SECURITY CONTROL AGREEMENT
Exhibit 10.3
SECURITY CONTROL AGREEMENT
This agreement (the “Agreement”) is made this 26th day of January, 2016 (“Effective Date”), by and among XxxXxxxxx, Xxxxxxxxx and Associates Ltd., a publicly traded British Columbia corporation headquartered in the United States (the “Shareholder”), SSL MDA Holdings, Inc., a Delaware corporation (the “Company”) and the U.S. Department of Defense (i.e., DoD), all of the above collectively the “Parties.”
RECITALS
WHEREAS, the Company is duly organized and existing under the laws of the State of Delaware and has an authorized capital of 100,000 shares, all of which are common voting shares, par value $0.01 per share, of which 62,181 shares are issued and outstanding (the “Shares”); and
WHEREAS, the Shareholder owns 100 percent of the Shares; and
WHEREAS, the Shareholder has no parent or controlling shareholders; and
WHEREAS, while it is normal for DSS to use a Security Control Agreement in cases of minority foreign ownership, the Shareholder is structured as a holding company that serves as the interface with the group’s public shareholders, many of whom may be U.S. citizens; and
WHEREAS, the Company is the Shareholder’s only direct operating subsidiary and is the group’s highest-tier decision-making entity; and
WHEREAS, the Company owns and controls several operational U.S. subsidiaries, some of which require or will require a DoD facility security clearance; and
WHEREAS, the Company owns the general partner of a Delaware limited partnership (“USLP”) that holds all the voting interests of various non-U.S. operating subsidiaries; and
WHEREAS, the Shareholder holds the non-voting economic interests of USLP and its non-U.S. operating subsidiaries; and
WHEREAS, the National Industrial Security Program Operating Manual (i.e., NISPOM) requires mitigation of the risks of foreign ownership, control or influence (i.e., FOCI) in order for a company to maintain eligibility for a facility security clearance (as defined in the NISPOM); and
WHEREAS, the Company’s business consists of the provision of communications and surveillance and intelligence solutions to various agencies of the U.S. Government, including, without limitation, the DoD, which requires the Company and one or more of its Controlled Entities (as defined in Article V herein) to have facility security clearances; and the rendering of industrial security services by the Defense Security Service (i.e., DSS) as may be applicable for DoD and other U.S. government agencies pursuant to Section 1-103 of the NISPOM; and
1
WHEREAS, the DoD will not grant or continue the facility security clearance(s) of the Company and its Controlled Entities without, at a minimum and without limitation, the Parties’ execution and compliance with the provisions of this Agreement, the purpose of which is to reasonably and effectively deny the Affiliates, as defined below, unauthorized access to classified information (as that phrase is defined in the NISPOM) and other information that is the subject of U.S. export control laws and regulations (“Export Controlled Information”) and influence over the Company’s business or management in a manner that could result in the compromise of classified information or could adversely affect the performance of contracts pursuant to which access to classified information may be required. As used herein, the term “Affiliates” means (a) the Shareholder and its non-US shareholders of greater than 10% and (b) any entity that now or in the future may directly or indirectly control the Shareholder, be directly or indirectly controlled by the Shareholder, or be directly or indirectly under common control with the Shareholder. Notwithstanding the foregoing, an entity that operates under a DSS FOCI mitigation agreement, including the Company and its Controlled Entities, will not be considered an Affiliate for purposes of this Agreement so long as the entity’s FOCI mitigation agreement remains in effect. In case of doubt, mitigation imposed by the Committee on Foreign Investment in the United States is not a FOCI mitigation agreement as that term is used herein; and
WHEREAS, DSS has determined that the provisions of this Agreement are necessary to enable the United States to protect itself against the unauthorized disclosure of information relating to the national security; and
WHEREAS, the Company has agreed to establish a formal organizational structure, policies and procedures to ensure the protection of classified information and Export Controlled Information entrusted to it and to place the responsibility therefor with a committee of its Board of Directors (the “Company Board”) to be known as the Government Security Committee, all as hereinafter provided; and
WHEREAS, the Parties agree that control of the Company should be vested in the Company Board; and
WHEREAS, the Parties have agreed that management control of the defense and technology security affairs and classified contracts of the Company should be vested in resident citizens of the United States who have DoD personnel security clearances (as defined in the NISPOM); and
WHEREAS, each Affiliate that is a Party to this Agreement, by its authorized representative, hereby affirms that: (a) it will not seek access to or accept classified information or Export Controlled Information entrusted to the Company, except as permissible under the NISPOM and applicable U.S. Government laws and regulations; (b) it will not attempt to control or adversely influence the Company’s performance of classified contracts and participation in classified programs; and (c) except as expressly authorized by this Agreement, its involvement (individually and collectively) in the business affairs of the Company shall be limited to participation in the deliberations and decisions of the Company Board and authorized committees thereof; and
2
WHEREAS, in order to meet DoD’s national security objectives in the matter of the Company’s facility security clearance(s) and to further the Company’s business objectives, the Parties intend to be bound by the provisions of this Agreement.
NOW THEREFORE, it is expressly agreed by and among the Parties that this Agreement is hereby created and established subject to the following terms and conditions to which all of the Parties expressly assent and agree:
ORGANIZATION
ARTICLE I - Management of the Company’s Business
1.01. Composition of the Company’s Board of Directors. The composition of the Company Board will be determined by the Shareholder in accordance with applicable law and this Agreement. During the term of this Agreement, the Company Board:
a. must include a minimum of one person meeting the qualifications set forth in NISPOM § 2-305 (each an “Outside Director”);
b. may include one or more cleared officers of the Company (each an “Officer Director”);
c. must include a number of Outside Directors that equals or exceeds the number of Inside Directors; provided that, for purposes of this Agreement, the term “Inside Director” means a member of the Company Board who is not an Officer Director or an Outside Director, as those terms are defined herein; provided that any director who is also a significant shareholder, director, officer, employee, agent or representative of any Affiliate, as that term is defined herein, is deemed to be an Inside Director, except where DSS has given its consent in advance and in writing. For example, the Company’s Chief Executive Officer and Outside Directors, each as of the Effective Date, may be permitted by DSS to hold interlocking positions at the Shareholder;
d. may consist of a combination of Outside Directors, Inside Directors, and Officer Directors;
e. must not have an Inside Director as the Company’s Chairman of the Board, except as specifically provided herein; and
f. must be composed of persons serving on the Company Board who are possessed with, and capable of, exercising all of the rights, powers, privileges, immunities and duties conferred or imposed upon such persons by applicable statutes and regulations, and by the Company’s charter and governing documents; provided that, each Outside Director and each Officer Director perform his or her or duties, including fiduciary duties, in accordance with his or her Best Efforts. “Best Efforts” means performance of duties reasonably and in good faith, in the manner believed to be in the best interests of the Company, but consistent with the national security concerns of the United States, and with such care, including reasonable inquiry, as an ordinarily prudent person in a like position would use under similar circumstances.
3
1.02. Actions by the Company Board.
a. No action may be taken by the Company Board or any committee thereof in the absence of a quorum, as defined below.
b. A majority of the Company Board, including at least one Outside Director, shall be necessary to constitute a quorum. Where the Company Board is composed, in its entirety, of an even number of directors and a quorum consists of all the directors, then the Chairperson of the Board shall have the authority to cast the deciding vote in case of a tie among the directors. With respect to the Government Security Committee (see Section 7.01 below), a majority of the committee shall be necessary to constitute a quorum. With respect to all other standing committees of the Company Board, including the Compensation Committee (see Section 8.01 below), a majority of each such committee, including at least one Outside Director shall be necessary to constitute a quorum.
ARTICLE II - Limitations on the Company Board and Disclosure of Investor Protections
2.01. Investor Protections. An “Investor Protection” means a legally enforceable right to:
a. prevent the merger, consolidation, reorganization, or dissolution of the Company; the liquidation, sale or pledge of all or substantially all of the assets of the Company; the acquisition by the Company of a company, business, or other legal entity; the entrance by the Company into financing arrangements or indebtedness in excess of $5,000,000 other than in the Normal Course of Business (as that term is defined in the Company’s Signing Authority Matrix approved by the Shareholder); or a voluntary filing for bankruptcy or liquidation or any sale of any business of the Company or any Controlled Entity or any assets having a value in excess of $5,000,000, other than in the Normal Course of Business;
b. purchase additional shares in the Company to prevent the dilution of an investor’s pro rata interest in the Company in the event that the Company issues new shares;
c. prevent the change of existing legal rights or preferences of the shares, as provided in the Company’s charter documents;
d. prevent the amendment of the Company’s charter documents with respect to the matters described in (a) through (c) of this paragraph;
e. approve or disapprove the Company’s execution of unclassified contracts valued in excess of $25,000,000 other than in the Normal Course of Business;
f. approve or disapprove capital expenditures by the Company in excess of $5,000,000 other than in the Normal Course of Business;
g. cause the Company to adopt the risk-management policies of the Shareholder with respect to regulatory and legal compliance, contract overruns (for unclassified contracts only), and related matters;
4
h. cause the Company to adopt the financial reporting standards and policies of the Shareholder;
i. cause the Company to adopt the corporate strategies (not involving classified information or contracts) of the Company and the Controlled Entities involving capital and financial structuring; and
j. hold meetings among Shareholder personnel and Company or Controlled Entities personnel with respect to administrative, financial, and operational matters, including any matters with respect to approved budgets, including remediation actions, related to commercial and non-U.S. classified and export-controlled activities and contracts (such meetings shall not be subject to the request and approval procedures of Article XI of the Agreement, but records of such meetings shall be maintained pursuant to Section 11.09 of the Agreement).
2.02. Company Board Actions, Shareholder Consent. Nothing in this Agreement authorizes the Company Board to initiate any action to terminate this Agreement, except as provided in Section 16.01, or to take any action inconsistent with an Investor Protection without the prior written consent of the Shareholder.
2.03. Extraordinary Shareholder Rights Superseded. Extraordinary shareholder rights in the Company, if any, of the Shareholder other than one or more Investor Protections are superseded by this Agreement for the duration of this Agreement without prior written consent of DSS FOCI Operations Division and the Government Security Committee voting unanimously. Investor Protections are not created by this Agreement; however, if any Investor Protection exists, it is not superseded by this Agreement.
ARTICLE III - Qualification, Appointment, and Removal of Directors; Board Vacancies
3.01. Company Board Requirements. During the period that this Agreement is in force, the Company Board shall be composed as provided in Section 1.01 above, and the directors shall meet the following additional requirements:
a. each Officer Director and Outside Director shall be a resident citizen of the United States and have or be eligible to have DoD personnel security clearances at the level of the Company’s facility security clearance;
b. each Outside Director shall have been approved by DSS as satisfying the appropriate DoD personnel security requirements and the applicable provisions of this Agreement;
c. at least two Outside Directors shall be designated to serve on the Shareholder board of directors, and each other Outside Director shall be granted by the Shareholder the right to attend any meetings of the Shareholder board of directors; and
5
d. each Inside Director, in his or her capacity as director of the Company, shall not have a DoD personnel security clearance in connection with the Company’s facility security clearance, regardless of his or her citizenship, and he or she shall be formally excluded from access to classified information by resolution of the Company Board.
3.02. Removal of Directors. The Shareholder may remove any director for any reason permitted by the provisions of applicable state law or the Company’s Certificate of Incorporation or bylaws, provided that:
a. the removal of an Outside Director shall not become effective until: (i) that director, the Company, and DSS have been notified; (ii) DSS has provided written notice stating no objection; and (iii) a successor who is qualified to become an Outside Director within the terms of this Agreement has been nominated by the Company and approved by DSS;
b. the Company, through its Facility Security Officer (i.e., FSO), shall provide written notice to DSS of the Shareholder’s intention to remove an Outside Director at least twenty (20) days prior to the proposed removal date, except as noted in Section 3.02.c. below; and
c. notwithstanding the foregoing, if immediate removal of an Outside Director is deemed necessary to prevent the actual or possible violation of any statute or regulation, or actual or possible damage to the Company, the Outside Director may be removed at once, provided that DSS shall be notified in writing prior to or concurrently with such removal.
3.03. Vacancy on the Company Board. In the event of any vacancy on the Company Board, however occurring, the Company shall give prompt notice of such vacancy to the Shareholder and DSS, through its FSO, and such vacancy shall be filled promptly by the Shareholder. In a case of vacancy of an Outside Director position, such vacancy shall not exist for a period of more than ninety (90) days after that Outside Director’s resignation, death, disability or removal unless DSS is notified of the delay.
3.04. Departing Director. Except as provided by this section, the obligation of a director to abide by and enforce this Agreement shall terminate when the director leaves office, but nothing herein shall relieve the departing director of any responsibility that the director may have, pursuant to the laws and regulations of the United States, not to disclose classified information or Export Controlled Information obtained during the course of the director’s service on the Company Board, and such responsibility shall not terminate by virtue of the director leaving office. The Company’s FSO shall advise the departing director of such responsibility when the director leaves office, but the failure of the FSO to so advise the director shall not relieve the director of such responsibility.
ARTICLE IV - Indemnification of Outside Directors
4.01. Obligations of Outside Directors. Each Outside Director, in his or her capacity as a director of the Company, shall vote and act on all matters before the Company Board in accordance with his or her Best Efforts.
6
4.02. Indemnification of Outside Directors. The Company shall indemnify, and the Company and the Shareholder shall hold harmless, each Outside Director from any and all claims arising from, or in any way connected to, his or her performance as a director of the Company under this Agreement, except for his or her own individual gross negligence or willful misconduct. To the extent permitted by law, the Company shall advance fees and costs incurred in connection with the defense of any such claim. The Company may purchase insurance to cover this indemnification.
ARTICLE V- Restrictions Binding on the Company’s Controlled Entities
5.01. Controlled Entities. The Parties agree that the provisions of this Agreement shall apply to, and shall be binding upon, all present and future Controlled Entities. For purposes of this Agreement, the term “Controlled Entities” shall mean those subsidiary corporations (as defined in the NISPOM) and other entities in which the Company owns a controlling interest, either directly or indirectly through the Company’s ownership interest in intermediate entities, as determined by DSS. The Company hereby agrees to undertake any and all measures and provide such authorizations as may be necessary to effectuate this requirement. The sale of, or termination of the Company’s control over, any Controlled Entity shall terminate the applicability to it of the provisions of this Agreement.
5.02. DSS Notification of Newly Formed and Acquired Controlled Entities. If the Company proposes to form a new Controlled Entity, or to acquire a Controlled Entity, it shall give written notice to DSS and shall advise DSS immediately upon consummation of such formation or acquisition.
5.03. Applicability of Agreement to Newly Formed and Acquired Controlled Entities. It shall be a condition of each such formation or acquisition, discussed in Section 5.02 above, that all security measures applicable to the Company as required by this Agreement, including without limitation the security measures described in Articles VII and XI, shall apply to each Controlled Entity immediately upon consummation of such formation or acquisition, and that the Company and the Controlled Entity shall execute a document agreeing that such company shall be bound thereby. A copy of said executed document shall be forwarded to DSS.
5.04. Currently Controlled Entities. A document such as described in Section 5.03 above shall also be executed and submitted to DSS within forty-five (45) days of the execution of this Agreement for each applicable Controlled Entity.
5.05. Third-Party Beneficiaries. Compliance with this Article V shall not confer the benefits of this Agreement on the affected companies. Those companies shall not be entitled to receive a facility security clearance, nor shall they be entitled to access classified information, to perform on classified contracts or to participate in classified programs pursuant to this Agreement, solely by virtue of their legal relationship with the Company or by their execution of the documents referred to in Sections 5.03 and 5.04 above.
7
OPERATION
ARTICLE VI - Operation of this Agreement
6.01. Policies, Practices and Resolutions. The Company shall at all times maintain policies and practices to ensure (A) the safeguarding of classified information and Export Controlled Information entrusted to it, (B) the performance of its classified contracts and its participation in classified programs for the U.S. Government in accordance with the DoD Security Agreement (DD Form 441 or its successor form), and (C) compliance with this Agreement, appropriate contract provisions regarding security, U.S. export control laws and regulations, and the policies duly authorized under the NISPOM. Each Outside Director shall execute for delivery to DSS, upon accepting his or her appointment and thereafter at each annual meeting between the GSC and DSS, a certificate in substantially the form attached hereto as Attachment C.
a. The following additional protections shall be established in the charter documents and/or resolutions of the Company’s Board, and acknowledged by the Shareholder’s Board of Directors, in each case as provided in Sections 6.01.a.1 and 6.01.a.2 below, and shall control the actions of the Parties during the term of this Agreement:
1. Pursuant to a resolution of the Company Board in substantially the form attached hereto as Attachment A, which shall not be repealed or amended without prior approval of DSS, the Company shall exclude the Affiliates and all of their directors, officers, employees, agents and other representatives, from access to classified information and Export Controlled Information entrusted to the Company. The above exclusion shall not, however, preclude the exchange of classified information or Export Controlled Information between the Company and an Affiliate when such exchange is permissible under the NISPOM and applicable U.S. laws and regulations.
2. Pursuant to resolutions of the Shareholder’s Board of Directors substantially in the form attached hereto as Attachment B, which shall not be repealed or amended without prior approval of DSS, the Shareholder shall formally acknowledge and approve the Company’s resolution referred to in Section 6.01.a.1. above, and shall additionally resolve:
(i) to exclude all Affiliates, including itself, and all directors, officers, employees, agents and other representatives of any of them from access to classified information and Export Controlled Information entrusted to the Company, except as expressly permitted pursuant to Section 6.01.a.1. above;
(ii) to grant the Company the independence to safeguard classified information and Export Controlled Information entrusted to it; and
(iii) to refrain from taking any action to control or influence the performance of the Company’s classified contracts or the Company’s participation in classified programs.
8
ARTICLE VII - Government Security Committee
7.01. GSC Established. There must be established a permanent committee of the Company Board, to be known as the “Government Security Committee” (i.e., GSC), consisting of all Outside Directors and Officer Directors, if any. The GSC must cause the Company to maintain policies and procedures to safeguard classified information and Export Controlled Information entrusted to the Company and to ensure that the Company complies with the DoD Security Agreement (DD Form 441 or its successor form), this Agreement, appropriate contract provisions regarding security, U.S. export control laws and regulations, and the NISPOM. The provisions of this Article VII must be set forth in the relevant place within the Company’s charter documents.
7.02. GSC Chairperson. The GSC must designate an Outside Director to serve as Chairperson of the GSC.
7.03. GSC Secretary. The Chairperson of the GSC must designate a member to be the Secretary of the GSC. The Secretary’s responsibilities shall include ensuring that all records, journals and minutes of GSC meetings and other documents sent to or received by the GSC are prepared and retained for inspection by DSS.
7.04. GSC Performance Standards. The members of the GSC must exercise their Best Efforts to ensure the implementation within the Company of all procedures, organizational matters and other aspects pertaining to the security and safeguarding of classified information and Export Controlled Information called for in this Agreement, including the exercise of appropriate oversight and monitoring of the Company’s operations to ensure that the protective measures contained in this Agreement are effectively maintained and implemented.
7.05. Facility Security Officer. An FSO must be appointed by the Company as the principal advisor to the GSC concerning the safeguarding of classified information. The FSO’s responsibilities must also include the operational oversight of the Company’s compliance with the requirements of the NISPOM. The Chairperson of the GSC must provide advice and consent in selecting and retaining the FSO. The Company must therefore provide advanced notice to the Chairperson of the GSC regarding its intention to remove the FSO from his or her position and is not permitted to remove the FSO without the advice and consent of the Chairperson of the GSC.
7.06. Technology Control Officer. With the advice and consent of the Chairperson of the GSC, the Company must appoint a “Technology Control Officer” (i.e., TCO). The TCO must report to the GSC as its principal advisor concerning the protection of Export Controlled Information. The TCO must establish and administer all Company procedures for the prevention of unauthorized disclosure or export of Export Controlled Information and compliance with the requirements of U.S. export control laws and regulations.
9
7.07. Compliance Program. In addition to the general security procedures referenced in Section 7.01, the GSC must cause the Company to implement a detailed FOCI compliance program to include the following:
a. Technology Control Plan. The GSC must cause the Company to develop and implement a “Technology Control Plan” (i.e., TCP), as defined in the NISPOM. The GSC may establish the Company’s policy regarding the TCP. The TCP must prescribe measures to prevent the unauthorized disclosure or export of Export Controlled Information consistent with applicable U.S. laws and regulations.
b. Electronic Communications Plan. The GSC must cause the Company to take necessary action, and maintain oversight to provide assurance to itself and DSS that electronic communications between the Company and its Controlled Entities, on the one hand, and the Affiliates, on the other hand, do not disclose classified information or Export Controlled Information without proper authorization. Accordingly, the GSC must establish written policies and procedures known as an “Electronic Communications Plan” (i.e., ECP). The ECP must also provide assurance that electronic communications are not used by any of the Affiliates to exert influence or control over the Company’s business or management in a manner that could adversely affect the performance of classified contracts. As used in this Agreement, the term “electronic communications” is defined broadly to mean any transfer of information, data, signs, signals, writing, images, sounds, or intelligence of any nature including that transmitted in whole or in part by wire, radio cable, or other like connection, or by electromagnetic, photo-electronic, photo-optical, electronic, mechanical or other device or system. Any such transfer may be oral, written or electronic and includes any intercepted or recorded content however acquired and whether or not intended for the recipient. Electronic communications shall also include the temporary, intermediate storage incidental to the electronic transmission thereof as well as any storage for purposes of backup protection. For clarification, common devices used to transfer electronic communications, as used in this Agreement, include without limitation: telephone (including teleconferences), facsimile, video (including videoconferences), internet (including Voice over Internet Protocol, instant messaging and any other web-based means), and electronic mail. The ECP must include a detailed network configuration diagram that clearly shows all communications networks and facilities used by the Company for the transmission of electronic communications, as defined herein, including without limitation, any computer equipment used for the electronic storage of such communications, and must delineate which networks will be shared and which will be protected from access by any unauthorized person, including without limitation, each of the Affiliates. The ECP must also include network descriptions addressing firewalls, physical and logical access controls, remote administration, monitoring, maintenance, retention, and the electrical and physical separation of systems and servers, as appropriate.
c. Affiliated Operations Plan. The GSC must establish and maintain oversight over the Company’s Affiliated Operations Plan (i.e., AOP), a template of which is available from DSS. The AOP is the Company’s consolidated policies and procedures, signed by the Chairperson of the GSC, regarding the control of Affiliated Operations among the Company (or any of its Controlled Entities) and any of the Affiliates. The purpose of the AOP is to provide the GSC with an understanding of how the Company is organized, structured and financed so as to be capable of operating as a viable business entity independent from the Affiliates. The Company is not permitted to engage in Affiliated Operations that are not duly authorized and must follow the terms of the approved AOP. As used herein, “Affiliated Operations” means cooperative endeavors, regardless of whether such endeavors are administrative, operational or commercial, performed directly or through third-party service providers, all of which are more specifically categorized and described below. In the Company’s Annual Compliance Report
10
described in Article 9, the GSC must certify the effective execution the terms of the Affiliated Operations as described in the AOP and that the Affiliated Operations do not circumvent the requirements of this Agreement. The Company, through its FSO, must update the AOP as necessary and submit the same to DSS for review. Specific approval responsibilities and requirements are as follows:
1. Shared Employees. Shared employees are a category of Affiliated Operations where (i) Affiliate personnel are assigned to work, in whole or in part, in support or on behalf of the Company or any Controlled Entity, whether or not performance is governed by the terms of a relevant agreement among the affiliated companies or (ii) persons employed by the Company (or any Controlled Entity) are assigned to work, in whole or in part, in support or on behalf of any Affiliate, whether or not performance is governed by the terms of relevant agreement among the affiliated companies. Shared employees are not permitted prior to DSS approval of a corresponding AOP.
2. Shared Third-Party Services. Shared third-party services are a category of Affiliated Operations where, to the knowledge of the Company, a service (e.g., a professional service such as accounting, legal, tax, information technology, or business consulting) will be provided by a third party service provider to both the Company (or any of its Controlled Entities) and any Affiliate. Subject to DSS review, approval by a majority of the GSC is sufficient to authorize a third party shared service if it does not involve a conflict of interest and will not adversely affect the Company’s ability to comply with this Agreement. In addition, the GSC must include a description of the third party shared services approved in this manner in the Company’s AOP within ten (10) days of its decision and provide the same to DSS. DSS, in its sole discretion, may require the GSC to rescind any approval made under this paragraph if DSS determines that a conflict of interest or adverse effect on the Company’s ability to comply with the security measures required by this Agreement is reasonably likely and insufficiently mitigated. DSS review under this paragraph will normally consider separate engagement letters, separate projects and the like as mitigating factors.
3. Commercial Arrangements. “Commercial Arrangements” are a category of Affiliated Operations that includes commercially arm’s length transactions in the form of contracts and subcontracts, joint research, development, marketing or other type of teaming arrangement between the Company (or any Controlled Entity) and any Affiliate. Prior to any Commercial Arrangements, the GSC must approve the Commercial Arrangements by majority vote. In addition, the GSC must include a description of the Commercial Arrangements approved in this manner in the Company’s AOP within ten (10) days of its decision and provide the same to DSS.
4. Other Shared Services and Products. The term Affiliated Operations also includes products or services provided other than in a Commercial Arrangement (i.e., below arm’s length cost) by an Affiliate to the Company (or any of its Controlled Entities) or by the Company (or any of its Controlled Entities) to any Affiliate. Other shared services and products are not permitted prior to DSS approval of a corresponding AOP.
11
5. Affiliate Technology. Anytime the Company (or any of its Controlled Entities) will use technology products or services of an Affiliate in performance on contracts requiring access to classified information, the Company’s management shall notify each applicable Government Contracting Activity (i.e., GCA), as that term is defined in the NISPOM, regarding the applicable technology products or services provided under the contract. The Company must include this notification as an addendum to the AOP. In the event that a GCA elects to not receive such notification, the Company must include the GCA’s written statement opting out of notification as an addendum to the AOP.
d. Facility Location Plan. The Company must not permit its facilities and personnel to be collocated with the facilities and personnel of the Affiliates. The Company must seek prior written DSS approval of a Facility Location Plan, which means a description of the location of each of the facilities of the Company and closely located Affiliate facilities. Where DSS determines appropriate, DSS shall request and the Company shall provide maps and floor plans showing where employees occupy space in each facility. DSS approval of the Company’s plan shall not be determined solely on the physical proximity of the facilities. DSS may approve a plan involving facilities that are closely located. It shall be a reasonable expectation of the Parties that any DSS review under this paragraph will be primarily concerned with physical proximity that, in DSS’s sole determination, is likely to degrade the Company’s ability to comply with the security measures required by this Agreement.
7.08. Closed Sessions. Discussions of classified information and Export Controlled Information by the GSC must be held in closed sessions and in accordance with applicable security requirements related to the classification level of the information discussed. Minutes of such meetings shall be recorded and safeguarded in accordance with applicable information security requirements and made available only to such authorized individuals as are so designated by the GSC.
7.09. DSS Briefings. Upon taking office, the GSC members, the FSO and the TCO must be available for briefing by a DSS representative on their responsibilities under the NISPOM, U.S. export control laws and regulations and this Agreement.
7.10. GSC, FSO and TCO Obligations and Certification.
a. Obligations. Each member of the GSC, the FSO and the TCO must exercise his or her Best Efforts to ensure that all provisions of this Agreement are carried out; that the Company’s directors, officers, employees, representatives and agents comply with the provisions of this Agreement; and that DSS is advised of any known violation of, or known attempt to violate, any provision of this Agreement, contract provisions regarding security, U.S. export control laws and regulations, and the NISPOM.
b. Certifications. Each member of the GSC must execute for delivery to DSS, upon accepting his or her appointment and thereafter at each annual meeting between the GSC and DSS, as established by this Agreement, a certificate in substantially the form attached hereto as Attachment D acknowledging: (1) the protective security measures taken by the Company to implement this Agreement; and (2) that the U.S. Government has placed its reliance on him or her as a U.S. citizen and as the holder of a personnel security clearance to exercise his or her Best Efforts to ensure compliance with the terms of this Agreement and the NISPOM. Each member of the GSC must further acknowledge his or her agreement to be bound by and to accept his or her responsibilities under this Agreement.
12
7.11. Cleared Officer Obligations and Certification. Pursuant to NISPOM § 2-104, DSS may require persons occupying official positions at the Company to be granted personnel security clearances or be excluded from classified access. The GSC shall require that each such officer of the Company with a personnel security clearance exercise his or her Best Efforts to ensure that the terms and conditions of this Agreement are complied with by the Parties and, upon the Effective Date and annually thereafter, that each such officer execute a certificate for delivery to DSS: (a) acknowledging the protective security measures taken by the Company to implement this Agreement; and (b) acknowledging that the U.S. Government has placed its reliance on him or her as a resident U.S. citizen, and as a holder of a personnel security clearance, to exercise his or her Best Efforts to ensure compliance with the terms and conditions of this Agreement by the Parties.
7.12. Inside Director Obligations and Certification.
a. Prior to the Effective Date and on each anniversary of the Effective Date, the GSC must require each Inside Director to execute and submit to DSS, a certificate substantially in the form attached hereto as Attachment E regarding his or her qualifications and responsibilities associated with this Agreement.
b. The GSC must oversee each Inside Director’s compliance with the obligations described in Section 7.12.a. above.
ARTICLE VIII - Compensation Committee
8.01. The Company shall establish a permanent committee of the Company Board, consisting of at least one Outside Director and one Inside Director, if any, to be known as the “Compensation Committee”. The Compensation Committee shall be responsible for reviewing the annual compensation of the Company Principals and making recommendations to the Company Board for approval unless such approval authority has been otherwise delegated to the Compensation Committee. For purposes of this Agreement, the term “Company Principals” means those persons who, pursuant to Section 2-104 of the NISPOM, must be granted personnel security clearances or be excluded from classified access pursuant to Section 2-106 of the NISPOM, and at a minimum, will include each director and each incumbent officer occupying an office expressly authorized in the Company’s charter documents and any other person identified by the Company’s Government Security Committee (see Article VII above), whose determination shall be subject to review and approval of DSS as a person occupying a position that would enable him or her to adversely affect the Company’s policies or practices in the performance of classified contracts.
13
ARTICLE IX - Annual Review and Certification
9.01. Annual Meeting. Representatives of DSS, the Company’s Board, the Company’s Chief Executive and Chief Financial Officers, the FSO, and the TCO shall meet annually to review the purpose and effectiveness of this Agreement and to establish a common understanding of its operating requirements and how they are being implemented. These meetings shall include a discussion of the following:
a. whether this Agreement is working in a satisfactory manner;
b. acts of compliance or noncompliance with this Agreement, the National Industrial Security Program, and other applicable U.S. laws and regulations;
c. necessary guidance or assistance regarding problems or impediments associated with the practical application or utility of this Agreement; and
d. whether security controls, practices or procedures warrant adjustment.
9.02. Annual Report. The CEO and the Chairperson of the GSC shall submit to DSS one year from the Effective Date of the Agreement and annually thereafter an implementation and compliance report (“Annual Compliance Report”), which shall be executed by all members of the GSC. Such report shall include the following information:
a. a detailed description of the manner in which the Company is carrying out its obligations under this Agreement;
b. a detailed description of any changes to security procedures, implemented or proposed, and the reasons for those changes;
c. a detailed description of any acts of noncompliance, whether inadvertent or intentional, with a discussion of what steps were taken to prevent such or similar acts from occurring again in the future;
d. a description of any changes or impending changes to any of the Company’s key management personnel, including the reasons for such changes;
e. a statement, as appropriate, that a review of the records concerning all Visits and communications between representatives of the Company and the Affiliates has been accomplished and the records are in order;
f. a detailed chronological summary of all transfers of classified information or Export Controlled Information, if any, from the Company to the Affiliates, accompanied by an explanation of the U.S. Government authorization relied upon to effect such transfers. Copies of approved export licenses covering the reporting period shall be made available upon request; and
g. a discussion of any other issues that could have a bearing on the effectiveness or implementation of this Agreement, including without limitation:
i. Any action by the Affiliates to direct or decide matters affecting the management or operations of the Company in a manner that may result in unauthorized access to classified information, adversely affect the performance of contracts pursuant to which access to classified information may be required, or otherwise undermine the U.S. national interest due to unauthorized access to classified or export-controlled critical U.S. technology, and
14
ii. The identity of all foreign owner/members of the Company, if any, and the corresponding type and number of those shares (to be attached to the Annual Compliance Report as Schedule 1); and
iii. The identity of all foreign creditors of the Company, if any, and the corresponding details of the debt held by those creditors (to be attached to the Annual Compliance Report as Schedule 2); and
iv. The identity of all significant foreign sources of income (to be attached to the Annual Compliance Report as Schedule 3).
9.03. Each of the persons and entities listed in Schedules 1, 2 and 3, as referenced in Section 9.02.g. above, including each of their employees, officers, directors, representatives and agents, shall not require, shall not have, and shall be effectively excluded from unauthorized access to all classified and Export Controlled Information entrusted to or held in the custody of Company, and neither shall such persons and entities, including each of their employees, officers, directors, representatives and agents, be permitted to occupy any positions that would enable them to adversely affect the policies and practices of Company in its performance on classified contracts.
ARTICLE X - Duty to Report Violations of this Agreement
10.01. The Parties to this Agreement, except DoD, agree to report promptly to DSS all instances in which the terms and obligations of this Agreement may have been violated.
CONTACTS AND VISITS
ARTICLE XI - Visitation Policy
11.01. Visit Requests. The Chairperson of the GSC shall designate at least one Outside Director, who shall have authority to review, approve, and disapprove requests for Visits to the Company by all personnel who represent any of the Affiliates (except for any Company personnel who hold DSS-approved interlocking positions with the Affiliate, and other than as contemplated in Section 2.01(j)), including all the directors, officers, employees, representatives, and agents of any of them. As used in this Agreement, the term “Visits” includes meetings at any location within or outside the United States, including, but not limited to, any facility owned or operated by the Company (and its Controlled Entities) or any of the Affiliates, and at the discretion of the GSC, may also include certain videoconferences and teleconferences. The designated Outside Director shall also have authority to review, approve, and disapprove requests for proposed Visits to any of the Affiliates by all personnel who represent the Company (including all of its directors, officers, employees, representatives, and agents, except for each Inside Director, if any, who is deemed to represent the Affiliates for purposes of this Agreement), as well as Visits between or among such personnel at other locations. Each visit by
15
an Inside Director, if any, must be approved by the designated Outside Director, unless the visit is to attend Company Board meetings or Company Board committee meetings. A record of all visit requests, including the decisions to approve or disapprove, and information regarding consummated Visits, such as the date, place, personnel involved, and summary of material discussions or communications, shall be maintained by the designated Outside Director and shall be periodically reviewed by the GSC and DSS.
11.02. Approval of Visit Requests. Except for certain Routine Business Visits, as defined in Section 11.05 below, all Visits must be approved in advance by one of the Outside Directors designated by the GSC Chairperson to act on such matters. All requests for Visits shall be submitted or communicated to the FSO for routing to the designated Outside Director. Although strictly social Visits at other locations between Company and Affiliate personnel are not prohibited, written reports of such Visits must be submitted after the fact to the FSO for filing with, and review by, the designated Outside Director and the GSC. Visits that exceed 30 consecutive business days or that cumulatively exceed 200 days in a single year shall also require DSS approval.
11.03. Procedure for Approval of Visit Requests. A written request for approval of a visit must be submitted to the FSO prior to the date of the proposed visit. The GSC will establish in the Company’s visitation procedures reasonable standards for the Company in connection with the lead times required for requests and notifications required under this section. If a written request cannot be accomplished within the GSC approved timeframe because of an unforeseen exigency, the request may be promptly communicated to the FSO and immediately confirmed in writing; however, the FSO may refuse to accept any request submitted with less than the required advance notice if the FSO determines that there is insufficient time to consider the request. The GSC shall determine what constitutes an unforeseen exigency for these purposes. The exact purpose and justification for the visit must be set forth in detail sufficient to enable one of the designated Outside Directors to make an informed decision concerning the proposed visit, and the FSO may refuse to accept any request that the FSO believes lacks sufficient information. Each proposed visit must be individually justified and a separate approval request must be submitted for each.
11.04. The FSO shall advise one of the designated Outside Directors of a request for approval of a visit (other than a bona fide request for a Routine Business Visit, defined below) as soon as practicable after receipt of the written request. The designated Outside Director shall evaluate the request as soon as practicable after receiving it and may approve or disapprove the request, or disapprove the request pending submission of additional information by the requester. The Outside Director’s decision shall be communicated to the requester by any means, but it shall be confirmed in writing, when practicable, at least one day prior to the date of the proposed visit, but in no event later than six (6) calendar days after its receipt by the FSO. A chronological file of all documentation associated with meetings, visitations, and communications (e.g., contact reports), together with records of approvals and disapprovals, shall be maintained by the FSO for inspection by DSS. During each GSC meeting, the Outside Directors shall review such documentation filed since the last meeting to ensure adherence to approved procedures by the requesters and the designated Outside Director and to verify that sufficient and proper justification has been furnished for approved Visits.
16
11.05. Routine Business Visits.
a. Routine Business Visits, as defined in Section 11.05.b. below, may be approved by the FSO, in the FSO’s discretion, without advance approval by one of the designated Outside Directors. Requests for Routine Business Visits must be submitted in writing and in advance to the FSO, and shall state the basis upon which the requester deems the visit to be a Routine Business Visit. Such requests must include sufficient information to enable the FSO to make an informed decision concerning the proposed visit. The FSO, in the FSO’s discretion, may refuse to accept any request that the FSO believes lacks sufficient information and may refer any request to the designated Outside Director for evaluation, notwithstanding its designation as a Routine Business Visit request. Any request that the FSO believes is not properly characterized as a Routine Business Visit shall be referred to the designated Outside Director, who shall evaluate the request in accordance with the terms of this Agreement.
b. “Routine Business Visits” are those that pertain only to the commercial aspects of the Company’s and its Controlled Entities’ business, are made in connection with the regular day-to-day business operations of the Company and its Controlled Entities, and do not involve Company Principals, senior officials of the Affiliates, the transfer or receipt of classified information or Export Controlled Information or activities bearing upon the Company’s or its Controlled Entities’ performance of classified contracts. Routine Business Visits may include:
(i) Visits for the purpose of discussing or reviewing such commercial subjects as the following: company performance versus plans or budgets; inventory; accounts receivable; accounting and financial controls; and implementation of business plans and technical development programs;
(ii) Visits of the kind made by commercial suppliers regarding the solicitation of orders, the quotation of prices, or the provision of products and services on a commercial basis;
(iii) Visits concerning fiscal, financial, or legal matters necessary for compliance with the requirements of any foreign or domestic governmental authority responsible for regulating or administering the public issuance of, or transactions involving, stocks and securities; and
(iv) Visits concerning marketing and technical activities relating to the import or export of products necessary for compliance with the regulations of U.S. departments or agencies, including but not limited to the Departments of Defense, Commerce, State, and Treasury.
11.06. Special Provision Concerning Controlled Entities. Anything foregoing to the contrary notwithstanding, the notice and approval of visitation restrictions contemplated in this Agreement shall not apply to Visits between personnel of the Company and personnel of the Controlled Entities. However, Visits between the Controlled Entities and any Affiliate shall be subject to the visitation approval procedures set forth herein.
17
11.07. Discretion to Alter Notice or Approval Requirements. Notwithstanding the above, the GSC, in its reasonable business discretion and consistent with its obligation to safeguard classified information and Export Controlled Information in the Company’s possession, may with the approval of DSS:
a. designate specific categories of visit requests other than those enumerated above as Routine Business Visits not requiring the advance approval of the designated Outside Director; or
b. determine that, due to extraordinary circumstances involving the security of classified information and/or Export Controlled Information, certain types of Visits that might otherwise be considered Routine Business Visits under the terms of this Agreement are to be allowed only with the advance approval of the designated Outside Director.
11.08. Quarterly GSC Meetings. The Chairperson of the GSC shall provide, to the extent authorized by this Agreement, for regular quarterly meetings of the GSC. At the discretion of the GSC, representatives of the Affiliates and the Company’s management personnel may be invited to attend.
11.09. Maintenance of Records for DSS Review. A chronological file of all visit requests, reports of Visits, and contact reports, together with appropriate approvals or disapprovals pursuant to this Agreement shall be maintained by the GSC for review by DSS.
REMEDIES
ARTICLE XII - DoD Remedies
12.01. Reservation of Rights. The DoD reserves the right to impose any security safeguard not expressly contained in this Agreement that the DoD believes is necessary to ensure that the Affiliates are denied unauthorized access to classified information and Export Controlled Information (e.g., failure to timely deliver an acceptable FOCI compliance program described in Section 7.07 may result in the immediate invalidation of each applicable facility security clearance).
12.02. Authority of Agencies of the U.S. Government. Nothing contained in this Agreement shall limit or affect the authority of the head of a U.S. Government agency (as defined at 5 U.S.C. § 552(f)) to deny, limit or revoke the Company’s access to classified information and Export Controlled Information under its jurisdiction if the national security of the United States requires such action.
12.03. Remedies for Material Breach. The Parties hereby assent and agree that the U.S. Government has the right, obligation and authority to impose any or all of the following remedies in the event of a material breach of any term of this Agreement:
a. the novation of the Company’s or its Controlled Entities’ classified contracts to another contractor. The costs of which shall be borne by the Company;
18
b. the termination of any classified contracts being performed by the Company and the denial of new classified contracts for the Company;
c. the revocation of the Company’s facility security clearance;
d. the suspension or debarment of the Company from participation in all Federal government contracts in accordance with the provisions of the Federal Acquisition Regulations; or
e. the suspension or restriction of any or all visitation privileges.
12.04. Criminal Sanctions. Nothing in this Agreement limits the right of the U.S. Government to pursue criminal sanctions against the Company, any Affiliate, or any director, officer, employee, representative, or agent of any of these companies, for violations of the criminal laws of the United States in connection with their performance of any of the obligations imposed by this Agreement, including but not limited to, any violations of 18 U.S.C. § 287 or 18 U.S.C. § 1001.
ADMINISTRATION
ARTICLE XIII - Notices
13.01. All notices required or permitted to be given to the Parties shall be given by mailing the same in a sealed postpaid envelope, via registered or certified mail (return receipt requested), or by sending the same by courier or facsimile (but if by facsimile, confirmed by mail), addressed as shown below, or to such other addressees as the Parties may designate from time to time pursuant to this Section:
For the Company: | SSL MDA Holdings, Inc. Xxx Xxxxxx Xxxxx, Xxxxx Xxxxx, Xxxxx 0000 Xxx Xxxxxxxxx, Xxxxxxxxxx 00000 | |
For the Shareholder: | XxxXxxxxx Xxxxxxxxx and Associates Ltd. Xxx Xxxxxxxxxxx Xxxxxx, Xxxxx 000 Xxx Xxxxxxxxx, Xxxxxxxxxx 00000 | |
For DSS: | Defense Security Service Director, Industrial Policy and Programs 00000 Xxxxxxxxx Xx. Xxxxxxxx, XX 00000 |
ARTICLE XIV - Inconsistencies with Other Documents or Agreements
14.01. In the event that any resolution, regulation or bylaw of any of the Parties to this Agreement is found to be inconsistent with any provision hereof, the terms of this Agreement shall control. This Agreement embodies the entire understanding of the Parties with respect to the subject matter hereof and supersedes all prior negotiations, understandings and agreements among them with respect to the subject matter hereof, whether written, oral, or implied.
19
ARTICLE XV - Governing Law; Construction
15.01. Governing Law. This Agreement shall be implemented so as to comply with all applicable U.S. laws and regulations. To the extent consistent with the rights of the United States and not in conflict with this Agreement or applicable securities statutes and regulations, the laws of the State of Delaware, regardless of the principles of conflicts of laws thereof, shall apply to questions concerning the rights, powers, and duties of the Company and the Affiliates under, or by virtue of, this Agreement.
15.02. Construction. In all instances consistent with the context, nouns and pronouns of any gender shall be construed to include the other gender.
15.03 Headings. The headings contained in this Agreement are for reference purposes only and do not in any way affect the meaning or interpretation of the provisions hereof.
TERMINATION
ARTICLE XVI - Termination, Amendment and Interpretations of this Agreement
16.01. This Agreement may only be terminated by DSS as follows:
a. in the event of the sale of the Company or all its Shares to a company or person not under FOCI;
b. when DSS determines that existence of this Agreement is no longer necessary to maintain a facility security clearance for the Company;
c. when DSS determines that continuation of a facility security clearance for the Company is no longer necessary;
d. when DoD determines that there has been a material breach of this Agreement (including failure to timely deliver an acceptable FOCI compliance program described in Section 7.07) or when DoD otherwise determines that termination is in the national interest;
e. when the Shareholder and the Company for any reason and at any time, petition DSS to terminate this Agreement. However, DSS has the right to receive full disclosure of the reason(s) therefor, and has the right to determine, in its sole discretion, whether such petition should be granted; or
f. for any reason upon or following the date that is five (5) years from the effective date of this Agreement.
20
16.02. Expiration. After five (5) years from the Effective Date of this Agreement, if this Agreement is not otherwise terminated pursuant to Section 16.01 above, this Agreement shall continue in successive thirty (30) day periods until such time as the Parties execute a revised, restated or alternative agreement effectively mitigating FOCI at the Company. The Shareholder and the Company jointly shall notify DSS no later than ninety (90) days prior to the running of the five (5) year term with a proposed revised, restated or alternative agreement and shall include with such proposal a detailed description of the FOCI. The Parties agree to negotiate a revised, restated or alternative agreement in conformance with U.S. Government industrial security policy in good faith and to use Best Efforts to execute such agreement expeditiously.
16.03. Notice of Termination. If DoD determines that this Agreement should be terminated for any reason, DSS shall provide the Company and the Shareholder with thirty (30) days written advance notice of its intent and the reasons therefor.
16.04. Reasons for Continuation or Discontinuation of Agreement. Except as provided in Sections 16.01 and 16.02 above, DoD is expressly prohibited from causing a continuation or discontinuation of this Agreement for any reason other than the national security of the United States.
16.05. Amendments. This Agreement may be amended by an agreement in writing executed by all the Parties.
16.06. Questions Concerning Interpretation or Permissibility of Activities. The Parties agree that any questions concerning the interpretation of this Agreement, or whether a proposed activity is permitted hereunder, shall be referred to DSS, and DoD shall serve as the final decision-maker of such matters.
ARTICLE XVII - Place of Filing
17.01. Filing and Availability for Inspection of Agreement. Until the termination of this Agreement, one original counterpart shall be filed at the principal office of the Company, located in San Francisco, California, and such counterpart shall be open to the inspection of the Shareholder during normal business hours.
EXECUTION
This Agreement may be executed in several counterparts, each of which shall be deemed to be an original, and all of such counterparts shall together constitute but one and the same instrument.
[SIGNATURES ON NEXT PAGES]
21
IN WITNESS WHEREOF, the Parties hereto have duly executed this Agreement, which shall not become effective until duly executed by the DoD.
/s/ Xxxxxxxx Xxxx | By: | /s/ Xxxxxx X. Xxxxx | ||||||
Signature of Witness | Name: | Xxxxxx X. Xxxxx | ||||||
Title: | Chief Executive Officer, President | |||||||
FOR SSL MDA HOLDINGS, INC. | ||||||||
/s/ Xxxxxxxx Xxxx | By: | /s/ Xxxxxx X. Xxxxx | ||||||
Signature of Witness | Name: | Xxxxxx X. Xxxxx | ||||||
Title: | Chief Executive Officer, President | |||||||
FOR XXXXXXXXX, XXXXXXXXX AND ASSOCIATES LTD. | ||||||||
Effective Date: 1/26/17 | By: | /s/ Xxxx X. Xxxxxxx, III | ||||||
Xxxx X. Xxxxxxx, III | ||||||||
Director, Industrial Policy and Programs Defense Security Service | ||||||||
FOR THE DEPARTMENT OF DEFENSE ATTACHMENTS |
A. | Resolutions of the Company Establishing Security Procedures and Authorizing Security Control Agreement |
B. | Resolutions Excluding Shareholder From Access to Classified Information and Authorizing Security Control Agreement |
C. | Outside Director Certificate |
D. | Government Security Committee Member Certificate |
E. | Inside Director Certificate |
22
ATTACHMENT A
[SAMPLE]
RESOLUTIONS OF THE BOARD OF DIRECTORS OF
AND SSL MDA HOLDINGS, INC.
RESOLUTION ESTABLISHING SECURITY PROCEDURES AND
WHEREAS, XxxXxxxxx, Xxxxxxxxx and Associates Ltd., a publicly traded British Columbia corporation headquartered in the United States (the “Shareholder”); and SSL MDA Holdings, Inc., a Delaware corporation (the “Company”) desire to enter into the attached Security Control Agreement (the “Agreement”) with the U.S. Department of Defense (i.e., DoD); and
WHEREAS, capitalized terms used herein and not otherwise defined will have their respective meanings set forth in the Agreement; and
WHEREAS, pursuant to the Agreement, the Company must take certain protective measures implementing its obligations under: (i) the DoD Security Agreement (DD Form 441 or its successor form); (ii) the Agreement; (iii) other U.S. Government contract provisions regarding security; (iv) U.S. export control laws and regulations, and (v) the National Industrial Security Program Operating Manual (i.e., NISPOM), and such measures include without limitation a revision to the Company’s bylaws to establish a Compensation Committee and another permanent committee of the Company Board consisting of all the Outside Directors and Officer Directors, if any, to be known as the Government Security Committee (i.e., GSC).
NOW, THEREFORE, BE IT RESOLVED that:
1. To the best of its ability, the Company shall ensure that each of the Affiliates, as that term is defined in the Agreement, including but not limited to the Shareholder, (i) will refrain from taking any action to direct or decide matters affecting the management or operations of the Company in a manner that may result in unauthorized access to classified information, adversely affect the performance of contracts pursuant to which access to classified information may be required, or otherwise undermine the U.S. national interest due to unauthorized access to classified or export-controlled critical U.S. technology, and accordingly (ii) will not require, will not have, and can be effectively excluded from unauthorized access to all classified information and Export Controlled Information entrusted to or held in the custody of the Company and, neither will any Affiliate be permitted to occupy any positions that would enable them to exercise a level of foreign ownership, control or influence contrary to the Agreement with respect to the policies and practices of the Company in its performance on contracts pursuant to which access to classified information may be required.
23
2. The identity of all foreign owner/members of the Company, if any, and the corresponding type and number of those shares is attached hereto as Schedule 1 and hereby acknowledged by the Company’s Board of Directors; and
3. The identity of all foreign creditors of the Company, if any, and the corresponding details of the debt held by those creditors is attached hereto as Schedule 2 and hereby acknowledged by the Company’s Board of Directors; and
4. The identity of all significant foreign sources of income is attached hereto as Schedule 3 and hereby acknowledged by the Company Board.
5. Each of the persons and entities listed in Schedules 1, 2 and 3 attached hereto, including each of their employees, officers, directors, representatives and agents, shall not require, shall not have, and shall be effectively excluded from unauthorized access to all classified and Export Controlled Information entrusted to or held in the custody of Company, and neither shall such persons and entities, including each of their employees, officers, directors, representatives and agents, be permitted to occupy any positions that would enable them to adversely affect the policies and practices of Company in its performance on classified contracts
6. A copy of this resolution will be provided to all present and future board members and principal officers at least once per year and the substance of this resolution will be brought to the attention of all cleared employees at least once per year by publication in a written security procedure or equivalent document, and a report will be made in the Company’s official records regarding the completion of this distribution in accordance with NISPOM requirements.
RESOLVED FURTHER that:
1. The Company will at all times maintain policies and practices that ensure the safeguarding of classified information and the performing of classified contracts and programs for the U.S. Government in accordance with: (i) the DoD Security Agreement (DD Form 441 or its successor form); (ii) the Agreement; (iii) other U.S. Government contract provisions regarding security; (iv) U.S. export control laws and regulations; and (v) the NISPOM.
2. The bylaws of the Company are revised as necessary to establish a permanent committee of the Company Board consisting of all the Outside Directors and Officer Directors, if any, to be known as the Government Security Committee or GSC.
3. The GSC will ensure that the Company maintains policies and practices that ensure the safeguarding of classified information and the performing of classified contracts and programs for the U.S Government in accordance with: (i) the DoD Security Agreement (DD Form 441 or its successor form); (ii) the Agreement; (iii) other U.S. Government contract provisions regarding security; (iv) U.S. export control laws and regulations; and (v) the NISPOM.
4. The GSC will be responsible for the implementation of the Agreement within the Company, including the exercise of appropriate oversight and monitoring of the Company operations to ensure that the protective measures contained in the Agreement are implemented effectively and maintained throughout the duration of the Agreement.
24
5. The members of the GSC will be cleared to the level of the facility security clearance of the Company.
6. One of the Outside Directors will be designated as Chairman of the GSC.
7. At least one of the Outside Directors will attend all Company Board meetings and Company Board committee meetings in order for there to be a quorum.
8. One of the Company officers on the GSC will be designated by the GSC to ensure that all records, journals, and minutes of the GSC meetings or other communications of the GSC are maintained and readily available for DSS inspection.
9. Discussions of classified information and Export Controlled Information by the GSC must be held in closed sessions and in accordance with applicable security requirements related to the classification level of the information discussed. Minutes of such meetings shall be recorded and safeguarded in accordance with applicable information security requirements and made available only to such authorized individuals as are so designated by the GSC.
10. Upon taking office, the GSC members will be made available for briefing by a DSS representative on their responsibilities under the NISPOM, U.S. export control laws and regulations and the Agreement.
11. Each member of the GSC, upon accepting such appointment and annually thereafter, will provide a certificate, in the form attached the Agreement as Attachment D.
12. A report by the GSC as to the implementation of and compliance with the Agreement will be delivered annually to DSS in accordance with Section 9.02 of the Agreement.
RESOLVED FURTHER that the Chief Executive Officer of the Company is hereby authorized to execute and deliver the Agreement, and that, upon such execution and delivery, the Agreement will be the legal obligation of the Company.
RESOLVED FURTHER that the appropriate officer or officers of the Company be and hereby are authorized to take such other actions as may be necessary to implement the provisions thereof.
25
ATTACHMENT B
[SAMPLE]
RESOLUTIONS OF THE BOARD OF DIRECTORS OF
XXXXXXXXX, XXXXXXXXX AND ASSOCIATES LTD.
RESOLUTION EXCLUDING XXXXXXXXX, XXXXXXXXX AND ASSOCIATES LTD.
FROM ACCESS TO CLASSIFIED INFORMATION AND
WHEREAS, XxxXxxxxx, Xxxxxxxxx and Associates Ltd., a publicly traded British Columbia corporation headquartered in the United States (the “Shareholder”); and SSL MDA Holdings, Inc., a Delaware corporation (the “Company”) desire to enter into the attached Security Control Agreement (the “Agreement”) with the U.S. Department of Defense (i.e., DoD); and
WHEREAS, capitalized terms used herein and not otherwise defined will have their respective meanings set forth in the Agreement; and
WHEREAS, one of the requirements of the Agreement for the issuance of an unrestricted facility security clearance to the Company is the adoption by the Board of Directors of Foreign Shareholder of a resolution, which cannot be amended without notification to DoD, that excludes the members of its Board of Directors and its officers, employees, representatives, and agents from access to classified information in the possession of the Company;
NOW, THEREFORE, BE IT RESOLVED that in accordance with and subject to the terms of the Agreement:
1. Shareholder and its directors, employees, representatives, and agents, as such, will be excluded from unauthorized access to all classified information and Export Controlled Information in the possession of the Company.
2. Shareholder, as the sole owner of the Company, hereby grants to the Company the independence to safeguard classified information in the Company’s possession and agrees that it will refrain from taking any action to direct or decide matters affecting the management or operations of the Company in a manner that may result in unauthorized access to classified information or Export Controlled Information, adversely affect the performance of contracts pursuant to which access to classified information or Export Controlled Information may be required, or otherwise undermine the U.S. national interest due to unauthorized access to classified or export-controlled critical U.S. technology.
26
RESOLVED FURTHER that Article VII of the Agreement as it relates to the Government Security Committee (“GSC”) and the resolution of the Company Board, adopted by unanimous approval of the Company Board on October 28, 2016, as it relates to the GSC, be and said terms of the Agreement and the resolution hereby are, incorporated into by reference and made a part of the bylaws of the Company.
RESOLVED FURTHER that the action of the Chief Executive Officer of the Shareholder, in executing and delivering the Agreement, be and hereby is ratified and affirmed and that the appropriate officer or officers of Shareholder be and hereby are authorized to take such other actions as may be necessary to implement the provisions thereof.
ATTACHMENT C
[SAMPLE]
OUTSIDE DIRECTOR CERTIFICATE
WHEREAS, XxxXxxxxx, Xxxxxxxxx and Associates Ltd., a publicly traded British Columbia corporation headquartered in the United States (the “Shareholder”); and SSL MDA Holdings, Inc., a Delaware corporation (the “Company”) desire to enter into the attached Security Control Agreement (the “Agreement”) with the U.S. Department of Defense (i.e., DoD); and
WHEREAS, pursuant to the provisions of the proposed Agreement under which I will be an Outside Director, I am providing the assurances herein; and
WHEREAS, capitalized terms used herein and not otherwise defined will have their respective meanings set forth in the Agreement;
NOW, THEREFORE, I, the undersigned, SOLEMNLY AFFIRM THAT:
1. Qualifications. I meet the qualifications described in Section 2-305 of the National Industrial Security Program Operating Manual (“NISPOM”) and will maintain such status in each of these respects while serving as an Outside Director for the Company.
2. Knowledge of Duties. I fully understand the functions and the responsibilities of an Outside Director of the Company, and I am willing to accept those responsibilities.
3. Reliance. I acknowledge that the U.S. Government has placed its reliance on me as a U.S. citizen and as a holder of a personnel security clearance to exercise Best Efforts to ensure that the Company’s directors, officers, employees, representatives and agents comply with the provisions of the Agreement and that DSS is advised of any suspicious contact and each event of loss, compromise, suspected compromise or attack on the Company’s assets including each such suspicious contact and event involving classified or export-controlled information entrusted to the Company, and, any other violation of, or attempt to violate: (a) the DoD Security Agreement
27
(DD Form 441 or its successor form); (b) the Agreement; (c) other U.S. Government contract provisions regarding security; (iv) U.S. export control laws and regulations; or (v) the NISPOM.
By: | ||
Name: |
||
Date: |
28
ATTACHMENT D
[SAMPLE]
GOVERNMENT SECURITY COMMITTEE MEMBER CERTIFICATE
WHEREAS, XxxXxxxxx, Xxxxxxxxx and Associates Ltd., a publicly traded British Columbia corporation headquartered in the United States (the “Shareholder”); and SSL MDA Holdings, Inc., a Delaware corporation (the “Company”) desire to enter into the attached Security Control Agreement (the “Agreement”) with the U.S. Department of Defense (i.e., DoD); and
WHEREAS, pursuant to the provisions of the proposed Agreement under which I will be a member of the Government Security Committee, I am providing the assurances herein; and
WHEREAS, capitalized terms used herein and not otherwise defined will have their respective meanings set forth in the Agreement;
NOW, THEREFORE, I, the undersigned, by execution of this Certificate, acknowledge that:
1. Through board resolutions dated [INSERT DATE], the Company has taken protective security measures to implement the Agreement.
2. The U.S. Government has placed its reliance on me as a U.S. citizen and as a holder of a personnel security clearance (i.e., PCL) to use Best Efforts to ensure that the Company’s directors, officers, employees, representatives and agents comply with the provisions of the Agreement and that DSS is advised of any suspicious contact and each event of loss, compromise, suspected compromise or attack on the Company’s assets, including each such suspicious contact and event involving classified or export-controlled information entrusted to the Company, and, any other violation of, or attempt to violate: (i) the DoD Security Agreement (DD Form 441 or its successor form); (ii) the Agreement; (iii) other U.S. Government contract provisions regarding security; (iv) U.S. export control laws and regulations; and (v) the National Industrial Security Program Operating Manual.
3. There are no officers of the Company who: (i) do not have PCLs and (ii) either occupy positions that would enable them to adversely affect the Company’s policies or practices in the performance of classified contracts or cannot be effectively excluded from access to classified information disclosed to Company.
By: | ||
Name: |
||
Date: |
29
ATTACHMENT E
[SAMPLE]
INSIDE DIRECTOR CERTIFICATE
WHEREAS, XxxXxxxxx, Xxxxxxxxx and Associates Ltd., a publicly traded British Columbia corporation headquartered in the United States (the “Shareholder”); and SSL MDA Holdings, Inc., a Delaware corporation (the “Company”) desire to enter into the attached Security Control Agreement (the “Agreement”) with the U.S. Department of Defense (i.e., DoD); and
WHEREAS, pursuant to the provisions of the proposed Agreement under which I will be an Inside Director, I am providing the assurances herein; and
WHEREAS, capitalized terms used herein and not otherwise defined will have their respective meanings set forth in the Agreement;
NOW, THEREFORE, I, the undersigned, SOLEMNLY AFFIRM THAT:
1. I have waived any right to have access to classified information and Export Controlled Information held by Company except as permissible under applicable U.S. law.
2. I will not take any action to direct or decide matters affecting the management or operations of the Company in a manner that may result in unauthorized access to classified information, adversely affect the performance of contracts pursuant to which access to classified information may be required, or otherwise undermine the U.S. national interest due to unauthorized access to classified or export-controlled critical U.S. technology.
3. I will not seek and have not obtained classified information and Export Controlled Information in the possession of Company except as permissible under applicable U.S. law.
4. If I become aware of any suspicious contact or event of loss, compromise, suspected compromise or attack on the Company’s assets, including each such suspicious contact and event involving classified or export-controlled information entrusted to the Company, or, any other violation of, or attempt to violate: (i) the DoD Security Agreement (DD Form 441 or its successor form); (ii) the Agreement; (iii) other U.S. Government contract provisions regarding security; (iv) U.S. export control laws and regulations; and (v) the NISPOM, I will promptly notify the Company’s Government Security Committee.
By: | ||
Name: |
||
Date: |
30