MUTUAL FUNDS SERVICE AGREEMENT Goldman Sachs Variable Insurance Trust June 30, 2006
Exhibit (h)(5)
EXECUTION COPY
MUTUAL FUNDS SERVICE AGREEMENT
Xxxxxxx Xxxxx Variable Insurance Trust
June 30, 2006
Table of Contents
| Section | Page | |||
1. Appointment |
1 | |||
2. Representations and Warranties |
1 | |||
3. Delivery of Documents |
3 | |||
4. Services Provided |
4 | |||
5. Fees and Expenses |
4 | |||
6. Limitation of Liability and Indemnification |
6 | |||
7. Term |
9 | |||
8. Notices |
10 | |||
9. Waiver |
10 | |||
10. Force Majeure |
10 | |||
11. Amendments |
10 | |||
12. Severability |
11 | |||
13. Governing Law |
11 | |||
14. Privacy |
11 | |||
15. Records |
11 | |||
16. Statutory Trust |
12 | |||
17. Additional Portfolios |
12 | |||
18. Use of Name |
12 | |||
- 2 -
| Section | Page | |||
19. Reports to Fund by Independent Public Accountants |
12 | |||
20. Compliance |
13 | |||
21. Insurance |
13 | |||
Signatures |
14 | |||
Schedule A — Fees and Expenses |
A-1 | |||
Schedule B — Fund Accounting Services Description |
B-1 | |||
Schedule C — Security Management |
C-1 | |||
- 3 -
AGREEMENT made as of June 30, 2006 by and between the Xxxxxxx Sachs Variable Insurance Trust
(“Fund”), a Delaware Statutory Trust, on behalf of each investment portfolio listed on Schedule
1, and X.X. Xxxxxx Investor Services Co. (“X.X. Xxxxxx”), a Delaware corporation.
W I T N E S S E T H:
WHEREAS, the Fund is registered as an open-end management investment company under the
Investment Company Act of 1940, as amended (the “1940 Act”);
WHEREAS, the Fund is authorized to issue shares in separate classes and series, with each
such series representing interests in a separate portfolio of securities or other assets; and
WHEREAS, the Fund on behalf of the portfolios and each class of shares of a portfolio,
wishes to contract with X.X. Xxxxxx to provide certain services with respect to the Fund;
NOW, THEREFORE, in consideration of the premises and mutual covenants herein contained, it
is agreed between the parties hereto as follows:
1. Appointment. The Fund hereby appoints X.X. Xxxxxx to provide services for the
Fund, as described hereinafter, subject to the supervision of the Board of Trustees of the Fund
(the “Board”), for the period and on the terms set forth in this Agreement. X.X. Xxxxxx accepts
such appointment and agrees to furnish the services herein set forth in return for the
compensation as provided in Section 5 of and Schedule A to this Agreement.
2. Representations and Warranties.
(a) X.X. Xxxxxx represents and warrants to the Fund that:
(i) X.X. Xxxxxx is a corporation, duly organized and existing under the laws of the State of
Delaware;
(ii) X.X. Xxxxxx is duly qualified to carry on its business in the Commonwealth of
Massachusetts;
(iii) X.X. Xxxxxx is empowered under applicable laws and by its Articles of Incorporation
and By-Laws to enter into and perform this Agreement;
(iv) all requisite corporate proceedings have been taken to authorize X.X. Xxxxxx to enter
into and perform this Agreement;
(v) X.X. Xxxxxx has, and will continue to have, access to the facilities, personnel and
equipment required to fully perform its duties and obligations hereunder;
(vi) no legal or administrative proceedings have been instituted or threatened which would
impair X.X. Xxxxxx’x ability to perform its duties and obligations under this Agreement; and
(vii) X.X. Xxxxxx’x entrance into this Agreement shall not cause a material breach or be in
material conflict with any other agreement or obligation of X.X. Xxxxxx or any law or regulation
applicable to X.X. Xxxxxx;
(b) The Fund represents and warrants to X.X. Xxxxxx that:
(i) the Fund is a Delaware statutory trust, duly organized and existing and in good standing
under the laws of Delaware;
(ii) the Fund is empowered under applicable laws and by its Charter Document and By-Laws to
enter into and perform this Agreement;
(iii) all requisite proceedings have been taken to authorize the Fund to enter into and
perform this Agreement;
(iv) the Fund is an investment company properly registered under the 1940 Act;
(v) a registration statement under the Securities Act of 1933, as amended (“1933 Act”) and
the 1940 Act on Form N-1A has been filed and will be effective and will remain effective during
the term of this Agreement, and all necessary filings under the laws of the states will have been
made and will be current during the term of this Agreement;
(vi) no legal or administrative proceedings have been instituted or threatened which would
impair the Fund’s ability to perform its duties and obligations under this Agreement;
(vii) the Fund’s registration statements comply in all material respects with the 1933 Act
and the 1940 Act (including the rules and regulations thereunder) and none of the Fund’s
prospectuses and/or statements of additional information contain any untrue statement
of material fact or omit to state a material fact necessary to make the statements therein not
misleading; and
(viii) the Fund’s entrance into this Agreement shall not cause a material breach or be in
material conflict with any other agreement or obligation of the Fund or any law or regulation
applicable to it.
3. Delivery of Documents. The Fund will promptly furnish to X.X. Xxxxxx such
copies, properly certified or authenticated, of contracts, documents and other related
information that X.X. Xxxxxx may request or requires to properly discharge its duties. Such
documents may include but are not limited to the following:
(a) Resolutions of the Board authorizing the appointment of X.X. Xxxxxx to provide certain
services to the Fund and approving this Agreement;
(b) The Fund’s Charter Document;
(c) The Fund’s By-Laws;
(d) The Fund’s Notification of Registration on Form N-8A under the 1940 Act as filed with
the Securities and Exchange Commission (“SEC”);
(e) The Fund’s registration statement including exhibits, as amended, on Form N-1A (the
“Registration Statement”) under the 1933 Act and the 1940 Act, as filed with the SEC;
(f) Copies of the Investment Management Agreement between the Fund and its investment
adviser (the “Advisory Agreement”);
(g) Opinions of counsel and auditors’ reports;
(h) The Fund’s prospectus(es) and statement(s) of additional information relating to all
funds, series, portfolios and classes, as applicable, and all amendments and supplements thereto
(such Prospectus(es) and Statement(s) of Additional Information and supplements thereto, as
presently in effect and as from time to time hereafter amended and supplemented, herein called
the “Prospectuses”); and
(i) Such other agreements as the Fund may enter into from time to time including securities
lending agreements, futures and commodities account agreements, brokerage agreements and options
agreements.
4. Services Provided.
(a) X.X. Xxxxxx will provide the following services subject to the control, direction and
supervision of the Board and in compliance with the objectives, policies and limitations set
forth in the Fund’s Registration Statement, Charter Document and By-Laws; applicable U.S. laws
and regulations; and all resolutions and policies implemented by the Board, of which X.X. Xxxxxx
has been notified by the Fund:
(i) Fund Accounting.
A detailed description of the above services is contained in Schedule B to this Agreement.
(b) X.X. Xxxxxx will also:
(i) provide office facilities with respect to the provision of the services contemplated
herein (which may be in the offices of X.X. Xxxxxx or a corporate affiliate of X.X. Xxxxxx); on
the date hereof the office shall be located at: 00 Xxxxxxx Xxxxxx, Xxxxxx, Xxxxxxxxxxxxx 00000.
(ii) provide or otherwise obtain personnel sufficient for provision of the services
contemplated herein;
(iii) furnish equipment and other materials, which are necessary or desirable for provision
of the services contemplated herein; and
(iv) establish a service level agreement which will be applicable to this Agreement to be
mutually agreed to by X.X. Xxxxxx and the Fund.
5. Fees and Expenses.
(a) As compensation for the services rendered to the Fund pursuant to this Agreement the
Fund shall pay X.X. Xxxxxx monthly fees determined as set forth in Schedule A to this Agreement.
Such fees are to be billed monthly and shall be due and payable upon receipt of the invoice.
Upon any termination of the provision of services under this Agreement before the end of any
month, the fee for the part of the month before such termination shall be prorated according to
the proportion which such part bears to the full monthly period and shall be payable upon the
date of such termination.
(b) For the purpose of determining fees calculated as a function of the Fund’s assets, the
value of the Fund’s assets and net assets shall be computed as required by its currently
effective Prospectus, generally accepted accounting principles, and resolutions of the Board.
(c) The Fund may request additional services, additional processing, or special reports,
with such specifications and requirements documentation as may be reasonably required by X.X.
Xxxxxx. In addition, significant regulatory and legal changes and changes in the Fund’s status
may necessitate additional services, processing or reports. In either instance, if X.X. Xxxxxx
elects to provide such services or arrange for their provision, it shall be entitled to
additional fees and expenses, as agreed to by the Fund.
(d) X.X. Xxxxxx will bear its own expenses in connection with the performance of the
services under this Agreement except as provided herein or as agreed to by the parties. Unless
such expenses are related to X.X. Xxxxxx’x responsibilities under this Agreement, the Fund agrees
to promptly reimburse X.X. Xxxxxx for any services, equipment or supplies ordered by or for the
Fund through X.X. Xxxxxx and for any other expenses that X.X. Xxxxxx may reasonably incur on the
Fund’s behalf at the Fund’s request or as consented to in writing by the Fund. Such other
expenses include, but are not limited to: taxes; interest; brokerage fees and commissions;
salaries and fees of officers and trustees who are not officers, directors, shareholders or
employees of X.X. Xxxxxx, or the Fund’s investment adviser or distributor; SEC and state Blue Sky
registration and qualification fees, levies, fines and other charges; XXXXX filing fees,
processing services and related fees; postage and mailing costs; costs of share certificates;
advisory and administration fees; charges and expenses of pricing and data services, independent
public accountants and custodians; insurance premiums including fidelity bond premiums; legal
expenses; consulting fees; customary bank charges and fees; costs of maintenance trust existence;
expenses of typesetting and printing of Prospectuses for regulatory purposes and for distribution
to current shareholders of the Fund (the Fund’s distributor to bear the expense of all other
printing, production, and distribution of Prospectuses, and marketing materials); expenses of
printing and production costs of shareholders’ reports and proxy statements and materials;
expenses of proxy solicitation, proxy tabulation and annual meetings; costs and expenses of Fund
stationery and forms; costs and expenses of special telephone and data lines and devices; costs
associated with trust, shareholder, and Board meetings; trade association dues and expenses;
reasonable reprocessing costs to X.X. Xxxxxx caused by third party errors, as agreed to by the
Fund; copying charges; overtime work when necessitated by unusual client requests; microfilm and
storage, audio response unit costs; transfer agency fees, class specific servicing and 12b-1
fees; service
termination and conversion costs; any expenses necessitated by regulatory or legal
changes; and any extraordinary expenses and other customary Fund expenses. In addition, X.X. Xxxxxx may utilize
one or more independent pricing services to obtain securities prices and to act as backup to the
primary pricing services designated by the Fund, in connection with determining the net asset
values of the Fund. The Fund will reimburse X.X. Xxxxxx for the Fund’s share of the cost of such
services based upon the actual usage, or a pro-rata estimate of the use, of the services for the
benefit of the Fund.
(e) All fees, out-of-pocket expenses, or additional charges of X.X. Xxxxxx shall be billed
on a monthly basis and shall be due and payable upon receipt of the invoice.
(f) X.X. Xxxxxx will render, after the close of each month in which services have been
furnished, a statement reflecting all of the charges for such month. Invoices shall be paid
within (30) thirty days of receipt.
(g) In the event that the Fund is more than sixty (60) days delinquent in its payments of
monthly xxxxxxxx in connection with this Agreement (with the exception of specific amounts which
may be contested in good faith by the Fund and delay in transmission of billing attributable to
X.X. Xxxxxx), this Agreement may be terminated upon thirty (30) days’ written notice to the Fund
by X.X. Xxxxxx. The Fund must notify X.X. Xxxxxx in writing of any contested amounts within
thirty (30) days of receipt of a billing for such amounts. Disputed amounts are not due and
payable while they are being investigated.
6. Limitation of Liability and Indemnification.
(a) X.X. Xxxxxx shall not be liable for any error of judgment or mistake of law or for any
loss or expense suffered by the Fund or third parties, in connection with the matters to which
this Agreement relates, except for a loss or expense caused by or resulting from X.X. Xxxxxx’x
negligence or willful misconduct.
(b) Provided that in all instances X.X. Xxxxxx and the other Indemnitees (as defined below)
have satisfied the standard of care in paragraph 6(a), X.X. Xxxxxx shall not be responsible for,
and the Fund shall indemnify and hold X.X. Xxxxxx and its directors, officers, agents and
employees (collectively the “Indemnitees”) harmless from and against any and all claims,
liabilities, losses, damages, fines, penalties and expenses, including out-of-pocket and
incidental expenses and legal fees (“Losses”) that may be imposed on, incurred by, or asserted
against, the Indemnitees or any of them in the performance of its/their duties hereunder,
including but not limited to those arising out of or attributable to:
(i) any and all actions of the Indemnitees required to be taken pursuant to this Agreement;
(ii) the reliance on or use by the Indemnitees of information, records, or documents which
are received by the Indemnitees and furnished to it or them by or on behalf of the Fund, and
which have been prepared or maintained by the Fund or any third party on behalf of the Fund;
(iii) the Fund’s refusal or failure to comply with the terms of this Agreement or the Fund’s
lack of good faith, or its actions, or lack thereof, involving gross negligence or willful
misfeasance;
(iv) the breach of any representation or warranty of the Fund hereunder;
(v) following any instructions or other directions reasonably believed to be requests of the
Fund or otherwise duly authorized, and upon which X.X. Xxxxxx is authorized to rely pursuant to
the terms of this Agreement;
(vi) any delays, inaccuracies, errors in or omissions from information or data provided to
X.X. Xxxxxx by the Fund, its investment advisers and/or sub-advisers, and providers of other
services such as data services, corporate action services, pricing services or securities
brokerage;
(vii) the offer or sale of shares by the Fund in violation of any requirement under the
Federal securities laws or regulations or the securities laws or regulations of any state, or in
violation of any stop order or other determination or ruling by any Federal agency or any state
agency with respect to the offer or sale of such shares in such state (1) resulting from
activities, actions, or omissions by the Fund or its other service providers and agents, or (2)
existing or arising out of activities, actions or omissions by or on behalf of the Fund prior to
the effective date of this Agreement;
(viii) any failure of the Fund’s registration statement to comply with the 1933 Act and the
1940 Act (including the rules and regulations thereunder) and any other applicable laws, or any
untrue statement of a material fact or omission of a material fact necessary to make any
statement therein not misleading in a Fund’s prospectus;
(ix) the actions taken by the Fund, its investment adviser and/or sub-advisers, and its
distributor in compliance with applicable securities, tax, commodities and other laws, rules and
regulations, or the failure to so comply; and
(x) all actions, inactions, omissions, or errors caused by third parties to whom the Fund or
the Indemnitees have assigned any rights and/or delegated any duties under this Agreement at the
request and direction of the Fund or as required by the Fund, its investment advisers,
distributor, or sponsor, provided that the Indemnitees did not select or participate in the
selection of the third parties (for avoidance of doubt, the Fund acknowledges that X.X. Xxxxxx
does not participate in the selection of pricing vendors).
(c) In performing its services hereunder, X.X. Xxxxxx shall be entitled to rely on any oral
or written instructions, notices or other communications, including electronic transmissions,
from the Fund and its officers and directors, investment advisers and sub-advisers, agents and
other service providers which X.X. Xxxxxx reasonably believes to be genuine, valid and
authorized. The Fund shall provide in writing to X.X. Xxxxxx, from time to time, a list of
persons authorized to give oral or written instructions on behalf of the Fund. X.X. Xxxxxx shall
also be entitled to consult with and rely on the advice and opinions of outside legal counsel and
public accountants retained by the Fund, as necessary or appropriate.
(d) Anything in this agreement to the contrary notwithstanding, in no event shall X.X.
Xxxxxx or the Fund be liable for any indirect, incidental, special or consequential losses or
damages of any kind whatsoever (including but not limited to lost profits), even if X.X. Xxxxxx
or the Fund has been advised of the likelihood of such loss or damage and regardless of the form
of action in which any such loss or damage may be claimed. This provision shall survive the
termination of this Agreement.
(e) If the Fund acknowledges in writing that X.X. Xxxxxx is entitled to indemnification, the
Fund shall have the option to defend X.X. Xxxxxx against any claim which may be the subject of
this indemnification, and in the event that the Fund so elects, it will so notify X.X. Xxxxxx,
and thereupon the Fund shall take over complete defense of the claim. In the event the Fund
elects to assume the control of the defense of the claim, X.X. Xxxxxx may participate in such
proceeding and retain additional counsel but shall bear all fees and expenses of such retention
of such counsel, unless (i) the Fund shall have specifically authorized the retention
of such counsel, or (ii) if the Fund and X.X. Xxxxxx agree that the retention of such counsel is required as a result of a
conflict of interest. In the event the Fund assumes control of any proceeding, the Fund shall
keep X.X. Xxxxxx notified of the progress of such proceeding and, upon request, consult with X.X.
Xxxxxx and counsel. The Fund will, upon request by X.X. Xxxxxx, either pay in the first instance
or reimburse X.X. Xxxxxx for any expense subject to indemnity hereunder. The Fund shall not
settle or compromise any proceeding without the prior written consent of X.X. Xxxxxx unless (i)
such settlement or compromise involves no admission of guilt, wrongdoing, or misconduct by X.X.
Xxxxxx, (ii) such settlement or compromise does not impose any obligations or restrictions on
X.X. Xxxxxx other than obligations to pay money that are subject to indemnity under this
Agreement and (iii) the Fund shall have paid or made arrangements satisfactory to X.X. Xxxxxx for
payment of amounts payable by X.X. Xxxxxx in connection with such settlement. X.X. Xxxxxx shall
in no case confess any claim or make any compromise in any case which the Fund will be asked to
indemnify X.X. Xxxxxx except with the Fund’s prior written consent. X.X. Xxxxxx shall be
entitled to rely on and may act upon advice of counsel (who may be counsel for the Fund) on all
matters, and shall be without liability for any action reasonably taken or omitted pursuant to
such advice.
7. Term. This Agreement shall become effective on the date first hereinabove
written and may be modified or amended from time to time by mutual agreement between the parties
hereto. The Agreement shall continue in effect unless terminated by either party on 90 days’
prior written notice. The Fund must give X.X. Xxxxxx at least 60 days’ written notice of any
change in the investment adviser, sponsor or distributor of the Fund. Upon termination of this
Agreement, the Fund shall pay to X.X. Xxxxxx such compensation and any out-of-pocket or other
reimbursable expenses which may become due or payable under the terms hereof as of the date of
termination or after the date that the provision of services ceases, whichever is later
8. Notices. Any notice required or permitted hereunder shall be in writing and
shall be deemed effective on the date of personal delivery (by private messenger, courier service
or otherwise) or upon confirmed receipt of telex or facsimile, whichever occurs first, or upon
receipt if by mail to the parties at the following address (or such other address as a party may
specify by notice to the other):
If to the Fund:
Xxx Xxx Xxxx Xxxxx
Xxx Xxxx, XX 00000
P: 212-902-1000
Attention: Xxxxx Xxxxxxx, Legal, Mutual Funds
Xxx Xxxx, XX 00000
P: 212-902-1000
Attention: Xxxxx Xxxxxxx, Legal, Mutual Funds
00 Xxx Xxxx
Xxx Xxxx, XX 0000
P: 212-902-1000
Attention: Xxxxxxx Xxxxx, Fund Treasury
Xxx Xxxx, XX 0000
P: 212-902-1000
Attention: Xxxxxxx Xxxxx, Fund Treasury
If to X.X. Xxxxxx:
X.X. Xxxxxx Investor Services Co.
00 Xxxxxxx Xxxxxx
Xxxxxx, XX 00000
Attention: Legal Department
Fax: (000) 000-0000
00 Xxxxxxx Xxxxxx
Xxxxxx, XX 00000
Attention: Legal Department
Fax: (000) 000-0000
9. Waiver. The failure of a party to insist upon strict adherence to any term of
this Agreement on any occasion shall not be considered a waiver nor shall it deprive such party
of the right thereafter to insist upon strict adherence to that term or any term of this
Agreement. Any waiver must be in writing signed by the waiving party.
10. Force Majeure. X.X. Xxxxxx shall not be responsible or liable for any harm,
loss or damage suffered by the Fund, its investors, or other third parties or for any failure or
delay in performance of X.X. Xxxxxx’x obligations under this Agreement arising out of or caused,
directly or indirectly, by circumstances beyond X.X. Xxxxxx’x control, where X.X. Xxxxxx has
otherwise exercised reasonable care. In the event of a force majeure, any resulting harm, loss,
damage, failure or delay by X.X. Xxxxxx will not give the Fund the right to terminate this
Agreement in the absence of negligence or willful misconduct by X.X. Xxxxxx.
11. Amendments. This Agreement may be modified or amended from time to time by
mutual written agreement between the parties. No provision of this Agreement may be changed,
discharged, or terminated orally, but only by an instrument in writing signed by the party
against which enforcement of the change, discharge or termination is sought.
12. Severability. If any provision of this Agreement is invalid or unenforceable,
the balance of the Agreement shall remain in effect, and if any provision is inapplicable to any
person or circumstance it shall nevertheless remain applicable to all other persons and
circumstances.
13. Governing Law. THIS AGREEMENT SHALL BE GOVERNED BY THE LAWS OF THE STATE OF
NEW YORK, without giving effect to principles of conflicts of law. Any litigation arising out of
or connected in any way with this Agreement shall take place in a state or federal court of
competent jurisdiction in New York County, State of New York.
14. PRIVACY. X.X. Xxxxxx acknowledges and agrees that, in performing the services provided
for in this Agreement, it may obtain information pertaining to individual Fund investors that
falls within the definition of “nonpublic personal information” as that term is defined in
Section 6809(4) of the Xxxxx-Xxxxx-Xxxxxx Act (hereinafter “Protected Personal Information”). XX
Xxxxxx agrees that it is prohibited from using or disclosing the Protected Personal Information
other than i) to perform its obligations under this Agreement and ii) as required by law. X.X.
Xxxxxx shall implement and maintain appropriate measures designed to (i) insure the security and
confidentiality of the Protected Personal Information; (ii) protect against any anticipated
threats or hazards to the security or integrity of such information and; (iii) protect against
unauthorized access to or use of the Protected Personal Information that could result in
substantial harm or inconvenience to the individual investors to whom such information relates.
At a minimum, such measures shall include those set forth on Schedule C. J.P. Xxxxxx may
disclose Protected Personal Information to a third party only if, and to the extent that, such
disclosure is necessary to the performance of the services and only after such third party has
agreed in writing to the use, security and confidentiality provisions set forth in this Section
14, including Schedule C. This provision shall survive termination of this Agreement.
X.X. Xxxxxx agrees on its behalf and on behalf of its employees to treat confidentially and
as proprietary information of the Fund, all records and other information relative to the Fund
and its portfolios, and not to use such records and information for any purpose other than
performance of its responsibilities and duties hereunder, except after prior notification to and
approval in writing by the Fund, which approval shall not be withheld where X.X. Xxxxxx may be
exposed to civil or criminal contempt proceedings for failure to comply, when requested to
divulge such information by duly constituted authorities, or when so requested by the Fund. X.X.
Xxxxxx agrees to comply with the Fund’s policies related to non-disclosure of portfolio holdings.
15. RECORDS. X.X. Xxxxxx shall with respect to each of the Fund’s investment portfolios
create and maintain all records relating to its activities and obligations under this Agreement
during and after the term thereof in such manner as will meet the obligations of the Fund under
the Investment Company Act of 1940, with particular attention to Section 31 thereof and Rules
31a-1 and 31a-2 thereunder. All such records shall be the property of the Fund and shall at all
times during the regular business hours of X.X. Xxxxxx be open for inspection by duly authorized
officers, employees or agents of Fund and employees and agents of the Securities and Exchange
Commission.
16. STATUTORY TRUST. The name “Xxxxxxx Sachs Variable Insurance Trust” is the designation
of the Board of Trustees for the time being under the Declaration of Trust and all persons
dealing with Fund must look solely to the property of Fund for the enforcement of any claims
against Fund as neither the Trustees, officers, agents, nor shareholders of Fund assume any
personal liability for obligations entered into on behalf of Fund. No portfolio of the Fund
shall be liable for any claims against any other portfolio of the Fund.
17. ADDITIONAL PORTFOLIOS. In the event that the Fund establishes additional series and
classes of shares with respect to which it desires to have X.X. Xxxxxx render accounting services
under the terms hereof, it shall so notify X.X. Xxxxxx in writing, and if X.X. Xxxxxx agrees in
writing to provide such services, such series of shares shall become a portfolio hereunder and
the terms of this Agreement shall apply to the portfolio and each class of shares of the
portfolio.
18. USE OF NAME. X.X. Xxxxxx agrees not to use the Fund’s name nor the name of Xxxxxxx,
Xxxxx & Co., its affiliates, designees, or assignees (“GS”) in any material written in a manner
not previously, specifically approved in writing by the Fund, Xxxxxxx, Sachs & Co., or its
affiliates, designees, or assignees except where required by the Securities and Exchange
Commission or any federal or state agency responsible for regulation of X.X. Xxxxxx.
19. REPORTS TO FUND BY INDEPENDENT PUBLIC ACCOUNTANTS. X.X. Xxxxxx shall provide the Fund,
on behalf of each of the portfolios at such times as the Fund may reasonably require, which shall
be at least annually, reports by independent public accountants on the accounting system and
internal accounting controls relating to the services provided by X.X. Xxxxxx under this
Agreement. Such reports shall be of sufficient scope and in sufficient detail as may reasonably
be required by the Fund to provide reasonable assurance that any material
inadequacies would be disclosed by such examination, and, if there are no such inadequacies, the reports
shall so state.
20. COMPLIANCE. (a) X.X. Xxxxxx represents that it has implemented policies and procedures
to ensure adequate training and supervision of employees and vendor management. (b) X.X. Xxxxxx
shall provide the Fund with copies of its privacy policy and Worldwide Rules of Conduct. (c) X.X.
Xxxxxx agrees to provide at the Fund’s request a certification as to its knowledge concerning
information, controls and procedures related to the Fund’s financial reports and compliance with
Xxxxxxxx-Xxxxx Act requirements.
21. INSURANCE. X.X. Xxxxxx will not be required to maintain any insurance coverage for the
specific benefit of the Fund. X.X. Xxxxxx agrees to maintain commercially reasonable insurance
coverage for errors, omissions or other acts by X.X. Xxxxxx, its agents or their employees that
result in losses to the Fund.
IN WITNESS WHEREOF, the parties hereto have caused this Agreement to be executed by their
officers designated below as of the date first written above.
| XXXXXXX SACHS VARIABLE INSURANCE TRUST | ||||||
| By: | /s/ Xxxx Xxxxxxxxx | |||||
| Name: Xxxx Xxxxxxxxx | ||||||
| Title: Treasurer | ||||||
| X.X. XXXXXX INVESTOR SERVICES CO. | ||||||
| By: | /s/ Xxxxxxxx Xxxxx | |||||
| Name: Xxxxxxxx Xxxxx | ||||||
| Title: President | ||||||
Schedule 1 – Listing of Portfolios
Xxxxxxx Sachs VIT — Growth and Income Fund
Xxxxxxx Xxxxx VIT — International Equity Fund
Xxxxxxx Sachs VIT — CORE U.S. Equity Fund
Xxxxxxx Xxxxx VIT — CORE Small Cap Equity Fund
Xxxxxxx Sachs VIT — Capital Growth Fund
Xxxxxxx Xxxxx VIT — Mid Cap Equity Fund
Xxxxxxx Sachs VIT — Growth Opportunities
Xxxxxxx Xxxxx VIT — Equity Index Fund
Xxxxxxx Sachs VIT — Government Income Fund
Xxxxxxx Xxxxx VIT — Core Fixed Income Fund
SCHEDULE A
FEES AND EXPENSES
FEES AND EXPENSES
A. The Fees for Fund Accounting and Financial Reporting are set forth below.
Breakpoints and Fund Minimums are applied at the Fund level.
| Net Asset Tier Breakpoints: | ||||||||||||
From |
$ | 0 | $ | 550,000,000 | 0.00 basis points | |||||||
From |
$ | 550,000,000 | $ | 1,100,000,000 | 0.50 basis points | |||||||
Over |
$ | 1,100,000,000 | 0.40 basis points | |||||||||
| Fund Minimums: | ||||
U.S. Equity Funds and U.S. Fixed Income Funds |
$20,000 per fund | |||
U.S. Money Market Funds and U.S. REITs Funds |
$25,000 per fund | |||
International and Emerging Markets |
$30,000 per fund | |||
Fund of Funds and 529 Plans |
$10,000 per fund | |||
B. An annual fee of $4,000 per Fund for Financial Reporting Services – Fund Admin.
C. There will be no charge for out of pocket expenses. There will be no charge for pricing Wash
Sales, Fair Valuation or additional share classes. Pricing is a traditional charge that is
normally passed through to the client, but will be waived for Xxxxxxx Sachs Funds
D. J.P. Xxxxxx acknowledges and agrees that it will reimburse Xxxxxxx Sachs Asset Management for
any transition and/or conversion costs associated with the Fund’s conversion from its previous
service provider, State Street Bank and Trust Company, for an amount up to $200,000.
E. J.P. Xxxxxx and the Fund also agree to establish a system whereby the fees paid hereunder may be
adjusted based upon the performance of the X.X. Xxxxxx in carrying out its responsibilities under
this Agreement.
F. Fees for new Funds will be waived for the first six months following the commencement of
operations.
SCHEDULE B
DESCRIPTION OF FUND ACCOUNTING SERVICES
DESCRIPTION OF FUND ACCOUNTING SERVICES
X.X. Xxxxxx agrees to perform the following duties in accordance with the requirements of the
Fund’s Registration Statement and applicable laws and regulations with respect to each series and
class of shares of the Fund:
| (a) | keep and maintain the books and records of the Fund in accordance with Rule 3la-1 under the 1940 Act (“Rule”) including the following: |
| (i) | journals containing an itemized daily record in detail of all purchases and sales of securities, all receipts and disbursements of cash and all other debits and credits, as required by subsection (b)(1) of the Rule; | ||
| (ii) | general and auxiliary ledgers reflecting all asset, liability, reserve, capital, income and expense accounts, including interest accrued and interest received, as required by subsection (b)(2)(i) of the Rule; | ||
| (iii) | separate ledger accounts required by subsections (b)(2)(ii) and (iii) of the Rule; and | ||
| (iv) | a monthly trial balance of all ledger accounts (except shareholder accounts) as required by subsection (b)(8) of the Rule. |
| (b) | perform the following accounting services daily, unless otherwise indicated below, for each Fund: |
| (i) | calculate the net asset value per share in accordance with U.S. generally accepted accounting principles; | ||
| (ii) | calculate the dividend factor for daily dividend funds; | ||
| (iii) | obtain security prices from independent pricing services, or if such quotes are unavailable, obtain such prices from the Fund’s investment manager or its designee, as approved by Fund’s Board; | ||
| (iv) | provide exception, stale and halted price and fair value reporting to the investment manager; | ||
| (v) | verify and reconcile daily trade activity with the investment manager (where trade recap/summary has been provided); | ||
| (vi) | reconcile daily with the Fund’s custodian’s records all cash and position activity; | ||
| (vii) | reconcile foreign exchange, futures, derivative notional investments and associated collateral with counterparty; | ||
| (viii) | review daily the net asset value calculation and dividend factor (if any) for the Fund, distribute net asset values and yields to NASDAQ, Fund’s transfer agent, Fund’s investment manager and such other third parties as are agreed upon; | ||
| (ix) | determine unrealized appreciation and depreciation on securities held in variable net asset value Funds; | ||
| (x) | record all corporate actions affecting securities held by the Fund, including dividends, stock splits and recapitalizations; | ||
| (xi) | amortize premiums and accrete discounts on securities purchased at a price other than face value, if requested by the Fund; | ||
| (xii) | record and reconcile with the transfer agent all capital stock balances and activity, including dividend payables; | ||
| (xiii) | reconcile all other general ledger accounts on a monthly basis to supporting ledgers or off-line backup; | ||
| (xiv) | update accounting system to reflect rate changes on variable interest rate instruments; | ||
| (xv) | post Fund transactions to appropriate categories; general ledger accounts in conformity with GAAP; |
| (xvi) | accrue expenses of each Fund according to instructions received from the investment manager; | ||
| (xvii) | calculate book capital account balances; | ||
| (xviii) | determine the outstanding receivables and payables for all (1) security trades, (2) Fund share transactions and (3) income and expense accounts; | ||
| (xix) | provide accounting reports, support schedules and related analyses in connection with Fund’s scheduled audit and other audits and examinations by regulatory agencies; | ||
| (xx) | allocate items of income and expense to appropriate share classes and follow other GSAM defined accounting and tax policies; | ||
| (xxi) | provide monthly income determinations for 19a-1 reporting analysis; | ||
| (xxii) | provide reporting to the Fund to support QDI reporting requirements; and | ||
| (xxiii) | provide automated wash sale reporting twice per fiscal year. |
| (c) | (i) preparation of the Fund’s financial statements, including the preparation of drafts of the Fund’s annual and semi-annual shareholder reports. | |
| (ii) Prepare Form N-Q filings for review and sign off by the Fund officers and filing with the SEC. | ||
| (d) | X.X. Xxxxxx shall, at Fund’s request, supply the Fund with a tabulation of securities owned by each portfolio and held by X.X. Xxxxxx and shall, when requested to do so by Fund and for such compensation as shall be agreed upon between Fund and X.X. Xxxxxx, include certificate numbers in such tabulations. |
SCHEDULE C
SECURITY MANAGEMENT
This Schedule specifies requirements for: Information Security, Physical Security, Backup &
Contingency Planning and Audit.
Definitions:
| • | “Systems and Networks” shall mean hardware, software (including the copies of X.X. Xxxxxx’x proprietary technology and third party technology installed thereon) and telecommunication facilities employed by X.X. Xxxxxx to receive, process, maintain, transmit and store the Data (as defined herein), whether or not such hardware, software and telecommunications facilities are also used to host other parties’ confidential or other information or software. | ||
| • | “Attempted Attack” shall mean all of the following preliminary attacker efforts that occur for any incident: port scanning, IP address mapping and OS fingerprinting. | ||
| • | “Core Application” shall mean an application implemented to support the services provided to the Funds or GS. This does NOT include desktop productivity applications such as word processors, spreadsheets, etc. | ||
| • | “Data” shall mean information on X.X. Xxxxxx applications that relates to the confidential information and services contemplated to be provided under this Agreement. |
| • | Information Security Management |
| § | X.X. Xxxxxx shall have a security policy that explicitly addresses and provides guidance to employees and non-employee workers to ensure the confidentiality, integrity and availability of information and systems maintained or processed by X.X. Xxxxxx. The policies shall be approved by senior management and contain penalties or sanctions for noncompliance. X.X. Xxxxxx’x security policy shall provide a framework for information security management within its overall organization. |
| • | That policy must have an explicit section on the handling and management of personal information. Explicit procedures must exist that describe how personal information is to be managed, including disposal and destruction of data after its useful life. |
| § | X.X. Xxxxxx shall have dedicated resources (e.g. an Information Security manager or group) to xxxxxx and focus on information security efforts. The following details of the individuals shall be provided to GS: contact details, a name, phone number and email address. |
| § | X.X. Xxxxxx shall have a written security plan that provides a framework for information security management within their organization. The plan should address the following key points: |
| • | The delegation and assignment of responsibilities for security. | ||
| • | Management oversight for the plan and its deployment. | ||
| • | The means for managing security within the enterprise. | ||
| • | Policies and procedures for data confidentiality and privacy. | ||
| • | Methods of handling sensitive or confidential information received from or with respect to customers. | ||
| • | Incident response in the event of a breach of security, or unauthorized disclosure of, customer Data |
| • | Internal Audit / Security Reviews |
| § | Periodic security audits or assessments, including testing of the system of controls, should be performed by an independent audit group within X.X. Xxxxxx on a periodic basis. The audits should include testing of X.X. Xxxxxx’x information security procedures as well. | ||
| § | X.X. Xxxxxx shall provide GS with details from its last security audit or review conducted by a qualified third-party. The details shall include the name of the reviewing company, the date of the review and a general statement on the overall security posture of X.X. Xxxxxx’x Systems and Networks, facilities and operations. | ||
| § | X.X. Xxxxxx shall have a process for correcting control deficiencies that have been identified in audits or assessments, including follow up documentation providing evidence of such corrections. |
| • | Personnel Practices |
| • | All employees, non-employee workers, consultants, temporary workers and other persons, such as third party X.X. Xxxxxxx and subcontractors, who may have access to X.X. Xxxxxx’x Systems and Networks and facilities shall be made aware of, and be required to adhere to, the security policies of the X.X. Xxxxxx and have training in security practices, including the handling of sensitive or confidential customer information. | ||
| • | Employee Remote Electronic Access |
| § | Persons electronically accessing the X.X. Xxxxxx’x Systems and Networks remotely must be authenticated using 2-factor authentication. | ||
| § | Employee Remote Access Solutions must technically prevent the export of Data to the person’s local computer situated outside the X.X. Xxxxxx’x facilities. |
| • | Storage of Data on Mobile Devices |
| § | X.X. Xxxxxx must ensure the security of data on distributed devices by requiring the following: |
| o | No data storage devices that may contain GS Data are permitted to leave X.X. Xxxxxx’x facility without express written permission from X.X. Xxxxxx. | ||
| o | Laptops used by X.X. Xxxxxx personnel to conduct GS business or provide services or products to GS must be the property of GS or X.X. Xxxxxx. No personal laptops owned by X.X. Xxxxxx’x personnel may be used for such activities. | ||
| o | If any laptop or other mobile hardware contains GS Data, the GS Data shall be encrypted with a minimum 128-bit encryption key length. | ||
| o | All GS Data transferred to or from the mobile device must be inventoried and logged, and X.X. Xxxxxx shall retain the inventory files and logs for ninety (90) days after termination or expiration of this Agreement | ||
| o | Suspected loss or theft of any device which may contain GS Data must be reported immediately by X.X. Xxxxxx personnel to X.X. Xxxxxx, and reported immediately by X.X. Xxxxxx to GS. |
| § | Outsourcing/Subcontracting/Reliance by X.X. Xxxxxx on Third Parties: |
| § | If X.X. Xxxxxx outsources or subcontracts the provisions of services or products provided to GS to third parties, or otherwise relies on third parties to fulfill X.X. Xxxxxx’x information technology or Security functions, then the X.X. Xxxxxx shall require the following: |
| • | Formal written agreements that require the security controls employed by the third parties to be consistent with X.X. Xxxxxx’x security practices and this Exhibit. In addition, X.X. Xxxxxx must enter into written confidentiality agreements with such third parties. | ||
| • | X.X. Xxxxxx shall review, or have an independent audit or risk management group within X.X. Xxxxxx assess, the third party’s security posture. | ||
| • | X.X. Xxxxxx shall provide prior notice to GS in connection with all such outsourcing, subcontracts or other reliance after the date of this Agreement. |
| § | Back-up and Business Continuity Plans |
| § | X.X. Xxxxxx shall have a data backup and offsite storage process, including backup/storage schedules and control requirements that address the following: |
| • | X.X. Xxxxxx shall have business continuity plans in place which define contingency plans and provide for the testing of such contingency plans. X.X. Xxxxxx shall indicate the frequency of such testing and ensure that those plans ensure the X.X. Xxxxxx’x Service Level commitments to GS can be met. | ||
| • | Data backups stored both on and off X.X. Xxxxxx’x site shall be maintained in a secure climate-controlled environment with sufficient controls to ensure the backup media are actually being received by the storage facility and that transportation boxes containing such media have not been tampered with, diverted or lost during transport. GS Data maintained off of X.X. Xxxxxx’x premises for backup and contingency purposes shall be stored, using industry standard technologies prior to being moved offsite. X.X. Xxxxxx is responsible for ensuring all secured Data can be recovered as necessary for business continuity purposes or upon request by GS. | ||
| • | GS’s Data shall be irreversibly removed, to the extent possible per current technology, all storage mechanisms and electronic media when such Data is no longer needed for the provision of services or products to GS, as reasonably determined by X.X. Xxxxxx and in compliance with X.X. Xxxxxx’x IT Policies and Standards. |
| § | Security and Processing Controls | |
| § | X.X. Xxxxxx shall have standards and procedures in-place to address system configuration, operation and management controls for the Systems and Networks, including the following: |
| • | X.X. Xxxxxx shall employ industry-standard security technologies to protect GS Data, including but not limited to physical access controls and logical access controls. | ||
| • | Security controls appropriate for the Systems and Networks and their application environment as recommended by manufacturers and best practices published by industry organizations. | ||
| • | Identification and patching of security vulnerabilities. | ||
| • | Change control process and procedures. | ||
| • | Problem management. | ||
| • | Incident detection, response and management. | ||
| • | Data access entitlement and a review process for existing entitlements and changes to them |
| § | If X.X. Xxxxxx connects to the Internet or other external facilities it shall have the following in place: |
| • | Technology controls including firewalls, security monitoring and alerting systems (i.e. Intrusion Detection Systems). | ||
| • | When communicating with GS, X.X. Xxxxxx must implement GS’s preferred security protocols, including secure email, to the extent practicable. | ||
| • | When communicating outside X.X. Xxxxxx’x firm via email, WebMail, Chat or other channels, X.X. Xxxxxx shall implement data content and data quantity controls to detect the leakage of GS Data outside X.X. Xxxxxx’x firm via those channels. Processes must be in place to monitor those controls and follow-up suspected incidents relating to the security of such channels. | ||
| • | Automated transfers of GS Data from GS to X.X. Xxxxxx shall be secured using appropriate network and/or data controls. Upon receipt of an automated transfer, the GS Data shall be immediately and automatically imported exclusively into a Core Application. Logs of such receipt and importation must be kept and retained for ninety (90) days after termination or expiration of this Agreement. All remnants of the original GS Data data file (i.e., not the copy imported into the Core Application) shall be purged from all locations within twenty-four (24) hours of the GS Data’s importation into the Core Application. | ||
| • | Access to GS Data held on Core Applications is restricted and end users are permitted by policy to bulk export data out of the application only for authorized business purposes. “Bulk export” includes, without limitation, the creation of reports, spreadsheets and other end user documents or files that include more than one record. | ||
| • | GS Data used for analysis purposes as part of, or in connection with, the migration of GS Data to a Core Application is purged from all locations in accordance with X.X. Xxxxxx IT Policies and Standards. The purge shall include GS Data maintained in email, fileshares, FTP servers, etc. |
| • | Information Storage and Processing |
| • | X.X. Xxxxxx shall store and process production GS Data in a controlled (i.e., production, DR or user acceptance testing) environment only. X.X. Xxxxxx shall ensure that non-controlled environments used for development, testing, or any non-controlled activity shall only use test data, and in such cases the test data shall not contain any GS Data. |
| • | Notification & Reporting Obligations |
| • | X.X. Xxxxxx shall notify GS of the following events without undue delay, as soon as practicable after the event, except where immediate notice is required below: |
| o | Upon request annually, change, including by resignation, in information security staff responsible for GS Data or X.X. Xxxxxx’x Systems and Networks; | ||
| o | Suspected breaches/compromises (beyond an Attempted Attack) of X.X. Xxxxxx’x Systems and Networks, and claims or threats of such events made by any X.X. Xxxxxx Personnel or external person (immediate notice required); | ||
| o | Termination of any Personnel for cause, where related to such Personnel’s potential or actual misuse or compromise of GS Data or X.X. Xxxxxx’x Systems and Networks; | ||
| o | If permitted by applicable Law, any law enforcement or governmental investigation or inquiry into suspected misuse or abuse of X.X. Xxxxxx’x Systems and Networks; | ||
| o | If any of the GS Data is or was left unprotected, or is or was insufficiently protected for its level of sensitivity and risk, irrespective of whether a security breach has occurred (immediate notice required); | ||
| o | The loss of any physical device that may have contained GS Data (immediate notice required). | ||
| o | X.X. Xxxxxx will provide reporting, as requested by GS, to GS regarding access to GS Data maintained in the Systems and Networks. |
| • | Notice to Affected Persons of Compromise of Personal Information. |
| o | X.X. Xxxxxx shall cooperate with GS in satisfying any legal requirement that requires Customer or X.X. Xxxxxx to provide notice to a person (“Affected Person”) that a suspected breach/compromise of such person’s information is believed to have occurred. X.X. Xxxxxx shall contact GS’s Information Security Department with details of the suspected breach/compromise immediately following its discovery by X.X. Xxxxxx. If notice to Affected Persons is required by law, or if such notice is contemplated by X.X. Xxxxxx, prior to giving such notice X.X. Xxxxxx shall consult with GS as to notice method, content as described below. The timing of any notice to an Affected Person shall be delayed in order to implement any GS and X.X. Xxxxxx measures necessary to determine the scope of the breach/compromise or to remedy or limit the breach/compromise, or if any law enforcement or other government agency advises GS or X.X. Xxxxxx that the issuance of the notice will impede a criminal or other investigation. |
| • | Method of Notice. Unless otherwise
approved by GS, X.X. Xxxxxx shall not provide notice to an Affected
Person by unsecure means. “Unsecure means” shall include, without
limitation, |
unencrypted email, and publication on a public website
that does not provide a secure sockets layer session for the
Affected Person’s password-protected access. In addition, unless
otherwise approved by GS, X.X. Xxxxxx shall not provide notice
via press release, print media or broadcast media. |
|||
| • | Content of Notice. The content of X.X.
Xxxxxx’x notices to the Affected Person shall be subject to GS’s
approval, which shall not be unreasonably withheld or delayed. |
||
| • | Cost of Notice. Customer shall not
require any notice method or notice content that requires X.X.
Xxxxxx to incur any additional cost beyond the cost imposed upon
X.X. Xxxxxx by law. |
||
| • | Survival. X.X. Xxxxxx’x obligations
under this provision shall survive the termination and expiration of
the Agreement. |
| • | Examination of Records. |
| o | During the Term and for thirty (30) days after termination or expiration of this Agreement, X.X. Xxxxxx shall implement and maintain backup processes sufficient to keep detailed, accurate and up-to-date accounts and records, including computer logs, of all information security activities carried out, and all costs and expenses for which GS must reimburse X.X. Xxxxxx, incurred in the performance of its information security obligations under this Agreement. Notwithstanding the foregoing, X.X. Xxxxxx shall retain such audit records for the time period required by X.X. Xxxxxx IT Policies and Standards. Upon GS’s request, and subject to the restrictions on Confidential Information set forth in this Agreement, X.X. Xxxxxx shall allow GS or its authorized representatives to examine and copy such accounts and records as GS determines may be relevant to information security issues and related expenses arising under this Agreement. Such examination and copying shall occur at reasonable intervals and upon reasonable notice during the Term and for thirty (30) days thereafter. Upon termination or expiration of this Agreement, X.X. Xxxxxx shall also provide GS with a then-current “snapshot” recordation on appropriate media of the accounts and records required to be made available for examination under this provision. |
| • | Information Security-Related Termination Rights |
| o | GS shall have the right to terminate immediately the GS-X.X. Xxxxxx Agreement on the occurrence of X.X. Xxxxxx’x failure to comply with this Exhibit, without penalty or charge to GS. |
Audit and Inspection by GS
| • | Audit Right. X.X. Xxxxxx shall keep detailed accounts and records of all activities carried out, and all costs and expenses incurred, in the performance of its obligations under this Agreement. Upon reasonable notice to X.X. Xxxxxx and during normal business hours, GS or the Funds or their designee has the to audit and verify the Fund’s Books and Records, X.X. Xxxxxx’x operating environment and other areas of service (including those of any subcontractors) to ensure, among other things, that X.X. Xxxxxx is maintaining adequate controls and security measures, that X.X. Xxxxxx’x xxxxxxxx to GS are correct, that reports relating to X.X. Xxxxxx’x performance are accurate and that X.X. Xxxxxx is otherwise complying with this Agreement. GS may conduct audit and verification reviews itself or with the assistance of a third party organization (provided that the third party organization executes a confidentiality agreement that contains protections for confidential information comparable to this Agreement), at GS’s expense. All audits shall be performed in a manner intended to minimize disruption to the parties’ respective businesses. All such audits and verifications may be conducted during the term of this Agreement and for a period of five (5) years] after the termination of this Agreement. | |
| • | Access. Without limiting the foregoing, X.X. Xxxxxx shall provide access, without limitation, to GS, its auditors (including internal audit staff), inspectors, regulators, consultants, and other representatives, to: (i) facilities where the services are being performed; (ii) personnel and subcontractors providing any of the services; and (iii) data and records in the possession of X.X. Xxxxxx relating to any of the services. The applicable GS and GS’s designees shall adhere to X.X. Xxxxxx’x customary security and safety policies. | |
| • | Cooperation. X.X. Xxxxxx shall assist the applicable GS’s auditors (including internal audit staff), inspectors, regulators, consultants and other representatives as is reasonably required. X.X. Xxxxxx shall cooperate fully with GS or its designees in connection with audit functions and with regard to examinations by regulatory authorities and shall, on a timely basis, furnish each with information requested. | |
| • | Categories of Audits. Audits and inspections shall be limited to information relating to the services, and may include: (i) X.X. Xxxxxx’x practices and procedures; (ii) X.X. Xxxxxx’x computer systems; (iii) X.X. Xxxxxx’x controls and security measures and procedures; (iv) X.X. Xxxxxx’x disaster recovery and back-up procedures; (v) any matter necessary to enable GS to meet requirements of law; (vi) X.X. Xxxxxx’x compliance with Applicable Levels of Service; (vii) Books and Records; and (viii) X.X. Xxxxxx’x procedures to maintain the confidentiality of GS’s Confidential Information. | |
| • | No interference. In no event shall GS while conducting audits and investigations materially interfere with X.X. Xxxxxx’x ability to perform its obligations under this Agreement or conduct its other operations in the ordinary course of business. | |
| • | Audit Expenses. GS shall bear its expenses relating to any audit performed under this provision; provided, however, if any such inspection reveals any invoice or payment has not been rendered or made in accordance with the terms of this Agreement and results in an overcharge to GS which results in a refund or credit of the overcharge, X.X. Xxxxxx |
| shall reimburse GS for its reasonable internal costs and external expenses in connection with any audit without prejudice to any other remedies or claims of GS. | ||
| • | Exit Conference. Following an audit or examination by GS, GS may (in its sole discretion) conduct (in the case of an internal audit), or request its external auditors or examiners to conduct, an exit conference with X.X. Xxxxxx to obtain X.X. Xxxxxx’x factual concurrence with issues identified in the review. |
Physical Security Procedures
Guidelines for minimum physical security measures to be implemented at service locations maintained
by X.X. Xxxxxx for services under this Agreement (“X.X. Xxxxxx Service Locations”).
Scope
X.X. Xxxxxx will maintain a Corporate Security Department that will manage the security and
life safety functions of the firm. The Corporate Security Department is expected to review
the security posture of every X.X. Xxxxxx Service Location and prepare a security plan based
upon X.X. Xxxxxx’x corporate standards and the policies detailed in this document.
Administration/Reporting
Security Responsibility
Every X.X. Xxxxxx Service Location, regardless of size, must have one person responsible for
security matters. An appropriate employee shall be given this assignment to maintain
reliability and assurance.
Duties, Location Security Representative: (All Locations)
Prepare a security plan (“Security Plan”) that conforms to the guidelines set forth in this
document and in those policies set forth by the Corporate Security Department.
Ensure that fire evacuation plans and any other crisis plans applicable to that X.X. Xxxxxx
Service Location, are viable and tested as required.
Maintain a file containing any material security related problems that occur in the X.X.
Xxxxxx Service Location; security and safety related issues in the building; and incidents
that occur in the city/country that relate to security/safety, of X.X. Xxxxxx, its
personnel, and its clients.
Report significant incidents to X.X. Xxxxxx corporate security in a timely manner. Track
and report on an ongoing basis those local incidents that denote a significant threat or
that may adversely affect X.X. Xxxxxx and/or the X.X. Xxxxxx Service Location.
Maintain the emergency contact lists for both local contacts and for internal X.X. Xxxxxx
notification.
Reports (All Locations)
| 1. | Security/safety reports shared by X.X. Xxxxxx with and as requested by GS may be redacted to exclude confidential customer information. However, all issues that relate to the general security/safety environment in the X.X. Xxxxxx Service Location could potentially affect GS interest and should be disclosed by the X.X. Xxxxxx. |
Corporate Security
| 1. | X.X. Xxxxxx Corporate Security shall maintain a central repository of copies of X.X. Xxxxxx Service Location security plans. | ||
| 2. | X.X. Xxxxxx Corporate Security may assist any X.X. Xxxxxx Service Location in developing its security plan. |
Physical Security
Access Control
The goal of a facility access control system and its procedure is to limit access to those who have
a legitimate reason for entering and to restrict the movement of visitors and X.X. Xxxxxx to those
parts of the facility where they have a legitimate purpose. In some cases this restriction will
apply to employees, as in the case of limiting access to a computer/equipment room, cage area or
segregated department.
It is highly recommended that X.X. Xxxxxx Service Locations utilize access control systems. All
X.X. Xxxxxx Service Locations that do not utilize and maintain functioning electronic access card
systems must be pre-approved by GS.
| 1. | Electronic Access Cards: |
| • | Can be used as an ID Card when required or desired. | ||
| • | Creates a record of persons entering access doors at all times. | ||
| • | Avoids the time and cost of replacing keys, locks, etc. |
| 2. | Receptionist: |
| a. | All X.X. Xxxxxx Service Locations should have a receptionist or security officer during working hours. | ||
| b. | All X.X. Xxxxxx Service Locations must have some means of controlling access after regular business hours when the receptionist or security officer is not present. |
| • | CCTV on access points. | ||
| • | Door locked and manually opened after hours upon presentation of ID by visitor to security officer or other employee. | ||
| • | Security Officer posted at entry points. |
Alarms
INTRUSION ALARMS: All X.X. Xxxxxx Service Locations must have an intrusion alarm system that, at a
minimum, protects all perimeter openings and major data center portals.
CCTV
The extent of CCTV required will be site-specific and determined on a case by case basis. However,
at a minimum:
| 1. | X.X. Xxxxxx Service Location entry points and major data center portals shall be covered by CCTV. | ||
| 2. | All cameras must be recorded with recorders located in a secure area and stored for a reasonable period. |
Visitors
Reception Areas
| 1. | No client or visitor should be allowed past the reception area unless they have been positively identified and the person to be visited has verified the appointment. | ||
| 2. | Doors from reception areas to X.X. Xxxxxx Service Location space should be kept locked and controlled by the receptionist or opened by the person escorting. |
Security Officers
| 1. | Security Officers are a X.X. Xxxxxx Service Location option. | ||
| 2. | X.X. Xxxxxx shall employ procedures for hiring Security Officers. |
Emergency Procedures
Fire/Evacuation Plan
| 1. | All X.X. Xxxxxx Service Locations must have a Fire/Evacuation Plan and must review it for personnel and other changes as required, minimally once a year. | ||
| 2. | Every X.X. Xxxxxx Service Location must be familiar with the building’s fire plan. X.X. Xxxxxx’x plan must then take this into consideration. X.X. Xxxxxx must conduct tests to ensure that employees recognize the fire alarm warning system. | ||
| 3. | All X.X. Xxxxxx Service Locations must have a fire alarm and suppression system that complies with local fire codes. |
Bomb Threat Procedure
| 1. | All X.X. Xxxxxx Service Locations must have a bomb threat response plan that provides for a rational response to a bomb threat. The most critical phase in the process is the assessment of the threat and the decision to evacuate. | ||
| 2. | The evacuation procedures for the bomb threat plan should mimic the fire evacuation procedures. |
Emergency Contact Lists
| 1. | All X.X. Xxxxxx Service Locations must maintain up to date Emergency Contact Lists. At a minimum these lists should be updated periodically as needed and should contain the following information: |
| • | A list containing the local X.X. Xxxxxx Service Location personnel who would be involved in security problems or other emergencies | ||
| • | All government agencies that could lend support during an emergency | ||
| • | Utilities | ||
| • | Repair personnel, etc. | ||
| • | A list containing all pertinent contact personnel at headquarters and at other regional X.X. Xxxxxx Service Locations |
Shredding Policy
| • | All X.X. Xxxxxx Service Locations must have an appropriate shredding policy and plan in place. |
