Effective Internal Controls. 8.4.1 At the Company’s request, the Manager will provide the FRBNY (a) documentary evidence to support the assertion that the Manager maintains effective internal controls over financial reporting and information security, e.g., relevant internal controls reports, including System and Organization Controls (SOC), and internal compliance assessments, and access to policies and procedures governing the Manager’s operations as they relate to the performance of the services (including, without limitation, ethics policies and security policies and procedures). 8.4.2 The Manager shall provide to the FRBNY the System and Organization Control 1 (“SOC 1”) – Type II reports of the Manager and its Affiliates with respect to their respective operations and controls relevant to the performance of services under this Agreement, which reports have been prepared by an accredited independent auditor in accordance with the American Institute of Certified Public Accountants’ Statement on Standards for Attestation Engagements (SSAE No. 18) and International Standards of Attestation Engagements No. 3402, or successor standard report (“SOC 1 Reports”). The Manager shall provide SOC 1 Reports to the FRBNY at least annually. If the Manager’s SOC 1 Report covers a period other than a calendar year, the Manager shall also provide the FRBNY a letter signed by a responsible officer of the Manager attesting for the period of time from the end of the period covered by the SOC 1 Report through the calendar year in which that end date occurs (the “bridge period”) that (i) there have been no material changes to the tested controls during the bridge period; (ii) the control objectives remain in place; and (iii) the description of the services and related internal controls in the SOC 1 Report continues to be substantially accurate.
Appears in 4 contracts
Samples: Investment Management Agreement, Investment Management Agreement, Investment Management Agreement
