Transition.
2. Mainframe Existing ACI Systems Software
This following table lists the Mainframe Existing ACI Systems Software in use on the Existing Mainframe Equipment at the [ * ].
                                 
Product     Product
Name
    Vendor     Classification     Description  
[ * ]
*  Represents two pages of tabular data
3. Security/Asset Existing ACI Systems Software
This following table lists the Existing ACI Systems Software.
                 
Product     Vendor     Description  
[ * ]
4. Midrange/Server Software
The following table list the Existing Midrange/Server ACI Systems Software.
                 
ACI Provided Systems Software
Product     Vendor     Description  
[ * ]
*  Represents eight pages of tabular data
The following table lists the IBM software tools that Vendor will use to provide the Services.
                 
Vendor Provided Software Systems
Product     Vendor     Description  
[ * ]
Confidential
Schedule I — Vendor Supported Software

 

 


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT THE PORTIONS
OF THIS DOCUMENT DENOTED BY BOXES AND ASTERISKS BE
ACCORDED CONFIDENTIAL TREATMENT PURSUANT TO RULE
24b-2 PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1934.
5. Network Existing ACI Systems Software
The following table lists the Existing Network ACI Systems Software.
                 
Product     Vender     Description  
[ * ]
6. End User Services Existing ACI Systems Software
Exhibits I-1, Exhibit I-2, and Exhibit I-3 list the existing End User services ACI Systems Software:
    Exhibit I-1 — Framingham Workstations
    Exhibit I-2 — Newton Workstations
    Exhibit I-3 — Omaha Workstations
Confidential
Schedule I — Vendor Supported Software

 

 


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT THE
PORTIONS OF THIS DOCUMENT DENOTED BY BOXES AND
ASTERISKS BE ACCORDED CONFIDENTIAL TREATMENT
PURSUANT TO RULE 24b-2 PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1934.
EXHIBIT l-1
FRAMINGHAM WORKSTATIONS
[ * ]
*  Represents 785 pages of redacted tabular data

 

 


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT THE
PORTIONS OF THIS DOCUMENT DENOTED BY BOXES
AND ASTERISKS BE ACCORDED CONFIDENTIAL
TREATMENT PURSUANT TO RULE 24b-2
PROMULGATED UNDER THE SECURITIES EXCHANGE
ACT OF 1934.
EXHIBIT l-2
NEWTON WORKSTATIONS
[ * ]
*  Represents 496 pages of redacted tabular data

 

 


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT
THE PORTIONS OF THIS DOCUMENT DENOTED
BY BOXES AND ASTERISKS BE ACCORDED
CONFIDENTIAL TREATMENT PURSUANT TO
RULE 24b-2 PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1934.
EXHIBIT l-3
OMAHA WORKSTATIONS
[ * ]
*  Represents 947 pages of redacted tabular data

 

 


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT
THE PORTIONS OF THIS DOCUMENT DENOTED
BY BOXES AND ASTERISKS BE ACCORDED
CONFIDENTIAL TREATMENT PURSUANT TO
RULE 24b-2 PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1943.
SCHEDULE J
ACI POLICIES AND PROCEDURES
TABLE OF CONTENTS
                 
            Page  
       
 
       
  1.    
[ * ]
    2  
  2.    
Business Ethics Policy
    7  
  3.    
[ * ]
    14  
  4.    
[ * ]
    15  
  5.    
[ * ]
    25  
  6.    
[ * ]
    29  
  7.    
[ * ]
    32  
  8.    
[ * ]
    35  
  9.    
[ * ]
    38  
  10.    
[ * ]
    42  
  11.    
[ * ]
    47  
  12.    
[ * ]
    49  
  13.    
[ * ]
    54  
  14.    
[ * ]
    60  
  15.    
[ * ]
    63  
  16.    
[ * ]
    65  
  17.    
[ * ]
    68  
  18.    
[ * ]
    71  
  19.    
[ * ]
    74  
  20.    
[ * ]
    79  
  21.    
[ * ]
    81  
  22.    
[ * ]
    114  
  23.    
[ * ]
    126  
  24.    
[ * ]
    131  
  25.    
[ * ]
    135  
  26.    
[ * ]
    136  
  27.    
[ * ]
    138  
  28.    
[ * ]
    140  
  29.    
[ * ]
    142  
         
    Confidential    
    Schedule J – ACI Policies and Procedures   Page 1 of 144

 

 


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT
THE PORTIONS OF THIS DOCUMENT DENOTED
BY BOXES AND ASTERISKS BE ACCORDED
CONFIDENTIAL TREATMENT PURSUANT TO
RULE 24b-2 PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1943.
[ * ]
*  Represents 6 pages of redacted text
         
    Confidential    
    Schedule J — ACI Policies and Procedures   Page 2 of 144

 

 


 

ACI WORLDWIDE BUSINESS ETHICS POLICY
Policy Number 7-400
Revision Date — 21 November 2007
         
Policy Contact    
Information:   This Policy Applies To:
 
       
Dennis Byrnes
  Group   Except
 
       
mailto:byrnesd@ACIinc.com
  þ All Contractors    
 
       
(402) 390-8993
  o USA-based Contractors    
 
       
 
  o Omaha-based Contractors    
 
       
 
  o IT Support Staff — Omaha-based    
 
       
 
  o IT Support Staff — All Locations    
 
       
 
  þ Other: Authorized Non-contractors    
 
       
ACI WORLDWIDE CORP
CODE OF BUSINESS CONDUCT AND ETHICS
This policy is in addition to ACI’s Code of Ethics for the Company’s Chief Executive Officer and Senior Financial Officers (Policy 7-410).
Introduction
This Code of Business Conduct and Ethics describes the basic principles of conduct that we share as officers and contractors of Transaction Systems Architects, Inc. (“we” or the “Company”). This Code also applies to our directors. Violation of this Code may result in disciplinary action, varying from reprimand to dismissal. ACI contractors will annually review the ACI Code of Business Conduct and Ethics and acknowledge this review per local Human Resources practice.
This Code is intended to provide a broad overview of basic ethical principles that guide our conduct. In some circumstances, we maintain more specific policies on the topics referred to in this Code. Should you have any questions regarding these policies, please review the policies posted on the Company’s intranet (i4) or contact a member of the Human Resources department.
         
    Confidential    
    Schedule J — ACI Policies and Procedures   Page 7 of 144

 

 


 

Compliance with Laws, Rules and Regulations
Our policy is to comply with all laws, rules, and regulations of the places where we do business. No contractor, officer or director of the Company shall commit an illegal or unethical act, or instruct others to do so, for any reason. If a law, rule or regulation is unclear, or conflicts with a provision of this Code, you should seek advice from supervisors or our General Counsel, but always seek to act in accordance with the ethical standards described in this Code.
Conflicts of Interest
We conduct our business affairs in the best interest of the Company and should therefore avoid situations where our private interests interfere in any way with the Company’s interests or could improperly influence our work, business decisions or actions. We need to be especially sensitive to situations that have even the appearance of impropriety and promptly report them to a supervisor, or if appropriate, a more senior manager. If you believe that a transaction, relationship or other circumstance creates or may create a conflict of interest, you should promptly report this concern in the manner provided in this Code. It is our policy that circumstances that pose a conflict of interest for our contractors are prohibited unless a waiver is obtained from our General Counsel. Consistent with Nasdaq listing requirements, and as further described below, any waiver of this conflict of interest policy for a director or executive officer may only be made by our Board or a committee of our Board, and any such waiver will be promptly disclosed in accordance with applicable law and listing Nasdaq requirements.
Record-Keeping
We require honest and accurate recording and reporting of information in order to make responsible business decisions. We document and record our business expenses accurately. Questionable expenses should be discussed with the appropriate personnel in our accounting department.
All of our books, records, accounts, and financial statements are maintained in reasonable detail, appropriately reflect our transactions, and conform both to applicable legal requirements and to our system of internal controls. Unrecorded or “off the books” funds or assets should not be maintained unless permitted by applicable law or regulation.
The disposal or destruction of the Company’s records and files is not discretionary with any contractor. The Company’s requirements for record retention are further outlined in the Company’s Record Retention Policy. In addition, when matters such as litigation (actual or threatened), government inquiries, investigations or audits are pending or reasonably expected, we will not destroy any relevant records until such matter is closed, and then only in accordance with the Company’s Records Retention Policy.
We avoid exaggeration, derogatory remarks, guesswork, or inappropriate characterizations of people and companies in our business records and communications. We maintain our records according to our record retention policies. In accordance with those policies, in the event of litigation or governmental investigation, please consult our General Counsel.
         
    Confidential    
    Schedule J — ACI Policies and Procedures   Page 8 of 144

 

 


 

Public Reporting
We are a public company and as a result file reports and other documents with the Securities and Exchange Commission (SEC) and Nasdaq. As well, we issue press releases and make other public statements that include financial and other information about our business, financial condition and results of operations. We endeavor to make full, fair, accurate, timely and understandable disclosure in reports and documents we file with, or submit to, the SEC and Nasdaq and in our press releases and public communications.
We require cooperation and open communication with our internal and outside auditors. It is illegal to take any action to fraudulently influence, coerce, manipulate, or mislead any internal or external auditor engaged in the performance of an audit of our financial statements.
The laws and regulations applicable to filings made with the SEC, including those applicable to accounting matters, are complex. While the ultimate responsibility for the information included in these reports rests with senior management, numerous other contractors participate in the preparation of these reports or provide information included in these reports. We maintain disclosure controls and procedures to ensure that the information included in the reports that we file or submit to the SEC is collected and communicated to senior management in order to permit timely disclosure of the required information.
If you are requested to provide, review or certify information in connection with our disclosure controls and procedures, you must provide the requested information or otherwise respond in a full, accurate and timely manner. Moreover, even in the absence of a specific request, you should report to your supervisor or a more senior manager any information that you believe should be considered for disclosure in our reports to the SEC.
If you have questions or are uncertain as to how our disclosure controls and procedures may apply in a specific circumstance, promptly contact your supervisor or a more senior manager. We want you to ask questions and seek advice. Additional information regarding how to report your questions or concerns (including on a confidential, anonymous basis) is included below in this Code under the heading “Reporting Illegal or Unethical Behavior.”
Insider Trading
We do not trade in Company stock on the basis of material, non-public information concerning the Company, nor do we “tip” others who may trade in Company securities. Please refer to our stock transaction policies for more detailed information about our policies in this area.
Corporate Opportunities
We do not personally take opportunities that are discovered through the use of Company property, information or position without the prior consent of our Board. Our directors, officers, and contractors are also prohibited from competing with the Company.
         
    Confidential    
    Schedule J — ACI Policies and Procedures   Page 9 of 144

 

 


 

Competition and Fair Dealing
We outperform our competition fairly and honestly by developing leading solutions and technology based on design and performance. We do not engage in unethical or illegal business practices such as stealing proprietary information, possessing trade secret information that was obtained without the owner’s consent, or inducing disclosure of this type of information by past or present contractors of other companies. Each contractor, officer and director of the Company should endeavor to deal fairly with customers, suppliers, competitors, the public and one another at all times and in accordance with ethical business practices.
Business Entertainment and Gifts
We recognize that business entertainment and gifts are meant to create goodwill and sound working relationships, not to gain unfair advantage with customers or suppliers. Neither we nor our family members offer, give, or accept any gift or entertainment unless it: (a) is not a cash gift, (b) is consistent with customary business practices, (c) is not excessive in value, (d) cannot be construed as a bribe or payoff, and (e) does not violate any laws or regulations. Any questionable gift or invitation should be discussed with a supervisor, or, if appropriate, a more senior manager.
Discrimination and Harassment
The diversity of our contractors is a tremendous asset. We provide equal opportunity in all aspects of employment and will not tolerate discrimination or harassment of any kind. Derogatory comments based on racial or ethnic characteristics, unwelcome sexual advances and similar behavior are prohibited.
Health and Safety
We strive to provide a safe and healthful work environment. We ensure a safe and healthy work environment by following safety and health rules and practices and promptly reporting accidents, injuries, unsafe conditions or other violations or potential violations of applicable OSHA standards to a supervisor or more senior manager.
We do not permit violence or threatening behavior in our workplaces. We report to work in condition to perform our duties at our best, free from the influence of illegal drugs or alcohol. We do not tolerate the use of illegal drugs in the workplace.
Confidentiality
We protect confidential information. Unauthorized use or distribution of confidential information is prohibited and could also be illegal, resulting in civil or even criminal penalties. Confidential information includes proprietary information such as our trade secrets, patents, trademarks, copyrights, business, marketing plans, sales forecasts, engineering ideas, designs, databases, records, salary information, and unpublished financial data and reports, as well as any non-public information that might be of use to competitors or harmful to us or our customers if disclosed. It also includes information that suppliers, customers and other business partners have entrusted to us on a confidential basis. Our personal obligation not to disclose confidential information continues even after employment ends.
         
    Confidential    
    Schedule J — ACI Policies and Procedures   Page 10 of 144

 

 


 

Protection and Proper Use of Company Assets
Theft, carelessness, and waste of Company assets have a direct impact on our profitability and should be avoided. Any suspected incident of fraud or theft should be immediately reported to a supervisor or, if appropriate, a more senior manager for investigation.
Payments to Government Personnel
In compliance with the United States Foreign Corrupt Practices Act, we do not give anything of value, directly or indirectly, to officials of foreign governments or foreign political candidates in order to obtain or retain business. We do not promise, offer, or deliver to any foreign or domestic government contractor or official any gift, favor, or other gratuity that would be illegal. Our General Counsel can provide guidance in this area.
The laws or customs of other countries in which we operate may be less clear. It is our policy to comply with those laws or customs; however, if a local law or custom seems to contradict the principles described in this Code, contact a supervisor or our General Counsel for guidance.
Waivers
Consistent with Nasdaq listing requirements, only our Board or a committee of our Board may waive a provision of this Code for our executive officers or directors, and any waiver will be promptly disclosed to the public in accordance with applicable law and Nasdaq listing requirements. Waivers of this Code for any other contractor may be made only by our General Counsel, and then only under special circumstances.
Reporting Illegal or Unethical Behavior
In order to encourage good faith reports of illegal or unethical behavior (including violations of this Code), we keep all reports confidential and do not allow retaliation for reports of misconduct by others. It is also our duty to cooperate in internal investigations of alleged misconduct.
We must all work to ensure prompt and consistent action against unethical or illegal behavior. Oftentimes a violation of this Code will be easy to recognize and should be promptly reported as described in the answer to Question 6 below. However, in some situations it is difficult to know right from wrong. Since none of us can anticipate every situation that will arise, it is important that we have a way to approach a new or sensitive question or concern. Here are some questions that can be asked:
         
    Confidential    
    Schedule J — ACI Policies and Procedures   Page 11 of 144

 

 


 

What do I need to know? In order to reach the right solutions, we must be as fully informed as possible.
What specifically am I being asked to do? Does it seem unethical or improper? This will focus the inquiry on the specific action in question, and the available alternatives. Use judgment and common sense; if something seems unethical or improper, it probably is.
What is my responsibility? In most situations, there is shared responsibility. Should colleagues be informed? It may help to get others involved and discuss the issue.
Should I discuss the issue with a supervisor? In many cases, a supervisor will be more knowledgeable about the question and will appreciate being brought into the decision-making process. Remember that it is the supervisor’s responsibility to help solve problems.
Should I seek help from Company management? In the case which it may not be appropriate to discuss an issue with a supervisor, or where you would not be comfortable approaching a supervisor with your question, consider discussing it with your office manager or a member of the Human Resources department. If for some reason you do not believe that your concerns have been appropriately addressed, you can seek advice from our General Counsel.
How should I report instances of questionable behavior by contractors, officers or directors (including possible violations of this Code)? For those who wish to remain anonymous, you can submit your concern:
  A.  
In writing to either:
  (i)  
The Company’s General Counsel, at 224 S. 108th Avenue, Omaha, NE 68154-26841325; or
 
  (ii)  
The Chairman of the Company’s Audit Committee, at 224 S. 108th Avenue, Omaha, NE 68154-26841325.
  B.  
By anonymously contacting the third-party service provider identified in the Company’s Whistleblower Protection Policy. That service provider will notify the Company’s senior officers of any report but will not disclose the identity of the reporting person if that person requests anonymity.
An anonymous report should provide enough information about the incident or situation to allow the Company to investigate properly. If concerns or complaints require confidentiality, including keeping an identity anonymous, we will endeavor to protect this confidentiality, subject to applicable law, regulation and legal proceedings.
For those who do not choose to remain anonymous, please:
  A.  
Initially address your concern with either your supervisor or a member of the Human Resources department.
         
    Confidential    
    Schedule J — ACI Policies and Procedures   Page 12 of 144

 

 


 

  B.  
If at any time you are not satisfied that your concern is being adequately addressed, you should bring the matter to the attention of the Company’s General Counsel.
 
  C.  
If you are still unsatisfied with the resolution of, or attention to, the matter, you should contact the Chairman of the Audit Committee.
Your matter will be addressed confidentially to the extent practicable and with anonymity to the extent you desire and to the extent practicable.
Compliance and Enforcement
All contractors, directors and officers are expected to comply with all of the provisions of this Code, and the Company recognizes the need for this Code to be applied equally to everyone it covers. The Code will be strictly enforced throughout the Company and violations will be dealt with immediately. Violations of the Code that involve illegal behavior will be reported to the appropriate authorities.
Our General Counsel has primary authority and responsibility for administering this Code, investigating alleged violations and determining corrective and disciplinary action, subject to the supervision of the Audit Committee of our Board. Depending on the circumstances, in some cases senior managers and other officers will be involved to consider and determine the appropriate corrective or disciplinary action. In some cases, the Audit Committee or the full Board will be responsible for conducting the investigation and determining actions to be taken. The Company will devote the necessary resources to enable the General Counsel to establish such procedures as may be reasonably necessary to create a culture of accountability and facilitate compliance with this Code. The General Counsel will periodically report violations of this Code and the corrective actions taken to the Audit Committee.
The Company strives to impose discipline for each violation of this Code that fits the nature and particular facts of the violation. The Company generally will issue warnings or reprimands for less significant, first-time offenses. Violations of a more serious nature may result in an action such as suspension without pay, demotion, or reduction of compensation. Termination of employment generally is reserved for conduct such as theft or other violations amounting to a breach of trust, or for cases where a person has engaged in multiple violations. Termination may also be appropriate for ethical violations if the contractor has had appropriate training and consciously chooses to pursue unethical behavior. Violations of this Code are not the only basis for disciplinary action. The Company has additional guidelines and procedures governing conduct, and violations of those guidelines and procedures may also result in corrective or disciplinary action.
Retaliation against any contractor for good faith reporting of violations of this Code is strictly prohibited. Any such retaliation will be treated as a serious violation of this Code.
Questions concerning this Code should be directed to our General Counsel.
         
    Confidential    
    Schedule J — ACI Policies and Procedures   Page 13 of 144

 

 


 

Conclusion
The Company’s good name and reputation depend, to a very large extent, upon your taking personal responsibility for maintaining and adhering to the policies and guidelines set forth in this Code. Your business conduct on behalf of the Company must be guided by the policies and guidelines set forth in this Code.
* * * * *
Consistent with applicable laws and regulations, this Code will be included on the Company’s
website and will be made available upon request sent to the Company’s Secretary. The Company’s
annual report to stockholders will state that this Code is available on the Company’s website and
will be made available upon request sent to the Company’s Secretary.
The undersigned acknowledges that he/she has received and read this Code of Business Conduct and Ethics.
         
 
       
 
       
 
 
 
   
Signature
  Date    
 
       
 
       
 
       
Print Name
       
         
    Confidential    
    Schedule J — ACI Policies and Procedures   Page 14 of 144

 

 


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT
THE PORTIONS OF THIS DOCUMENT DENOTED
BY BOXES AND ASTERISKS BE ACCORDED
CONFIDENTIAL TREATMENT PURSUANT TO
RULE 24b-2 PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1943.
[ * ]
* represents 130 pages of redacted text
         
    Confidential    
    Schedule J — ACI Policies and Procedures   Page 15 of 144

 

 


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT THE
PORTIONS OF THIS DOCUMENT DENOTED BY BOXES AND
ASTERISKS BE ACCORDED CONFIDENTIAL TREATMENT
PURSUANT TO RULE 24b-2 PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1934.
SCHEDULE K
USER SATISFACTION SURVEY GUIDELINES
1.   INTRODUCTION
This Schedule describes the requirements related to customer satisfaction surveys.
ACI will have overall review and approval of the customer satisfaction surveys, to include input and approval of the survey recipients, the survey methodology, and the survey questions.
2.   GENERAL REQUIREMENTS
  a.   Vendor’s responsibilities include the following:
  (1)   During Transition, develop and submit for ACI’s approval a complete and comprehensive customer satisfaction survey process, including the content and format of each customer satisfaction survey (each, a “Survey”). Such process shall be deemed to be the “Survey Process” for purposes of this Agreement.
 
  (2)   Conduct Surveys for the following categories of End Users:
      [ * ]
  (3)   At ACI’s request, work with the Executive Steering Committee and/or the Management Committee to determine the list of ACI personnel and other End Users to be included in each Survey; provided that the individuals to be included in any Survey (the “Participants” for such Survey) shall be subject to the ACI’s written approval.
 
  (4)   Conduct each Survey for its Participants in accordance with the Survey Process and any ACI-approved materials and methodologies specific to such Survey, using tools agreed upon by the Parties.
 
  (5)   [ * ]
 
  (6)   Measure customer satisfaction in all Surveys for a selection of the following general attributes:
 
  (a)   [ * ]
 
  (b)   [ * ]
 
  (c)   [ * ]
 
  (d)   [ * ]
 
  (e)   [ * ]
 
  (f)   [ * ]
 
  (g)   [ * ]
 
  (h)   [ * ]
 
  (7)   At ACI’s direction and in cooperation with ACI, use the Survey results to plan and implement measurable improvements to those portions of the Services requiring attention (provided that any such improvements to the Services shall be subject to ACI’s written approval).
 
  (8)   In response to a pattern of issues raised by each Survey, promptly prepare and provide to ACI a set of recommendations for Vendor to further improve its provision of the Services.
 
  (9)   Work in good faith with ACI to remedy issues or concerns raised in each Survey.
Confidential
Schedule K — User Satisfaction Survey Guidelines

 

 


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT THE
PORTIONS OF THIS DOCUMENT DENOTED BY BOXES AND
ASTERISKS BE ACCORDED CONFIDENTIAL TREATMENT
PURSUANT TO RULE 24b-2 PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1934.
3.   EXECUTIVE CUSTOMER SATISFACTION SURVEYS
  a.   The Vendor’s responsibilities include the following:
  (1)   [ * ]
 
  (2)   [ * ]
 
  (3)   [ * ]
 
  (4)   [ * ]
 
  (5)   Report the results of the Survey in writing (in a format acceptable to ACI) to the ACI Contract Executive within thirty (30) Business Days after the completion of the Survey.
 
  (6)   Along with ACI, conduct follow-on reviews as requested by the ACI Contract Executive, including reviewing the results of Executive Customer Satisfaction Surveys in the next Executive Steering Committee meeting.
4.   NON-EXECUTIVE CUSTOMER SATISFACTION SURVEYS
  a.   The Vendor’s responsibilities include the following:
  (1)   [ * ]
 
  (2)   [ * ]
 
  (3)   [ * ]
 
  (4)   [ * ]
 
  (5)   Report the results of the Survey in writing (in a format acceptable to ACI) to the ACI Contract Executive within thirty (30) Business Days after the completion of the Survey.
 
  (6)   Along with ACI, conduct follow-on reviews as requested by the ACI Contract Executive, including reviewing the results of non-Executive Customer Satisfaction Surveys in the next Executive Steering Committee meeting.
5.   POINT-OF-SERVICE CUSTOMER SATISFACTION SURVEYS
[ * ]
Confidential
Schedule K — User Satisfaction Survey Guidelines

 

 


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT THE PORTIONS OF
THIS DOCUMENT DENOTED BY BOXES AND ASTERISKS BE
ACCORDED CONFIDENTIAL TREATMENT PURSUANT TO RULE 24b-2
PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1934.
SCHEDULE L
TRANSITION AND TRANSFORMATION
1.   INTRODUCTION
 
    This portion of the Schedule describes the Transition scope and approach used to manage the Transition, including the subprojects that will be further defined in the detailed Transition Plan. The terms and conditions of this Agreement will apply to the Transition, except to the extent expressly amended by the applicable Transition Plan.
 
    Vendor will begin Transition activities on the Agreement Effective Date and complete the subprojects needed for Vendor to provide service as of the Service Tower Commencement Date. Each subproject produces deliverables, (including installed tools and documented processes and procedures amended by knowledge transfer from appropriate ACI employees), for the Vendor service delivery team. Each subproject generally represents a specific Service Tower competency such as Service Desk, Data Network Services, Enterprise Security Management Services, etc. In addition, there are two data center moves occurring during the Transition: [ * ]
 
    The general workflow and timelines for key subprojects are described below. The complete listing of subprojects will be described in the detailed Transition Plan. The actual dates are subject to change after the joint planning session with ACI that will be scheduled after the Agreement Effective Date. These dates will be reflected in the detailed Transition Plan to be delivered 60 days after the Agreement Effective Date.
 
    The initial 30 — 45 days after the Agreement Effective Date includes the acquisition of internal Vendor resources, a joint planning session with ACI that will produce the detailed Transition Plan, as well as joint verification of baselines. The governance structure will be described to ACI and established as the Vendor Program Management Office is implemented. The signed Agreement will be registered and a complete deliverables list will be created and provided to the Vendor service delivery team and ACI. These activities and others to be described in the detailed Transition Plan are represented in the Planning and Startup arrow as well as the PE Project Office arrow in Exhibit L-1.
 
    The [ * ] data center move will be addressed as a Transition project with a Vendor project manager, working with an ACI project manager, coordinating all of the Vendor and ACI resources needed to remove Equipment and associated Software from the [ * ] data center and relocate to the [ * ] Location. The planning stage will include coordination with existing ACI move plans and preparation. Work activities will include obtaining sufficient raised floor, outfitting with any new Equipment needed, installing local shared Internet access Equipment, preparation for [ * ], packing and shipping Equipment from [ * ], installing Equipment and re-installing existing Software, performing testing of installation and turning over to steady state operations. The actual move will occur over a three-day weekend period with advance notice to End Users. This activity is schedule for completion on August 1, 2008. These activities and overall start and stop dates are represented by the [ * ].
Confidential
Schedule L — Transition and Transformation

 

 


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT THE PORTIONS OF
THIS DOCUMENT DENOTED BY BOXES AND ASTERISKS BE
ACCORDED CONFIDENTIAL TREATMENT PURSUANT TO RULE 24b-2
PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1934.
The [ * ] data center move will be started as a Transition project with the Transition team developing the initial project plan in conjunction with ACI personnel in both the [ * ]. This activity will start after the planning for the [ * ] move is completed and the preparatory tasks will begin after the [ * ] move plan is completed. This move will involve the transmission of all Software from [ * ] Equipment to Equipment on the [ * ] raised floor. The work effort will be completed by [ * ] employees under Vendor Project Manager guidance. Once installed on the [ * ] Equipment, testing will take place and the systems will be turned over to Vendor to provide Service. The move of data will take place over a weekend with advance notice to End Users and these activities are scheduled for completion on November 1, 2008. This is represented by the [ * ].
The Enterprise Security Management Services subproject will transfer the responsibility for user ID administration, security administration Services, and intrusion detection Services to Vendor, and will produce an Information Security Controls Document for ACI’s approval. The start and stop dates are represented by the Security green arrow in Exhibit L-1.
The Data Network Services subproject will provide Network connectivity supporting the four data center migrations to Vendor raised floor, [ * ] to major ACI development Locations as well as Network monitoring (via [ * ]) of ACI global location connectivity. The [ * ] will be operational to support existing and future connectivity on August 1, 2008. The full complement of [ * ].
The Service Desk Services transition subproject will replace multiple existing ACI Service Desk functions with a [ * ]. There will be a knowledge transfer period, a knowledge gap analysis followed by additional knowledge gathering as required. A single Service Desk telephone number will be created for ACI and service queues will be set up for ACI and Vendor teams to access help requests from End Users. [ * ]
The End User Services subproject will transition support from existing ACI resources to Vendor and/or subcontractor resources allocated to ACI Locations in Schedule P according to the End User Services SOW Exhibit A-4. The start and end date for this subproject is indicated by the Deskside Support Services green arrow in Exhibit L-1.
The Delivery Management Services subproject as illustrated here will Transition existing ACI problem and change management processes as well as capacity planning and requests for service (RFS) procedures to Vendor administered processes and procedures. This will include incident management for outages as well as provisions for initiating IMAC activity. Some of these will have separate subprojects but for display purposes they have been combined in this subproject. The detailed Transition Plan will separate them as appropriate. The overall start and stop dates are shown in the Services Management Transition green arrow in Exhibit L-1.
The Human Resources subproject has two phases. The initial phase will address [ * ].
Confidential
Schedule L — Transition and Transformation

 

 


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT THE PORTIONS OF
THIS DOCUMENT DENOTED BY BOXES AND ASTERISKS BE
ACCORDED CONFIDENTIAL TREATMENT PURSUANT TO RULE 24b-2
PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1934.
    Exhibit L-1
 
[ * ]
    *  Represents one page of tabular data
Confidential
Schedule L — Transition and Transformation

 

 


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT THE PORTIONS OF
THIS DOCUMENT DENOTED BY BOXES AND ASTERISKS BE
ACCORDED CONFIDENTIAL TREATMENT PURSUANT TO RULE 24b-2
PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1934.
2.   TRANSITION MANAGEMENT
 
2.1   Transition Personnel
 
    Vendor’s Transition management approach provides that:
  a.   the Vendor project executive has overall responsibility and accountability to meet agreed upon quality, cost, schedule and technical objectives of the Transition;
 
  b.   ACI and Vendor will each assign the appropriate employees and subcontractors to comprise the Transition Team. Such Transition Team members will be assigned specific tasks to be accomplished within the time frames set forth in the Transition Plan;
 
  c.   ACI and Vendor will each assign an individual (each a “Transition Manager” and collectively the “Transition Managers”) who will serve as the single point of contact and be responsible for overseeing the completion of its Transition Plan responsibilities and coordinating activities with the other; and
 
  d.   the Transition Managers will orient the Transition Team members regarding the Transition management approach and the Transition Plan, including individual responsibilities, deliverables, and schedules. Each Transition Manager will provide operational guidance to, manage and be accountable for the performance of its employees and subcontractors assigned to the Transition.
2.2   Roles and Responsibilities
  a.   Vendor will:
  1)   with ACI’s assistance, develop and maintain the detailed Transition Plan and any associated documentation;
 
  2)   establish and implement a project management system and control structure, including processes for managing Transition activities, milestones, support resources and deliverables status, issues, risks, changes and quality;
 
  3)   manage the Transition including planning, directing and monitoring Transition activities and assigned resources, according to the agreed schedule and processes;
 
  4)   implement all changes consistent with the change control process set forth in Section 5 (Change Control Process);
 
  5)   identify, address and resolve deviations from the Transition Plan and any business and/or technical issues that may impact the Transition;
 
  6)   develop the Transition meetings (i.e., planning, review, status) schedule with ACI, including the frequency and location for such meetings;
Confidential
Schedule L — Transition and Transformation

 

 


 

  7)   coordinate and conduct Transition meetings in accordance with the established schedule; and
 
  8)   provide to ACI periodic written status report(s) which include information such as schedule status, Transition progress, issue identification and related action plans.
  b.   ACI will:
  1)   serve as the interface between the Transition Team and ACI’s business functions, units, or Affiliates participating in the Transition to define ACI’s business and technical requirements for Transition and to validate that the Transition Plan meets such requirements;
 
  2)   assist Vendor in the development and maintenance of the detailed Transition Plan and any associated documentation;
 
  3)   review and approve the Transition Critical Deliverables;
 
  4)   provide Vendor’s employees and subcontractors with access (i.e., physical and logical) to the ACI Service Locations and systems affected as a result of the Transition or required by Vendor to provide the Services;
 
  5)   assign ACI’s resources and manage the completion of the ACI-owned Transition activities according to the agreed schedule and processes;
 
  6)   implement all changes consistent with the change control process set forth in Section 5 (Change Control Process);
 
  7)   obtain and provide current information, data and documentation related to the Transition (for example, Third Party supplier and vendor information, Service Location data, inventory data, existing operational processes and procedures, systems documentation, configuration documentation), decisions and approvals, within the agreed time period, which will be within five Business Days of Vendor’s request, unless otherwise mutually agreed;
 
  8)   assist Vendor in identifying, addressing and resolving deviations from the Transition Plan and any business and/or technical issues that may impact the Transition; and
 
  9)   develop the Transition meetings (i.e., planning, review and status) schedule with Vendor, including the frequency and location, and attend such meetings in accordance with the established schedule.
3.   TRANSITION PLAN
 
3.1   Overview
 
    The detailed Transition Plan will contain the following information:
  a.   Management Summary
 
      This section will provide a management summary of the overall Transition strategy and approach.
 
  b.   Background and Business Objectives
 
      This section will provide an overview of the Agreement and ACI’s business objectives.
Confidential
Schedule L — Transition and Transformation

 

 


 

  c.   Transition Objectives and Scope of Work
 
      This section will provide a summary of the overall Transition and define the scope of work to be performed.
 
  d.   Transition Organization and Responsibilities
 
      This section will identify ACI’s and Vendor’s respective Transition Managers, Transition Team and key responsibilities that ACI and Vendor are required to perform in order to complete the Transition.
 
  e.   Assumptions and Dependencies
 
      This section will describe any key assumptions or dependencies upon which the Transition was based and/or is dependent upon for completion.
 
  f.   Milestones and Deliverables
 
      This section will provide a schedule of key Transition milestones and a description of items to be delivered by Vendor to ACI under the Transition.
 
  g.   Completion Criteria
 
      This section will describe the completion criteria that Vendor must meet in order to satisfy its obligations under the Transition.
3.2   Transition Subprojects
 
    The detailed Transition Plan will further define each Transition subproject set forth below, including a set of objectives, assumptions, dependencies, milestones, deliverables, and completion criteria.
 
3.2.1   Human Resources
 
    The Human Resources subproject will describe the tasks necessary to facilitate Vendor’s hiring of the ACI employees and address the incorporation of these new employees into the Vendor culture. Vendor will:
  a.   assist in communicating to the Affected Employees regarding employment status and Vendor’s employment process;
 
  b.   provide the Rebadged Employees with orientation to Vendor;
 
  c.   provide the Rebadged Employees with Vendor cultural training; and
 
  d.   provide the Rebadged Employees with initial training in the use of Vendor internal tools.
3.2.2   Workplace Services
 
    The Workplace Services subproject will address the establishment of a productive working environment at the Service Locations for Vendor (i.e., Rebadged Employees, Vendor account team, Transition Team) to provide the Services to ACI. Vendor will:
  a.   obtain access, as authorized and provided by ACI, to the Service Locations and systems affected by Transition or required by Vendor to provide the Services;
Confidential
Schedule L — Transition and Transformation

 

 


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT THE PORTIONS OF
THIS DOCUMENT DENOTED BY BOXES AND ASTERISKS BE
ACCORDED CONFIDENTIAL TREATMENT PURSUANT TO RULE 24b-2
PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1934.
  b.   coordinate the resources (for example, Service Locations, office consumables, pagers, cellular phones, home connectivity, access to internal support) required by Vendor to provide the Services; and
 
  c.   coordinate the deployment of workstation tools (for example, laptops, desktops, desktop software applications, system IDs and training, Network connectivity) required by Vendor to provide the Services.
3.2.3   Global Resource Staffing

[ * ]
3.2.4   Supplier Management

[ * ]
3.2.5   Enterprise Security Management Services

[ * ]
  a.   [ * ]
  b.   ACI will:
  1)   perform a review of each Rebadged Employee’s system access authorizations to confirm the need for the same access requirements following the Effective Date and advise Vendor of any required changes; and
 
  2)   perform other activities as described in Exhibit A-8 (Enterprise Security Management Services) of Schedule A (Statement of Work).
3.2.6   Management System

[ * ]
3.2.7   Asset Handover

[ * ]
  a.   develop and execute the process to transfer assets from ACI to Vendor, including using the appropriate forms, obtaining the authorized signatures and maintaining the required documentation; and
 
  b.   with ACI’s assistance, develop a list of ACI assets to be transferred to Vendor, including all computer assets (e.g., PCs) used by Rebadged Employees prior to the Effective Date.
3.2.8   Services Commencement Readiness

[ * ]
3.2.9   Data Network Services

[ * ]
3.2.10   Cross Tower Services (Delivery Management Services)

[ * ]

*   represents two pages of redacted text
 
3.2.11   Asset Management Services

[ * ]

*  represents one page of redacted text
 
3.2.12   Mainframe Services

[ * ]
3.2.13   Midrange Services (Server Systems Management Services)

[ * ]
3.2.14   Service Desk Services

[ * ]
3.2.15   End-User Support Services

[ * ]

*   represents one page of redacted text
 
4.   COMPLETION
  a.   Vendor will notify ACI in writing when the completion criteria for a Transition deliverable have been met.
 
  b.   ACI must inform Vendor, in writing, within ten Business Days following receipt of Vendor’s notification if ACI believes Vendor has not met the completion criteria, together with reasonable detail as to the reasons for such belief.
 
  c.   The Vendor Transition Manager will consider ACI’s timely request for revisions, if any, within the context of Vendor’s obligations.
 
  d.   ACI revisions, agreed to by Vendor, will be made and the deliverable will be resubmitted to the ACI Transition Manager, at which time such deliverable will be deemed accepted.
 
  e.   If Vendor does not receive written notice from ACI within the time frame specified above, then the Transition deliverable(s) will be deemed accepted by ACI.
Confidential
Schedule L — Transition and Transformation

 

 


 

5.   CHANGE CONTROL PROCESS
 
    The change control process is part of the overall project management system which will be implemented by Vendor to control changes to the Services. Either ACI or Vendor may request a change to Transition subject to the following change control process:
  a.   The Transition, as described in this Agreement and the Transition Plan, may be changed only by a writing signed by authorized representatives of ACI and Vendor.
 
  b.   All Project Change Requests (“PCRs”) to Transition will be submitted in writing by the requesting Vendor or ACI Transition Manager. The PCR will reference the Transition, describe at a reasonable level of detail the change, the rationale for the change and the impact the change may have on the Transition if it is accepted and if it is rejected.
 
  c.   The Transition Managers will review the PCR and either:
  1)   recommend approval of the change by authorized representatives of ACI and Vendor signing the PCR. Upon such approval, the change will be implemented; or
 
  2)   agree in writing to submit the PCR for further investigation and to pay Vendor for its reasonable charges, if any, for Vendor’s investigation. Such investigation will determine the technical merits and the effect on price, schedule, and other terms and conditions that may result from the implementation of the PCR. ACI and Vendor will then agree to mutually approve or reject the PCR. If ACI and Vendor do not agree, either Vendor or ACI may submit such PCR to the project executives for resolution; or
 
  3)   reject the PCR. If rejected, the PCR will be returned to the requesting Transition Manager along with the reason for rejection.
6.   PERFORMANCE
  a.   Vendor will perform the Transition and implement the Transition Plan in accordance with the timetable and milestones set forth in the Transition Plan, and ACI will reasonably cooperate with Vendor to assist Vendor in implementing the Transition Plan. Vendor will provide all cooperation and assistance reasonably required or requested by ACI in connection with ACI’s evaluation or testing of the deliverables resulting from implementation of the Transition Plan. Vendor will implement the Transition Plan in a manner that will not:
  1)   materially disrupt or have a material adverse impact on the business or operations of ACI or the End Users;
 
  2)   degrade the Services then being received by ACI and the End Users; or
 
  3)   interfere with ACI’s or the End Users’ ability to obtain the full benefit of the Services, except as may be otherwise provided in the Transition Plan.
  b.   Prior to undertaking any Transition activity, Vendor will discuss with ACI all known ACI-specific material risks and will not proceed with such activity until ACI is reasonably satisfied with the plans with regard to such risks (provided that, neither Vendor’s disclosure of any such risks to ACI nor ACI’s acquiescence in Vendor’s plans will operate or be construed as limiting Vendor’s responsibilities under this Agreement). Vendor will identify and resolve, with ACI’s reasonable assistance, any problems that may impede or delay the timely completion of any phase of the Transition Plan.
Confidential
Schedule L — Transition and Transformation

 

 


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT THE PORTIONS OF
THIS DOCUMENT DENOTED BY BOXES AND ASTERISKS BE
ACCORDED CONFIDENTIAL TREATMENT PURSUANT TO RULE 24b-2
PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1934.
TRANSFORMATION
1.   INTRODUCTION
  a.   This portion of the Schedule sets forth an outline of the Transformation activities that ACI and Vendor will perform during the Transformation Period. During the Transition phase, a team of the appropriate Vendor employees and ACI employees (the “Transformation Team”) will draft a detailed Transformation Plan. The Transformation Plan will describe:
    the specific objectives of each portion of the Transformation;
 
    the equipment, software and resources ACI and Vendor require to complete the Transformation during the Transformation Period;
 
    the technical assumptions and dependencies inherent in the Transformation Plan;
 
    any unique Transformation requirements related to the Service Locations; and
 
    the required time frames, activity dates and people responsible for individual tasks throughout the Transformation Period.
  b.   The Transformation Plan will specify ACI’s and Vendor’s respective Transformation responsibilities. It will contain descriptions and schedules for the required tasks.
 
  c.   Upon completion of the Transformation Plan, the Transformation Team will meet regularly as mutually agreed, and will review and update the Transformation Plan to reflect mutually agreed upon changes such as revisions to schedules, resource requirements, dependencies, and priorities.
2.   TRANSFORMATION OVERVIEW
  a.   Transformation Objectives
[ * ]
  b.   Transformation Methodology
[ * ]
3.   GENERAL ROLES AND RESPONSIBILITIES
  a.   Vendor Responsibilities
 
      Vendor will take the leadership role in the development and implementation of the Transformation Plan. Vendor will provide the resources necessary to perform its responsibilities set forth in the Transformation Plan. In addition, Vendor will establish a Transformation project office, manage at a minimum monthly Transformation status meetings, and track and report on the status of all tasks. Vendor will provide regular updates to ACI management describing the following:
  1)   activities scheduled during the current reporting period;
 
  2)   activities planned for the next reporting period; and
 
  3)   change control activity:
 
    cumulative;
 
    approved;
Confidential
Schedule L — Transition and Transformation

 

 


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT THE PORTIONS OF
THIS DOCUMENT DENOTED BY BOXES AND ASTERISKS BE
ACCORDED CONFIDENTIAL TREATMENT PURSUANT TO RULE 24b-2
PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1934.
    rejected;
 
    in progress, concerns; and
 
    recommendations.
b.   ACI Responsibilities
 
    ACI will assign the appropriate employees to the Transformation Team to assist Vendor in the development and implementation of the Transformation Plan. ACI will provide the resources necessary to perform its responsibilities set forth in the Transformation Plan, including:
  1.)   assigning the appropriate employees and subcontractors to develop, jointly with Vendor, individual Transformation Plan sections and identify the tasks required to complete each major Services area Transformation;
 
  2.)   providing representation and input from the End User organizations that will be required to assist in defining the criteria for the Transformation of operations;
 
  3.)   providing Vendor’s employees with access to the Service Locations and systems affected as a result of the Transformation or required by Vendor to provide the Services;
 
  4)   providing, to the extent available, current documentation related to the Transformation (for example, Third Party supplier and vendor information, facility data, existing operational processes and procedures, systems documentation, configuration documentation, and inventory data); and
 
  5)   identifying all current and future known activities that Schedule V (In-Flight Projects) does not address and that may impact upon Vendor’s provision of the Services.
4.   TRANSFORMATION PLAN
 
    [ * ]
 
    *    represents three pages of redacted text
Confidential
Schedule L — Transition and Transformation

 

 


 

SCHEDULE M
VENDOR CONFIDENTIALITY AGREEMENT
     
COMPANY:
  [                                        ]
ADDRESS:
  [                                        ]
CITY:
  [_____]
STATE:
  [___]
ZIP:
  [_____]
This Confidentiality Agreement (“Agreement”) is executed by the company named above (“Company”) for the benefit of International Business Machines Corporation (“Information Provider”) in exchange for access to certain confidential information of Information Provider.
Effective Date:                                         
ACI Worldwide, Inc. (“ACI”) has engaged Information Provider to provide certain services pursuant to the Master Services Agreement between ACI and Information Provider effective [                      _____ ], 2008 (the “Services Agreement”) and, pursuant to the Services Agreement, Information Provider agreed to cooperate with third parties performing services for or on behalf of ACI and to provide information to such third parties, some of which may be confidential information of Information Provider. In consideration of permitting Company to have access to the confidential information of Information Provider to the extent reasonably necessary to enable Company to provide services for or on behalf of ACI, Company agrees to the following terms and conditions:
1. CONFIDENTIALITY
Company will (a) hold in confidence and use the same means it uses to protect its own confidential information of like kind and import, but in any event not less than a reasonable degree of care, to prevent the disclosure and protect the confidentiality of information, whether electronic, oral or written, and whether confidential to ACI or Information Provider, that is communicated to Company by Information Provider in connection with Company providing services to ACI (the “Confidential Information”), and (b) disclose, duplicate, transfer and use Confidential Information only in connection with providing services to ACI. Company may disclose this Agreement and Confidential Information to those employees and agents of the Company who have a need to know Confidential Information and only to the extent reasonably necessary for those individuals to perform the services for ACI. Compliance by employees and agents of Company with the confidentiality obligations in this Agreement will remain the responsibility of the Company. With respect to any particular Confidential Information, the Company’s obligations under this Agreement shall continue without limitation in time, subject to any exclusion set forth in Section 2 below becoming applicable to that Confidential Information. The Company will not make or issue, or cause to be made or issued, any announcement or statement regarding activities under this Agreement for dissemination to the general public or any third party without the prior written consent of Information Provider and ACI.
Confidential
Schedule M — Vendor Confidentiality Agreement

 

Page 1 of 4


 

2. EXCLUSIONS.
The foregoing will not prevent the Company from disclosing or using Confidential Information that: (a) is independently developed by Company, as demonstrated by Company’s written records, without violating Information Provider’s proprietary rights (including this Agreement), (b) is or becomes publicly known (other than through unauthorized disclosure), (c) is disclosed by the owner of such information to a third party free of any obligation of confidentiality, (d) is already known by Company at the time of disclosure, as demonstrated by Company’s written records, and Company has no obligation of confidentiality other than under this Agreement or any confidentiality agreement between Company and Information Provider entered into before the Effective Date, or (e) is rightfully received by Company free of any obligation of confidentiality, provided that Company has no knowledge that such information is subject to a confidentiality agreement and such information is not of a type or character that a reasonable person would have regarded as confidential. Company will promptly notify Information Provider of any unauthorized possession or use, or attempt thereof, of the Confidential Information. If Company is requested or required by any governmental agency or law, whether by oral question, interrogatories, requests for information or documents, subpoenas, civil investigation or similar process, to disclose any Confidential Information, Company will provide Information Provider with prompt notice of such requests so that Information Provider may seek an appropriate protective order or similar relief or, if appropriate, waive compliance with the applicable provisions of this Agreement. Company will use all commercially reasonable efforts to obtain, or assist Information Provider in obtaining such a protective order or relief.
3. RETURN OF CONFIDENTIAL INFORMATION.
Upon the written request of Information Provider, the Company will, at the Company’s option, either return all Confidential Information, including all copies thereof, or certify in writing that all Confidential Information and all copies thereof have been destroyed.
4. REMEDIES.
Upon any actual or threatened violation of this Agreement by the Company, Information Provider may be entitled to seek preliminary and other injunctive relief against such violation, in addition to any other rights or remedies which Information Provider may have at law or in equity.
5. NO WARRANTIES OR FURTHER RIGHTS.
Information Provider does not make any representations or warranties, express or implied, with respect to any Confidential Information. Nothing contained in this Agreement will be construed as granting or conferring any rights by license or otherwise in Confidential Information, except for the use of Confidential Information as expressly provided in this Agreement.
Confidential
Schedule M — Vendor Confidentiality Agreement

 

Page 2 of 4


 

6. EXPORT RESTRICTION.
Confidential Information provided pursuant to this Agreement may be subject to U.S. government laws, regulations, orders or other restrictions regarding export or re-export of U.S. origin technical data or other items, or derivatives of such items. The Company agrees (a) to comply with all such laws or restrictions and (b) to not export or re-export any such items received pursuant to this Agreement to a destination or end user for which applicable law, including U.S. law, requires an export license or other approval without first having obtained such license or approval. The Company will reasonably cooperate with Information Provider to assure compliance with this Section 6.
7. SECURITY POLICIES.
The Company will comply with all Information Provider and ACI security policies, information protection, and privacy policies, procedures, standards, requirements and specifications provided to the Company applicable to the Company’s provision of the Services to ACI. Information Provider agrees that such policies, procedures, standards, requirements and specifications will be no more restrictive on Company than on ACI in connection with its receipt of Services from Information Provider.
8. MISCELLANEOUS.
If any provision of this Agreement is held to be invalid, illegal or unenforceable, the validity, legality and enforceability of the remaining provisions will not in any way be affected or impaired, and such provision will be deemed to be restated to reflect the original intentions of the Parties as nearly as possible in accordance with applicable law. The Company will not act or have authority to act as an agent of Information Provider for any purpose whatsoever. This Agreement and performance under it shall be governed by and construed in accordance with the laws of the State of New York without regard to any portion of its choice of law principles that might provide for application of a different jurisdiction’s law. This Agreement will be binding on Company and its successors and permitted assigns; provided however that Company shall not assign any of its obligations under this Agreement without the prior written consent of Information Provider. This Agreement sets forth the entire understanding of the Company and Information Provider with respect to the subject matter of this Agreement. This Agreement may be modified only by a written instrument executed by Company and Information Provider.
Confidential
Schedule M — Vendor Confidentiality Agreement

 

Page 3 of 4


 

Company has duly executed and delivered this Confidentiality Agreement by its duly authorized representative as of the Effective Date set forth above.
         
 
  COMPANY:    
 
 
 
   
 
  Signature:    
 
 
 
   
 
  Name:    
 
 
 
                              (Please print or type)
   
 
  Title:    
 
 
 
   
 
  Date:    
 
 
 
   
Confidential
Schedule M — Vendor Confidentiality Agreement

 

Page 4 of 4


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT THE PORTIONS OF
THIS DOCUMENT DENOTED BY BOXES AND ASTERISKS BE
ACCORDED CONFIDENTIAL TREATMENT PURSUANT TO RULE 24b-2
PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1934.
SCHEDULE N
APPROVED SUBCONTRACTORS
1.   INTRODUCTION
 
    This Schedule identifies the Approved Subcontractors as of the Effective Date.
      [ * ]
Confidential
Schedule N — Approved Subcontractors

 

Page 1 of 1


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT THE
PORTIONS OF THIS DOCUMENT DENOTED BY BOXES AND
ASTERISKS BE ACCORDED CONFIDENTIAL TREATMENT
PURSUANT TO RULE 24b-2 PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1934.
SCHEDULE O
APPROVED BENCHMARKERS
[ * ]
Confidential
Schedule O — Approved Benchmarkers

 

Page 1 of 1


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT
THE PORTIONS OF THIS DOCUMENT DENOTED
BY BOXES AND ASTERISKS BE ACCORDED
CONFIDENTIAL TREATMENT PURSUANT TO
RULE 24b-2 PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1943.
SCHEDULE P
LOCATIONS
1. ACI Locations
                                     
    Location   Address   City   State   Zip
Code
  Country   [ * ]   Comments
1
  New York City (Corp)   120 Broadway, Suite 3350   NYC   NY     10271     USA   [ * ]   [ * ]
2
  New York City (Sales)   150 Broadway, Suite 1910   NYC   NY     10271     USA   [ * ]   [ * ]
3
  New Brunswick   113 North Center Drive North Brunswick, NJ 02460   North Brunswick   NJ     02460     USA   [ * ]   [ * ]
4
  Naples, ITALY   Via Scarlatti, 88
80127 Napoli, Italy
  Napoli               Italy   [ * ]   [ * ]
5
  Moscow   Riverside Towers Building 1A
11th Floor
52/1 Kosmodamianskaya Nab
Moscow 113054
  Moscow               Russia   [ * ]   [ * ]
6
  Mexico City   Insurgentes Sur 1605,Piso 14, Modulo 1Torre Mural San José Insurgentes Méx D.F. 03900   Mexico City               Mexico   [ * ]    
7
  Melbourne   Level 2, 789 Toorak Road
Hawthorn East Vic 3123 Australia
  Melbourne               Australia   [ * ]   [ * ]
Confidential
Schedule P — Locations

 

Page 1 of 6


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT
THE PORTIONS OF THIS DOCUMENT DENOTED
BY BOXES AND ASTERISKS BE ACCORDED
CONFIDENTIAL TREATMENT PURSUANT TO
RULE 24b-2 PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1943.
                                     
    Location   Address   City   State   Zip
Code
  Country   [ * ]   Comments
8
  Manama   PO Box 15134, Diplomatic Area
Al-Salam Tower, 9th Floor
Manama
Bahrain
  Manama               Bahrain   [ * ]   [ * ]
9
  Madrid   No 93 Alle Calendula
Suite 462
28109 Aconbendas
Madrid, Spain
  Madrid               Spain   [ * ]   [ * ]
10
  Leeds, UK   23-37 Cookridge Street
Suite 4, 2nd Floor
Leeds, Yorkshire, UK
  Leeds               UK   [ * ]   [ * ]
11
  Kuala Lumpur   No 17-2, Jalan PJU 5/13, PJU 5,
Dataran sunway, Kota Damansara
47810 Petaling Jaya, Selangor Darul
Ehsan, Malaysia
  Kuala Lampur               Malaysia   [ * ]   [ * ]
12
  Johannesburg   P.O. Box 55553
Northlands 2116
Johannesburg South Africa
  Johannesburg               South Africa   [ * ]   [ * ]
13
  Gouda, NETH   Antwerpseweg 1 P.O. Box 867
2800 AW Gouda, The Netherlands
  Gouda               The Netherlands   [ * ]   [ * ]
14
  Frankfurt   Am Limespark 2
D-65843 Sulzbach, GERMANY
  Frankfurt               Germany   [ * ]   [ * ]
15
  Framingham   492 Old Connecticut Path, Suite 600 Framingham, MA 01701-4584   Framingham   MA     01701-4584     USA   [ * ]   [ * ]
Confidential
Schedule P — Locations

 

Page 2 of 6


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT
THE PORTIONS OF THIS DOCUMENT DENOTED
BY BOXES AND ASTERISKS BE ACCORDED
CONFIDENTIAL TREATMENT PURSUANT TO
RULE 24b-2 PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1943.
                                     
    Location   Address   City   State   Zip
Code
  Country   [ * ]   Comments
16
  Newton   320 Nevada Street
Newton, MA 02460
  Newton   MA     2460     USA   [ * ]    
17
  Dubai   Building 2, Suite 2
Dubai Internet City
United Arab Emirates
  Dubai               UAE   [ * ]   [ * ]
18
  Clearwater   15500 Roosevelt Boulevard
Clearwater, FL 33760
  Clearwater   FL     33760     USA   [ * ]   [ * ]
19
  Bangalore   #104, First Floor Prestige Omega,
EPIP Zone, Whitefield, Bangalore-
560 066
  Bangalore               India   [ * ]   [ * ]
20
  Buenos Aires   Sarmiento 552, Piso 15
Ciudad Autónoma de Buenos Aires 1041
  Buenos Aires               Argentina   [ * ]   [ * ]
21
  Athens   Athens Tower, Building B
2-4 Mesogeion Ave
Athens, Greece
  Athens               Greece   [ * ]   [ * ]
22
  Watford   55 Clarendon Road, Watford, Herts,
WD17 1FQ, UK
  Watford               UK   [ * ]    
23
  Victoria   1501 E. Mockingbird Lane, Suite 401 Victoria, TX 77904   Victoria   TX     77904     USA   [ * ]   [ * ]
24
  Toronto   200 Wellinton Street, Toronto,
Ontario M5V 3C7
  Toronto   Ontario           Canada   [ * ]   [ * ]
25
  Tokyo   BUREX Kyobashi 711, 2-7-14 Kyobashi Chuo-ku Tokyo 104-0031, JAPAN   Tokyo               Japan   [ * ]   [ * ]
26
  Timisoara, ROMANIA   Str. Pestalozzi nr. 22
Timisoara 300115, Romania
  Timisoara               ROMANIA   [ * ]   [ * ]
Confidential
Schedule P — Locations

 

Page 3 of 6


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT
THE PORTIONS OF THIS DOCUMENT DENOTED
BY BOXES AND ASTERISKS BE ACCORDED
CONFIDENTIAL TREATMENT PURSUANT TO
RULE 24b-2 PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1943.
                                     
    Location   Address   City   State   Zip
Code
  Country   [ * ]   Comments
27
  Sydney   Level 2, 50 Margaret Street
Sydney, NSW Australia 2000
  Sydney               Australia   [ * ]   [ * ]
28
  Singapore   3 Tampines Grande
AIA Tampines, #08-01
Singapore 528799
  Singapore               Singapore   [ * ]   [ * ]
29
  Sao Paulo   Rua Luigi Galvani, 200-10 Andar
Sao Paulo-SP CEP 04575-020
BRAZIL
  Sao Paulo               Brazil   [ * ]   [ * ]
30
  Shannon, IRELAND   National Technology Park
Roselawn House
Limerick Republic of Ireland
  Limerick               IRELAND   [ * ]   [ * ]
31
  Providence   100 Amaral Street
East Providence, RI 02915
  Providence   RI     02915     USA   [ * ]   [ * ]
32
  Plano   4965 Preston Park Blvd.
Suite 90
Plano, Texas 75093
  Plano   TX     75093     USA   [ * ]   [ * ]
33
  Paris   30 bis rue du Vieil Abreuvoir
78100 St. Germain en Laye France
  Paris               France   [ * ]   [ * ]
34
  Omaha (current location)   330 South 108th Ave, Omaha NE 68154   Omaha   NE     68154     USA   [ * ]    
35
  Omaha (new location)   6060 Coventry Drive, Omaha, NE 68022   Omaha   NE     68022     USA   [ * ]    
36
  Makati City,
Philippines
  1100 88 Corporate Center Valero cor Sedeno Sts. Salcedo Village, Makati City, Manila 1227   Makati City               Philippines   [ * ]    
Confidential
Schedule P — Locations

 

Page 4 of 6


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT
THE PORTIONS OF THIS DOCUMENT DENOTED
BY BOXES AND ASTERISKS BE ACCORDED
CONFIDENTIAL TREATMENT PURSUANT TO
RULE 24b-2 PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1943.
                                     
    Location   Address   City   State   Zip
Code
  Country   [ * ]   Comments
37
  [ * ]   [ * ]   [ * ]   [ * ]     [ * ]     [ * ]   [ * ]   [ * ]
38
  [ * ]   [ * ]   [ * ]   [ * ]     [ * ]     [ * ]   [ * ]   [ * ]
39
  [ * ]   [ * ]   [ * ]   [ * ]     [ * ]     [ * ]   [ * ]   [ * ]
40
  [ * ]   [ * ]   [ * ]   [ * ]     [ * ]     [ * ]   [ * ]   [ * ]
[ * ]
Confidential
Schedule P — Locations

 

Page 5 of 6


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT
THE PORTIONS OF THIS DOCUMENT DENOTED
BY BOXES AND ASTERISKS BE ACCORDED
CONFIDENTIAL TREATMENT PURSUANT TO
RULE 24b-2 PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1943.
2. IBM Locations
                         
Location   Address   City   State   Zip Code   Country   Comments
[ * ]   [ * ]   [ * ]   [ * ]   [ * ]   [ * ]   [ * ]
[ * ]   [ * ]   [ * ]   [ * ]   [ * ]   [ * ]   [ * ]
[ * ]   [ * ]   [ * ]           [ * ]   [ * ]
[ * ]   [ * ]   [ * ]           [ * ]   [ * ]
[ * ]   [ * ]   [ * ]           [ * ]   [ * ]
[ * ]   [ * ]   [ * ]           [ * ]   [ * ]
[ * ]   [ * ]   [ * ]           [ * ]   [ * ]
[ * ]   [ * ]   [ * ]           [ * ]   [ * ]
Confidential
Schedule P — Locations

 

Page 6 of 6


 

SCHEDULE R
REPORTS
SECTION 1 — GENERAL
1.1   Schedule R is the Vendor reporting requirements and lists all reports to be provided by Vendor in accordance with the Statements of Work. ACI acknowledges that reports are required following the Service Tower Commencement Date.
 
1.2   All report descriptions set out in the Vendor Reporting Requirements Chart are for reference only and are intended to provide a general list of items which the Vendor shall include in the applicable report.
SECTION 2 — ADDITIONAL REPORTS
2.1   Subject to the Change Control Procedure, ACI may require the Vendor to submit additional reports and may change or request new Reports from time to time.
SECTION 3 — SUBMISSION OF REPORTS
3.1   The Vendor shall submit reports on time as set out in this Schedule R, unless otherwise mutually agreed to by both Parties.
 
3.2   The Vendor shall submit all reports to the ACI Contract Manager via the Vendor portal.
Confidential
Schedule R — Reports

 

Page 1 of 17


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT THE
PORTIONS OF THIS DOCUMENT DENOTED BY BOXES AND
ASTERISKS BE ACCORDED CONFIDENTIAL TREATMENT
PURSUANT TO RULE 24b-2 PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1934.
Schedule R — Reports Chart
                         
                    Reporting  
Section Reference   Report Name     Description     Frequency  
 
                       
[ * ]
*  Represents 16 pages of redacted tabular data
Confidential
Schedule R — Reports

 

Page 2 of 17


 

SCHEDULE S
GOVERNANCE
1.0   INTRODUCTION
This Schedule sets out the Governance structure for the Agreement; the roles and responsibilities of both Parties to maintain a working relationship; and the type, content, and frequency of the Agreement review meetings that will be held.
1.1   Purpose
The purpose of this Schedule is to establish and agree on the formal procedures for:
a) managing the relationship between ACI and Vendor with respect to the Agreement.
b) facilitating the continued alignment of the interests of the Parties.
c) enabling the relationship to be maintained at the appropriate level within each Party.
To further such purpose, this Schedule establishes the governance operating model consisting of the following:
    Governance organization and staffing.
 
    Governance joint committee structures.
Vendor shall be responsible for supporting the development and implementation of the governance operating model by (a) using industry leading practices, (b) leveraging its expertise, templates, tools and personnel resources and (c) complying with its obligations set forth in the Agreement.
ACI shall be responsible for: (a) developing with Vendor overall governance strategy and (b) participating in the development and implementation of the governance operating model as set forth herein.
2.0   KEY GOVERNANCE RESPONSIBILITIES
2.1   ACI
During the Transition Period ACI will develop its governance model. Such model will address the responsibilities as described below although they may be addressed in fewer individuals than what is currently depicted.
2.1.1   ACI Engagement Executive
Primary ACI Engagement Executive responsibilities include:
  1.   Manage the overall relationship with the Vendor.
  2.   Provide leadership and guidance to the ACI Governance organization.
Confidential
Schedule S — Governance

 

Page 1 of 15


 

  3.   Work with the Vendor Project Executive and the Vendor Delivery Project Executive to progress the goals and objectives of the arrangement.
  4.   Resolve escalated issues in accordance with the Governance escalation procedures.
  5.   Provide liaison activities and guidance with the Vendor’s corporate executive leadership in regard to the strategic needs of ACI.
2.1.2   ACI Engagement Manager
The ACI Engagement Manager has primary operational responsibility for the Agreement and monitoring all Vendor deliverables and commitments.
Primary ACI Engagement Manager responsibilities include the following:
  1.   Monitor Vendor and ACI compliance with the obligations of the Agreement.
  2.   Monitor Vendor contract-level deliverable commitments.
  3.   Track fulfillment of Vendor deliverables.
  4.   Ensure audit-ability of Vendor processes.
  5.   Manage Benchmarking activities.
  6.   Staff and manage the ACI Governance organization.
  7.   Resolve escalated issues according to the Governance escalation procedures.
  8.   Approve (or decline) all work requests that are in excess of pre-established expenditure amounts or circumstances.
  9.   Evaluate Performance Credits and approve any action plans resulting from critical service performance failures.
  10.   Approve, authorize, and oversee all contract-related policies and procedures.
2.1.3   ACI Engagement Administrator
The ACI Engagement Administrator has primary administrative responsibility for the Agreement, including the management of all reporting and updates to the Agreement.
Primary ACI Engagement Administrator responsibilities include:
  1.   Ensure receipt and review of all Vendor reports required per the Agreement.
  2.   Develop standard reporting and communication requirements between the Vendor and various staff and organizations within ACI.
  3.   Develop and assist with negotiations related to all addendums and updates to the Agreement that are required during the Term.
  4.   Assist with interpretation and intent of the Parties in regard to the terms and conditions of the Agreement.
Confidential
Schedule S — Governance

 

Page 2 of 15


 

2.1.4   ACI Engagement Transition Manager
The ACI Engagement Transition Manager has the overall responsibility for fulfilling ACI’s obligations under the Transition Plan and reports to the ACI Contract Manager.
Primary ACI Engagement Transition Manager responsibilities include:
  1.   Approve the Transition Plan.
  2.   Manage ACI’s obligations under the Transition Plan.
2.1.5   ACI Business-Unit Coordinator
The ACI Business-Unit Coordinator has the overall responsibility for ACI’s customer relationship with the Vendor across all business units.
Primary ACI Business-Unit Coordinator responsibilities include:
  1.   Provide advice and counsel to ACI business units regarding the terms and conditions of the Agreement.
  2.   Provide support to ACI business units in regard to questions and issues arising from the delivery of Services.
  3.   Act as the primary interface between the Vendor’s organization and the ACI business units.
2.1.6   ACI’s Finance Manager
The financial management of the Agreement is critical to assure accuracy and audit-ability of all related financial transactions and that proper financial controls are in place during the term of the Agreement. The ACI Finance Manager oversees all financial activities related to the Agreement and the delivery of services.
Primary ACI Finance Manager responsibilities include:
  1.   Establish and manage the overall budget in connection with the Agreement.
  2.   Monitor to ensure that savings objectives for the Agreement are being met.
  3.   Review financial analysis for all Vendor-sponsored initiatives to ensure financial viability.
  4.   Assist in and support, as needed, the review of monthly charges to assure the accuracy of Vendor charges, ACI retained costs, and pass-through expenses.
  5.   Ensure that anticipated and agreed-upon Vendor financial responsibilities are not converted to ACI retained or pass-through expenses.
  6.   Investigate variances in forecasted expenses or usage.
  7.   Establish and maintain the ACI charge-back process and systems.
  8.   Ensure that ACI and Vendor have the necessary internal financial controls in place to comply with the Sarbanes-Oxley Act of 2002.
Confidential
Schedule S — Governance

 

Page 3 of 15


 

2.1.7   ACI Service Manager(s)
The ACI Service Manager(s) will have the primary responsibility to monitor and support the Vendor’s performance of the Services associated with each Service Tower within the scope of the Agreement.
Primary ACI Service Manager responsibilities include:
  1.   Review all Service Levels and contractual commitments for the respective Service Tower.
  2.   Assist both ACI and the Vendor with forecasting resource requirements.
  3.   Provide support to ACI and Authorized Users in accordance with the Problem Management process, as described in Exhibit A-1 (Delivery Management Services (Cross Functional)) of Schedule A (Statement of Work).
  4.   Review and approve specific project plans and Change Management activities for a Service Tower.
2.2   Vendor
2.2.1   Vendor Project Executive
Vendor Project Executive has complete authority and responsibility to deliver all Services from Vendor to ACI.
The Vendor Project Executive is the single point of contact for overall performance of the Vendor team. The Project Executive will be responsible for the success of the overall relationship and the strategic value it represents to ACI and will focus on client satisfaction, contract compliance, financial reporting and reconciliation, service performance, and continuous improvement.
Primary Vendor Project Executive responsibilities include:
  1.   Manage the overall relationship regarding Vendor and ACI.
  2.   Assure the successful Transition of the Agreement to operational status.
  3.   Oversee the fulfillment of Vendor’s obligations under the Agreement.
  4.   Work with the ACI Governance Team to establish, manage, and meet commitments, requirements, and expectations.
  5.   Work with ACI executives and business-unit managers to align the delivery of Services with the strategic needs of ACI. Such activities will be performed with the approval and in conjunction with the ACI Service Delivery Managers.
  6.   Inform ACI about new corporate capabilities and developments within Vendor’s organization, and propose ideas and solutions that will provide ongoing benefit to ACI.
  7.   Act as the primary Vendor focus for new service establishment for ACI.
  8.   Implement a client satisfaction survey for the account in accordance with Schedule K (User Satisfaction Survey Guidelines).
Confidential
Schedule S — Governance

 

Page 4 of 15


 

2.2.2   Vendor Transition Manager
Vendor Transition Manager has the overall responsibility for the successful transition of the Transitioned Employees and applicable subcontractors to Vendor account team while ensuring that Service Levels and ACI satisfaction are maintained.
The Transition Manager is responsible for managing the transition of services from ACI to Vendor in a seamless manner. The Transition Manager works with the ACI and Vendor teams to develop the transition plan, establish success criteria, and oversee all transition activities.
Primary Vendor Transition Manager’s responsibilities include:
  1.   Establish the account infrastructure necessary to operate the account, including financial, human resources, security, facilities, and communication.
  2.   Develop and implement the Service delivery plan.
  3.   Install all Service delivery processes and confirm that the Service Level reporting mechanisms are established and operational.
  4.   Transition all of ACI’S applicable personnel and subcontractors seamlessly to Vendor.
2.2.3   Vendor Delivery Project Executive
Vendor Delivery Project Executive will have the primary responsibility to deliver the Services associated with each Service Tower within the scope of the Agreement.
The Delivery Project Executive is accountable for the delivery of all Services. In this role, they will monitor trends to verify that Service Levels are met and issues are dealt with. They will also enforce system management disciplines and assume responsibility for regular Service reporting.
Primary Vendor Delivery Project Executive responsibilities include:
  1.   Meet all Service Levels and contractual commitments for the respective Service Tower.
  2.   Provide support to ACI and End Users in accordance with the Problem Management process, as described in the Exhibit A-1 (Delivery Management Services (Cross Functional)) of Schedule A (Statement of Work).
  3.   Provide all Service Level reporting to the service control function.
  4.   Verify that Vendor’s performance requirements as they relate to ACI business requirements and business objectives are satisfied.
  5.   Assure operational compliance with the Agreement and confirm that Vendor fulfills its obligations under the Agreement, including all obligations relating to deliverables.
  6.   Establish and execute the account management disciplines, business management processes, and associated reporting.
Confidential
Schedule S — Governance

 

Page 5 of 15


 

  7.   Confirm prompt identification and resolution of Service delivery issues.
  8.   Confirm that Vendor’s performance requirements as they relate to the ACI strategic business planning (business and architecture, strategic options, business assessment, business operating plans) requirements are met.
  9.   Manage any selection of subcontractors.
  10.   Manage shared resource centers within the ACI account.
  11.   Interface as needed with ACI.
  12.   Establish Vendor metrics program.
  13.   Construct the performance reports and manage the monthly reporting.
  14.   Establish Vendor Benchmarking methodology in accordance with the Agreement.
  15.   Introduce Vendor’s processes and delivery models to the account.
  16.   Establish training programs as required by the Agreement.
  17.   Provide process ownership for Service delivery processes.
  18.   Provide Vendor quality assurance function.
  19.   Manage other administrative functions including security as required by the Agreement.
  20.   Provide for the receipt and review of Vendor reports required per the Agreement.
  21.   Develop standard reporting and communication requirements between Vendor and various staff and organizations within ACI.
2.2.4   Vendor Service Delivery Managers
Vendor Service Delivery Managers will have the primary responsibility to deliver the Services associated with an individual Service Tower within the scope of the Agreement.
The Service Delivery Manager is accountable for the delivery of Services within his or her respective Service Tower. In this role, they will monitor trends to verify that Service Levels are met and issues are dealt with. They will also use system management disciplines and assume responsibility for regular Service reporting for their respective Service Tower.
Primary Vendor Service Delivery Manager responsibilities for their respective Service Tower include:
  1.   Meet all Service Levels and contractual commitments.
  2.   Provide all Service Level reporting to the service control function.
Confidential
Schedule S — Governance

 

Page 6 of 15


 

  3.   Verify that Vendor’s performance requirements as they relate to ACI business requirements and business objectives are satisfied.
  4.   Establish and execute the account management disciplines, business management processes, and associated reporting.
  5.   Confirm prompt identification and resolution of Service delivery issues.
  6.   Manage shared resource centers within the ACI account.
  7.   Interface as needed with ACI.
  8.   Establish Vendor metrics program.
  9.   Construct the performance reports and manage the monthly reporting.
  10.   Establish training programs as required by the Agreement.
  11.   Provide Vendor quality assurance function.
  12.   Manage other administrative functions including security as required by the Agreement.
  13.   Provide for the receipt and review of Vendor reports required per the Agreement.
  14.   Develop standard reporting and communication requirements between Vendor and various staff and organizations within ACI.
2.2.5   Vendor Financial Analyst
Vendor Financial Analyst will have primary responsibility for all financial, billing, contractual compliance, and new business management functions.
Primary Vendor Financial Analyst’s responsibilities include:
  1.   Provide the monthly invoice and all account billing and reporting functions.
  2.   Provide all financial reporting, including exception reporting, to ACI, in accordance with Schedule C (Charges).
2.2.6   Vendor Human Resource Manager
Vendor Human Resource Manager will have account management responsibilities for personnel policies or process administration.
Primary Vendor Human Resource Manager’s responsibilities include:
  1.   Establish personnel administration policies for the account.
  2.   Provide the Human Resources management function for the account.
  3.   Provide the recruitment and placement function for the account.
  4.   Provide the communication forms for the account.
Confidential
Schedule S — Governance

 

Page 7 of 15


 

3.0   Committees and Teams
  1.   An Executive Steering Committee will be formed, consisting of an equal number of both ACI and Vendor executives, to provide business oversight and ensure that the Service delivery objectives are achieved. This committee will also direct the ACI / Vendor relationship and assist the ACI Engagement Executive and Vendor Project Executive in decisions that directly affect this Agreement.
  2.   An ACI Engagement Manager and a Vendor Delivery Executive will be appointed by the Parties to liaise with the Executive Steering Committee and to monitor and resolve, where possible, any issues raised by the ACI Service Manager(s) and Vendor Service Delivery Manager.
  3.   The appropriate ACI Service Manager(s) and Vendor Service Delivery Manager(s) will carry out the day-to-day coordination of Service delivery, and will include other ACI representatives as required.
  4.   ACI and Vendor will jointly develop and implement agreed performance management and business assurance processes.
  5.   The performance management and business assurance processes and procedures will be deployed at the designated ACI Locations, which will confirm the stable start-up and efficient delivery of the Services.
3.1   Executive Steering Committee
Within 30 days of the Effective Date, the Parties will establish an Executive Steering Committee.
The Executive Steering Committee will have executive management responsibility for the Agreement and for the relationship between the parties and provide strategic direction. This committee’s responsibilities will include:
    Discussing the evolving business agenda of both companies.
 
    Reviewing and refreshing the strategic goals for the partnership.
 
    Identifying change on the horizon that will need to be managed.
 
    Reviewing performance against the strategic goals, both business and relationship, and assessing client satisfaction.
 
    Exploring ways to extend the relationship to solve new business challenges.
 
    Reviewing and discussing how the parties can leverage new skills, techniques, and knowledge gained by Vendor through research and development initiatives and experiences with other clients.
Confidential
Schedule S — Governance

 

Page 8 of 15


 

3.1.1   Members
The Executive Steering Committee shall be chaired by the ACI Engagement Executive and Vendor Project Executive and will be comprised as follows:
  1.   ACI Global CIO.
  2.   Vendor Vice President, Global Technology Services, Banking Industry.
  3.   Vendor Delivery Director Global Technology Services, Financial Services Sector.
  4.   ACI Business Unit Coordinators.
  5.   Vendor Client Executive.
  6.   Other ACI and Vendor personnel as required.
3.1.2   Key Responsibilities
The responsibilities of the Executive Steering Committee include:
  1.   Ensure business alignment between the Parties, analysis of ACI and Vendor business plans, and oversight of new or modified Services during the Term.
  2.   Develop strategic requirements and plans associated with the Services or New Services during the Term.
  3.   Resolve issues escalated by the Management Committee.
3.1.3   Reports (to be provided by Vendor)
Provide minutes of Executive Steering Committee meetings.
3.1.4   Meetings
Hold initial quarterly meetings, changing to time periods as agreed by the Parties.
3.2   Management Committee
Within 30 days after the Effective Date, the Parties will establish a Management Committee.
The Management Committee will manage the business relationship between the Parties. This committee’s responsibilities will include:
    Developing strategies to meet the goals that are set by the Executive Steering Committee.
 
    Addressing any systemic contractual or management issues.
 
    Periodically assessing the quality of the working relationship and planning the appropriate actions to strengthen the relationship.
 
    Identifying and resolving conflict.
 
    Identifying and managing impending change.
 
    Reviewing business volumes and service performance.
 
    Investigating new opportunities to deliver business value.
 
    Making recommendations to the Executive Steering Committee on significant changes to objectives, strategies, or the contract.
 
    Defining the procedures and practices to be followed by the Service Delivery Committee.
Confidential
Schedule S — Governance

 

Page 9 of 15


 

3.2.1   Members
The Management Committee shall be chaired by the ACI Engagement Manager and Vendor Delivery Project Executive and will be comprised as follows:
  1.   ACI Engagement Executive.
  2.   Vendor Project Executive.
  3.   Other ACI and Vendor personnel as required.
3.2.2   Authority
Subject to direction and approval from the Executive Steering Committee and to the authority derived from the Change Control procedures to be approved by ACI, the Management Committee will have general authority and responsibility regarding:
  1.   Proposing changes to the Agreement.
  2.   Adding, modifying, and/or removing Services covered by the Agreement.
  3.   Operational, technical, financial, and general management oversight of the Agreement.
  4.   Resolving issues escalated by the Service Delivery Committee.
3.2.3   Key Responsibilities
The responsibilities and authorities of the Management Committee will be determined and delegated in each case in accordance with the authority outlined in Section 3.2.2 above.
The responsibilities of the Management Committee include:
  1.   Manage the performance of the Parties’ respective roles and responsibilities under the Agreement.
  2.   Implement/execute the Agreement.
  3.   Manage risks and opportunities for improvement.
  4.   Monitor Service delivery and Transition activities based on reporting and coordination with the Service Delivery Committee.
  5.   Consider and approve, where possible, operational and technical changes in accordance with the Change Management requirements set out in Exhibit A-1 (Delivery Management Services (Cross Functional)) of Schedule A (Statement of Work).
Confidential
Schedule S — Governance

 

Page 10 of 15


 

  6.   Consider and approve, where possible, changes to the Agreement and to the Services in accordance with the Change Control procedures to be approved by ACI.
  7.   Seek to resolve any issues escalated by the Service Delivery Committee in accordance with Section 4.0 (Issue Escalation Procedures) in this Schedule.
  8.   Produce any Management Committee summary reports as set out in Schedule R (Reports) and submit them for Executive Steering Committee review.
  9.   Approve the following and report, as required, to the Executive Steering Committee with respect to:
  9.1.   Service Levels, Service Level Credits, and Earnback, as described in Schedule B (Service Levels).
  9.2.   Continuous improvement and quality assurance measures.
  9.3.   Proposals for reset of Service Levels.
  9.4.   Review of financial performance.
  9.5.   Pricing.
  9.6.   Customer satisfaction surveys.
  9.7.   Audit results.
  9.8.   Benchmarking results.
  10.   Monitor and review the ongoing status of Third Party Contracts as appropriate.
  11.   Initiate, as appropriate, the recommendations and suggestions made by the Executive Steering Committee relating to the Services and/or this Agreement.
  12.   Ensure the implementation of process/infrastructure, financial and resource plans.
  13.   Review business proposals as submitted by ACI business sponsors and/or Vendor personnel.
  14.   Recommend new proposals to the Executive Steering Committee.
  15.   Provide advice and direction to the Service Delivery Committee for performance improvement.
  16.   Delegate any powers it considers appropriate to the Service Delivery Committee.
3.2.4   Reports (to be prepared by Vendor)
Provide minutes of Management Committee meetings.
Confidential
Schedule S — Governance

 

Page 11 of 15


 

3.2.5   Meetings
The Management Committee will meet (at a minimum) monthly, and at other times as agreed between the Parties, to review:
  1.   Contract Management and Change Control.
  2.   Service delivery.
  3.   Transition management (as required).
  4.   Transformation management (as required).
  5.   Change Management.
  6.   Technical planning.
3.3   Service Delivery Committee
Within 60 days after the Effective Date, the Parties will establish a Service Delivery Committee.
The Service Delivery Committee will focus on service quality and continuous improvement. This committee’s responsibilities include:
    Identifying and addressing day-to-day service and change management issues.
 
    Preparing reports for the Management Committee, to highlight service issues.
 
    Identifying upcoming events that may result in changes in service demand.
 
    Reviewing and discussing client satisfaction and service quality improvements.
 
    Reviewing monthly reports and Service Level attainment.
 
    Continually reviewing support processes, tools, and methodologies.
3.3.1   Members
The Service Delivery Committee will be comprised as follows:
  1.   ACI Service Manager(s).
  2.   ACI Business-Unit Coordinator.
  3.   ACI Site Managers (as required).
  4.   Vendor Delivery Project Executive.
  5.   Vendor Service Delivery Manager.
  6.   Other ACI and Vendor personnel as required.
Confidential
Schedule S — Governance

 

Page 12 of 15


 

3.3.2   Authority
All members of the Service Delivery Committee:
  1.   Review and approval, where possible, of the short-term and long-term plans and activities in regard to the delivery of the Services.
  2.   Resolution of Service delivery problems.
  3.   Upward notification of all opportunities or issues that might result in the addition, deletion, or modification of the Services, or the terms of the Agreement, irrespective of the initiating Party.
  4.   Agreement of local Service delivery initiatives, where approved by appropriate level.
3.3.3   Key Responsibilities
The responsibilities and authorities of the ACI and Vendor representatives will be determined and delegated in each case by the Management Committee and may include matters within the relevant region such as the following:
  1.   Monitor Critical Deliverables and Service Levels.
  2.   Coordinate and communicate day-to-day Service delivery issues; address, co-coordinate, and prioritize the issues affecting the provision of the Services to ACI.
  3.   Review and escalate operational problems and issues in accordance with the Procedures Manual.
  4.   Review and schedule change requests in accordance with the Change Management requirements described in Schedule A (Statement of Work).
  5.   Ensure efficient flow of documentation as required by the Agreement.
  6.   Handle disputes within the authority of the ACI and Vendor representatives, and refer others to the Management Committee in accordance with Section 4.0 (Issue Escalation Procedures) of this Schedule.
  7.   Submit issues concerning the relationship between the Parties to the Management Committee for its guidance and recommendations.
  8.   Submit reports as required and as defined in Schedule R (Reports) to the Management Committee.
  9.   Advise the Management Committee of new opportunities and proposals.
  10.   Identify and refer matters outside the authority of ACI and Vendor representatives to the Management Committee.
  11.   Review and present recommendations and suggestions made by ACI representatives and Vendor representatives relating to the Services, and initiate appropriate actions.
  12.   Identify issues that may have an impact outside the relevant Locations and refer these to the Management Committee and, as appropriate, to other Locations as required.
Confidential
Schedule S — Governance

 

Page 13 of 15


 

  13.   Review and adjust the following, as directed by the Management Committee:
    13.1.    Service Levels.
    13.2.    Continuous improvement and quality assurance measures.
    13.3.    Customer satisfaction surveys.
    13.4.    Audits.
    13.5.    Benchmarking results.
3.3.4   Reports (to be prepared by Vendor)
  1.   Regional/Management Reports.
  2.   Service Levels and Service delivery results (as required).
  3.   Minutes.
3.3.5   Meetings
The Service Delivery Committee will meet (at a minimum) bi-weekly, and at other times as agreed between the Parties, to review:
  1.   Contract issues.
  2.   Service delivery.
  3.   Transition management (as required).
  4.   Transition/projects (as required).
4.0   Issue Escalation Procedures
From time to time, issues will arise that cannot be resolved at the various levels of management within the ACI and Vendor teams. These issues may arise at a particular site/country, region or at the global level. These issues may involve obligations of Party, performance, commercial issues, personnel, etc.
It is the intent of ACI and Vendor to resolve issues in a constructive way that reflects the concerns and commercial interests of each Party. Both Parties’ primary objective and intent is to have issues resolved by the appropriate levels of authority without the need for escalation. With this in mind, the following steps are to be followed:
  1.   Notification: Either Party may decide that escalation is desirable when resolution of an issue appears unachievable at the current management level. In this case, the Party desiring escalation provides written notice of its intention to the member(s) of the other Party currently involved in the dispute. At either Party’s request, the Parties currently engaged in attempting to resolve the issue shall meet again to attempt resolution of the issue prior to escalation to the next level. When and if the issue cannot be resolved at the current management level, the issue will then be escalated after good faith attempts by both Parties to resolve the issue at the current level.
Confidential
Schedule S — Governance

 

Page 14 of 15


 

  2.   Documentation: Both Parties will jointly develop a short briefing document called Statement of Issue for Escalation that describes the issue, relevant impact, and positions of both Parties.
  3.   Request for Assistance: A meeting will be scheduled with appropriate individuals as described below (phone or videoconference in most cases). The Statement of Issue for Escalation will be sent in advance to the participants.
  4.   It is the intention of ACI and Vendor that issues are escalated for review and resolution to the next level of management.
Confidential
Schedule S — Governance

 

Page 15 of 15


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT THE
PORTIONS OF THIS DOCUMENT DENOTED BY BOXES AND
ASTERISKS BE ACCORDED CONFIDENTIAL TREATMENT
PURSUANT TO RULE 24b-2 PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1934.
SCHEDULE T
HUMAN RESOURCES
1.   INTRODUCTION
This Schedule T describes the responsibilities of Vendor and ACI with respect to the Affected Employees and Rebadged Employees in the United States. Since employment laws and standards differ outside the United States this Schedule T will be used as a guideline by the party’s for non United States employees. Any non-United States employee who becomes a Rebadged Employees shall receive consideration appropriate for the position and location where they reside.
2.   EMPLOYMENT TERMS
  a.   Offers of Employment
Before the Effective Date:
  (1)   ACI acknowledges that it provided Vendor with a list of the Affected Employees, together with their job descriptions and responsibilities, their base salary as of the Effective Date (“Current Salary”), a description of all benefits applicable to such Affected Employees, the terms of their employment, and such other information mutually agreed to by Vendor and ACI and, for those Affected Employees who are Foreign Nationals, the country of citizenship and immigrant status of such Affected Employees (collectively, the “Affected Employee Information”). ACI acknowledges that Vendor has relied upon such Affected Employee Information in entering into this Agreement. Vendor reserves the right to withdraw any employment offer to, or otherwise not to hire, any Affected Employee for export control reasons.
  (2)   Consistent with Vendor normal interview and selection process Vendor, will make offers of employment to certain of the Affected Employees. Such offers will include [*] Should the Affected Employee agree and accept the position they will then be deemed Rebadged Employees for the purpose of this Agreement. Vendor has agreed [*]
  b.   [*]
 
  c.   [*]
 
  d.   Other Responsibilities
 
      [*]
                         
POTENTIALLY REBADGED EMPLOYEES  
    Last Name     First Name     Dept  
 
                       
[*]
*  Represents two pages of redacted tabular data
Confidential
Schedule T — Human Resources

 

 


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT THE
PORTIONS OF THIS DOCUMENT DENOTED BY BOXES AND
ASTERISKS BE ACCORDED CONFIDENTIAL TREATMENT
PURSUANT TO RULE 24b-2 PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1934.
SCHEDULE U
CHANGE CONTROL PROCEDURE
1.   INTRODUCTION
This Schedule U describes the Contractual Change Control Procedure Vendor and ACI will follow where required under the Agreement, including changes to [ * ]
2.   DEFINITION OF CHANGE
Change” means [ * ]
3.   CHANGE CONTROL PROCEDURES
3.1   If ACI desires a Change, ACI will deliver a written notice to the Vendor Delivery Executive, which generally describes the proposal (a “Change Request”).
3.2   If Vendor wishes on its own initiative to propose a Change, Vendor will deliver a draft Change Management Document (as defined below) for ACI’s review.
3.3   Vendor will conduct an impact assessment of any Changes initiated under Section 3.1 or 3.2 above, at no incremental charge, to determine what Service modifications implementing the Change would require, including whether there would be resulting changes in Charges, and to document the impact of the Change (the “Change Management Document”). Each Change Management Document provided by Vendor will be in substantially the form attached hereto as Exhibit U-1, including:
  (A)   [ * ]
  (B)   [ * ]
  (C)   [ * ]
  (D)   [ * ]
  (E)   [ * ]
  (F)   [ * ]
  (G)   for the implementation of a New Service, when and to the extent appropriate:
  (1)   a transition plan, including milestones, Deliverables and Deliverable Credits;
  (2)   a transformation plan, including milestones and a schedule for completing the transformation;
  (3)   a draft plan for the provision of Termination/Expiration Assistance for the New Service; and
  (4)   a draft update or supplement to Vendor’s then-current disaster recovery plan documents and the Procedures Manual to incorporate the New Service.
Confidential
Schedule U — Change Control Procedure

 

 


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT THE
PORTIONS OF THIS DOCUMENT DENOTED BY BOXES AND
ASTERISKS BE ACCORDED CONFIDENTIAL TREATMENT
PURSUANT TO RULE 24b-2 PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1934.
3.4   First drafts of the Change Management Document for Change Requests by ACI will be delivered based on the following classification:
[ * ]
3.5   If Vendor, in proposing a Change or responding to a Change Request, proposes new Charges, or an increase in existing Charges, the Change Management Document will include the underlying financial assumptions and a reasonably detailed demonstration of the increased resources required to accommodate the Change.
3.6   Vendor acknowledges that not every Change will necessarily result in new Charges or an increase in existing Charges. Notwithstanding any term of this Schedule U to the contrary, no additional Charges will be payable for a Change (a) that can be handled with the resources then currently utilized by Vendor to deliver the Services without materially impacting Vendor’s ability to meet Service Levels or other obligations under this Agreement (such as Changes to operating procedures, schedules and equipment configurations), (b) that is required to cure a defective Deliverable or other Service default, or (c) that does not cause a net increase in Vendor’s cost of providing the Services, taking into account any cost savings arising from the Change.
3.7   All Changes will be reviewed and prioritized by the Relationship Management Team.
3.8   If ACI elects to accept the Change Management Document (as modified from the original version proposed by Vendor by agreement of the Parties), as evidenced by the written approval of the ACI Contract Executive, the Parties will execute the Change Management Document.
  (A)   Except as expressly provided to the contrary herein with respect to emergency Changes, no Change will become effective without the written approval of the ACI Contract Executive and the Vendor Delivery Executive.
  (B)   Until such time as a Change has such written approval, Vendor shall, unless otherwise agreed in writing, continue to provide the Services as if the Change Request had not been made.
  (C)   Any discussions which may take place between the Parties in connection with a Change Request before the authorization of a resultant Change Management Document shall be without prejudice to the rights of either Party.
Confidential
Schedule U — Change Control Procedure

 

 


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT THE
PORTIONS OF THIS DOCUMENT DENOTED BY BOXES AND
ASTERISKS BE ACCORDED CONFIDENTIAL TREATMENT
PURSUANT TO RULE 24b-2 PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1934.
  (D)   Each Change Management Document will, until signed, serve as an administrative instrument to guide and organize the Parties’ deliberations regarding the proposed Change. However, the final Change Management Document that is signed will be limited to defining the Change itself (including all impacts to compensation). Accordingly, before being signed and becoming effective, each Change Management Document will be reviewed and revised to delete Section A (of Exhibit U-1) and any other terms other than the agreed terms of the Change.
3.9   All Change Management Documents will be logged and documented by Vendor and designated, as specified by ACI, within one of the following priority categories:
[ * ]
Unless otherwise specified by ACI in writing on a case-by-case basis, work under Change Management Documents of a higher priority will take precedence over work under Change Management Documents of a lower priority.
4.   MANDATORY CHANGES
4.1   Mandatory Change” means [ * ]
4.2   Notwithstanding any term or condition of this Schedule U to the contrary, if ACI exercises its right to require a Mandatory Change, it will deliver a Change Notice to Vendor that describes the nature of the required Mandatory Change in sufficient detail to allow for Vendor to commence implementation thereof, expressly designates the Change as a Mandatory Change and authorizes Vendor to commence such implementation (the “Mandatory Change Notice”). Unless otherwise instructed by ACI in the Mandatory Change Notice, Vendor will begin implementing the Mandatory Change immediately after receipt of the Mandatory Change Notice.
4.3   Vendor’s preparation and the Parties’ finalization of the Change Management Document for a Mandatory Change will take place concurrently with Vendor’s implementation of the Mandatory Change. Vendor shall also prepare and deliver to ACI a good faith estimate of the impact on the Charges as a result of implementation of the Mandatory Change.
4.4   If the Parties are unable to agree on the impact on the Charges within thirty (30) days after the Mandatory Change Notice, then (i) Vendor will charge ACI for the work performed at the rates listed in Schedule C (Charges) for the level of resource that is reasonably required to complete the Mandatory Change, plus reasonable out-of-pocket expenses, pre-approved by ACI in writing, directly attributable to the Mandatory Change until such time as the Parties agree, as documented under this Contractual Change Control Procedure, to the actual costs of the Mandatory Change and (ii) either Party may consider such failure to agree to be a dispute, and may escalate such dispute for resolution in accordance with Article 20 of the Agreement. Promptly following the resolution of such dispute, the Parties shall conduct a true-up process to reconcile the Charges paid by ACI for such Mandatory Change with the ultimate resolution of the dispute.
Confidential
Schedule U — Change Control Procedure

 

 


 

5.   IMPACT ON ENVIRONMENT
5.1   Notwithstanding anything to the contrary in the Agreement, the Procedures Manual, or ACI’s existing procedures, Vendor will not make any Change that has a material adverse affect on the functions or performance, or materially decreases the operational efficiency, of the Services, including the implementation of technological Changes, without first obtaining ACI’s written approval, except as described in Section 5.2 below.
5.2   Emergency Changes may be needed in exceptional circumstances. In such a circumstance, Vendor must make commercially reasonable efforts to obtain approval prior to making the Change from the ACI Contract Executive or another ACI Relationship Management Team member. If none are available, and in the opinion of the Vendor, a delay in implementing the Change is reasonably likely to result in some material failure of a Service obligation, breach of ACI information security, violation of Applicable Law or other material adverse impact to ACI or its business, Vendor may make the Change, and then report the incident to ACI at the first opportunity, and prepare a Change Management Document form in accordance with this Schedule U.
6.   CHANGE TRACKING
Each Change Request and Change Management Document will be tracked using a Vendor assigned reference number. Vendor will:
  (A)   Prepare a monthly report listing any open Change Requests or Change Management Documents;
  (B)   Inform ACI, in writing, of the completion of approved Changes; and
  (C)   Provide testing and demonstration of the completed implementation as agreed by the Parties.
* * * * *
Confidential
Schedule U — Change Control Procedure

 

 


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT THE
PORTIONS OF THIS DOCUMENT DENOTED BY BOXES AND
ASTERISKS BE ACCORDED CONFIDENTIAL TREATMENT
PURSUANT TO RULE 24b-2 PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1934.
EXHIBIT U-1
FORM OF CHANGE MANAGEMENT DOCUMENT
    [ * ]
*  Represents two pages of redacted tabular data
             
SECTION C. APPROVALS        
 
           
ACI WORLDWIDE, INC.   INTERNATIONAL BUSINESS MACHINES CORPORATION
 
           
By:
      By:    
             
Name:
      Name:    
             
Title:
      Title:    
             
Confidential
Exhibit U-1 — Form of Change Management Document

 

 


 

SCHEDULE V
IN-FLIGHT PROJECTS
1.   INTRODUCTION
This Schedule describes the Projects to be performed under this Agreement and the overall Project management process that will be implemented in order to support delivery of such Projects. Vendor shall be responsible for such Projects as of the Service Tower Commencement Date.
2.   IN-SCOPE PROJECTS
Projects for which there is a Baseline set forth in Schedule C (Charges) and listed herein as of the Service Tower Commencement Date are included within the Annual Services Charge (“In-scope Projects”). Any additional Projects may be chargeable as set forth in this Agreement.
  a.   Vendor will:
  (1)   assess project schedules and budgets for completeness and viability;
  (2)   for those projects that do not meet the project schedule and budget criteria, provide an action plan for ACI’s approval; and
  (3)   perform project activities set forth in the plan based upon ACI’s project prioritization.
  b.   ACI will:
  (1)   review and approve the action plan provided by Vendor for those In-scope Projects which do not meet the project schedule and budget criteria; and
  (2)   review and reprioritize In-scope Projects, as appropriate, and notify Vendor.
3.   PROJECT MANAGEMENT PROCESS
  a.   Vendor’s Project management process is based upon the premise that the Vendor Delivery Project Executive has overall responsibility and accountability to meet the agreed upon quality, cost, schedule and technical objectives of the Project.
  b.   ACI and Vendor will each assign an individual to a Project (each a “Project Manager” and collectively the “Project Managers”) who has the authority to represent and bind ACI and Vendor, respectively, for that Project and who will have specific operational roles as described below and further delineated in the Project Plan. A Project Manager may be assigned to oversee more than one Project at a time. ACI and Vendor will each provide the other reasonable advance written notice of a change to their respective Project Manager and will discuss any objections the other has to such change.
  c.   ACI and Vendor will develop a Project Plan as specified in Section 5 (Project Plan) below, as applicable. Upon ACI’s and Vendor’s signature of such Project Plan, the Project Plan will be assigned a sequential number and will be attached to, and become a part of, this Schedule, for example, Project Plan V-1 (Title), Project Plan V-2 (Title). The terms and conditions of this Agreement will apply to all Projects, except to the extent expressly amended by the applicable Project Plan.
Confidential
Schedule V — In-Flight Projects

 

Page 1 of 7


 

4.   PROJECT MANAGERS
  a.   Vendor Responsibilities
The Vendor Project Manager will:
  (1)   be the single point of contact to ACI for establishing and maintaining communications through the ACI Project Manager regarding the Project;
  (2)   develop the detailed Project Plan in conjunction with the ACI Project Manager;
  (3)   measure, track and evaluate progress against the Project Plan;
  (4)   maintain files of the Project Plan and any associated documentation;
  (5)   manage the Project for Vendor including planning, directing, and monitoring all Project activities;
  (6)   establish the Vendor Project team and, in conjunction with the ACI Project Manager, orient team members regarding the Project management process and the Project Plan, including individual responsibilities, deliverables and schedules;
  (7)   provide operational guidance to, manage and be accountable for the performance of Vendor’s employees and Approved Subcontractors assigned to the Project;
  (8)   define and monitor the support resources required for the Project;
  (9)   implement all changes consistent with the Project change control process set forth in Section 6 (Change Control Process) below;
  (10)   resolve deviations from the Project Plan with the ACI Project Manager;
  (11)   identify and address Project issues with the ACI Project Manager;
  (12)   plan, schedule, conduct and participate in periodic Project planning, review, and status meetings, as applicable, including review of the Work Products being produced;
  (13)   coordinate and schedule the attendance of Vendor’s employees and Approved Subcontractors, as appropriate, at such periodic planning, review, and status meetings; and
  (14)   provide periodic written status reports to ACI that provide information such as schedule status, technical progress, issue identification and related action plans.
  b.   ACI Responsibilities
The ACI Project Manager will:
  (1)   be the single point of contact for the management of ACI’s obligations under the Project;
  (2)   serve as the interface between the Project team members and ACI’s business functions, units, or Affiliates participating in the Project;
  (3)   define ACI’s business and technical requirements for each Project;
  (4)   assist Vendor in Vendor’s development of the detailed Project Plan and validate that the Project Plan meets ACI’s business and technical requirements;
Confidential
Schedule V — In-Flight Projects

 

Page 2 of 7


 

  (5)   establish the ACI Project team and, in conjunction with the Vendor Project Manager, orient team members regarding the Project management process and the Project Plan, including individual responsibilities, deliverables, and schedules;
  (6)   provide operational guidance to, manage and be accountable for the performance of ACI’s employees and Approved Subcontractors assigned to the Project;
  (7)   implement all changes consistent with the Project change control process set forth in Section 6 (Change Control Process) below;
  (8)   participate in and provide necessary support during periodic Project planning, review, and status meetings, as scheduled by Vendor;
  (9)   obtain and provide information, data, decisions and approvals, within the agreed time period, which, for existing Projects, will be within five Business Days of Vendor’s request, unless otherwise mutually agreed;
  (10)   coordinate and schedule the attendance of ACI employees and Approved Subcontractors, as appropriate, at planning, review, and status meetings scheduled by Vendor;
  (11)   identify and address Project issues with the Vendor Project Manager;
  (12)   escalate Project issues within ACI’s management as needed;
  (13)   assist Vendor in resolution of deviations from the Project Plan;
  (14)   participate in periodic Project reviews, as requested by Vendor; and
  (15)   review the deliverables to determine if they meet the Completion Criteria set forth in the applicable Project Plan and, within the specified time frame, inform the Vendor Project Manager in writing of the results of such review.
5.   PROJECT PLAN
A Project Plan should contain the following information:
  a.   Project Managers
This section will identify ACI’s and Vendor’s respective Project Managers including name, address, telephone number, pager number, and fax number.
  b.   Purpose and Scope of Work
This section will provide a summary of the overall purpose of the Project and define the scope of work to be performed.
  c.   Assumptions and Dependencies
This section will describe any key assumptions or dependencies upon which the Project was based or is dependent upon for successful completion, or both.
  d.   Definitions
This section will define any terms specific to the Project.
  e.   Vendor Responsibilities
This section will describe the responsibilities that Vendor is required to perform in order to complete the Project.
Confidential
Schedule V — In-Flight Projects

 

Page 3 of 7


 

  f.   ACI Responsibilities
This section will describe the responsibilities that ACI is required to perform in order to complete the Project.
  g.   Required Equipment and Materials
This section will list all required equipment and materials including, hardware and software, which ACI or Vendor must provide in order to facilitate completion of the Project.
  h.   Deliverables
This section will provide a description of any items to be delivered by Vendor under the Project.
  i.   Estimated Schedule
This section will provide the estimated schedule for completion of the Project, including any milestones and target dates for completion.
  j.   Completion Criteria
This section will state the Completion Criteria that Vendor must meet in order to satisfy its obligations under the Project.
  k.   Charges
This section will specify the applicable charges, if any, for the Project (for example, included within the Base Charge or performed for additional charges on a fixed price or time and materials basis).
  l.   Additional or Unique Terms and Conditions
This section will identify terms and conditions, if any, in addition to or different from the terms and conditions of this Agreement.
6.   CHANGE CONTROL PROCESS
The change control process is part of the overall project management system which will be implemented by Vendor to control changes to the Services. Either ACI or Vendor may request a change to a Project subject to the following change control process:
  a.   A Project may be changed only by a writing signed by authorized representatives of ACI and Vendor.
  b.   All Project Change Requests (“PCRs”) to a Project will be submitted in writing by the requesting Vendor or ACI Project Manager. The PCR will reference the Project, describe at a reasonable level of detail the change, the rationale for the change and the impact the change may have on the Project both if it is accepted and if it is rejected.
  c.   The Project Managers will review the PCR and either:
  (1)   recommend approval of the change by authorized representatives of ACI and Vendor signing the PCR. Upon such approval, the change will be implemented; or
Confidential
Schedule V — In-Flight Projects

 

Page 4 of 7


 

ACI WORLDWIDE, INC. HAS REQUESTED THAT THE
PORTIONS OF THIS DOCUMENT DENOTED BY BOXES AND
ASTERISKS BE ACCORDED CONFIDENTIAL TREATMENT
PURSUANT TO RULE 24b-2 PROMULGATED UNDER THE
SECURITIES EXCHANGE ACT OF 1934.
  (2)   agree in writing to submit the PCR for further investigation and to pay Vendor for its reasonable charges, if any, for Vendor’s investigation. Such investigation will determine the technical merits and the effect on price, schedule, and other terms and conditions that may result from the implementation of the PCR. ACI and Vendor will then agree to mutually approve or reject the PCR. If ACI and Vendor do not agree, either Vendor or ACI may submit such PCR to the Project Executives for resolution; or
  (3)   reject the PCR. If rejected, the PCR will be returned to the requesting Project Manager along with the reason for rejection.
7.   COMPLETION
  a.   Vendor will notify ACI in writing when the Completion Criteria for a deliverable has been met.
  b.   ACI must inform Vendor, in writing, within ten Business Days following receipt of Vendor’s notification if ACI believes Vendor has not met the Completion Criteria, together with reasonable detail as to the reasons for such belief.
  c.   The Vendor Project Manager will consider ACI’s timely request for revisions, if any, within the context of Vendor’s obligations.
  d.   ACI revisions, agreed to by Vendor, will be made and the Project deliverable will be resubmitted to the ACI Project Manager, at which time such deliverable will be deemed accepted.
  e.   If Vendor does not receive written notice from ACI within the time frame specified above, then the Project deliverable will be deemed accepted by ACI.
                         
In- Scope Projects  
                    Target  
Item   Project     Status     Completion  
 
                       
[ * ]
*  Represents three pages of redacted tabular data
Confidential
Schedule V — In-Flight Projects

 

Page 5 of 7

Exhibit 31.01
Exhibit 31.01
CERTIFICATION OF PRINCIPAL EXECUTIVE OFFICER
I, Philip G. Heasley, certify that:
1.   I have reviewed this quarterly report on Form 10-Q/A of ACI Worldwide, Inc.;
2. Based on my knowledge, this report does not contain any untrue statement of a material fact or omit to state a material fact necessary to make the statements made, in light of the circumstances under which such statements were made, not misleading with respect to the period covered by this report;
3. Based on my knowledge, the financial statements, and other financial information included in this report, fairly present in all material respects the financial condition, results of operations and cash flows of the registrant as of, and for, the periods presented in this report;
4. The registrant’s other certifying officer and I are responsible for establishing and maintaining disclosure controls and procedures (as defined in Exchange Act Rules 13a-15(e) and 15d-15(e)) and internal control over financial reporting (as defined in Exchange Act Rules 13a-15(f) and 15d-15(f)) for the registrant and have:
a) Designed such disclosure controls and procedures, or caused such disclosure controls and procedures to be designed under our supervision, to ensure that material information relating to the registrant, including its consolidated subsidiaries, is made known to us by others within those entities, particularly during the period in which this report is being prepared;
b) Designed such internal control over financial reporting, or caused such internal control over financial reporting to be designed under our supervision, to provide reasonable assurance regarding the reliability of financial reporting and the preparation of financial statements for external purposes in accordance with generally accepted accounting principles;
c) Evaluated the effectiveness of the registrant’s disclosure controls and procedures and presented in this report our conclusions about the effectiveness of the disclosure controls and procedures, as of the end of the period covered by this report based on such evaluation; and
d) Disclosed in this report any change in the registrant’s internal control over financial reporting that occurred during the registrant’s most recent fiscal quarter (the registrant’s fourth fiscal quarter in the case of an annual report) that has materially affected, or is reasonable likely to materially affect, the registrant’s internal control over financial reporting; and
5. The registrant’s other certifying officer and I have disclosed, based on our most recent evaluation of internal control over financial reporting, to the registrant’s auditors and the audit committee of the registrant’s board of directors (or persons performing the equivalent functions):
a) All significant deficiencies and material weaknesses in the design or operation of internal control over financial reporting which are reasonably likely to adversely affect the registrant’s ability to record, process, summarize and report financial information; and
b) Any fraud, whether or not material, that involves management or other employees who have a significant role in the registrant’s internal control over financial reporting.
         
Date: April 29, 2010  /s/ PHILIP G. HEASLEY    
  Philip G. Heasley   
  President, Chief Executive Officer and Director
(Principal Executive Officer)
 
 

 

 

Exhibit 31.02
Exhibit 31.02
CERTIFICATION OF PRINCIPAL FINANCIAL OFFICER
I, Scott W. Behrens, certify that:
1. I have reviewed this quarterly report on Form 10-Q/A of ACI Worldwide, Inc.;
2. Based on my knowledge, this report does not contain any untrue statement of a material fact or omit to state a material fact necessary to make the statements made, in light of the circumstances under which such statements were made, not misleading with respect to the period covered by this report;
3. Based on my knowledge, the financial statements, and other financial information included in this report, fairly present in all material respects the financial condition, results of operations and cash flows of the registrant as of, and for, the periods presented in this report;
4. The registrant’s other certifying officer and I are responsible for establishing and maintaining disclosure controls and procedures (as defined in Exchange Act Rules 13a-15(e) and 15d-15(e)) and internal control over financial reporting (as defined in Exchange Act Rules 13a-15(f) and 15d-15(f)) for the registrant and have:
a) Designed such disclosure controls and procedures, or caused such disclosure controls and procedures to be designed under our supervision, to ensure that material information relating to the registrant, including its consolidated subsidiaries, is made known to us by others within those entities, particularly during the period in which this report is being prepared;
b) Designed such internal control over financial reporting, or caused such internal control over financial reporting to be designed under our supervision, to provide reasonable assurance regarding the reliability of financial reporting and the preparation of financial statements for external purposes in accordance with generally accepted accounting principles;
c) Evaluated the effectiveness of the registrant’s disclosure controls and procedures and presented in this report our conclusions about the effectiveness of the disclosure controls and procedures, as of the end of the period covered by this report based on such evaluation; and
d) Disclosed in this report any change in the registrant’s internal control over financial reporting that occurred during the registrant’s most recent fiscal quarter (the registrant’s fourth fiscal quarter in the case of an annual report) that has materially affected, or is reasonable likely to materially affect, the registrant’s internal control over financial reporting; and
5. The registrant’s other certifying officer and I have disclosed, based on our most recent evaluation of internal control over financial reporting, to the registrant’s auditors and the audit committee of the registrant’s board of directors (or persons performing the equivalent functions):
a) All significant deficiencies and material weaknesses in the design or operation of internal control over financial reporting which are reasonably likely to adversely affect the registrant’s ability to record, process, summarize and report financial information; and
b) Any fraud, whether or not material, that involves management or other employees who have a significant role in the registrant’s internal control over financial reporting.
         
Date: April 29, 2010  /s/ Scott W. Behrens    
  Scott W. Behrens   
  Senior Vice President, Chief Financial Officer,
Corporate Controller and Chief Accounting Officer
(Principal Financial Officer)
 
 

 

 

Exhibit 32.01
Exhibit 32.01
CERTIFICATION OF PRINCIPAL EXECUTIVE OFFICER PURSUANT TO 18 U.S.C. SECTION 1350,
AS ADOPTED PURSUANT TO SECTION 906 OF THE SARBANES-OXLEY ACT OF 2002
In connection with the quarterly report of ACI Worldwide, Inc. (the “Company”) on Form 10-Q/A for the quarter ended June 30, 2009 as filed with the Securities and Exchange Commission on the date hereof (the “Report”), I, Philip G. Heasley, Principal Executive Officer of the Company, certify, pursuant to 18 U.S.C. Section 1350, as adopted pursuant to Section 906 of the Sarbanes-Oxley Act of 2002, that to my knowledge:
1)   The Report fully complies with the requirements of Sections 13(a) or 15(d) of the Securities Exchange Act of 1934; and
2)   The information contained in the Report fairly presents, in all material respects, the financial condition and results of operations of the Company.
         
Date: April 29, 2010  /s/ PHILIP G. HEASLEY    
  Philip G. Heasley   
  President, Chief Executive Officer and Director
(Principal Executive Officer)
 
 

 

 

Exhibit 32.02
Exhibit 32.02
CERTIFICATION OF PRINCIPAL FINANCIAL OFFICER PURSUANT TO 18 U.S.C. SECTION 1350,
AS ADOPTED PURSUANT TO SECTION 906 OF THE SARBANES-OXLEY ACT OF 2002
In connection with the quarterly report of ACI Worldwide, Inc. (the “Company”) on Form 10-Q/A for the quarter ended June 30, 2009 as filed with the Securities and Exchange Commission on the date hereof (the “Report”), I, Scott W. Behrens, Principal Financial Officer of the Company, certify, pursuant to 18 U.S.C. Section 1350, as adopted pursuant to Section 906 of the Sarbanes-Oxley Act of 2002, that to my knowledge:
1)   The Report fully complies with the requirements of Sections 13(a) or 15(d) of the Securities Exchange Act of 1934; and
2)   The information contained in the Report fairly presents, in all material respects, the financial condition and results of operations of the Company.
         
Date: April 29, 2010  /s/ Scott W. Behrens    
  Scott W. Behrens   
  Senior Vice President, Chief Financial Officer,
Corporate Controller and Chief Accounting Officer
(Principal Financial Officer)