Common use of Specific Information Clause in Contracts

Specific Information. For the purposes of on-going supervision of a specific Entity with Cross Border Operations, taking into account both its relevance and significance, the Authorities may agree to share and to discuss with each other regularly if appropriate, any significant information on such Entity with Cross Border Operations which is likely to be relevant in the performance of ongoing supervision. Such information which the Authorities intend to exchange could include, where relevant, without limitation: a) Information that would permit the Requesting Authority to verify that the Entity with Cross Border Operations is able to comply and actually complies with obligations and requirements set out in the Laws and Regulations in the jurisdiction of the Requesting Authority; b) Information relevant for monitoring and responding to the potential implications of the activities of an individual Entity with Cross Border Operations, for the financial stability of systemically relevant financial institutions, market confidence, investor protection and the orderly functioning and efficiency of the markets in which such Entities with Cross Border Operations are active; c) Information relevant to the governance, the financial, organisational and operational conditions of the Entity with Cross Border Operations, including, for example, on: (i) liquidity or other prudential measures, capital regulatory reports, including internal ratings-based data as reported to the Authorities; (ii) internal organisation, risk management and other internal control areas, such as: A. Information on risk management policies and procedures including, but not limited to, arrangements on conflicts of interest, internal control mechanisms, administrative and accounting procedures, arrangements for information processing systems and security mechanisms, client asset protection and business continuity and contingency arrangements; B. management information - insofar as it is relevant to the Cross-Border Establishment - including but not limited to regular reports to the group management (e.g. risk reports, reports on IT, internal audit reports, internal control reports, country-level reports, and operational and compliance risk reports), any upcoming major changes in IT systems; C. information regarding major operational risk incidentsand operational risk losses including any substantial faults or disruptions in services provided to customers or IT systems, including those caused by cyber-attacks or information security incidents / threats, as well as disruptions or faults that damage or jeopardise the capacity of the Entity with Cross Border Operations or group to continue its business activities or fulfil its obligations; D. the external auditor’s findings if relevant in order to understand the group’s overall risk profile or the risk profile of the Cross-Border Establishment specifically, and reports submitted to the group and the Cross-Border Establishment pursuant to inspections, and any other supervisory remarks, as well as communication between the group and the relevant Authority in order to obtain an understanding or knowledge of the group’s overall risk profile or for the Cross-Border Establishments specifically; (iii) material outsourcing and delegation; (iv) distribution of products, product governance, identification of target markets, conflicts of interest, client categorisation, best execution policy, compensation plans and incentives, inducements, use of tied agents; (v) recovery plans; d) Relevant regulatory information and filings that an Entity with Cross Border Operations is required to submit to the Requested Authority including, for example: interim and annual financial statements; e) Regulatory reports prepared by the Requested Authority, including, for example: examinations reports, findings, or information drawn from such reports regarding Entities with Cross Border Operations; f) Information concerning the regular review of compliance with the initial conditions of registration or authorisation, as well as information in relation to applications for additional permissions and notifications of changes, including, but not limited to, internal organisation or governance; g) Information on transactions or services provided in the jurisdiction of the Requesting Authority.

Specific Information. For the purposes of on-going supervision of a specific Entity with Cross Border Operations, taking into account both its relevance and significance, the Authorities may agree to share and to discuss with each other regularly if appropriate, any significant information on such Entity with Cross Border Operations which is likely to be relevant in the performance of ongoing supervision. Such information which the Authorities intend to exchange could include, where relevant, without limitation: a) Information that would permit the Requesting Authority to verify that the Entity with Cross Border Operations is able to comply and actually complies with obligations and requirements set out in the Laws and Regulations in the jurisdiction of the Requesting Authority; b) Information relevant for monitoring and responding to the potential implications of the activities of an individual Entity with Cross Border Operations, for the financial stability of systemically relevant financial institutions, market confidence, investor protection and the orderly functioning and efficiency of the markets in which such Entities with Cross Border Operations are active; c) Information relevant to the governance, the financial, organisational and operational conditions of the Entity with Cross Border Operations, including, for example, on: (i) liquidity or other prudential measures, capital regulatory reports, including internal ratings-based data as reported to the Authorities; (ii) internal organisation, risk management and other internal control areas, such as: A. Information on risk management policies and procedures including, but not limited to, arrangements on conflicts of interest, internal control mechanisms, administrative and accounting procedures, arrangements for information processing systems and security mechanisms, client asset protection and business continuity and contingency arrangements; B. management information - insofar as it is relevant to the Cross-Border Establishment - including but not limited to regular reports to the group management (e.g. risk reports, reports on IT, internal audit reports, internal control reports, country-level reports, and operational and compliance risk reports), any upcoming major changes in IT systems; C. information regarding major operational risk incidentsand incidents and operational risk losses including any substantial faults or disruptions in services provided to customers or IT systems, including those caused by cyber-attacks or information security incidents / threats, as well as disruptions or faults that damage or jeopardise the capacity of the Entity with Cross Border Operations or group to continue its business activities or fulfil its obligations; D. the external auditor’s findings if relevant in order to understand the group’s overall risk profile or the risk profile of the Cross-Border Establishment specifically, and reports submitted to the group and the Cross-Border Establishment pursuant to inspections, and any other supervisory remarks, as well as communication between the group and the relevant Authority in order to obtain an understanding or knowledge of the group’s overall risk profile or for the Cross-Border Establishments specifically; (iii) material outsourcing and delegation; (iv) distribution of products, product governance, identification of target markets, conflicts of interest, client categorisation, best execution policy, compensation plans and incentives, inducements, use of tied agents; (v) recovery plans; d) Relevant regulatory information and filings that an Entity with Cross Border Operations is required to submit to the Requested Authority including, for example: interim and annual financial statements; e) Regulatory reports prepared by the Requested Authority, including, for example: examinations reports, findings, or information drawn from such reports regarding Entities with Cross Border Operations; f) Information concerning the regular review of compliance with the initial conditions of registration or authorisation, as well as information in relation to applications for additional permissions and notifications of changes, including, but not limited to, internal organisation or governance; g) Information on transactions or services provided in the jurisdiction of the Requesting Authority.