UNITED STATES
SECURITIES AND EXCHANGE COMMISSION
WASHINGTON, DC 20549
FORM 10-Q
| QUARTERLY REPORT PURSUANT TO SECTION 13 OR 15(d) OF THE SECURITIES EXCHANGE ACT OF 1934 | |||||
For the quarterly period ended June 30, 2022
OR
| TRANSITION REPORT PURSUANT TO SECTION 13 OR 15(d) OF THE SECURITIES EXCHANGE ACT OF 1934 | |||||
For the transition period from _________________ to _________________
Commission File Number: 001-38386
| (Exact Name of Registrant as Specified in its Charter) | |||||||||||
| (State or other jurisdiction of incorporation or organization) | (I.R.S. Employer Identification No.) | ||||||||||
| (Address of principal executive offices, including zip code) | |||||||||||
| (Registrant’s telephone number, including area code) | |||||||||||
| Securities registered pursuant to Section 12(b) of the Securities Exchange Act of 1934: | ||||||||
| Title of each class | Trading Symbol(s) | Name of each exchange on which registered | ||||||
Indicate by check mark whether the registrant (1) has filed all reports required to be filed by Section 13 or 15(d) of the Securities Exchange Act of 1934 during the preceding 12 months (or for such shorter period that the registrant was required to file such reports), and (2) has been subject to such filing requirements for the past 90 days. Yes ☒ No ☐
Indicate by check mark whether the registrant has submitted electronically every Interactive Data File required to be submitted pursuant to Rule 405 of Regulation S-T (§ 232.405 of this chapter) during the preceding 12 months (or for such shorter period that the registrant was required to submit such files). Yes ☒ No ☐
Indicate by check mark whether the registrant is a large accelerated filer, an accelerated filer, a non-accelerated filer, smaller reporting company, or an emerging growth company. See the definitions of “large accelerated filer,” “accelerated filer,” “smaller reporting company,” and “emerging growth company” in Rule 12b-2 of the Exchange Act.
| ☒ | Accelerated filer | ☐ | |||||||||||||||||||||
| Non-accelerated filer | ☐ | Smaller reporting company | |||||||||||||||||||||
| Emerging growth company | |||||||||||||||||||||||
If an emerging growth company, indicate by check mark if the registrant has elected not to use the extended transition period for complying with any new or revised financial accounting standards provided pursuant to Section 13(a) of the Exchange Act. ☐
Indicate by check mark whether the registrant is a shell company (as defined in Rule 12b-2 of the Exchange Act). Yes ☐ No ☒
As of July 31, 2022, there were 32,893,805 shares outstanding of the registrant’s common stock, par value $0.0001.
CARDLYTICS, INC.
QUARTERLY REPORT ON FORM 10-Q
TABLE OF CONTENTS
| Page | ||||||||
| PART I. | FINANCIAL INFORMATION | |||||||
| Item 1. | ||||||||
| Item 2. | ||||||||
| Item 3. | ||||||||
| Item 4. | ||||||||
| PART II. | OTHER INFORMATION | |||||||
| Item 1. | ||||||||
| Item 1A. | ||||||||
| Item 2. | ||||||||
| Item 6. | ||||||||
RISK FACTORS SUMMARY
Our business is subject to a number of risks and uncertainties, including those risks discussed at-length in the section below titled “Risk Factors.” These risks include, among others, the following:
Risks Related to our Business and Industry
•The ongoing COVID-19 pandemic could materially and adversely affect our business, results of operations and financial condition.
•Unfavorable conditions in the global economy or the industries we serve could limit our ability to grow our business and negatively affect our operating results.
•Our quarterly operating results have fluctuated and may continue to vary from period to period, which could result in our failure to meet expectations with respect to operating results and cause the trading price of our stock to decline.
•We may not be able to sustain our revenue and billings growth rate in the future.
•We are dependent upon the Cardlytics platform.
•If we fail to identify and respond effectively to rapidly changing technology and industry needs, our solutions may become less competitive or obsolete.
•We are substantially dependent on Chase, Bank of America, Wells Fargo and a limited number of other FI partners.
•The market in which we participate is competitive, and we may not be able to compete successfully with our current or future competitors.
•If we are unable to successfully integrate Dosh’s, Bridg’s and Entertainment's businesses and employees, it could have an adverse effect on our future results and the market price of our common stock.
•We have identified a material weakness in our internal control over financial reporting, and if our remediation of such material weakness is not effective, or if we fail to develop and maintain an effective system of disclosure controls and internal control over financial reporting, our ability to produce timely and accurate financial statements or comply with applicable laws and regulations could be impaired.
1
Risks Related to our Outstanding Convertible Senior Notes
•Servicing our debt may require a significant amount of cash. We may not have sufficient cash flow from our business to pay our indebtedness, and we may not have the ability to raise the funds necessary to settle for cash conversions of the Notes or to repurchase the Notes for cash upon a fundamental change, which could adversely affect our business and results of operations.
•We are subject to counterparty risk with respect to the Capped Calls.
Risks Related to Regulatory and Intellectual Property Matters
•Legislation and regulation of online businesses, including privacy and data protection regimes, are expansive, not clearly defined and rapidly evolving. Such regulation could create unexpected costs, subject us to enforcement actions for compliance failures, or restrict portions of our business or cause us to change our business model.
•Failure to protect our proprietary technology and intellectual property rights could substantially harm our business, financial condition and operating results.
Risks Related to Ownership of our Common Stock
•The market price of our common stock has been and is likely to continue to be volatile.
•Anti-takeover provisions in our charter documents and under Delaware law could make acquiring us more difficult, limit attempts by our stockholders to replace or remove our current management and limit the market price of our common stock.
PART I. FINANCIAL INFORMATION
ITEM 1. CONDENSED CONSOLIDATED FINANCIAL STATEMENTS
2
CARDLYTICS, INC.
CONDENSED CONSOLIDATED BALANCE SHEETS (UNAUDITED)
(Amounts in thousands, except par value amounts)
| December 31, 2021 | June 30, 2022 | ||||||||||
| Assets | |||||||||||
| Current assets: | |||||||||||
| Cash and cash equivalents | $ | $ | |||||||||
| Restricted cash | |||||||||||
| Accounts receivable and contract assets, net | |||||||||||
| Other receivables | |||||||||||
| Prepaid expenses and other assets | |||||||||||
| Total current assets | |||||||||||
| Long-term assets: | |||||||||||
| Property and equipment, net | |||||||||||
| Right-of-use assets under operating leases, net | |||||||||||
| Intangible assets, net | |||||||||||
| Goodwill | |||||||||||
| Capitalized software development costs, net | |||||||||||
| Other long-term assets, net | |||||||||||
| Total assets | $ | $ | |||||||||
| Liabilities and stockholders' equity | |||||||||||
| Current liabilities: | |||||||||||
| Accounts payable | $ | $ | |||||||||
| Accrued liabilities: | |||||||||||
| Accrued compensation | |||||||||||
| Accrued expenses | |||||||||||
| Partner Share liability | |||||||||||
| Consumer Incentive liability | |||||||||||
| Deferred revenue | |||||||||||
| Current operating lease liabilities | |||||||||||
| Current contingent consideration | |||||||||||
| Total current liabilities | |||||||||||
| Long-term liabilities: | |||||||||||
| Convertible senior notes, net | |||||||||||
| Long-term operating lease liabilities | |||||||||||
| Deferred liabilities | |||||||||||
| Long-term contingent consideration | |||||||||||
| Other long-term liabilities | |||||||||||
| Total liabilities | $ | $ | |||||||||
| Stockholders’ equity: | |||||||||||
Common stock, $0.0001 par value—100,000 shares authorized, and 33,534 and 32,883 shares issued and outstanding as of December 31, 2021 and June 30, 2022, respectively | $ | $ | |||||||||
| Additional paid-in capital | |||||||||||
| Accumulated other comprehensive income | |||||||||||
| Accumulated deficit | ( | ( | |||||||||
| Total stockholders’ equity | |||||||||||
| Total liabilities and stockholders’ equity | $ | $ | |||||||||
See notes to the condensed consolidated financial statements
3
CARDLYTICS, INC.
CONDENSED CONSOLIDATED STATEMENTS OF OPERATIONS (UNAUDITED)
(Amounts in thousands, except per share amounts)
| Three Months Ended June 30, | Six Months Ended June 30, | ||||||||||||||||||||||
| 2021 | 2022 | 2021 | 2022 | ||||||||||||||||||||
| Revenue | $ | $ | $ | $ | |||||||||||||||||||
| Costs and expenses: | |||||||||||||||||||||||
| Partner Share and other third-party costs | |||||||||||||||||||||||
| Delivery costs | |||||||||||||||||||||||
| Sales and marketing expense | |||||||||||||||||||||||
| Research and development expense | |||||||||||||||||||||||
| General and administration expense | |||||||||||||||||||||||
| Acquisition and integration costs (benefit) | ( | ||||||||||||||||||||||
| Change in fair value of contingent consideration | ( | ( | |||||||||||||||||||||
Goodwill impairment | |||||||||||||||||||||||
| Depreciation and amortization expense | |||||||||||||||||||||||
| Total costs and expenses | |||||||||||||||||||||||
| Operating loss | ( | ( | ( | ( | |||||||||||||||||||
| Other (expense) income: | |||||||||||||||||||||||
| Interest expense, net | ( | ( | ( | ( | |||||||||||||||||||
| Foreign currency (loss) gain | ( | ( | |||||||||||||||||||||
| Total other expense | ( | ( | ( | ( | |||||||||||||||||||
| Loss before income taxes | ( | ( | ( | ( | |||||||||||||||||||
| Income tax benefit | |||||||||||||||||||||||
| Net loss | ( | ( | ( | ( | |||||||||||||||||||
| Net loss attributable to common stockholders | $ | ( | $ | ( | $ | ( | $ | ( | |||||||||||||||
| Net loss per share attributable to common stockholders, basic and diluted | $ | ( | $ | ( | $ | ( | $ | ( | |||||||||||||||
| Weighted-average common shares outstanding, basic and diluted | |||||||||||||||||||||||
See notes to the condensed consolidated financial statements
4
CARDLYTICS, INC.
CONDENSED CONSOLIDATED STATEMENTS OF COMPREHENSIVE LOSS (UNAUDITED)
(Amounts in thousands)
| Three Months Ended June 30, | Six Months Ended June 30, | ||||||||||||||||||||||
| 2021 | 2022 | 2021 | 2022 | ||||||||||||||||||||
| Net loss | $ | ( | $ | ( | $ | ( | $ | ( | |||||||||||||||
| Other comprehensive (loss) income: | |||||||||||||||||||||||
| Foreign currency translation adjustments | ( | ( | |||||||||||||||||||||
| Total comprehensive loss | $ | ( | $ | ( | $ | ( | $ | ( | |||||||||||||||
See notes to the condensed consolidated financial statements
5
CARDLYTICS, INC.
CONDENSED CONSOLIDATED STATEMENTS OF STOCKHOLDERS’ EQUITY (UNAUDITED)
(Amounts in thousands)
Six Months Ended June 30, 2022:
| Additional Paid-In Capital | Accumulated Other Comprehensive (Loss) Income | Accumulated Deficit | Total | ||||||||||||||||||||||||||||||||
| Common Stock | |||||||||||||||||||||||||||||||||||
| Shares | Amount | ||||||||||||||||||||||||||||||||||
| Balance – December 31, 2021 | $ | $ | $ | $ | ( | $ | |||||||||||||||||||||||||||||
| Cumulative effect upon adoption of ASU 2020-06 | — | — | (51,417) | — | 11,312 | (40,105) | |||||||||||||||||||||||||||||
| Exercise of common stock options | — | — | — | ||||||||||||||||||||||||||||||||
| Stock-based compensation | — | — | — | — | |||||||||||||||||||||||||||||||
| Settlement of restricted stock | — | — | — | — | — | ||||||||||||||||||||||||||||||
| Common stock purchase consideration for the acquisition of Entertainment | 173 | — | 11,937 | — | — | 11,937 | |||||||||||||||||||||||||||||
| Issuance of common stock pursuant to the ESPP | — | — | — | ||||||||||||||||||||||||||||||||
| Repurchase and cancellation of common stock | ( | — | ( | — | — | ( | |||||||||||||||||||||||||||||
| Other comprehensive income | — | — | — | — | |||||||||||||||||||||||||||||||
| Net loss | — | — | — | — | ( | ( | |||||||||||||||||||||||||||||
| Balance – June 30, 2022 | $ | $ | $ | $ | ( | $ | |||||||||||||||||||||||||||||
Three Months Ended June 30, 2022:
| Additional Paid-In Capital | Accumulated Other Comprehensive Income | Accumulated Deficit | Total | ||||||||||||||||||||||||||||||||
| Common Stock | |||||||||||||||||||||||||||||||||||
| Shares | Amount | ||||||||||||||||||||||||||||||||||
| Balance – March 31, 2022 | $ | $ | $ | $ | ( | $ | |||||||||||||||||||||||||||||
| Exercise of common stock options | — | — | — | ||||||||||||||||||||||||||||||||
| Stock-based compensation | — | — | — | — | |||||||||||||||||||||||||||||||
| Settlement of restricted stock | — | — | — | — | — | ||||||||||||||||||||||||||||||
| Issuance of common stock pursuant to the ESPP | — | — | — | ||||||||||||||||||||||||||||||||
| Repurchase and cancellation of common stock | ( | — | ( | — | — | ( | |||||||||||||||||||||||||||||
| Other comprehensive income | — | — | — | — | |||||||||||||||||||||||||||||||
| Net loss | — | — | — | — | ( | ( | |||||||||||||||||||||||||||||
| Balance – June 30, 2022 | $ | $ | $ | $ | ( | $ | |||||||||||||||||||||||||||||
See notes to the condensed consolidated financial statements
6
Six Months Ended June 30, 2021:
| Additional Paid-In Capital | Accumulated Other Comprehensive Income | Accumulated Deficit | Total | ||||||||||||||||||||||||||||||||
| Common Stock | |||||||||||||||||||||||||||||||||||
| Shares | Amount | ||||||||||||||||||||||||||||||||||
| Balance – December 31, 2020 | $ | $ | $ | ( | $ | ( | $ | ||||||||||||||||||||||||||||
| Exercise of common stock options | — | — | — | ||||||||||||||||||||||||||||||||
| Stock-based compensation | — | — | — | — | |||||||||||||||||||||||||||||||
| Settlement of restricted stock | — | — | — | — | — | ||||||||||||||||||||||||||||||
| Issuance of common stock | — | — | — | 484,049 | |||||||||||||||||||||||||||||||
| Common stock purchase consideration for the acquisition of Dosh | — | — | — | ||||||||||||||||||||||||||||||||
| Fair value of assumed Dosh options attributable to pre-combination service | — | — | — | — | |||||||||||||||||||||||||||||||
| Fair value of assumed Bridg options attributable to pre-combination service | — | — | 840 | — | — | 840 | |||||||||||||||||||||||||||||
| Issuance of common stock pursuant to the ESPP | — | — | — | ||||||||||||||||||||||||||||||||
| Other comprehensive loss | — | — | — | ( | — | ( | |||||||||||||||||||||||||||||
| Net loss | — | — | — | — | ( | ( | |||||||||||||||||||||||||||||
| Balance – June 30, 2021 | $ | $ | $ | ( | $ | ( | $ | ||||||||||||||||||||||||||||
Three Months Ended June 30, 2021:
| Additional Paid-In-Capital | Accumulated Other Comprehensive Loss | Accumulated Deficit | Total | ||||||||||||||||||||||||||||||||
| Common Stock | |||||||||||||||||||||||||||||||||||
| Shares | Amount | ||||||||||||||||||||||||||||||||||
| Balance – March 31, 2021 | $ | $ | $ | ( | $ | ( | $ | ||||||||||||||||||||||||||||
| Exercise of common stock options | — | — | — | ||||||||||||||||||||||||||||||||
| Stock-based compensation | — | — | — | — | |||||||||||||||||||||||||||||||
| Settlement of restricted stock | — | — | — | — | — | ||||||||||||||||||||||||||||||
| Common stock purchase consideration for the acquisition of Dosh | — | — | — | ||||||||||||||||||||||||||||||||
| Fair value of assumed Dosh options attributable to pre-combination service | — | — | — | — | |||||||||||||||||||||||||||||||
| Issuance of common stock pursuant to the ESPP | — | — | — | ||||||||||||||||||||||||||||||||
| Other comprehensive loss | — | — | — | ( | — | ( | |||||||||||||||||||||||||||||
| Net loss | — | — | — | — | ( | ( | |||||||||||||||||||||||||||||
| Balance – June 30, 2021 | $ | $ | $ | ( | $ | ( | $ | ||||||||||||||||||||||||||||
See notes to the condensed consolidated financial statements
7
CARDLYTICS, INC.
CONDENSED CONSOLIDATED STATEMENTS OF CASH FLOWS (UNAUDITED)
(Amounts in thousands)
| Six Months Ended June 30, | |||||||||||
| 2021 | 2022 | ||||||||||
| Operating activities | |||||||||||
| Net loss | $ | ( | $ | ( | |||||||
| Adjustments to reconcile net loss to net cash used in operating activities: | |||||||||||
| Credit loss expense | |||||||||||
| Depreciation and amortization | |||||||||||
| Amortization of financing costs charged to interest expense | |||||||||||
| Accretion of debt discount and non-cash interest expense | |||||||||||
| Amortization of right-of-use assets | |||||||||||
| Stock-based compensation expense | |||||||||||
| Goodwill impairment | |||||||||||
| Change in fair value of contingent consideration | ( | ||||||||||
| Other non-cash (income) expense, net | ( | ||||||||||
| Deferred implementation costs | |||||||||||
| Income tax benefit | ( | ||||||||||
| Change in operating assets and liabilities: | |||||||||||
| Accounts receivable | |||||||||||
| Prepaid expenses and other assets | ( | ( | |||||||||
| Accounts payable | ( | ||||||||||
| Other accrued expenses | ( | ||||||||||
| Partner Share liability | ( | ( | |||||||||
| Consumer Incentive liability | ( | ( | |||||||||
| Net cash used in operating activities | ( | ( | |||||||||
| Investing activities | |||||||||||
| Acquisition of property and equipment | ( | ( | |||||||||
| Acquisition of patents | ( | ( | |||||||||
| Capitalized software development costs | ( | ( | |||||||||
| Business acquisition, net of cash acquired | ( | ( | |||||||||
| Net cash used in investing activities | ( | ( | |||||||||
| Financing activities | |||||||||||
| Principal payments of debt | ( | ( | |||||||||
| Proceeds from issuance of common stock | |||||||||||
| Deferred equity issuance costs | ( | ||||||||||
| Repurchase of common stock | ( | ||||||||||
| Debt issuance costs | ( | ( | |||||||||
| Net cash received from (used in) financing activities | ( | ||||||||||
| Effect of exchange rates on cash, cash equivalents and restricted cash | ( | ( | |||||||||
| Net decrease in cash, cash equivalents and restricted cash | ( | ( | |||||||||
| Cash, cash equivalents, and restricted cash — Beginning of period | |||||||||||
| Cash, cash equivalents, and restricted cash — End of period | $ | $ | |||||||||
See notes to the condensed consolidated financial statements
8
CARDLYTICS, INC.
CONDENSED CONSOLIDATED STATEMENTS OF CASH FLOWS (UNAUDITED)
(Amounts in thousands)
| Six Months Ended June 30, | |||||||||||
| 2021 | 2022 | ||||||||||
| Reconciliation of cash, cash equivalents and restricted cash to the condensed consolidated balance sheet: | |||||||||||
| Cash and cash equivalents | $ | $ | |||||||||
| Restricted cash | |||||||||||
| Total cash, cash equivalents and restricted cash — End of period | $ | $ | |||||||||
| Supplemental schedule of non-cash investing and financing activities: | |||||||||||
| Cash paid for interest | $ | $ | |||||||||
| Common stock purchase consideration for the acquisition of Dosh | $ | $ | |||||||||
| Common stock purchase consideration for acquisition of Entertainment | $ | — | $ | 11,937 | |||||||
| Amounts accrued for property and equipment and capitalized software development costs | $ | $ | |||||||||
See notes to the condensed consolidated financial statements
9
CARDLYTICS, INC.
NOTES TO CONDENSED CONSOLIDATED FINANCIAL STATEMENTS (UNAUDITED)
1.OVERVIEW OF BUSINESS AND BASIS OF PRESENTATION
Cardlytics, Inc. (“we,” “our,” “us,” the “Company,” or “Cardlytics”) is a Delaware corporation and was formed on June 26, 2008. We operate an advertising platform within our own and our partners' digital channels, which includes online, mobile applications, email, and various real-time notifications (the "Cardlytics platform"). We also operate a customer data platform that utilizes point-of-sale data, including product-level purchase data, to enable marketers, in a privacy-protective manner, to perform analytics and targeted loyalty marketing and to measure the impact of their marketing (the "Bridg platform"). The partners for the Cardlytics platform are predominantly financial institutions ("FI partners") that provide us with access to their anonymized purchase data and digital banking customers. The partners for the Bridg platform are merchants that provide us with access to their point-of-sale data, including product-level purchase data. By applying advanced analytics to the purchase data we receive, we make it actionable, helping marketers reach potential buyers at scale, and measure the true sales impact of their marketing spend. We have strong relationships with leading marketers across a variety of industries, including retail, restaurant, travel and entertainment, direct-to-consumer, and grocery and gas. Using our purchase intelligence, we present customers with offers to save money at a time when they are thinking of their finances.
We also operate through (1) Dosh Holdings, LLC, a wholly owned and operated subsidiary in the United States, (2) HSP EPI Acquisition, LLC ("Entertainment"), a wholly owned and operated subsidiary in the United States, (3) Cardlytics UK Limited, a wholly owned and operated subsidiary registered as a private limited company in England and Wales, and (4) Cardlytics Services India Private Limited, a wholly owned and operated subsidiary registered as a private limited company in India.
Unaudited Interim Results
The accompanying unaudited interim condensed consolidated financial statements and information have been prepared in accordance with generally accepted accounting principles in the United States (“GAAP”) and in accordance with the rules and regulations of the Securities and Exchange Commission. Accordingly, they do not include all of the information and disclosures required by GAAP for complete financial statements. During the three and six months ended June 30, 2021, a charge of $1.5 million was previously recognized in Change in fair value of contingent consideration and classified below Operating Loss in the Company’s Condensed Consolidated Statements of Operations. The classification of the charge has been corrected, such that the Change in fair value of contingent consideration is now classified within Operating Loss in the Company’s Condensed Consolidated Statements of Operations for the three and six months ended June 30, 2021. These corrections did not impact Loss before income taxes, Net loss and Net loss attributable to common stockholders in the Condensed Consolidated Statement of Operations and had no impact on the Company's Condensed Consolidated Balance Sheet, Condensed Consolidated Statements of Comprehensive Loss, Condensed Consolidated Statements of Stockholders’ Equity and Condensed Consolidated Statements of Cash Flows. In the opinion of management, these financial statements contain all normal and recurring adjustments considered necessary to present fairly the financial position, results of operations, and cash flows for the periods presented. The results for interim periods presented are not necessarily indicative of the results to be expected for the full year due to the seasonality of our business, which has been historically impacted by higher consumer spending during the fourth quarter. These condensed consolidated financial statements should be read in conjunction with the consolidated financial statements and related notes thereto included on our Annual Report on Form 10-K ("Annual Report") and Form 10-K/A for the fiscal year ended December 31, 2021.
Stock Repurchases
On May 11,2022, our Board of Directors authorized a stock repurchase program to repurchase up to $40.0 million of our common stock. From May 11 to June 30, 2022, we paid $40.0 million to repurchase 1,405,655 shares of our common stock at an average cost of $28.44 per share and immediately canceled the repurchased shares.
Restructuring
During the three months ended June 30, 2022, we began a strategic shift within our organization to migrate certain data and applications to a cloud computing environment. This transition resulted in severance and medical benefits totaling $1.0 million, as a result of a headcount reduction because cloud hosting improved data management efficiencies. This expense is included in Delivery costs on our Consolidated Statement of Operations.
Acquisitions
On January 7, 2022, we purchased Entertainment for $13.0 million in equity at an agreed-upon price of $66.52 per share, subject to $1.1 million of fair value adjustments based on the acquisition close date, and $2.3 million in cash, subject to $0.4 million of adjustments, for an acquisition date fair value of $14.6 million.
10
On May 5, 2021, we completed the acquisition of Bridg for purchase consideration of $578.9 million. The purchase consideration consisted of a $350.0 million cash purchase price, subject to $2.8 million of adjustments and escrows, and contingent consideration with a fair value of $230.9 million at the time of the acquisition related to additional potential future payments. At least 30% of the potential future payments will be in cash, with the remainder to be paid in cash or our common stock, at our option.
On March 5, 2021, we completed the acquisition of Dosh for purchase consideration of $277.6 million in a combination of cash and common stock. The total purchase consideration consisted of a $150.0 million cash purchase price, subject to $6.6 million of adjustments and escrows, and $125.0 million of shares of our common stock at an agreed-upon price of $136.33 per share, subject to $7.6 million of fair value adjustments based upon our close date, for an acquisition date fair value of $117.4 million.
Refer to Note 3 - Business Combinations for further information.
Public Offering of Common Stock
On March 5, 2021, we closed a public equity offering in which we sold 3,850,000 shares of common stock at a public offering price of $130.00 per share for total gross proceeds of $500.5 million. We received total net proceeds of $484.0 million after deducting underwriting discounts and commissions of $16.3 million and offering costs of $0.2 million.
Use of Estimates
The preparation of financial statements in conformity with GAAP requires management to make estimates and assumptions that affect the reported amounts of assets and liabilities and disclosure of contingent assets and liabilities at the date of the consolidated financial statements. Significant items subject to such estimates and assumptions include revenue recognition, internal-use software development costs, stock-based compensation, allowance for doubtful accounts, valuation of acquired intangible assets, valuation of contingent consideration for Bridg, goodwill impairment, income tax including valuation allowance and contingencies. We base our estimates on historical experience and on assumptions that we believe are reasonable. Changes in facts or circumstances may cause us to change our assumptions and estimates in future periods and it is possible that actual results could differ from our current or revised future estimates.
Leases
We have various non-cancellable operating and finance leases for our office spaces, data centers and operational assets with lease periods expiring between 2022 and 2025.
Lease assets and liabilities, net, are as follows (in thousands):
| Lease Type | Consolidated Balance Sheets Location | December 31, 2021 | June 30, 2022 | ||||||||||||||
| Operating lease assets | Right-of-use assets under operating leases, net | $ | $ | ||||||||||||||
| Finance lease assets | Property and equipment, net | ||||||||||||||||
| Total lease assets | |||||||||||||||||
| Operating lease liabilities, current | Current operating lease liabilities | ||||||||||||||||
| Operating lease liabilities, long-term | Long-term operating lease liabilities | ||||||||||||||||
| Finance lease liabilities, current | Accrued expenses | ||||||||||||||||
| Finance lease liabilities, long-term | Other long-term liabilities | ||||||||||||||||
| Total lease liabilities | $ | $ | |||||||||||||||
Impacts of COVID-19 Pandemic
The COVID-19 pandemic resulted in a global slowdown of economic activity that disrupted supply and demand for a broad variety of goods and services and consumer discretionary spending, and increased inflationary pressure, including spending by consumers with our marketers. Estimates and assumptions about future events and their effects cannot be determined with certainty and therefore require the exercise of judgment. Actual results could differ from those estimates and any such differences may be material to our financial statements. Due to continuing uncertainty regarding the severity and duration of the impacts of COVID-19 on the global economy, we will continue to monitor this situation and the potential impacts to our business.
11
2. SIGNIFICANT ACCOUNTING POLICIES AND RECENT ACCOUNTING STANDARDS
Significant Accounting Policies
There have been no changes to our significant accounting policies, other than the standards adopted below. These unaudited interim condensed consolidated financial statements have been prepared on a basis consistent with that used to prepare our audited annual consolidated financial statements for the year ended December 31, 2021, and include, in the opinion of management, all adjustments, consisting of normal recurring items, necessary for the fair statement of the condensed consolidated financial statements.
Recently Adopted Accounting Pronouncements
In August 2020, the FASB issued ASU 2020-06, Debt—Debt with Conversion Options (“Subtopic 470-20”) and Derivatives and Hedging—Contracts in Entity’s Own Equity (“Subtopic 815-40”), which simplifies the accounting for certain financial instruments with characteristics of liabilities and equity, including convertible instruments and contracts on an entity's own equity. ASU 2020-06 also improves and amends the related Earnings Per Share guidance for both Subtopics. The ASU is part of the FASB's simplification initiative, which aims to reduce unnecessary complexity in U.S. GAAP, as it removes the requirement to bifurcate our Convertible Senior Notes (the "Notes") into a separate liability and equity component. As a result, it more closely aligns the effective interest rate with the coupon rate of the Notes. ASU 2020-06 is effective for annual reporting periods beginning after December 15, 2021. On January 1, 2022, we adopted this standard using the modified retrospective method which allowed for a cumulative-effect adjustment to the opening balance sheet without restating prior periods. As we did not elect the fair value option in the process, the Notes, net of issuance costs, are accounted for as a single liability measured at amortized cost. Upon adoption, we recorded a decrease in accumulated deficit of $11.3 million, an increase to convertible senior notes, net of $40.1 million and a decrease to additional paid in capital of $51.4 million. Refer to Note 6, “Debt and Financing Arrangements” for further information about the Notes.
In October 2021, the FASB issued ASU 2021-08, Business Combinations (Topic 805): Accounting for Contract Assets and Contract Liabilities from Contracts with Customers, which require an entity (acquirer) to recognize and measure contract assets and contract liabilities acquired in a business combination in accordance with Topic 606. At the acquisition date, an acquirer should account for the related revenue contracts in accordance with Topic 606 as if it had originated the contracts. Under current GAAP, an acquirer generally recognizes assets acquired and liabilities assumed in a business combination, including contract assets and contract liabilities arising from revenue contracts with customers and other similar contracts that are accounted for in accordance with Topic 606, at fair value on the acquisition date. ASU 2020-08 will be effective for annual reporting periods beginning after December 15, 2022, including interim periods within those fiscal years. Early adoption of the amendments is permitted, including adoption in an interim period. On January 1, 2022 we early adopted this standard with no material impact to our financial statements.
12
3. BUSINESS COMBINATIONS
Our acquisitions were accounted for as business combinations and the total purchase consideration of each was allocated to the net tangible and intangible assets and liabilities acquired based on their fair values on the acquisition dates with the remaining amounts recorded as goodwill. The values assigned to the assets acquired and liabilities assumed are based on preliminary estimates of fair value available as of the date of this Quarterly Report on Form 10-Q may be adjusted during the measurement period for each acquisition of up to 12 months from the dates of acquisition as further information becomes available. Any changes in the fair values of the assets acquired and liabilities assumed during the measurement period may result in adjustments to goodwill.
During the three and six months ended June 30, 2021 we incurred $14.2 million and $21.2 million of costs in connection with our acquisitions, respectively. During the three and six months ended June 30, 2022 we incurred $2.2 million cost and $2.4 million of benefit in connection with our acquisitions, respectively. These costs are included in acquisition and integration costs (benefit) on our condensed consolidated statements of operations and primarily represent legal, accounting and broker fees. The results of Entertainment have been included in the consolidated financial statements since its date of acquisition. For the three and six months ended June 30, 2022, Entertainment's combined revenue included in the consolidated statement of operations was approximately 3 % of consolidated revenue, respectively. Due to the continued integration of the combined businesses, it was impractical to determine the earnings.
For the acquisitions of Dosh, Bridg and Entertainment, as applicable, the estimated fair values of merchant relationships, partner relationships, and the card-linked subscriber base were determined using the replacement cost method and lost profits, as applicable, which required us to estimate the costs to recreate an asset of equivalent utility at prices available at the time of the valuation analysis and the lost profits over the period of time to recreate the asset. Trade names were valued using the "relief-from-royalty" approach. This method assumes that trademarks and trade names have value to the extent that their owner is relieved of the obligation to pay royalties for the benefits received from them. This method required us to estimate the future revenues for the related brands, the appropriate royalty rates and the weighted-average costs of capital. Developed technology for Entertainment was valued using the replacement cost method, which required us to estimate the costs to recreate an asset of equivalent utility at prices available at the time of the valuation analysis. Developed technology for Dosh and Bridg was valued using the excess earnings method, an income approach. Under the excess earnings method, the fair value of an intangible asset is equal to the present value of the asset’s projected incremental after-tax cash flows (excess earnings) remaining after deducting the market rates of return on the estimated value of contributory assets (contributory charge) over its remaining useful life.
Acquisition of Entertainment
On January 7, 2022, we completed the acquisition of Entertainment for purchase consideration of $14.6 million, as presented below (in thousands):
| January 7, 2022 | |||||
| Fair value of common stock transferred | $ | ||||
| Cash paid to extinguish acquiree debt | |||||
| Cash paid to settle pre-acquisition liabilities and acquiree deal-related costs | |||||
| Cash paid to membership interest holders | 24 | ||||
| Cash receivable from membership interest holders pursuant to finalization of net working capital | (61) | ||||
| Total purchase consideration | $ | ||||
The following table presents the preliminary purchase consideration allocation recorded on our condensed consolidated balance sheet as of the acquisition date (in thousands):
| January 7, 2022 | |||||
| Cash and cash equivalents | $ | ||||
| Accounts receivable and other assets | |||||
| Intangible assets | |||||
| Goodwill | |||||
| Accounts payable and other liabilities | ( | ||||
| Total purchase consideration | $ | ||||
13
The goodwill was primarily attributed to the value of future synergies created with our current and future offerings. Goodwill is not expected to be deductible for income tax purposes. During the second quarter of 2022, we recorded a measurement period adjustment of $0.1 million cash to be received from membership interest holders related to the finalization of net working capital amounts in accordance with the Entertainment membership interest purchase agreement.
The following table presents the components of identifiable intangible assets acquired and their estimated useful lives as of the date of acquisition (dollars in thousands):
| Fair Value | Useful life (in years) | ||||||||||
| Trade name | $ | ||||||||||
| Developed technology | |||||||||||
| Merchant relationships | |||||||||||
Acquisition of Bridg
On May 5, 2021, we completed the acquisition of Bridg for purchase consideration of $578.9 million, as presented below (in thousands):
| May 5, 2021 | |||||
| Cash paid to common and preferred stockholders, warrant holders and vested option holders | $ | ||||
| Cash paid to extinguish acquiree debt | |||||
| Cash paid to settle pre-acquisition liabilities and acquiree deal-related costs | |||||
| Fair value of contingent consideration | |||||
| Fair value of assumed options attributable to pre-combination service | |||||
| Total purchase consideration | $ | ||||
The following table presents the purchase consideration allocation recorded on our condensed consolidated balance sheet as of the acquisition date (in thousands):
| May 5, 2021 | |||||
| Cash and cash equivalents | $ | ||||
| Accounts receivable and other assets | |||||
| Intangible assets | |||||
| Goodwill | |||||
| Accounts payable and other liabilities | ( | ||||
| Deferred tax liabilities | ( | ||||
| Total purchase consideration | $ | ||||
The goodwill was primarily attributed to the value of future growth expected for the Bridg platform and of synergies created with our current and future offerings. Goodwill is not expected to be deductible for income tax purposes. During the three months ended June 30, 2022, management determined that it was necessary to perform an interim impairment test for Goodwill, and as a result of our test, we recognized a goodwill impairment of $83.1 million on the Bridg Platform reporting unit. Refer to Note 4 - Goodwill and Acquired Intangibles for more information. During the second quarter of 2022, we recorded a measurement period adjustment to our income tax provision resulting in $1.4 million income tax benefit reflected on our consolidated statement of operations. Deferred tax liabilities for Bridg primarily related to acquired intangible assets.
As a part of this acquisition, we have agreed to make a First Anniversary Payment equal to 20 times the ARR based on the month preceding the anniversary, less $12.5 million, and a Second Anniversary Payment equal to 15 times the ARR for customers as of the first anniversary based on the month preceding the second anniversary, less the prior ARR at the first anniversary. The Second Anniversary Payment is subject to a specified cap. We have agreed to pay at least 30% of the First Anniversary Payment and the Second Anniversary Payment in cash, with the remainder to be paid in cash or our common stock, at our option. As of June 30, 2022, the fair value of the brokerage fee of the First Anniversary Payment is $6.9 million and the fair value of the brokerage fee of the Second Anniversary Payment is $6.6 million, reflected in accrued expenses on our condensed consolidated balance sheet.
14
The following table presents the components of identifiable intangible assets acquired and their estimated useful lives as of the date of acquisition (dollars in thousands):
| Fair Value | Useful life (in years) | ||||||||||
| Trade name | $ | ||||||||||
| Developed technology | |||||||||||
| Merchant relationships | |||||||||||
Acquisition of Dosh
On March 5, 2021, we completed our acquisition of Dosh for purchase consideration of $277.6 million, as presented below (in thousands):
| March 5, 2021 | |||||
| Cash paid to common and preferred stockholders, warrant holders and vested option holders | $ | ||||
| Cash paid to extinguish acquiree debt | |||||
| Cash paid to settle pre-acquisition liabilities and acquiree deal-related costs | |||||
| Fair value of common stock transferred | |||||
| Fair value of assumed options attributable to pre-combination service | |||||
| Total purchase consideration | $ | ||||
The following table presents the purchase consideration allocation recorded on our condensed consolidated balance sheet as of the acquisition date (in thousands):
| March 5, 2021 | |||||
| Cash and cash equivalents | $ | ||||
| Accounts receivable and other assets | |||||
| Intangible assets | |||||
| Goodwill | |||||
| Accounts payable and other liabilities | ( | ||||
| Consumer Incentive liability | ( | ||||
| Deferred tax liabilities | ( | ||||
| Total purchase consideration | $ | ||||
The goodwill was primarily attributed to the value of synergies created with the Company’s current and future offerings and of future growth expected from the labor force of Dosh. Goodwill is not expected to be deductible for income tax purposes.
The following table presents the components of identifiable intangible assets acquired and their estimated useful lives as of the date of acquisition (dollars in thousands):
| Fair Value | Useful life (in years) | ||||||||||
| Trade name | $ | ||||||||||
| Developed technology | |||||||||||
| Merchant relationships | |||||||||||
| Partner relationships | |||||||||||
| Card-linked subscriber user base | $ | ||||||||||
15
Pro forma consolidated results of operations
The following unaudited pro forma financial information presents combined results of operations for the period presented as if the acquisition of Entertainment had been completed on January 1, 2021 and the acquisitions of Dosh and Bridg had been completed on January 1, 2020. The pro forma information includes adjustments to depreciation expense for property and equipment acquired, to amortize expense for the intangible assets acquired, and to eliminate the acquisition transaction expenses recognized in the period. The pro forma financial information is for informational purposes only and is not necessarily indicative of the consolidated results of operations of the combined business had the acquisitions actually occurred on January 1, 2021 and January 1, 2020, respectively, or the results of future operations of the combined business. For instance, planned or expected operational synergies following the acquisition are not reflected in the pro forma information. Consequently, actual results will differ from the unaudited pro forma information presented below.
| Six Months Ended June 30, | |||||||||||
| 2021 | 2022 | ||||||||||
| (in thousands) | |||||||||||
| Revenue | $ | $ | |||||||||
| Net loss | $ | ( | $ | ( | |||||||
4. GOODWILL AND ACQUIRED INTANGIBLES
The changes in the carrying amount of goodwill for the six months ended June 30, 2022 are as follows (in thousands):
| Cardlytics Platform | Bridg Platform | Consolidated | |||||||||||||||
Balance as of December 31, 2021 | $ | $ | $ | ||||||||||||||
| Goodwill additions due to acquisition of Entertainment | |||||||||||||||||
| Measurement period adjustments | (61) | 1,445 | 1,384 | ||||||||||||||
| Goodwill impairments | — | (83,149) | (83,149) | ||||||||||||||
Balance as of June 30, 2022 | $ | $ | $ | ||||||||||||||
As a result of the sustained decline in our stock price during the three months ended June 30, 2022, we determined that it was necessary to perform an interim impairment test for goodwill as of June 30, 2022. The impairment test included determining whether the estimated fair value of each reporting unit exceeds its carrying value. If the carrying value exceeds the fair value of the reporting unit, the amount of impairment would equal the excess carrying value. As a result of our impairment test, we determined that the carrying value of the Bridg Platform reporting unit exceeded its fair value, and consequently, we recognized a goodwill impairment of $83.1 million.
The methods of determining fair value of the reporting units includes a combination between the income approach and the market approach. Key assumptions in applying the income approach includes determining appropriate revenue growth rates and margins, the timing of expected future cash flows and applying an appropriate discount rate that addresses the risk associated with the uncertainty of expected future cash flows. Key assumptions in applying the market approach includes determining appropriate guideline peer groups and public transaction revenue multiples. We believe that our procedures for determining fair value for each reporting unit are reasonable and consistent with current market conditions as of the testing date. However, markets are currently volatile and future developments are difficult to predict. If the markets that impact our business deteriorates, we could recognize further goodwill or other impairment charges.
16
| Cost | Accumulated Amortization | Net | Weighted Average Remaining Useful Life | |||||||||||||||||||||||
| (in thousands) | (in years) | |||||||||||||||||||||||||
| Trade name | $ | $ | ( | $ | ||||||||||||||||||||||
| Developed technology | ( | |||||||||||||||||||||||||
| Merchant relationships | ( | |||||||||||||||||||||||||
| Partner relationships | ( | |||||||||||||||||||||||||
| Card-linked subscriber user base | ( | |||||||||||||||||||||||||
| Total other intangible assets | $ | $ | ( | $ | ||||||||||||||||||||||
Amortization expense of acquired intangibles during the three and six months ended June 30, 2022 was $7.2 million and $14.4 million, respectively.
Acquired intangible assets subject to amortization as of December 31, 2021 were as follows:
| Cost | Accumulated Amortization | Net | Weighted Average Remaining Useful Life | |||||||||||||||||||||||
| (in thousands) | (in years) | |||||||||||||||||||||||||
| Trade name | $ | 2,700 | $ | (753) | $ | 1,947 | 2.1 | |||||||||||||||||||
| Developed technology | 91,000 | (11,026) | 79,974 | 5.3 | ||||||||||||||||||||||
| Merchant relationships | 32,000 | (4,900) | 27,100 | 4.2 | ||||||||||||||||||||||
| Partner relationships | 2,000 | (235) | 1,765 | 6.2 | ||||||||||||||||||||||
| Card-linked subscriber user base | 17,000 | (2,798) | 14,202 | 4.2 | ||||||||||||||||||||||
| Total other intangible assets | $ | 144,700 | $ | (19,712) | $ | 124,988 | ||||||||||||||||||||
As of June 30, 2022, we expect amortization expense in future periods to be as follows (in thousands):
| Amount | ||||||||
| 2022 (remainder of year) | $ | |||||||
| 2023 | ||||||||
| 2024 | ||||||||
| 2025 | ||||||||
| 2026 | ||||||||
| Thereafter | ||||||||
| Total expected future amortization expense | $ | |||||||
5. REVENUE
The Cardlytics Platform
The Cardlytics platform is our proprietary native bank advertising channel that enables marketers to reach consumers through the FIs' trusted and frequently visited digital banking channels. Working with the marketer, we design a campaign that targets customers based on their purchase history. The consumer is offered an incentive to make a purchase from the marketer within a specified period. We use a portion of the fees that we collect from marketers to provide these consumer incentives to our FIs’ customers after they make qualifying purchases ("Consumer Incentives"). Leveraging our powerful purchase intelligence platform, we are able to create compelling Consumer Incentives that have the potential to increase return on advertising spend for marketers and measure the effectiveness of the advertising. Consumer Incentives totaled $26.5 million and $32.3 million during the three months ended June 30, 2021 and 2022, respectively, and totaled $49.6 million and $62.6 million during the six months ended June 30, 2021 and 2022, respectively. We pay certain partners a negotiated and fixed percentage of our billings to marketers less any Consumer Incentives that we pay to partners’ customers and certain third-party data costs ("Partner Share"). Revenue on our consolidated statements of operation is presented net of Consumer Incentives and gross of Partner Share.
17
We price our advertising campaigns predominantly in two ways: (1) Cost per Served Sale (“CPS”), and (2) Cost per Redemption (“CPR”).
•CPS. Our primary pricing model is CPS, which we created to meet the media-buying preferences of marketers. We generate revenue by charging a percentage of all purchases from the marketer by consumers who (1) are served marketing, and (2) subsequently make a purchase from the marketer during the campaign period, regardless of whether consumers select the marketing and thereby becomes eligible to earn the applicable Consumer Incentive. We set CPS rates for marketers based on our expectation of the marketer’s return on advertising spend for the relevant campaign. Additionally, we set the amount of the Consumer Incentives payable for each campaign based on our estimation of our ability to drive incremental sales for the marketer.
•CPR. Under our CPR pricing model, marketers generally specify and fund the Consumer Incentive and pay us a separate negotiated, fixed marketing fee for each purchase that we generate. We generally generate revenue if the consumer (1) is served marketing, (2) selects the marketing and thereby becomes eligible to earn the applicable Consumer Incentive, and (3) makes a qualifying purchase from the marketer during the campaign period. We set the CPR fee for marketers based on our estimation of the marketers’ return on spend for the relevant campaign.
The following table summarizes revenue from the Cardlytics platform by pricing model (in thousands):
| Three Months Ended June 30, | Six Months Ended June 30, | ||||||||||||||||||||||
| 2021 | 2022 | 2021 | 2022 | ||||||||||||||||||||
| Cost per Served Sale | $ | $ | $ | $ | |||||||||||||||||||
| Cost per Redemption | |||||||||||||||||||||||
| Other | |||||||||||||||||||||||
| Cardlytics platform revenue | $ | $ | $ | $ | |||||||||||||||||||
The Bridg platform generates revenue through the sale of subscriptions to our cloud-based customer-data platform and the delivery of professional services, such as implementation, onboarding, data analytics and technical support in connection with each subscription. We recognize subscription revenue on a ratable basis over the contract term beginning on the date that our service is made available to the customer. For non-recurring services or transactional based fees dependent on system usage, revenue is recognized as services are delivered. Our subscription contracts are generally 6 to 36 months in duration and are generally billed in advance on a monthly, quarterly or annual basis.
The following table summarizes revenue from the Bridg platform (in thousands):
| Three Months Ended June 30, | Six Months Ended June 30, | ||||||||||||||||||||||
| 2021 | 2022 | 2021 | 2022 | ||||||||||||||||||||
| Subscription revenue | $ | $ | $ | 1,999 | $ | 10,047 | |||||||||||||||||
| Other revenue | 91 | 33 | |||||||||||||||||||||
Bridg platform revenue(1) | $ | $ | $ | 2,090 | $ | 10,080 | |||||||||||||||||
(1)Bridg was acquired May 5, 2021, Refer to Note 3 - Business Combinations for more information.
18
The following table summarizes contract balances from the Bridg platform (in thousands):
| Contract Balance Type | Consolidated Balance Sheets Location | December 31, 2021 | June 30, 2022 | |||||||||||||||||
| Contract assets, current | Accounts receivable and contract assets, net | $ | $ | |||||||||||||||||
| Contract assets, long-term | Other long-term assets, net | |||||||||||||||||||
| Total contract assets | $ | $ | ||||||||||||||||||
| Contract liabilities, current | Deferred revenue | $ | $ | |||||||||||||||||
| Contract liabilities, long-term | Long-term deferred revenue | |||||||||||||||||||
| Total contract liabilities | $ | $ | ||||||||||||||||||
During the six months ended June 30, 2022, we recognized $0.7 million of revenue related to amounts that were included in deferred revenue as of December 31, 2021.
The following information represents the total transaction price for the remaining performance obligations as of June 30, 2022 related to contracts expected to be recognized over future periods. This includes deferred revenue on our consolidated balance sheets and contracted amounts that will be invoiced and recognized as revenue in future periods. As of June 30, 2022, we had $24.5 million of remaining performance obligations, of which $17.4 million is expected to be recognized in the next twelve months , with the remaining amount recognized thereafter. The remaining performance obligations exclude future transaction revenue of variable consideration that are allocated to wholly unsatisfied distinct services that form part of a single performance obligation and meets certain variable allocation criteria.
6. DEBT AND FINANCING ARRANGEMENTS
2020 Convertible Senior Notes
On September 22, 2020, we issued convertible senior notes with an aggregate principal amount of $230.0 million bearing an interest rate of 1.00 % due in 2025 (the “Notes”), including the exercise in full of the initial purchasers’ option to purchase up to an additional $30.0 million principal amount of the Notes. The Notes were issued pursuant to an indenture, dated September 22, 2020 (the “Indenture”), between us and U.S. Bank National Association, as trustee.
The net proceeds from this offering were $222.7 million, after deducting the initial purchasers’ discounts and commissions and the offering expenses payable by us. We used $26.5 million of the net proceeds to pay the cost of the capped call transactions described below.
The Notes are general senior, unsecured obligations and will mature on September 15, 2025, unless earlier converted, redeemed or repurchased. The Notes bear interest at a rate of 1.00 % per year, payable semiannually in arrears on March 15 and September 15 of each year, which began on March 15, 2021. The Notes are convertible at the option of the holders at any time prior to the close of business on the business day immediately preceding June 15, 2025, only under the following circumstances: (1) during any calendar quarter commencing after the calendar quarter ending on December 31, 2020 (and only during such calendar quarter), if the last reported sale price of our common stock, for at least 20 trading days (whether or not consecutive) during a period of 30 consecutive trading days ending on, and including, the last trading day of the immediately preceding calendar quarter is greater than or equal to 130 % of the conversion price for the Notes on each applicable trading day; (2) during the five business day period after any ten consecutive trading day period (the “measurement period”) in which the trading price (as defined in the Indenture) per $1,000 principal amount of the Notes for each trading day of the measurement period was less than 98 % of the product of the last reported sale price of common stock and the conversion rate for the Notes on each such trading day; (3) if we call such Notes for redemption, at any time prior to the close of business on the scheduled trading day immediately preceding the redemption date; or (4) upon the occurrence of specified corporate events as set forth in the Indenture. The closing trading price of our common stock was not in excess of 130 % of the conversion price for more than 20 trading days during the preceding 30 consecutive trading days as of June 30, 2022, thus the Notes are not convertible at the option of the holders during the quarter ending September 30, 2022. The Notes may be convertible thereafter if one or more of the conversion conditions is satisfied during future measurement periods. On or after June 15, 2025 until the close of business on the second scheduled trading day immediately preceding the maturity date, holders of the Notes may convert all or any portion of their Notes at any time, regardless of the foregoing circumstances. Upon conversion, we may satisfy our conversion obligation by paying and/or delivering, as the case may be, cash, shares of common stock or a combination of cash and shares of common stock, at our election, in the manner and subject to the terms and conditions provided in the Indenture. We currently intend to settle the principal amount of the Notes with cash.
19
The conversion rate for the Notes will initially be 11.7457 shares of common stock per $1,000 principal amount of Notes, which is equivalent to an initial conversion price of approximately $85.14 per share of common stock. The conversion rate for the Notes is subject to adjustment under certain circumstances in accordance with the terms of the Indenture. In addition, following certain corporate events that occur prior to the maturity date of the Notes or if we deliver a notice of redemption in respect of the Notes, we will, in certain circumstances, increase the conversion rate of the Notes for a holder who elects to convert its Notes in connection with such a corporate event or convert its notes called for redemption during the related redemption period (as defined in the Indenture), as the case may be.
We may not redeem the Notes prior to September 20, 2023. We may redeem for cash all or any portion of the Notes, at our option, on or after September 20, 2023 and prior to the 36 th scheduled trading day immediately preceding the maturity date, if the last reported sale price of our common stock has been at least 130 % of the conversion price for the Notes then in effect for at least 20 trading days (whether or not consecutive) during any 30 consecutive trading day period (including the last trading day of such period) ending on, and including, the trading day immediately preceding the date on which we provide notice of redemption at a redemption price equal to 100 % of the principal amount of the Notes to be redeemed, plus accrued and unpaid interest to, but excluding, the redemption date. No sinking fund is provided for the Notes. If we elect to redeem less than all of the Notes, at least $75.0 million aggregate principal amount of Notes must be outstanding and not subject to redemption as of the relevant redemption notice date.
If we undergo a Fundamental Change (as defined in the Indenture), then, except as set forth in the Indenture, holders may require, subject to certain exceptions, us to repurchase for cash all or any portion of their Notes at a fundamental change repurchase price equal to 100 % of the principal amount of the Notes to be repurchased, plus accrued and unpaid interest to, but excluding, the fundamental change repurchase date.
The Indenture includes customary covenants and sets forth certain events of default after which the Notes may be declared immediately due and payable and sets forth certain types of bankruptcy or insolvency events of default involving us after which the Notes become automatically due and payable. The following events are considered “events of default” under the Indenture:
•default in any payment of interest on any Note when due and payable and the default continues for a period of 30 days;
•default in the payment of principal of any Note when due and payable at its stated maturity, upon optional redemption, upon any required repurchase, upon declaration of acceleration or otherwise;
•failure by us to comply with our obligation to convert the Notes in accordance with the Indenture upon exercise of a holder’s conversion right, and such failure continues for business days;
•failure by us to give a fundamental change notice, notice of a make-whole fundamental change or notice of a specified corporate event, in each case when due and such failure continues for business day;
•failure by us to comply with its obligations in respect of any consolidation, merger or sale of assets;
•failure by us to comply with any of our other agreements in the Notes or the Indenture for 60 days after written notice of such failure from the trustee or the holders of at least 25 % in principal amount of the Notes then outstanding;
•default by us or any of our significant subsidiaries (as defined in the Indenture) with respect to any mortgage, agreement or other instrument under which there may be outstanding, or by which there may be secured or evidenced, any indebtedness for money borrowed in excess of $35,000,000 (or its foreign currency equivalent), in the aggregate of us and/or any such significant subsidiary, whether such indebtedness now exists or shall hereafter be created, (i) resulting in such indebtedness becoming or being declared due and payable prior to its stated maturity date or (ii) constituting a failure to pay the principal of any such indebtedness when due and payable (after the expiration of all applicable grace periods) at its stated maturity, upon required repurchase, upon declaration of acceleration or otherwise, and in the cases of clauses (i) and (ii), such acceleration shall not have been rescinded or annulled or such failure to pay or default shall not have been cured or waived, or such indebtedness is not paid or discharged, as the case may be, within 30 days after written notice to us by the trustee or to us and the trustee by holders of at least 25 % in aggregate principal amount of the Notes then outstanding in accordance with the Indenture; and
•certain events of bankruptcy, insolvency or reorganization of us or any of our significant subsidiaries.
20
If certain bankruptcy and insolvency-related events of default with respect to us occur, the principal of, and accrued and unpaid interest on, all of the then outstanding Notes shall automatically become due and payable. If an event of default with respect to the Notes, other than certain bankruptcy and insolvency-related events of default with respect to us, occurs and is continuing, the trustee by notice to us or the holders of at least 25 % in principal amount of the outstanding Notes by notice to us and the trustee, may, and the trustee at the request of such holders shall, declare the principal of, and accrued and unpaid interest on, all of the then-outstanding Notes to be due and payable. Notwithstanding the foregoing, the Indenture provides that, to the extent we so elect, the sole remedy for an event of default relating to certain failures by us to comply with certain reporting covenants in the Indenture will, for the first 365 days after the occurrence of such event of default, consist exclusively of the right to receive additional interest on the Notes at a rate equal to 0.25 % per annum of the principal amount of the Notes outstanding for each day during the first 180 days after the occurrence of such an event of default and 0.50 % per annum of the principal amount of the Notes outstanding from the 181 st day to, and including, the 365 th day following the occurrence of such event of default, as long as such event of default is continuing (in addition to any additional interest that may accrue as a result of a registration default (as set forth in the Indenture).
The Indenture provides that we shall not consolidate with or merge with or into, or sell, convey, transfer or lease all or substantially all of the consolidated properties and assets of our subsidiaries, taken as a whole, to, another person (other than any such sale, conveyance, transfer or lease to one or more of our direct or indirect wholly owned subsidiaries), unless: (i) the resulting, surviving or transferee person (if not us) is a corporation organized and existing under the laws of the United States of America, any State thereof or the District of Columbia, and such corporation (if not us) expressly assumes by supplemental indenture all of our obligations under the Notes and the Indenture; and (ii) immediately after giving effect to such transaction, no default or event of default has occurred and is continuing under the Indenture.
The Notes were historically accounted for in accordance with FASB ASC Subtopic 470-20, Debt with Conversion and Other Options. Pursuant to ASC Subtopic 470-20, issuers of certain convertible debt instruments, such as the Notes, that have a net settlement feature and may be settled wholly or partially in cash upon conversion are required to separately account for the liability (debt) and equity (conversion option) components of the instrument. The carrying amount of the liability component of the instrument was computed using a discount rate of 6.50 %, which was determined by estimating the fair value of a similar liability without the conversion option. The amount of the equity component is then calculated by deducting the fair value of the liability component from the principal amount of the instrument. The difference between the principal amount and the liability component represents a debt discount that is amortized to interest expense over the respective term of the Notes using the effective interest rate method. The equity component is not remeasured as long as it continues to meet the conditions for equity classification. In accounting for the issuance costs related to the Notes, the allocation of issuance costs incurred between the liability and equity components was based on their relative values.
On January 1, 2022, we adopted ASU 2020-06, Debt—Debt with Conversion Options (“Subtopic 470-20”) and Derivatives and Hedging—Contracts in Entity’s Own Equity (“Subtopic 815-40”), which removes the requirement to bifurcate the Notes into a separate liability and equity component, using the modified retrospective method which allowed for a cumulative-effect adjustment to the opening balance sheet without restating prior periods. As we did not elect the fair value option in the process, the Notes, net of issuance costs, are accounted for as a single liability measured at amortized cost. Upon adoption, we recorded a decrease in accumulated deficit of $11.3 million, an increase to convertible senior notes of $40.2 million and a decrease to additional paid in capital of $51.5 million.
The net carrying amount of the liability component of the Notes was as follows (in thousands), giving effect to the adoption of ASU 2020-06 on January 1, 2022:
| December 31, 2021 | June 30, 2022 | ||||||||||
| Principal | $ | $ | |||||||||
| Minus: Unamortized debt discount | ( | ||||||||||
| Minus: Unamortized issuance costs | ( | ( | |||||||||
| Net carrying amount of the liability component | $ | $ | |||||||||
21
Prior to the adoption of ASU 2020-06, the net carrying amount of the equity component of the Notes was as follows (in thousands):
| December 31, 2021 | |||||
| Proceeds allocated to the conversion options (debt discount) | $ | 53,096 | |||
| Minus: Issuance costs | (1,680) | ||||
| Net carrying amount of the equity component | $ | 51,416 | |||
Interest expense recognized related to the Notes is as follows (in thousands):
| Three Months Ended June 30, | Six Months Ended June 30, | ||||||||||||||||||||||
| 2021 | 2022 | 2021 | 2022 | ||||||||||||||||||||
| Contractual interest expense (due in cash) | $ | $ | $ | 1,150 | $ | 1,150 | |||||||||||||||||
| Amortization of debt discount | 4,680 | — | |||||||||||||||||||||
| Amortization of debt issuance costs | 422 | 730 | |||||||||||||||||||||
| Total interest expense related to the Notes | $ | $ | $ | 6,252 | $ | 1,880 | |||||||||||||||||
| Effective interest rate | 5.48 | % | 1.64 | % | 5.44 | % | 1.64 | % | |||||||||||||||
Capped Call Transactions
In connection with the issuance of the Notes, we entered into privately negotiated capped call transactions (the "Capped Calls") with an affiliate of one of the initial Note purchasers and certain other financial institutions. The Capped Calls are intended to reduce potential dilution to our common stock upon any conversion of Notes and/or offset any cash payments we are required to make in excess of the principal amount of converted Notes, as the case may be. The Capped Calls are recorded in stockholders' equity and are not accounted for as derivatives. The cost of $26.5 million incurred to purchase the Capped Calls was recorded as a reduction to additional paid-in capital in the accompanying condensed consolidated balance sheet.
The Capped Calls each have an initial strike price of $85.14 per share, subject to certain adjustments, which corresponds to the initial conversion price of the Notes. The Capped Calls have an initial cap price of $128.51 per share, subject to certain adjustments.
2018 Loan Facility
In April 2022, we amended our loan facility with Pacific Western Bank (the "2018 Loan Facility") to increase the capacity of our asset-backed revolving line of credit (the "2018 Line of Credit") from $50.0 million to $60.0 million upon the completion of the bank's audit and an option to increase to $75.0 million upon syndication. As of June 30, 2022 the bank’s audit was complete. This amendment also extended the maturity date of the 2018 Loan Facility from December 31, 2022 to April 29, 2024. As part of this amendment, the former cash covenant, as described below, was removed and was replaced with a requirement to maintain a minimum level of adjusted contribution and a $25.0 million adjusted cash minimum.
In December 2020, we amended our 2018 Loan Facility to increase the capacity of our 2018 Line of Credit from $40.0 million to $50.0 million. This amendment also extended the maturity date of the 2018 Loan Facility from May 14, 2021 to December 31, 2022. Prior to the December 2020 amendment, the 2018 Loan Facility contained moving trailing 12-month billing covenants, which ranged from $210.0 million to $255.0 million, during the term of the facility. The former terms of the 2018 Loan Facility also required us to maintain a total cash balance plus liquidity under the 2018 Line of Credit of not less than $5.0 million. Effective with the December 2020 amendment, the former billings and liquidity covenants were removed and were replaced with a requirement to maintain a cash to funded senior debt ratio under the 2018 Line of Credit of 1.25 :1.00.
We have made no borrowings or repayments on the 2018 Line of Credit during the six months ended June 30, 2022. As of June 30, 2022, we had no outstanding borrowings on our 2018 Line of Credit and had $60.0 million of unused borrowings available. Under the terms of the 2018 Line of Credit, we are able to borrow up to the lesser of $60.0 million or 85 % of the amount of our eligible accounts receivable. Interest on advances bears an interest rate equal to the prime rate or 4.75 % as of June 30, 2022. In addition, we are required to pay an unused line fee of 0.15 % per annum on the average daily unused amount of the $60.0 million revolving commitment. We believe that we are compliant with all financial covenants as of June 30, 2022.
22
7. STOCK-BASED COMPENSATION
Our 2018 Equity Incentive Plan ("2018 Plan") became effective in February 2018. Prior to the 2018 Plan, we granted awards under our 2008 Stock Plan ("2008 Plan"). Any awards granted under the 2008 Plan remain subject to the terms of our 2008 Plan and applicable award agreements, and shares subject to awards granted under our 2008 Plan that are forfeited, canceled or expired prior to vesting become available for use under our 2018 Plan. As of December 31, 2021, there were 2,033,227 shares of our common stock reserved for issuance under our 2018 Plan. The number of shares of our common stock reserved for issuance under our 2018 Plan will automatically increase on January 1 of each year, beginning on January 1, 2019 and continuing through and including January 1, 2028, by 5 % of the total number of shares of our capital stock outstanding on December 31 of the preceding calendar year or a lesser number of shares determined by our board of directors. Accordingly, the number of shares of our common stock reserved for issuance under our 2018 Plan increased by 1,676,682 shares on January 1, 2022.
The following table summarizes the allocation of stock-based compensation in the condensed consolidated statements of operations (in thousands):
| Three Months Ended June 30, | Six Months Ended June 30, | ||||||||||||||||||||||
| 2021 | 2022 | 2021 | 2022 | ||||||||||||||||||||
| Delivery costs | $ | $ | $ | $ | |||||||||||||||||||
| Sales and marketing expense | |||||||||||||||||||||||
| Research and development expense | |||||||||||||||||||||||
| General and administration expense | |||||||||||||||||||||||
| Total stock-based compensation expense | $ | $ | $ | $ | |||||||||||||||||||
During the six months ended June 30, 2021 and 2022, we capitalized $0.4 million and $0.8 million of stock-based compensation expense for software development, respectively.
Common Stock Options
Options to purchase shares of common stock generally vest over four years and expire 10 years following the date of grant. The following table summarizes changes in common stock options:
| Shares (in thousands) | Weighted-Average Exercise Price | Weighted Average Contractual Life (in years) | Aggregate Intrinsic Value(1) (in thousands) | ||||||||||||||||||||
| Options outstanding — December 31, 2021 | $ | ||||||||||||||||||||||
| Exercised | ( | $ | |||||||||||||||||||||
| Options outstanding and exercisable — June 30, 2022 | $ | $ | |||||||||||||||||||||
(1)For options exercised during the period, the aggregate intrinsic value represents the total pre-tax intrinsic value received by option holders based on the closing price of our common stock as reported on the Nasdaq Global Market on the exercise date. For options outstanding and exercisable at June 30, 2022, the aggregate intrinsic value represents the total pre-tax intrinsic value based on the $22.31 per share closing price of our common stock as reported on the Nasdaq Global Market on June 30, 2022, that would have been received by option holders had all in-the-money options been exercised on that date.
As of June 30, 2022, all options were fully vested, and there is no unamortized stock-based compensation expense.
Common Stock Options from Bridg Acquisition
In connection with the acquisition of Bridg, each unvested option to purchase shares of Bridg common stock outstanding as of the acquisition date was converted to unvested options to purchase shares of our common stock. These awards were granted under the Ecinity, Inc. 2012 Equity Incentive Plan ("Bridg Plan") and were separately registered with the Securities and Exchange Commission on Form S-8 on August 3, 2021. The maximum aggregate number of shares of our common stock that may be issued upon exercise of these awards is 21,797 shares, and we do not expect to grant any additional awards under the Bridg Plan. The converted awards retain the same terms and conditions as the awards granted by Bridg prior to the acquisition. The awards have remaining vesting periods ranging from less than one year to four years .
23
The following table summarizes changes in common stock options from the Bridg acquisition:
| Shares (in thousands) | Weighted-Average Exercise Price | Weighted Average Contractual Life (in years) | Aggregate Intrinsic Value (in thousands)(1) | ||||||||||||||||||||
| Options outstanding — December 31, 2021 | $ | ||||||||||||||||||||||
| Exercised | ( | ||||||||||||||||||||||
| Forfeited | ( | ||||||||||||||||||||||
| Options outstanding — June 30, 2022 | |||||||||||||||||||||||
| Exercisable — June 30, 2022 | $ | ||||||||||||||||||||||
(1)For options exercised during the period, the aggregate intrinsic value represents the total pre-tax intrinsic value received by option holders based on the closing price of our common stock as reported on the Nasdaq Global Market on the exercise date. For options outstanding and exercisable at June 30, 2022, the aggregate intrinsic value represents the total pre-tax intrinsic value based on the $22.31 per share closing price of our common stock as reported on the Nasdaq Global Market on June 30, 2022, that would have been received by option holders had all in-the-money options been exercised on that date.
The total fair value of options vested during the six months ended June 30, 2022 was less than $0.1 million. As of June 30, 2022, unamortized stock-based compensation expense related to unvested common stock options was $0.1 million, and the weighted-average period over which such stock-based compensation expense will be recognized was 1.7 years.
Common Stock Options from Dosh Acquisition
In connection with the acquisition of Dosh, each unvested option to purchase shares of Dosh common stock outstanding as of the acquisition date was converted to unvested options to purchase shares of our common stock. These awards were granted under the Dosh Holdings, Inc. 2017 Stock Incentive Plan ("Dosh Plan") and were separately registered with the Securities and Exchange Commission on Form S-8 on April 9, 2021. The maximum aggregate number of shares of our common stock that may be issued upon exercise of these awards is 104,098 shares, and we do not expect to grant any additional awards under the Dosh Plan. The converted awards retain the same terms and conditions as the awards granted by Dosh prior to the acquisition. The awards have remaining vesting periods ranging from less than one year to four years .
The following table summarizes changes in common stock options from the Dosh acquisition:
| Shares (in thousands) | Weighted-Average Exercise Price | Weighted Average Contractual Life (in years) | Aggregate Intrinsic Value (in thousands)(1) | ||||||||||||||||||||
| Options outstanding — December 31, 2021 | $ | ||||||||||||||||||||||
| Exercised | ( | $ | |||||||||||||||||||||
| Forfeited | ( | ||||||||||||||||||||||
| Options outstanding — June 30, 2022 | $ | ||||||||||||||||||||||
| Exercisable — June 30, 2022 | $ | ||||||||||||||||||||||
(1)For options exercised during the period, the aggregate intrinsic value represents the total pre-tax intrinsic value received by option holders based on the closing price of our common stock as reported on the Nasdaq Global Market on the exercise date. For options outstanding and exercisable at June 30, 2022, the aggregate intrinsic value represents the total pre-tax intrinsic value based on the $22.31 per share closing price of our common stock as reported on the Nasdaq Global Market on June 30, 2022, that would have been received by option holders had all in-the-money options been exercised on that date.
The total fair value of options vested during the six months ended June 30, 2022 was $0.5 million. As of June 30, 2022, unamortized stock-based compensation expense related to unvested common stock options was $1.5 million, and the weighted-average period over which such stock-based compensation expense will be recognized was 1.8 years.
24
Restricted Stock Units
We grant restricted stock units ("RSUs") to employees and our non-employee directors. The following table summarizes changes in RSUs, inclusive of performance-based RSUs:
| Shares (in thousands) | Weighted-Average Grant Date Fair Value | Weighted-Average Remaining Contractual Term (in years) | Unamortized Compensation Costs (in thousands) | ||||||||||||||||||||
| Unvested — December 31, 2021 | $ | ||||||||||||||||||||||
| Granted | |||||||||||||||||||||||
| Vested | ( | ||||||||||||||||||||||
| Forfeited | ( | ||||||||||||||||||||||
| Unvested — June 30, 2022 | $ | $ | |||||||||||||||||||||
During the six months ended June 30, 2022, we granted 1,803,409 RSUs to employees and executives, which have vesting periods ranging from immediately vesting to four years .
Subsequent to June 30, 2022, we granted 575,592 RSUs to employees and executives, which have vesting periods of to four years . Unamortized stock-based compensation expense related to these RSUs totaled $7.6 million.
Performance-based RSUs
In April 2019, we granted 1,252,500 performance-based restricted stock units (“2019 PSUs”). The 2019 PSUs are composed of four equal tranches, each of which have an independent performance-based vesting condition. The vesting criteria for the four tranches are as follows:
•a minimum growth rate in adjusted contribution over a trailing 12-month period ("Adjusted Contribution target"),
•a minimum number of advertisers that are billed above a specified amount over a trailing 12-month period ("Number of Advertisers target"),
•a minimum cumulative adjusted EBITDA target over a trailing 12-month period ("Adjusted EBITDA target"), and
•a minimum trailing 30-day average closing price of our common stock ("Stock Price target").
The vesting conditions of each of the four tranches must be achieved within four years of the grant date. Upon a vesting event, 50 % of the related tranche vests immediately, 25 % of the related tranche vests six months after the achievement date and 25 % of the related tranche vests 12 months after the achievement date. Adjusted EBITDA and adjusted contribution are performance metrics defined within Item 2. "Management's Discussion and Analysis of Financial Condition and Results of Operations." The compensation committee of our board of directors certified the attainment of the Stock Price target, Adjusted EBITDA target, Number of Advertisers target and Adjusted Contribution target in August 2019, November 2019, October 2021 and December 2021, respectively, resulting in a vesting of 50% of each respective tranche upon the certifications. 25% of each respective tranche has vested or will vest upon the six month anniversary of the achievement date, and 25% of each respective tranche has vested or will vest upon the 12 month anniversary of the achievement date, subject to the continued service of the participant.
In April 2020, we granted 476,608 performance-based restricted stock units ("2020 PSUs"), of which 443,276 units have a performance-based vesting condition based on a minimum average revenue per user ("ARPU") target over a trailing 12 -month33,332 units have the same performance-based vesting conditions as the 2019 PSUs described above that were unmet at the time. ARPU is a performance metric defined within Item 2. "Management's Discussion and Analysis of Financial Condition and Results of Operations." The ARPU vesting condition must be achieved within four years of the grant date. Upon the vesting event, 50 % of the award vests immediately, 25 % of the award vests six months after achievement date and 25 % of the award vests 12 months after the achievement date.
In April 2021, we granted 110,236 performance-based restricted stock units ("2021 PSUs") consisting of two tranches. The first tranche consists of 55,118 units that have a performance-based vesting condition based on a minimum revenue target over a trailing 12-month period. The units in this first tranche fully vest upon achievement. The second tranche consists of 55,118 units with a performance-based vesting condition based on a different minimum revenue target over a trailing 12-month period. Half of the units in the second tranche vest upon achievement and the remaining units vest six months after the achievement date, subject to continued service. Each performance-based vesting condition within the two tranches must be achieved within four years of the grant date and are subject to certification by the compensation committee of our board of directors.
25
In July 2021, we granted 34,344 performance-based restricted stock units ("Bridg PSUs") which have performance-based vesting conditions based on the achievement of a minimum ARR target by the first anniversary of the Bridg acquisition. Vesting is tied to the percentage of the ARR target achieved during the specified period with 50 % of the units vesting between 80 % - 99.999 % achievement and 100 % of the units vesting upon 100 % achievement. If these percentages are not met, no Bridg PSUs will vest.
In September 2021, we granted 6,666 PSUs which have the same unmet vesting condition of the 2020 PSUs, 6,667 PSUs which have the same unmet revenue target vesting condition of the 2021 PSUs and 6,667 PSUs which have the same unmet different revenue target vesting condition of the 2021 PSUs as described above.
In March 2022, we granted 269,202 performance-based restricted stock units ("2022 PSUs") consisting of three tranches. The first two tranches each represent 25 % of the grant, and each vest upon the achievement of certain milestones related to the installation of our Ad Server at our FI Partners. 50 % of the third tranche vests upon the achievement of a certain number of advertisers purchasing both the Cardlytics and Bridg platforms at a target incremental billings amount over 2021, and the remaining 50 % of the tranche vests six months after this target is achieved.
Subsequent to June 30, 2022, we granted 100,990 PSUs to employees and executives, which vest on the achievement of specific revenue-based performance metrics. Unamortized stock-based compensation expense related to these PSUs totaled $1.3 million.
We believe that the achievement of all of the above referenced performance-based vesting conditions are probable before the awards' respective expiration dates.
Employee Stock Purchase Plan
Our 2018 Employee Stock Purchase Plan ("2018 ESPP") enables eligible employees to purchase shares of our common stock at a discount. Purchases are accomplished through participation in discrete offering periods. On each purchase date, participating employees purchase our common stock at a price per share equal to 85 % of the lesser of the fair market value of our common stock on the first trading day of the offering period or the date of purchase.
8. FAIR VALUE MEASUREMENTS
We record the fair value of assets and liabilities in accordance with ASC 820, Fair Value Measurement (“ASC 820”). ASC 820 defines fair value as the price received to sell an asset or paid to transfer a liability in an orderly transaction between market participants at the measurement date and in the principal or most advantageous market for that asset or liability. The fair value should be calculated based on assumptions that market participants would use in pricing the asset or liability, not on assumptions specific to the entity.
In addition to defining fair value, ASC 820 expands the disclosure requirements around fair value and establishes a fair value hierarchy for valuation inputs. The hierarchy prioritizes the inputs into three levels based on the extent to which inputs used in measuring fair value are observable in the market. Each fair value measurement is reported in one of the three levels, which is determined by the lowest level input that is significant to the fair value measurement in its entirety.
These levels are:
•Level 1 - quoted prices (unadjusted) in active markets for identical assets or liabilities.
•Level 2 - quoted prices for similar assets and liabilities in active markets or inputs that are observable for the asset or liability, either directly or indirectly through market corroboration, for substantially the full term of the financial instrument.
•Level 3 - unobservable inputs reflecting management’s own assumptions about the inputs used in pricing the asset or liability at fair value.
26
Contingent consideration for the acquisition of Bridg
The contingent consideration for the acquisition of Bridg is composed of the First Anniversary Payment and the Second Anniversary Payment. The fair value of contingent consideration in connection with the Bridg acquisition is as follows (in thousands):
| December 31, 2021 | |||||||||||||||||||||||
| Level 1 | Level 2 | Level 3 | Total | ||||||||||||||||||||
| Liabilities: | |||||||||||||||||||||||
| Current contingent consideration | $ | $ | $ | $ | |||||||||||||||||||
| Long-term contingent consideration | |||||||||||||||||||||||
| Total liabilities | $ | $ | $ | $ | |||||||||||||||||||
| June 30, 2022 | |||||||||||||||||||||||
| Level 1 | Level 2 | Level 3 | Total | ||||||||||||||||||||
| Liabilities: | |||||||||||||||||||||||
| Current contingent consideration | $ | $ | $ | $ | |||||||||||||||||||
| Total liabilities | $ | $ | $ | $ | |||||||||||||||||||
The following table shows a reconciliation of the beginning and ending fair value measurements of our contingent consideration, which we have valued using level 3 inputs:
| Three Months Ended June 30, | Six Months Ended June 30, | ||||||||||||||||||||||
| 2021 | 2022 | 2021 | 2022 | ||||||||||||||||||||
| Beginning balance | $ | $ | $ | $ | |||||||||||||||||||
| Increase due to acquisition | |||||||||||||||||||||||
| Unrealized loss (gain) due to change in fair value | ( | $ | ( | ||||||||||||||||||||
| Ending balance | $ | $ | $ | $ | |||||||||||||||||||
The fair value of the First Anniversary Payment is equal to 20 times the ARR of the month preceding the anniversary, less $12.5 million. We expect to settle 70% of the First Anniversary Payment using our common stock at an agreed-upon volume-weighted average price of $40.15 per share, and we have revalued this portion of the First Anniversary Payment based on the $22.31 per share closing price of our common stock as reported on the Nasdaq Global Market on June 30, 2022.
In order to determine the fair value of the Second Anniversary Payment, equal to 15 times the ARR of the month preceding the second anniversary, less the First Anniversary ARR, we simulated forecasted revenue using a revenue volatility assumption from comparable market data. We then determined the appropriate discount rate for the assumed cash component and used a Monte Carlo simulation for the assumed stock component. The assumptions used in preparing this model includes estimates such as revenue volatility, revenue discount rate, weighted average cost of capital, and our common stock volatility.
The following table summarizes key assumptions used for estimating the fair value of the contingent consideration:
| June 30, 2022 | |||||
| Revenue volatility | % | ||||
| Revenue discount rate | % | ||||
| Weighted average cost of capital | % | ||||
| Common stock volatility | % | ||||
| Portion to be paid in cash | % | ||||
27
9. COMMITMENTS AND CONTINGENCIES
Implementation Costs
Agreements with certain partners have historically required us to fund the development of specific enhancements, pay for certain implementation fees, or make milestone payments upon the deployment of our solution. Amounts paid to our partners are included in deferred implementation costs, net on our condensed consolidated balance sheets the earlier of when paid or earned and are amortized over the remaining term of the related contractual arrangements. Amortization is included in Partner Share and other third-party costs on our condensed consolidated statements of operations and is presented in deferred implementation costs on our condensed consolidated statement of cash flows.
The following table summarizes changes in deferred implementation costs (in thousands):
| Three Months Ended June 30, | Six Months Ended June 30, | ||||||||||||||||||||||
| 2021 | 2022 | 2021 | 2022 | ||||||||||||||||||||
| Beginning balance | $ | $ | $ | $ | |||||||||||||||||||
| Amortization | ( | ( | |||||||||||||||||||||
| Ending balance | $ | $ | $ | $ | |||||||||||||||||||
We have minimum Partner Share commitment to a certain FI partner totaling $10.0 million over a 12-month period which began on April 1, 2022. To the extent that this commitment is expected to exceed the amount of Partner Share otherwise payable to such FI partner in the absence of such commitment, we accrue any expected shortfall over the commitment period. We accrued for zero and $0.9 million of expected minimum Partner Share commitment shortfalls as of December 31, 2021 and June 30, 2022, respectively.
Other Commitments
In March 2022, we entered into a cloud hosting arrangement guaranteeing an aggregate spend of $7.2 million over the first twelve months of the arrangement.
Litigation
From time to time, we may become involved in legal actions arising in the ordinary course of business including, but not limited to, intellectual property infringement and collection matters. We make assumptions and estimates concerning the likelihood and amount of any potential loss relating to these matters using the latest information available. We record a liability for litigation if an unfavorable outcome is probable and the amount of loss or range of loss can be reasonably estimated. If an unfavorable outcome is probable and a reasonable estimate of the loss is a range, we accrue the best estimate within the range. If no amount within the range is a better estimate than any other amount, we accrue the minimum amount within the range. If an unfavorable outcome is probable but the amount of the loss cannot be reasonably estimated, we disclose the nature of the litigation and indicates that an estimate of the loss or range of loss cannot be made. If an unfavorable outcome is reasonably possible and the estimated loss is material, we disclose the nature and estimate of the possible loss of the litigation. We do not disclose information with respect to litigation where an unfavorable outcome is considered to be remote or where the estimated loss would not be material. Based on current expectations, such matters, both individually and in the aggregate, are not expected to have a material adverse effect on our liquidity, results of operations, business or financial condition.
28
10. EARNINGS PER SHARE
Diluted net loss per share is the same as basic net loss per share for the three and six months ended June 30, 2021 and 2022 because the effects of potentially dilutive items were anti-dilutive, given our net losses during these periods. The following securities as of June 30, 2021 and 2022 have been excluded from the calculation of diluted weighted-average common shares outstanding because the effect is anti-dilutive (in thousands):
| June 30, | |||||||||||
| 2021 | 2022 | ||||||||||
| Common stock options | |||||||||||
| Convertible Senior Notes | |||||||||||
| Unvested restricted stock units | |||||||||||
| Common stock issuable pursuant to the ESPP | |||||||||||
11. SEGMENTS
As of June 30, 2022, we have three operating segments: the Cardlytics platform in the U.S., the Cardlytics platform in the U.K. and the Bridg platform, as determined by the information that our Chief Executive Officer, who we consider our chief operating decision-maker ("CODM"), uses to make strategic goals and operating decisions. Our Cardlytics platform operating segments in the U.S. and U.K. represent our proprietary advertising channels and are aggregated into one reportable segment given their similar economic characteristics, nature of service, types of customers and method of distribution. Subsequent to the acquisition of Bridg, our CODM began reviewing Bridg's revenue and operating expenses. Therefore, we consider the Bridg platform to be a separate operating segment. Our CODM allocates resources to, and evaluates the performance of, our operating segments based on revenue and adjusted contribution. Our CODM does not review assets by operating segment for the purposes of evaluating performance or allocating resources.
The following tables provide information regarding the Cardlytics platform and the Bridg platform reportable segments (in thousands):
| Three Months Ended June 30, | Six Months Ended June 30, | ||||||||||||||||||||||
| 2021 | 2022 | 2021 | 2022 | ||||||||||||||||||||
| Cardlytics platform | |||||||||||||||||||||||
| Adjusted contribution | $ | $ | $ | $ | |||||||||||||||||||
Plus: Adjusted Partner Share and other third-party costs(1) | |||||||||||||||||||||||
| Revenue | $ | $ | $ | $ | |||||||||||||||||||
| Bridg platform | |||||||||||||||||||||||
| Adjusted contribution | $ | $ | $ | $ | |||||||||||||||||||
Plus: Adjusted Partner Share and other third-party costs(1) | |||||||||||||||||||||||
| Revenue | $ | $ | $ | $ | |||||||||||||||||||
| Total | |||||||||||||||||||||||
| Adjusted contribution | $ | $ | $ | $ | |||||||||||||||||||
Plus: Adjusted Partner Share and other third-party costs(1) | |||||||||||||||||||||||
| Revenue | $ | $ | $ | $ | |||||||||||||||||||
(1)Adjusted Partner Share and other third-party costs presented above represents GAAP Partner Share and other third-party data costs less deferred implementation costs, which is detailed below in our reconciliation of GAAP (loss) income before income taxes to adjusted contribution.
29
Adjusted Contribution
Adjusted contribution measures the degree by which revenue generated from our marketers exceeds the cost to obtain the purchase data and the digital advertising space from our partners. Adjusted contribution demonstrates how incremental marketing spend on our platforms generates incremental amounts to support our sales and marketing, research and development, general and administration and other investments. Adjusted contribution is calculated by taking our total revenue less our Partner Share and other third-party costs exclusive of deferred implementation costs, which is a non-cash cost. Adjusted contribution does not take into account all costs associated with generating revenue from advertising campaigns, including sales and marketing expenses, research and development expenses, general and administrative expenses and other expenses, which we do not take into consideration when making decisions on how to manage our advertising campaigns.
The following table presents a reconciliation of loss before income taxes presented in accordance with GAAP to adjusted contribution (in thousands):
| Three Months Ended June 30, | Six Months Ended June 30, | ||||||||||||||||||||||
| 2021 | 2022 | 2021 | 2022 | ||||||||||||||||||||
| Adjusted contribution | $ | $ | $ | $ | |||||||||||||||||||
| Minus: | |||||||||||||||||||||||
Deferred implementation costs(1) | |||||||||||||||||||||||
| Delivery costs | |||||||||||||||||||||||
| Sales and marketing expense | |||||||||||||||||||||||
| Research and development expense | |||||||||||||||||||||||
| General and administration expense | |||||||||||||||||||||||
| Acquisition and integration costs (benefit) | ( | ||||||||||||||||||||||
| Change in fair value of contingent consideration | ( | ( | |||||||||||||||||||||
| Goodwill impairment | — | 83,149 | — | 83,149 | |||||||||||||||||||
| Depreciation and amortization expense | |||||||||||||||||||||||
| Total other expense | |||||||||||||||||||||||
| Loss before income taxes | $ | ( | $ | ( | $ | ( | $ | ( | |||||||||||||||
(1)Deferred implementation costs is excluded from adjusted Partner Share and other third-party costs, which is shown above in our reconciliation of GAAP revenue to adjusted contribution.
The following tables provide geographical information (in thousands):
| Three Months Ended June 30, | Six Months Ended June 30, | ||||||||||||||||||||||
| 2021 | 2022 | 2021 | 2022 | ||||||||||||||||||||
| Revenue: | |||||||||||||||||||||||
| United States | $ | $ | $ | $ | |||||||||||||||||||
| United Kingdom | |||||||||||||||||||||||
| Total | $ | $ | $ | $ | |||||||||||||||||||
| December 31, 2021 | June 30, 2022 | ||||||||||
| Property and equipment, net: | |||||||||||
| United States | $ | $ | |||||||||
| United Kingdom | |||||||||||
| India | |||||||||||
| Total | $ | $ | |||||||||
Capital expenditures within the United Kingdom and India totaled $0.6 million and less than $0.1 million during the six months ended June 30, 2021 and 2022, respectively.
30
Concentrations of Risk
Cash and Cash Equivalents
Financial instruments that potentially subject us to concentrations of credit risk consist primarily of cash and cash equivalents and accounts receivable. A significant portion of our cash and cash equivalents are held in fully FDIC-insured demand deposit accounts that distribute funds, and credit risk, over a vast number of financial institutions. Our remaining cash and cash equivalents are held with eight financial institutions, which we believe are of high credit quality.
Marketers
Our revenue and accounts receivable are diversified among a large number of marketers segregated by both geography and industry. During each of the six months ended June 30, 2021 and 2022, our top five marketers accounted for 34 % and 21 % of our revenue, respectively, with one marketer accounting for over 10% during six months ended June 30, 2021 . As of June 30, 2021 and 2022, our top five marketers accounted for 30 % and 19 % of our accounts receivable, respectively, with one marketer representing over 10
FI Partners
Our business is substantially dependent on a limited number of FI partners. We require participation from our FI partners in the Cardlytics platform and access to their purchase data in order to offer our solutions to marketers and their agencies. We must have FI partners with a sufficient number of customers and levels of customer engagement to ensure that we have robust purchase data and marketing space to support a broad array of incentive programs for marketers. Our agreements with a substantial majority of our FI partners have terms of three to seven years but are generally terminable by the FI partner on 90 days or less prior notice. The agreements generally have autorenewal provisions that allow for the agreements to extend past their originally contemplated end date, unless terminated earlier in accordance with the terms of the agreement. If an FI partner terminates its agreement with us, we would lose that FI as a source of purchase data and online banking customers.
During the six months ended June 30, 2021, our top two FI partners combined to account for over 75 % of the total Partner Share we paid to all partners, with each representing over 30%. During the six months ended June 30, 2022, our top three FI partners combined to account for over 75 % of the total Partner Share we paid to all partners, with the top two FI partners each representing over 20% and third largest FI partner representing over 10
12. SUBSEQUENT EVENTS
On July 7, 2022, we entered into a General Services Agreement (the “GSA”) with Bank of America, National Association (“Bank of America”). The GSA details the terms and conditions that will govern any future statements of work. On July 21, 2022, we entered into a Statement of Work (the “SOW”) with Bank of America, pursuant to which we have agreed to continue to provide cash-back offers to Bank of America for the benefit of Bank of America’s customers. The SOW is governed by the GSA. The SOW is substantially similar to prior arrangements between the Company and Bank of America, and pursuant to the SOW we will share revenue that we generate from these cash-back offers within the Bank of America digital channels with Bank of America. The terms of the GSA and SOW extend through July 31, 2025, and Bank of America may terminate the GSA or SOW at any time upon 90 days’ written notice. In the event that Bank of America does not notify us of its intent to terminate the GSA or SOW at least 90 days prior to the end of the initial terms, the GSA and SOW will automatically renew upon the conclusion of the initial terms on a month-to-month basis.
Subsequent to June 30, 2022, the Company planned certain cost savings measures and expects to incur one-time costs of approximately $4.0 million in connection with these measures.
31
ITEM 2. MANAGEMENT’S DISCUSSION AND ANALYSIS OF FINANCIAL CONDITION AND RESULTS OF OPERATIONS
The following discussion and analysis of our financial condition and results of operations should be read in conjunction with (1) our consolidated financial statements and related notes appearing elsewhere in this Quarterly Report on Form 10–Q and (2) the audited consolidated financial statements and the related notes and management’s discussion and analysis of financial condition and results of operations for the fiscal year ended December 31, 2021 included in our Annual Report on Form 10-K/A, filed with the SEC on May 2, 2022.
This Quarterly Report on Form 10-Q contains “forward-looking statements” within the meaning of Section 27A of the Securities Act of 1933, as amended, or the Securities Act, and Section 21E of the Securities Exchange Act of 1934, as amended, or the Exchange Act. These statements are often identified by the use of words such as “anticipate,” “believe,” “continue,” “could,” “estimate,” “expect,” “intend,” “may,” “plan,” “project,” “will,” “would” or the negative or plural of these words or similar expressions or variations, and such forward-looking statements include, but are not limited to, statements with respect to our business strategy, plans and objectives for future operations, including our expectations regarding our expenses; continued enhancements of our platform and new product offerings; our future financial and business performance; anticipated benefits of our acquisitions of Dosh, Bridg and Entertainment; potential payments under the Merger Agreement with Bridg; anticipated Partner Share commitment shortfall penalty; and the uncertain negative impacts that COVID-19 may have on our business, financial condition, results of operations and changes in overall level of spending and volatility in the global economy. The events described in these forward-looking statements are subject to a number of risks, uncertainties, assumptions and other factors that could cause actual results and the timing of certain events to differ materially from future results expressed or implied by the forward-looking statements. Factors that could cause or contribute to such differences include, but are not limited to, those identified herein, and those discussed in the section titled “Risk Factors,” set forth in Part II, Item 1A of this Quarterly Report on Form 10-Q and in our other SEC filings. You should not rely upon forward-looking statements as predictions of future events. Furthermore, such forward-looking statements speak only as of the date of this report. Except as required by law, we undertake no obligation to update any forward-looking statements to reflect events or circumstances after the date of such statements.
Overview
Our company’s mission is to redefine marketing by using data for good. We work to accomplish this mission by operating an advertising platform within our own and our partners' digital channels, which include online, mobile applications, email, and various real-time notifications (the "Cardlytics platform"). We also operate a customer data platform that utilizes point-of-sale ("POS") data, including product-level purchase data, to enable marketers, in a privacy-protective manner, to perform analytics and target loyalty marketing and also enable marketers to measure the impact of their marketing (the "Bridg platform"). The partners for the Cardlytics platform are predominantly financial institutions ("FI partners") that provide us with access to their anonymized purchase data and digital banking customers. The partners for the Bridg platform are merchants that provide us with access to their POS data, including product-level purchase data. By applying advanced analytics to the purchase data we receive, we make it actionable, helping marketers reach potential buyers at scale, and measure the true sales impact of their marketing spend. We have strong relationships with leading marketers across a variety of industries, including retail, restaurant, travel and entertainment, direct-to-consumer, and grocery and gas.
Working with a marketer, we design a campaign that targets consumers based on their purchase history. The consumer is offered an incentive to make a purchase from the marketer within a specified period. We use a portion of the fees that we collect from marketers to provide these consumer incentives to customers after they make qualifying purchases ("Consumer Incentives"). We report our revenue on our consolidated statements of operations net of Consumer Incentives since we do not provide the goods or services that are purchased by customers from the marketers to which the Consumer Incentives relate.
We pay certain partners a negotiated and fixed percentage of our billings to marketers less any Consumer Incentives that we pay to customers and certain third-party data costs ("Partner Share"). We report our revenue gross of Partner Share. Partner Share costs are included in Partner Share and other third-party costs in our consolidated statements of operations, rather than as a reduction of revenue, because we and not our partners act as the principal in our arrangements with marketers.
We run campaigns offering compelling Consumer Incentives to drive an expected rate of return on advertising spend for marketers. At times, we may collaborate with a partner to enhance the level of Consumer Incentives to their respective customers, funded by their Partner Share. We believe that these investments by our partners positively impact our platforms by making their customers more highly engaged with our platforms. However, these investments negatively impact our GAAP revenue, which is reported net of Consumer Incentives.
32
Revenue, which is reported net of Consumer Incentives and gross of Partner Share and other third-party costs, was $58.9 million and $75.4 million during the three months ended June 30, 2021 and 2022, respectively, representing an increase of 28%. Billings, a non-GAAP measure that represents the gross amount billed to marketers and is reported gross of both Consumer Incentives and Partner Share, was $85.3 million and $107.7 million during the three months ended June 30, 2021 and 2022, respectively, representing an increase of 26%. Gross profit, which represents revenue less Partner Share and other third-party costs and less delivery costs, was $23.2 million and $27.0 million during the three months ended June 30, 2021 and 2022, respectively, representing an increase of 16%. Adjusted contribution, a non-GAAP measure that represents our revenue less our adjusted Partner Share and other third-party costs, was $29.6 million and $35.1 million during the three months ended June 30, 2021 and 2022, respectively, representing an increase of 19%.
Billings and adjusted contribution are further defined under the heading "Non-GAAP Measures and Other Performance Metrics" below. We believe these non-GAAP measures, alongside our GAAP revenue and GAAP gross profit, provide useful information to investors for period-to-period comparisons of our core business and in understanding and evaluating our results of operations in the same manner as our management and board of directors.
The following table summarizes our results (dollars in thousands):
| Three Months Ended June 30, | Change | Six Months Ended June 30, | Change | ||||||||||||||||||||||||||||||||||||||||||||
| 2021 | 2022 | $ | % | 2021 | 2022 | $ | % | ||||||||||||||||||||||||||||||||||||||||
Billings(1) | $ | 85,337 | $ | 107,744 | $ | 22,407 | 26 | % | $ | 161,654 | $ | 205,969 | $ | 44,315 | 27 | % | |||||||||||||||||||||||||||||||
| Consumer Incentives | 26,484 | 32,339 | 5,855 | 22 | 49,571 | 62,636 | 13,065 | 26 | |||||||||||||||||||||||||||||||||||||||
| Revenue | 58,853 | 75,405 | 16,552 | 28 | 112,083 | 143,333 | 31,250 | 28 | |||||||||||||||||||||||||||||||||||||||
Adjusted Partner Share and other third-party costs(1) | 29,223 | 40,280 | 11,057 | 38 | 58,112 | 75,433 | 17,321 | 30 | |||||||||||||||||||||||||||||||||||||||
Adjusted contribution(1) | 29,630 | 35,125 | 5,495 | 19 | 53,971 | 67,900 | 13,929 | 26 | |||||||||||||||||||||||||||||||||||||||
| Delivery costs | 5,748 | 8,162 | 2,414 | 42 | 9,686 | 14,697 | 5,011 | 52 | |||||||||||||||||||||||||||||||||||||||
| Deferred implementation costs | 730 | — | (730) | (100) | 1,612 | — | (1,612) | (100) | |||||||||||||||||||||||||||||||||||||||
| Gross profit | $ | 23,152 | $ | 26,963 | $ | 3,811 | 16 | % | $ | 42,673 | $ | 53,203 | $ | 10,530 | 25 | % | |||||||||||||||||||||||||||||||
| Net loss | $ | (47,306) | $ | (126,290) | $ | (78,984) | 167 | % | $ | (72,201) | $ | (93,252) | $ | (21,051) | 29 | % | |||||||||||||||||||||||||||||||
Adjusted EBITDA(1) | $ | (5,666) | $ | (15,785) | $ | (10,119) | (179) | % | $ | (9,610) | $ | (26,322) | $ | (16,712) | 174 | % | |||||||||||||||||||||||||||||||
(1)Billings, adjusted Partner Share and other third-party costs, adjusted contribution and adjusted EBITDA are non-GAAP measures, as detailed below in our reconciliations of GAAP revenue to billings, GAAP gross profit to adjusted contribution and GAAP net loss to adjusted EBITDA.
During the three months ended June 30, 2021 and 2022, our net loss was $47.3 million and $126.3 million, respectively. Our historical losses have been driven by our substantial investments in our purchase intelligence platform and infrastructure, which we believe will enable us to expand the use of our platform by both our partners and marketers. During the six months ended June 30, 2022, we received a benefit due a reduction of the estimated contingent consideration and brokerage fee related to our Bridg acquisition partially offset by an impairment of goodwill. On March 5, 2021, we acquired Dosh Holdings, Inc., on May 5, 2021, we acquired Bridg, Inc. and on January 7, 2022, we acquired HSP EPI Acquisition LLC ("Entertainment"). During the six months ended June 30, 2021 and 2022, we incurred $21.2 million of costs and $2.4 million of benefit in connection with these acquisitions, respectively. During the three months ended June 30, 2021 and 2022, our net (loss) income included stock-based compensation expense of $13.3 million and $12.8 million, respectively.
FI Partners
Our FI partners include Bank of America, National Association ("Bank of America"), JPMorgan Chase Bank, National Association (“Chase”) and Wells Fargo Bank, National Association (“Wells Fargo”), as well as many other national and regional financial institutions, financial technology companies, virtual-only banks, and several of the largest bank processors and digital banking providers to reach customers of small and mid-sized FIs.
For the three months ended June 30, 2021 and 2022, our average monthly active users ("MAUs") were 167.6 million and 179.9 million, respectively, and our average revenue per user ("ARPU") for each period was $0.34 and $0.38, respectively. MAUs and ARPU are performance metrics defined under the heading "Non-GAAP Measures and Other Performance Metrics" below.
33
Partner Commitments
We have minimum Partner Share commitment to a certain FI partner totaling $10.0 million over a 12-month period which began on April 1, 2022. To the extent that this commitment is expected to exceed the amount of Partner Share otherwise payable to such FI partner in the absence of such commitment, we accrue any expected shortfall over the commitment period. We accrued for zero and $0.9 million of expected minimum Partner Share commitment shortfalls as of December 31, 2021 and June 30, 2022, respectively.
Impacts of COVID-19 Pandemic
The COVID-19 pandemic resulted in a global slowdown of economic activity that disrupted supply and demand for a broad variety of goods and services and consumer discretionary spending, and increased inflationary pressure, including spending by consumers with our marketers. Estimates and assumptions about future events and their effects cannot be determined with certainty and therefore require the exercise of judgment. Actual results could differ from those estimates and any such differences may be material to our financial statements. Due to continuing uncertainty regarding the severity and duration of the impacts of COVID-19 on the global economy, we will continue to monitor this situation and the potential impacts to our business.
Restructuring
During the three months ended June 30, 2022, we began a strategic shift within our organization to migrate certain data and applications to a cloud computing environment. This transition resulted in severance and medical benefits totaling $1.0 million, as a result of a headcount reduction because cloud hosting improved data management efficiencies. This expense is included in Delivery costs on our Consolidated Statement of Operations.
Acquisitions
On January 7, 2022, we purchased Entertainment for $13.0 million in equity at an agreed-upon price of $66.52 per share, subject to $1.1 million of fair value adjustments based upon our close date, and $2.3 million in cash, subject to $0.4 million of adjustments, for an acquisition date fair value of $14.6 million.
On May 5, 2021, we completed the acquisition of Bridg for purchase consideration of $578.9 million. The purchase consideration consisted of a $350.0 million cash purchase price, subject to $2.8 million of adjustments and escrows, and contingent consideration with a fair value of $230.9 million at the time of the acquisition related to additional potential future payments. At least 30% of the potential future payments will be in cash, with the remainder to be paid in cash or our common stock, at our option.
On March 5, 2021, we completed the acquisition of Dosh for purchase consideration of $277.6 million in a combination of cash and common stock. The total purchase consideration consisted of a $150.0 million cash purchase price, subject to $6.6 million of adjustments and escrows, and $125.0 million of shares of our common stock at an agreed-upon price of $136.33 per share, subject to $7.6 million of fair value adjustments based upon our close date, for an acquisition date fair value of $117.4 million.
Refer to Note 3 - Business Combinations to our consolidated financial statements for further information.
Public Offering of Common Stock
On March 5, 2021, we closed a public equity offering in which we sold 3,850,000 shares of common stock at a public offering price of $130.00 per share for total gross proceeds of $500.5 million. We received total net proceeds of $484.0 million after deducting underwriting discounts and commissions of $16.3 million and offering costs of $0.2 million.
Non-GAAP Measures and Other Performance Metrics
We regularly monitor a number of financial and operating metrics in order to measure our current performance and estimate our future performance. Our metrics may be calculated in a manner different than similar metrics used by other companies.
| Three Months Ended June 30, | Six Months Ended June 30, | ||||||||||||||||||||||
| 2021 | 2022 | 2021 | 2022 | ||||||||||||||||||||
| (in thousands, except ARPU) | |||||||||||||||||||||||
| Cardlytics MAUs | 167,613 | 179,890 | 167,867 | 179,450 | |||||||||||||||||||
| Cardlytics ARPU | $ | 0.34 | $ | 0.38 | $ | 0.66 | $ | 0.74 | |||||||||||||||
| Bridg ARR | $ | 12,511 | $ | 21,828 | $ | 12,511 | $ | 21,828 | |||||||||||||||
| Billings | $ | 85,337 | $ | 107,744 | $ | 161,654 | $ | 205,969 | |||||||||||||||
| Adjusted contribution | $ | 29,630 | $ | 35,125 | $ | 53,971 | $ | 67,900 | |||||||||||||||
| Adjusted EBITDA | $ | (5,666) | $ | (15,785) | $ | (9,610) | $ | (26,322) | |||||||||||||||
34
Cardlytics Monthly Active Users
We define MAUs as targetable customers or accounts that have logged in and visited online or mobile applications containing offers, opened an email containing an offer, or redeemed an offer from the Cardlytics platform during a monthly period. We then calculate a monthly average of these MAUs for the periods presented. We believe that MAUs is an indicator of the Cardlytics platform’s ability to drive engagement and is reflective of the marketing base that we offer to marketers.
Cardlytics Average Revenue per User
We define ARPU as the total revenue generated in the applicable period calculated in accordance with generally accepted accounting principles in the United States ("GAAP"), divided by the average number of MAUs in the applicable period. We believe that ARPU is an indicator of the value of our relationships with our partners with respect to the Cardlytics platform.
Bridg Annualized Recurring Revenue
Consistent with the Bridg merger agreement, we define ARR as the annualized GAAP revenue of the final month in the period presented for the Bridg platform. ARR should not be considered in isolation from, or as an alternative to, revenue prepared in accordance with GAAP. We believe that ARR is an indicator of the Bridg platform’s ability to generate future revenue from existing clients.
Billings
Billings represents the gross amount billed to customers and marketers for advertising campaigns in order to generate revenue. Cardlytics platform billings is recognized gross of both Consumer Incentives and Partner Share. Cardlytics platform GAAP revenue is recognized net of Consumer Incentives and gross of Partner Share. Bridg platform billings is the same as Bridg platform GAAP revenue.
We review billings for internal management purposes. We believe that billings provides useful information to investors for period-to-period comparisons of our core business and in understanding and evaluating our results of operations in the same manner as our management and board of directors. Nevertheless, our use of billings has limitations as an analytical tool, and you should not consider it in isolation or as a substitute for analysis of our financial results as reported under GAAP. Other companies, including companies in our industry that have similar business arrangements, may address the impact of Consumer Incentives differently. You should consider billings alongside our other GAAP financial results.
The following table presents a reconciliation of billings to revenue, the most directly comparable GAAP measure, for each of the periods indicated (in thousands):
| Three Months Ended June 30, 2021 | Three Months Ended June 30, 2022 | ||||||||||||||||||||||||||||||||||
| Cardlytics Platform | Bridg Platform | Consolidated | Cardlytics Platform | Bridg Platform | Consolidated | ||||||||||||||||||||||||||||||
| Revenue | $ | 56,763 | $ | 2,090 | $ | 58,853 | $ | 69,270 | $ | 6,135 | $ | 75,405 | |||||||||||||||||||||||
| Plus: | |||||||||||||||||||||||||||||||||||
| Consumer Incentives | 26,484 | — | 26,484 | 32,339 | — | 32,339 | |||||||||||||||||||||||||||||
| Billings | $ | 83,247 | $ | 2,090 | $ | 85,337 | $ | 101,609 | $ | 6,135 | $ | 107,744 | |||||||||||||||||||||||
| Six Months Ended June 30, 2021 | Six Months Ended June 30, 2022 | ||||||||||||||||||||||||||||||||||
| Cardlytics Platform | Bridg Platform | Consolidated | Cardlytics Platform | Bridg Platform | Consolidated | ||||||||||||||||||||||||||||||
| Revenue | $ | 109,993 | $ | 2,090 | $ | 112,083 | $ | 133,253 | $ | 10,080 | $ | 143,333 | |||||||||||||||||||||||
| Plus: | |||||||||||||||||||||||||||||||||||
| Consumer Incentives | 49,571 | — | 49,571 | 62,636 | — | 62,636 | |||||||||||||||||||||||||||||
| Billings | $ | 159,564 | $ | 2,090 | $ | 161,654 | $ | 195,889 | $ | 10,080 | $ | 205,969 | |||||||||||||||||||||||
35
Adjusted Contribution
Adjusted contribution measures the degree by which revenue generated from our marketers exceeds the cost to obtain the purchase data and the digital advertising space from our partners. Adjusted contribution demonstrates how incremental marketing spend on our platforms generates incremental amounts to support our sales and marketing, research and development, general and administration and other investments. Adjusted contribution is calculated by taking our total revenue less our Partner Share and other third-party costs exclusive of deferred implementation costs, which is a non-cash cost. Adjusted contribution does not take into account all costs associated with generating revenue from advertising campaigns, including sales and marketing expenses, research and development expenses, general and administrative expenses and other expenses, which we do not take into consideration when making decisions on how to manage our advertising campaigns.
We use adjusted contribution extensively to measure the efficiency of our advertising platform, make decisions to manage advertising campaigns and evaluate our operational performance. Adjusted contribution is also used to determine the vesting of performance-based equity awards and is used to determine the achievement of quarterly and annual bonuses across our entire global employee base, including executives. We view adjusted contribution as an important operating measure of our financial results. We believe that adjusted contribution provides useful information to investors and others in understanding and evaluating our results of operations in the same manner as our management and board of directors. Adjusted contribution should not be considered in isolation from, or as an alternative to, measures prepared in accordance with GAAP. Adjusted contribution should be considered together with other operating and financial performance measures presented in accordance with GAAP. Also, adjusted contribution may not necessarily be comparable to similarly titled measures presented by other companies. Refer to Note 11 - Segments to our condensed consolidated financial statements for further details on our adjusted contribution by segment.
The following table presents a reconciliation of adjusted contribution to gross profit, the most directly comparable GAAP measure, for each of the periods indicated (in thousands):
| Three Months Ended June 30, 2021 | Three Months Ended June 30, 2022 | ||||||||||||||||||||||||||||||||||
| Cardlytics Platform | Bridg Platform | Consolidated | Cardlytics Platform | Bridg Platform | Consolidated | ||||||||||||||||||||||||||||||
| Revenue | $ | 56,763 | $ | 2,090 | $ | 58,853 | $ | 69,270 | $ | 6,135 | $ | 75,405 | |||||||||||||||||||||||
| Minus: | |||||||||||||||||||||||||||||||||||
| Partner Share and other third-party costs | 29,890 | 63 | 29,953 | 39,403 | 877 | 40,280 | |||||||||||||||||||||||||||||
Delivery costs(1) | 4,837 | 911 | 5,748 | 6,311 | 1,851 | 8,162 | |||||||||||||||||||||||||||||
| Gross profit | 22,036 | 1,116 | 23,152 | 23,556 | 3,407 | 26,963 | |||||||||||||||||||||||||||||
| Plus: | |||||||||||||||||||||||||||||||||||
Delivery costs(1) | 4,837 | 911 | 5,748 | 6,311 | 1,851 | 8,162 | |||||||||||||||||||||||||||||
Deferred implementation costs(2) | 730 | — | 730 | — | — | — | |||||||||||||||||||||||||||||
| Adjusted contribution | $ | 27,603 | $ | 2,027 | $ | 29,630 | $ | 29,867 | $ | 5,258 | $ | 35,125 | |||||||||||||||||||||||
(1)Stock-based compensation expense recognized in consolidated delivery costs totaled $0.5 million and $0.9 million for the three months ended June 30, 2021 and 2022, respectively.
(2)Deferred implementation costs is excluded from adjusted Partner Share and other third-party costs as follows (in thousands):
| Three Months Ended June 30, 2021 | Three Months Ended June 30, 2022 | ||||||||||||||||||||||||||||||||||
| Cardlytics Platform | Bridg Platform | Consolidated | Cardlytics Platform | Bridg Platform | Consolidated | ||||||||||||||||||||||||||||||
| Partner Share and other third-party costs | $ | 29,890 | $ | 63 | $ | 29,953 | $ | 39,403 | $ | 877 | $ | 40,280 | |||||||||||||||||||||||
| Minus: | |||||||||||||||||||||||||||||||||||
| Deferred implementation costs | 730 | — | 730 | — | — | — | |||||||||||||||||||||||||||||
| Adjusted Partner Share and other third-party costs | $ | 29,160 | $ | 63 | $ | 29,223 | $ | 39,403 | $ | 877 | $ | 40,280 | |||||||||||||||||||||||
36
| Six Months Ended June 30, 2021 | Six Months Ended June 30, 2022 | ||||||||||||||||||||||||||||||||||
| Cardlytics Platform | Bridg Platform | Consolidated | Cardlytics Platform | Bridg Platform | Consolidated | ||||||||||||||||||||||||||||||
| Revenue | $ | 109,993 | $ | 2,090 | $ | 112,083 | $ | 133,253 | $ | 10,080 | $ | 143,333 | |||||||||||||||||||||||
| Minus: | |||||||||||||||||||||||||||||||||||
| Partner Share and other third-party costs | 59,661 | 63 | 59,724 | 74,431 | 1,002 | 75,433 | |||||||||||||||||||||||||||||
Delivery costs(1) | 8,775 | 911 | 9,686 | 11,218 | 3,477 | 14,695 | |||||||||||||||||||||||||||||
| Gross profit | 41,557 | 1,116 | 42,673 | 47,604 | 5,601 | 53,205 | |||||||||||||||||||||||||||||
| Plus: | |||||||||||||||||||||||||||||||||||
Delivery costs(1) | 8,775 | 911 | 9,686 | 11,218 | 3,477 | 14,695 | |||||||||||||||||||||||||||||
Deferred implementation costs(2) | 1,612 | — | 1,612 | — | — | — | |||||||||||||||||||||||||||||
| Adjusted contribution | $ | 51,944 | $ | 2,027 | $ | 53,971 | $ | 58,822 | $ | 9,078 | $ | 67,900 | |||||||||||||||||||||||
(1)Stock-based compensation expense recognized in consolidated delivery costs totaled $0.8 million and $1.5 million for the six months ended June 30, 2021 and 2022, respectively.
(2)Deferred implementation costs is excluded from adjusted Partner Share and other third-party costs as follows (in thousands):
| Six Months Ended June 30, 2021 | Six Months Ended June 30, 2022 | ||||||||||||||||||||||||||||||||||
| Cardlytics Platform | Bridg Platform | Consolidated | Cardlytics Platform | Bridg Platform | Consolidated | ||||||||||||||||||||||||||||||
| Partner Share and other third-party costs | $ | 59,661 | $ | 63 | $ | 59,724 | $ | 74,431 | $ | 1,002 | $ | 75,433 | |||||||||||||||||||||||
| Minus: | |||||||||||||||||||||||||||||||||||
| Deferred implementation costs | 1,612 | — | 1,612 | — | — | — | |||||||||||||||||||||||||||||
| Adjusted Partner Share and other third-party costs | $ | 58,049 | $ | 63 | $ | 58,112 | $ | 74,431 | $ | 1,002 | $ | 75,433 | |||||||||||||||||||||||
Adjusted EBITDA
Adjusted EBITDA represents our (loss) income before income taxes; interest expense, net; depreciation and amortization expense; stock-based compensation expense; foreign currency gain (loss); deferred implementation costs; restructuring costs, acquisition and integration costs (benefit), change in fair value of contingent consideration and goodwill impairment. We do not consider these excluded items to be indicative of our core operating performance. The items that are non-cash include foreign currency (gain) loss, deferred implementation costs, depreciation and amortization expense and stock-based compensation expense. Notably, any impacts related to minimum Partner Share commitments in connection with agreements with certain partners are not added back to net (loss) income in order to calculate adjusted EBITDA. Adjusted EBITDA is a key measure used by management to understand and evaluate our core operating performance and trends and to generate future operating plans, make strategic decisions regarding the allocation of capital and invest in initiatives that are focused on cultivating new markets for our solution. In particular, the exclusion of certain expenses in calculating adjusted EBITDA facilitates comparisons of our operating performance on a period-to-period basis. Adjusted EBITDA is not a measure calculated in accordance with GAAP.
We believe that adjusted EBITDA provides useful information to investors and others in understanding and evaluating our operating results in the same manner as our management and board of directors. Nevertheless, use of adjusted EBITDA has limitations as an analytical tool, and you should not consider it in isolation or as a substitute for analysis of our financial results as reported under GAAP. Some of these limitations are: (1) adjusted EBITDA does not reflect changes in, or cash requirements for, our working capital needs; (2) adjusted EBITDA does not reflect the potentially dilutive impact of stock-based compensation and equity instruments issued to our partners; (3) adjusted EBITDA does not reflect tax payments or receipts that may represent a reduction or increase in cash available to us; and (4) other companies, including companies in our industry, may calculate adjusted EBITDA or similarly titled measures differently, which reduces the usefulness of the metric as a comparative measure. Because of these and other limitations, you should consider adjusted EBITDA alongside our net (loss) income and other GAAP financial results.
37
The following table presents a reconciliation of adjusted EBITDA to net loss, the most directly comparable GAAP measure (in thousands):
| Three Months Ended June 30, | Six Months Ended June 30, | ||||||||||||||||||||||
| 2021 | 2022 | 2021 | 2022 | ||||||||||||||||||||
| Net loss | $ | (47,306) | $ | (126,290) | $ | (72,201) | $ | (93,252) | |||||||||||||||
| Plus: | |||||||||||||||||||||||
| Income tax benefit | — | (1,446) | — | (1,446) | |||||||||||||||||||
| Interest expense - net | 3,078 | 879 | 6,123 | 1,826 | |||||||||||||||||||
| Depreciation and amortization | 8,833 | 10,356 | 11,898 | 20,227 | |||||||||||||||||||
| Stock-based compensation expense | 13,337 | 12,842 | 20,585 | 26,427 | |||||||||||||||||||
| Foreign currency loss (gain) | — | 4,538 | (319) | 6,208 | |||||||||||||||||||
| Deferred implementation costs | 730 | — | 1,612 | — | |||||||||||||||||||
| Acquisition and integration costs (benefit) | 14,182 | 2,197 | 21,212 | (2,401) | |||||||||||||||||||
| Change in fair value of contingent consideration | 1,480 | (2,968) | 1,480 | (68,018) | |||||||||||||||||||
| Goodwill impairment | — | 83,149 | — | 83,149 | |||||||||||||||||||
| Restructuring costs | — | 958 | — | 958 | |||||||||||||||||||
| Adjusted EBITDA | $ | (5,666) | $ | (15,785) | $ | (9,610) | $ | (26,322) | |||||||||||||||
The following table presents a reconciliation of adjusted EBITDA to Adjusted Contribution, the most directly comparable segment income measure (in thousands):
| Three Months Ended June 30, 2021 | Three Months Ended June 30, 2022 | ||||||||||||||||||||||||||||||||||
| Cardlytics Platform | Bridg Platform | Consolidated | Cardlytics Platform | Bridg Platform | Consolidated | ||||||||||||||||||||||||||||||
| Adjusted Contribution | $ | 27,603 | $ | 2,027 | $ | 29,630 | $ | 29,867 | $ | 5,258 | $ | 35,125 | |||||||||||||||||||||||
| Minus: | |||||||||||||||||||||||||||||||||||
| Delivery costs | 4,837 | 911 | 5,748 | 6,311 | 1,851 | 8,162 | |||||||||||||||||||||||||||||
| Sales and marketing expense | 16,665 | 398 | 17,063 | 20,908 | 1,075 | 21,983 | |||||||||||||||||||||||||||||
| Research and development expense | 8,481 | 453 | 8,934 | 11,936 | 1,645 | 13,581 | |||||||||||||||||||||||||||||
| General and administration expense | 16,454 | 434 | 16,888 | 21,232 | (248) | 20,984 | |||||||||||||||||||||||||||||
| Stock-based compensation expense | (13,179) | (158) | (13,337) | (13,944) | 1,102 | (12,842) | |||||||||||||||||||||||||||||
| Restructuring costs | — | — | — | (958) | — | (958) | |||||||||||||||||||||||||||||
| Adjusted EBITDA | $ | (5,655) | $ | (11) | $ | (5,666) | $ | (15,618) | $ | (167) | $ | (15,785) | |||||||||||||||||||||||
38
| Six Months Ended June 30, 2021 | Six Months Ended June 30, 2022 | ||||||||||||||||||||||||||||||||||
| Cardlytics Platform | Bridg Platform | Consolidated | Cardlytics Platform | Bridg Platform | Consolidated | ||||||||||||||||||||||||||||||
| Adjusted Contribution | $ | 51,944 | $ | 2,027 | $ | 53,971 | $ | 58,822 | $ | 9,078 | $ | 67,900 | |||||||||||||||||||||||
| Minus: | |||||||||||||||||||||||||||||||||||
| Delivery costs | 9,686 | — | 9,686 | 11,218 | 3,477 | 14,695 | |||||||||||||||||||||||||||||
| Sales and marketing expense | 28,524 | 1,741 | 30,265 | 36,816 | 2,815 | 39,631 | |||||||||||||||||||||||||||||
| Research and development expense | 14,994 | 158 | 15,152 | 22,895 | 2,977 | 25,872 | |||||||||||||||||||||||||||||
| General and administration expense | 29,063 | — | 29,063 | 40,441 | 968 | 41,409 | |||||||||||||||||||||||||||||
| Stock-based compensation expense | (20,585) | — | (20,585) | (25,879) | (548) | (26,427) | |||||||||||||||||||||||||||||
| Restructuring costs | — | — | — | (958) | — | (958) | |||||||||||||||||||||||||||||
| Adjusted EBITDA | $ | (9,738) | $ | 128 | 0 | $ | (9,610) | 0 | $ | (25,711) | $ | — | $ | (611) | $ | — | $ | (26,322) | |||||||||||||||||
Results of Operations
The following table presents our condensed consolidated statements of operations (in thousands):
| Three Months Ended June 30, | Six Months Ended June 30, | ||||||||||||||||||||||
| 2021 | 2022 | 2021 | 2022 | ||||||||||||||||||||
| Revenue | $ | 58,853 | $ | 75,405 | $ | 112,083 | $ | 143,333 | |||||||||||||||
| Costs and expenses: | |||||||||||||||||||||||
| Partner Share and other third-party costs | 29,953 | 40,280 | 59,724 | 75,433 | |||||||||||||||||||
| Delivery costs | 5,748 | 8,162 | 9,686 | 14,695 | |||||||||||||||||||
| Sales and marketing expense | 17,063 | 21,983 | 30,265 | 39,631 | |||||||||||||||||||
| Research and development expense | 8,934 | 13,581 | 15,152 | 25,872 | |||||||||||||||||||
| General and administrative expense | 16,888 | 20,984 | 29,063 | 41,409 | |||||||||||||||||||
| Acquisition and integration costs (benefit) | 14,182 | 2,197 | 21,212 | (2,401) | |||||||||||||||||||
| Change in fair value of contingent consideration | 1,480 | (2,968) | 1,480 | (68,018) | |||||||||||||||||||
Goodwill impairment | — | 83,149 | — | 83,149 | |||||||||||||||||||
| Depreciation and amortization expense | 8,833 | 10,356 | 11,898 | 20,227 | |||||||||||||||||||
| Total costs and expenses | 103,081 | 197,724 | 178,480 | 229,997 | |||||||||||||||||||
| Operating loss | (44,228) | (122,319) | (66,397) | (86,664) | |||||||||||||||||||
| Other (expense) income: | |||||||||||||||||||||||
| Interest expense, net | (3,078) | (879) | (6,123) | (1,826) | |||||||||||||||||||
| Foreign currency (loss) gain | — | (4,538) | 319 | (6,208) | |||||||||||||||||||
| Total other expense | (3,078) | (5,417) | (5,804) | (8,034) | |||||||||||||||||||
| Loss before income taxes | (47,306) | (127,736) | (72,201) | (94,698) | |||||||||||||||||||
| Income tax benefit | — | 1,446 | — | 1,446 | |||||||||||||||||||
| Net loss | $ | (47,306) | $ | (126,290) | $ | (72,201) | $ | (93,252) | |||||||||||||||
39
Comparison of Three and Six Months Ended June 30, 2021 and 2022
Revenue
| Three Months Ended June 30, | Change | Six Months Ended June 30, | Change | ||||||||||||||||||||||||||||||||||||||||||||
| 2021 | 2022 | $ | % | 2021 | 2022 | $ | % | ||||||||||||||||||||||||||||||||||||||||
| (dollars in thousands) | |||||||||||||||||||||||||||||||||||||||||||||||
| Billings | $ | 85,337 | $ | 107,744 | $ | 22,407 | 26 | % | $ | 161,654 | $ | 205,969 | $ | 44,315 | 27 | % | |||||||||||||||||||||||||||||||
| Consumer Incentives | 26,484 | 32,339 | 5,855 | 22 | 49,571 | 62,636 | 13,065 | 26 | |||||||||||||||||||||||||||||||||||||||
| Revenue | $ | 58,853 | $ | 75,405 | $ | 16,552 | 28 | % | $ | 112,083 | $ | 143,333 | $ | 31,250 | 28 | % | |||||||||||||||||||||||||||||||
| % of billings | 69 | % | 70 | % | 69 | % | 70 | % | |||||||||||||||||||||||||||||||||||||||
The $16.6 million increase in revenue during the three months ended June 30, 2022 compared to the three months ended June 30, 2021 was comprised of a $22.4 million increase in billings, offset by a $5.9 million increase in Consumer Incentives. The billings increase was comprised of $21.7 million increase in sales to existing marketers and $0.7 million in sales to new marketers in 2022. Consumer Incentives grew at a lower rate than billings during the three months ended June 30, 2022 compared to the three months ended June 30, 2021 primarily as a result of changes in advertiser mix.
The $31.3 million increase in revenue during the six months ended June 30, 2022 compared to the six months ended June 30, 2021 was comprised of a $44.3 million increase in billings, offset by a $13.1 million increase in Consumer Incentives. The billings increase was comprised of a $39.0 million increase in sales to existing marketers and a $5.3 million increase in sales to new marketers in 2022. Consumer Incentives grew at a lower rate than billings during the six months ended June 30, 2022 compared to the six months ended June 30, 2021 primarily as a result of changes in advertiser mix.
Costs and Expenses
Partner Share and Other Third-Party Costs
| Three Months Ended June 30, | Change | Six Months Ended June 30, | Change | ||||||||||||||||||||||||||||||||||||||||||||
| 2021 | 2022 | $ | % | 2021 | 2022 | $ | % | ||||||||||||||||||||||||||||||||||||||||
| (dollars in thousands) | |||||||||||||||||||||||||||||||||||||||||||||||
| Partner Share and other third-party costs: | |||||||||||||||||||||||||||||||||||||||||||||||
| Adjusted Partner Share and other third-party costs | $ | 29,223 | $ | 40,280 | $ | 11,057 | 38 | % | $ | 58,112 | $ | 75,433 | $ | 17,321 | 30 | % | |||||||||||||||||||||||||||||||
| Deferred implementation costs | 730 | — | (730) | (100) | % | 1,612 | — | (1,612) | (100) | % | |||||||||||||||||||||||||||||||||||||
| Total Partner Share and other third-party costs | $ | 29,953 | $ | 40,280 | $ | 10,327 | 34 | % | $ | 59,724 | $ | 75,433 | $ | 15,709 | 26 | % | |||||||||||||||||||||||||||||||
| % of revenue | 51 | % | 53 | % | 53 | % | 53 | % | |||||||||||||||||||||||||||||||||||||||
Partner Share and other third-party costs increased by $11.1 million during the three months ended June 30, 2022 compared to the three months ended June 30, 2021 primarily due to increased revenue from sales of the Cardlytics platform and was offset by an increase in Consumer Incentives funded by partners through a reduction in Partner Share. Deferred implementation costs decreased by $0.7 million during the three months ended June 30, 2022 compared to the three months ended June 30, 2021 due to the end of the useful lives of certain platform enhancements.
Partner Share and other third-party costs increased by $15.7 million during the six months ended June 30, 2022 compared to the six months ended June 30, 2021 primarily due to increased revenue from sales of the Cardlytics platform and an increase in Consumer Incentives funded by partners through a reduction in Partner Share, primarily offset by a decrease in FI Share revenue commitments in excess of the FI Share otherwise earned by the applicable FI partners. Deferred implementation costs decreased by $1.6 million during the six months ended June 30, 2022 compared to the six months ended June 30, 2021 due to the end of the useful lives of certain platform enhancements.
40
Delivery Costs
| Three Months Ended June 30, | Change | Six Months Ended June 30, | Change | ||||||||||||||||||||||||||||||||||||||||||||
| 2021 | 2022 | $ | % | 2021 | 2022 | $ | % | ||||||||||||||||||||||||||||||||||||||||
| (dollars in thousands) | |||||||||||||||||||||||||||||||||||||||||||||||
| Delivery costs | $ | 5,748 | $ | 8,162 | $ | 2,414 | 42 | % | $ | 9,686 | $ | 14,695 | $ | 5,009 | 52 | % | |||||||||||||||||||||||||||||||
| % of revenue | 10 | % | 11 | % | 9 | % | 10 | % | |||||||||||||||||||||||||||||||||||||||
Delivery costs increased by $2.4 million during the three months ended June 30, 2022 compared to the three months ended June 30, 2021, primarily due to a $1.0 million of restructuring cost, a $0.5 million increase in personnel costs associated with additional headcount, a $0.5 million increase of costs from our acquired businesses and a $0.4 million increase in stock-based compensation expense.
Delivery costs increased by $5.0 million during the six months ended June 30, 2022 compared to the six months ended June 30, 2021, primarily due to a $2.1 million increase in personnel costs associated with additional headcount, a $1.9 million increase of costs from our acquired businesses, a $0.7 million increase in stock-based compensation expense and a $0.3 million increase in costs associated with hosting the Cardlytics platform for certain partners.
Sales and Marketing Expense
| Three Months Ended June 30, | Change | Six Months Ended June 30, | Change | ||||||||||||||||||||||||||||||||||||||||||||
| 2021 | 2022 | $ | % | 2021 | 2022 | $ | % | ||||||||||||||||||||||||||||||||||||||||
| (dollars in thousands) | |||||||||||||||||||||||||||||||||||||||||||||||
| Sales and marketing expense | $ | 17,063 | $ | 21,983 | $ | 4,920 | 29 | % | $ | 30,265 | $ | 39,631 | $ | 9,366 | 31 | % | |||||||||||||||||||||||||||||||
| % of revenue | 29 | % | 29 | % | 27 | % | 28 | % | |||||||||||||||||||||||||||||||||||||||
Sales and marketing expense increased by $4.9 million during the three months ended June 30, 2022 compared to the three months ended June 30, 2021 primarily due to a $2.1 million increase in personnel costs associated with additional headcount, a $1.0 million increase in stock-based compensation expense, a $1.0 million increase in marketing expense, a $0.6 million increase in recruiting fees, a $0.4 million increase in travel expense, a $0.3 million increase in software licenses and a $0.2 million increase in personnel training expense, partially offset by a $0.7 million decrease of costs from our acquired businesses, inclusive of $1.0 million benefit of stock-based compensation for employees of our acquired businesses.
Sales and marketing expense increased by $9.4 million during the six months ended June 30, 2022 compared to the six months ended June 30, 2021 primarily due to a $2.9 million increase in personnel costs associated with additional headcount, a $1.7 million increase in stock-based compensation expense, a $1.4 million decrease of costs from our acquired businesses, inclusive of $0.3 million benefit of stock-based compensation for employees of our acquired business, a $1.3 million increase in marketing expense, a $0.8 million increase in professional fees, a $0.7 million increase in software licenses and a $0.6 million increase in travel expense.
Research and Development Expense
| Three Months Ended June 30, | Change | Six Months Ended June 30, | Change | ||||||||||||||||||||||||||||||||||||||||||||
| 2021 | 2022 | $ | % | 2021 | 2022 | $ | % | ||||||||||||||||||||||||||||||||||||||||
| (dollars in thousands) | |||||||||||||||||||||||||||||||||||||||||||||||
| Research and development expense | $ | 8,934 | $ | 13,581 | $ | 4,647 | 52 | % | $ | 15,152 | $ | 25,872 | $ | 10,720 | 71 | % | |||||||||||||||||||||||||||||||
| % of revenue | 15 | % | 18 | % | 14 | % | 18 | % | |||||||||||||||||||||||||||||||||||||||
Research and development expense increased by $4.6 million during the three months ended June 30, 2022 compared to the three months ended June 30, 2021 primarily due to a $3.0 million increase in personnel costs due to additional headcount, a $2.4 million increase in stock-based compensation expense, a $0.6 million increase in software licenses and a $0.2 million increase in personnel training expense, partially offset by a $0.8 million decrease in professional fees and a $0.7 million decrease of costs from our acquired businesses, inclusive of $0.6 million benefit of stock-based compensation for employees of our acquired businesses.
41
Research and development expense increased by $10.7 million during the six months ended June 30, 2022 compared to the six months ended June 30, 2021 primarily due to a $6.5 million increase in personnel costs due to additional headcount, a $4.1 million increase in stock-based compensation expense, a $1.0 million increase in software licenses, a $0.2 million increase in personnel training expense and a $0.1 million increase in travel expenses, partially offset by a $1.1 million decrease in professional fees and a $0.1 million decrease of costs from our acquired businesses, inclusive of $0.6 million benefit of stock-based compensation for employees of our acquired businesses.
General and Administrative Expense
| Three Months Ended June 30, | Change | Six Months Ended June 30, | Change | ||||||||||||||||||||||||||||||||||||||||||||
| 2021 | 2022 | $ | % | 2021 | 2022 | $ | % | ||||||||||||||||||||||||||||||||||||||||
| (dollars in thousands) | |||||||||||||||||||||||||||||||||||||||||||||||
| General and administrative expense | $ | 16,888 | $ | 20,984 | $ | 4,096 | 24 | % | $ | 29,063 | $ | 41,409 | $ | 12,346 | 42 | % | |||||||||||||||||||||||||||||||
| % of revenue | 29 | % | 28 | % | 26 | % | 29 | % | |||||||||||||||||||||||||||||||||||||||
General and administrative expense increased by $4.1 million during the three months ended June 30, 2022 compared to the three months ended June 30, 2021 primarily due to a $2.0 million increase in professional fees, a $1.4 million increase in personnel costs associated with additional headcount, a $1.4 million increase in administrative fees, a $0.7 million increase in software licensing cost, a $0.2 million increase related to events and a $0.2 million increase related to travel costs, partially offset by a $0.8 million decrease in stock-based compensation expense and a $1.0 million benefit of costs from our acquired businesses, inclusive of $1.9 million benefit of stock-based compensation for employees of our acquired businesses
General and administrative expense increased by $12.3 million during the six months ended June 30, 2022 compared to the six months ended June 30, 2021 primarily due to a $3.1 million increase in professional fees, a $2.7 million increase in personnel costs associated with additional headcount, a $1.0 million increase in administrative fees, a $1.8 million increase in stock-based compensation expense, a $1.5 million increase of costs from our acquired businesses, inclusive of $1.3 million benefit of stock-based compensation for employees of our acquired businesses, a $1.5 million increase in software licensing cost, a $0.4 million increase related to events and a $0.3 million increase related to travel costs.
Stock-based Compensation Expense
The following table summarizes the allocation of stock-based compensation in the condensed consolidated statements of operations (in thousands):
| Three Months Ended June 30, | Change | Six Months Ended June 30, | Change | ||||||||||||||||||||||||||||||||||||||||||||
| 2021 | 2022 | $ | % | 2021 | 2022 | $ | % | ||||||||||||||||||||||||||||||||||||||||
| Delivery costs | $ | 521 | $ | 914 | $ | 393 | 75 | % | $ | 830 | $ | 1,496 | $ | 666 | 80 | % | |||||||||||||||||||||||||||||||
| Sales and marketing expense | 3,655 | 3,633 | (22) | (1) | 6,087 | 7,337 | 1,250 | 21 | |||||||||||||||||||||||||||||||||||||||
| Research and development expense | 2,448 | 4,247 | 1,799 | 73 | 3,962 | 7,451 | 3,489 | 88 | |||||||||||||||||||||||||||||||||||||||
| General and administrative expense | 6,713 | 4,048 | (2,665) | (40) | 9,706 | 10,143 | 437 | 5 | |||||||||||||||||||||||||||||||||||||||
| Total stock-based compensation expense | $ | 13,337 | $ | 12,842 | $ | (495) | (4) | % | $ | 20,585 | $ | 26,427 | $ | 5,842 | 28 | % | |||||||||||||||||||||||||||||||
| % of revenue | 32 | % | 17 | % | 18 | % | 18 | % | |||||||||||||||||||||||||||||||||||||||
Stock-based compensation expense decreased by $0.5 million during the three months ended June 30, 2022 compared to the three months ended June 30, 2021 primarily due to a $4.3 million reduction in expense related to our assumption of unvested options from our acquired businesses and RSU and PSU grants to employees of our acquired businesses, partially offset by increased expense related to additional headcount and the impact of RSUs and PSUs granted in March 2022.
Stock-based compensation expense increased by $5.8 million during the six months ended June 30, 2022 compared to the six months ended June 30, 2021 primarily due to expense related to additional headcount and the impact of RSUs and PSUs granted in March 2022.
42
Acquisition and integration costs (benefit)
| Three Months Ended June 30, | Change | Six Months Ended June 30, | Change | ||||||||||||||||||||||||||||||||||||||||||||
| 2021 | 2022 | $ | % | 2021 | 2022 | $ | % | ||||||||||||||||||||||||||||||||||||||||
| (dollars in thousands) | |||||||||||||||||||||||||||||||||||||||||||||||
| Acquisition and integration costs (benefit) | 14,182 | 2,197 | $ | (11,985) | (85) | $ | 21,212 | $ | (2,401) | $ | (23,613) | n/a | |||||||||||||||||||||||||||||||||||
| % of revenue | 24 | % | 3 | % | — | % | (2) | % | |||||||||||||||||||||||||||||||||||||||
During the three months ended June 30, 2021 we recognized $14.2 million of expense primarily due to the acquisitions of Dosh and Bridg. During the three months ended June 30, 2022 we recognized a $2.2 million cost primarily due to the acquisition of Entertainment.
During the six months ended June 30, 2021 we recognized $21.2 million of expense primarily due to the acquisitions of Dosh and Bridg. During the six months ended June 30, 2022 we recognized a $2.4 million benefit primarily due to a reduction in our estimated broker fee related to the contingent consideration for the Bridg acquisition, partially offset by costs incurred by the acquisition of Entertainment. Refer to Note 3 - Business Combinations to our condensed consolidated financial statements for additional information regarding these acquisitions.
Change in fair value of contingent consideration
| Three Months Ended June 30, | Change | Six Months Ended June 30, | Change | ||||||||||||||||||||||||||||||||||||||||||||
| 2021 | 2022 | $ | % | 2021 | 2022 | $ | % | ||||||||||||||||||||||||||||||||||||||||
| (dollars in thousands) | |||||||||||||||||||||||||||||||||||||||||||||||
| Change in fair value of contingent consideration | $ | 1,480 | $ | (2,968) | (4,448) | n/a | $ | 1,480 | $ | (68,018) | (69,498) | n/a | |||||||||||||||||||||||||||||||||||
| % of revenue | — | % | (4) | % | — | % | (2) | % | |||||||||||||||||||||||||||||||||||||||
During the three and six months ended June 30, 2021, we recognized a $1.5 million gain and a $3.0 million loss, respectively, in the fair value of contingent consideration related to our acquisition of Bridg. During the three and six months ended June 30, 2022 we recognized $1.5 million gain and $68.0 million loss, respectively, in the fair value of contingent consideration related to our acquisition of Bridg. Refer to Note 8—Fair Value Measurement to our condensed consolidated financial statements for additional information regarding the contingent consideration.
Goodwill impairment
| Three Months Ended June 30, | Change | Six Months Ended June 30, | Change | ||||||||||||||||||||||||||||||||||||||||||||
| 2021 | 2022 | $ | % | 2021 | 2022 | $ | % | ||||||||||||||||||||||||||||||||||||||||
| (dollars in thousands) | |||||||||||||||||||||||||||||||||||||||||||||||
Goodwill impairment | $ | — | $ | 83,149 | 83,149 | n/a | $ | — | $ | 83,149 | 83,149 | n/a | |||||||||||||||||||||||||||||||||||
| % of revenue | — | % | 110 | % | — | % | 58 | % | |||||||||||||||||||||||||||||||||||||||
During the three and six months ended June 30, 2022, we recognized $83.1 million of Goodwill impairment related to the Bridg Platform reporting unit. Refer to Note 4 - Goodwill and Acquired Intangibles to our condensed consolidated financial statements for additional information regarding the Goodwill impairment.
43
Depreciation and Amortization Expense
| Three Months Ended June 30, | Change | Six Months Ended June 30, | Change | ||||||||||||||||||||||||||||||||||||||||||||
| 2021 | 2022 | $ | % | 2021 | 2022 | $ | % | ||||||||||||||||||||||||||||||||||||||||
| (dollars in thousands) | |||||||||||||||||||||||||||||||||||||||||||||||
| Depreciation and amortization expense | $ | 8,833 | $ | 10,356 | $ | 1,523 | 17 | % | $ | 11,898 | $ | 20,227 | $ | 8,329 | 70 | % | |||||||||||||||||||||||||||||||
| % of revenue | 15 | % | 14 | % | 11 | % | 14 | % | |||||||||||||||||||||||||||||||||||||||
Depreciation and amortization expense increased $1.5 million during the three months ended June 30, 2022 compared to the three months ended June 30, 2021, driven by the increase of amortization of intangible assets related to the Dosh, Bridg and Entertainment acquisitions.
Depreciation and amortization expense increased $8.3 million during the six months ended June 30, 2022 compared to the six months ended June 30, 2021, driven by the increase of amortization of intangible assets related to the Dosh, Bridg and Entertainment acquisitions.
Interest Expense, Net
| Three Months Ended June 30, | Change | Six Months Ended June 30, | Change | ||||||||||||||||||||||||||||||||||||||||||||
| 2021 | 2022 | $ | % | 2021 | 2022 | $ | % | ||||||||||||||||||||||||||||||||||||||||
| (dollars in thousands) | |||||||||||||||||||||||||||||||||||||||||||||||
| Interest expense | $ | (3,183) | $ | (997) | $ | 2,186 | (69) | % | $ | (6,317) | $ | (1,993) | $ | 4,324 | (68) | % | |||||||||||||||||||||||||||||||
| Interest income | 105 | 118 | 13 | 12 | % | 194 | 167 | (27) | (14) | % | |||||||||||||||||||||||||||||||||||||
| Interest expense | $ | (3,078) | $ | (879) | $ | 2,199 | (71) | % | $ | (6,123) | $ | (9,316) | $ | (3,193) | 52 | % | |||||||||||||||||||||||||||||||
| % of revenue | (5) | % | (1) | % | (5) | % | (1) | % | |||||||||||||||||||||||||||||||||||||||
Interest expense decreased by $2.2 million during the three months ended June 30, 2022 compared to the three months ended June 30, 2021, driven by reduced amortization of debt discount reflected as interest expense related to the Notes upon the adoption of ASU 2020-06 on January 1, 2022.
Interest expense increased by $3.2 million during the six months ended June 30, 2022 compared to the six months ended June 30, 2021, driven by reduced amortization of debt discount reflected as interest expense related to the Notes upon the adoption of ASU 2020-06 on January 1, 2022.
Foreign Currency (Loss) Gain
| Three Months Ended June 30, | Change | Six Months Ended June 30, | Change | ||||||||||||||||||||||||||||||||||||||||||||
| 2021 | 2022 | $ | % | 2021 | 2022 | $ | % | ||||||||||||||||||||||||||||||||||||||||
| (dollars in thousands) | |||||||||||||||||||||||||||||||||||||||||||||||
| Foreign currency (loss) gain | $ | — | $ | (4,538) | $ | (4,538) | n/a | $ | 319 | $ | (6,208) | $ | (6,527) | n/a | |||||||||||||||||||||||||||||||||
| % of revenue | — | % | (6) | % | — | % | (1) | % | |||||||||||||||||||||||||||||||||||||||
Foreign currency loss increased by $4.5 million during the three months ended June 30, 2022 compared to the three months ended June 30, 2021 primarily due to a decrease in the value of the British pound relative to the U.S. dollar.
Foreign currency loss increased by $6.5 million during the six months ended June 30, 2022 compared to the six months ended June 30, 2021 primarily due to a decrease in the value of the British pound relative to the U.S. dollar.
44
Liquidity and Capital Resources
The following table summarizes our cash and cash equivalents, accounts receivable, working capital and unused available borrowings (in thousands):
| December 31, 2021 | June 30, 2022 | ||||||||||
| Cash and cash equivalents | $ | 233,467 | $ | 157,038 | |||||||
| Restricted cash | 95 | 81 | |||||||||
Working capital(1) | 31,375 | (29,590) | |||||||||
| Accounts receivable and contract assets, net | 111,085 | 92,206 | |||||||||
| Unused available borrowings | 50,000 | 60,000 | |||||||||
(1)We define working capital as current assets less current liabilities. See our consolidated financial statements for further details regarding our current assets and current liabilities.
Our cash and cash equivalents are available for working capital purposes. We do not enter into investments for trading purposes, and our investment policy is to invest any excess cash in short-term, highly liquid investments that limit the risk of principal loss. Currently, a significant portion of our cash and cash equivalents are held in money market accounts and fully FDIC-insured demand deposit accounts. As of June 30, 2022, our demand deposit accounts earned up to a 0.50% annual rate of interest. As of June 30, 2022, $3.0 million of our cash and cash equivalents were in the United Kingdom. While our investment in Cardlytics UK Limited is not considered indefinitely invested, we do not plan to repatriate these funds.
Through June 30, 2022, we have incurred accumulated net losses of $604.6 million since inception, including net loss of $126.3 million and $93.3 million for the three and six months ended June 30, 2022, respectively. We expect to incur additional operating losses as we continue our efforts to grow our business. We have historically financed our operations and capital expenditures through convertible note financings, private placements of preferred stock, public offerings of our common stock, lines of credit, term loans and convertible senior notes. Through June 30, 2022, we have received net proceeds of $222.7 million from the issuance of convertible senior notes, net proceeds of $196.2 million from the issuance of preferred stock and convertible promissory notes and net proceeds of $611.1 million from public equity offerings.
On May 5, 2021, we completed the acquisition of Bridg. As a part of this acquisition, we have agreed to make a First Anniversary Payment equal to 20 times the ARR based on the month preceding the anniversary, less $12.5 million, and a Second Anniversary Payment equal to 15 times the ARR for customers as of the first anniversary based on the month preceding the second anniversary, less the prior ARR at the first anniversary. The Second Anniversary Payment is subject to a specified cap. We have agreed to pay at least 30% of the First Anniversary Payment and the Second Anniversary Payment in cash, with the remainder to be paid in cash or our common stock, at our option.
Our other future capital requirements will depend on many factors, including our growth rate, the timing and extent of spending to support research and development efforts, our merger and acquisition efforts, the continued expansion of sales and marketing activities, the enhancement of our platforms, the introduction of new solutions, the continued market acceptance of our solutions and the extent of the impact of COVID-19 on our operational and financial performance. We expect to continue to incur operating losses for the foreseeable future and may require additional capital resources to continue to grow our business. We believe that current cash and cash equivalents will be sufficient to fund our operations and capital requirements for at least the next 12 months following the date our consolidated financial statements were issued. However, if our access to capital is restricted or our borrowing costs increase, our operations and financial condition could be materially and adversely impacted. In the event that additional financing is required from outside sources, we may not be able to raise such financing on terms acceptable to us or at all.
Sources of Material Cash Requirements
In March 2022, we entered into a cloud hosting arrangement guaranteeing an aggregate spend of $7.2 million over the first twelve months of the arrangement. Besides this arrangement, there were no material changes outside of the ordinary course of business in our material cash requirements for the three and six months ended June 30, 2022 from the material cash requirements disclosed in “Management’s Discussion and Analysis of Financial Condition and Results of Operations” set forth in our Annual Report on Form 10-K.
45
Sources of Funds
Proceeds from Issuance of Common Stock
On March 5, 2021, we closed a public equity offering in which we sold 3,850,000 shares of common stock at a public offering price of $130.00 per share. We received total net proceeds of $484.0 million after deducting underwriting discounts and commissions of $16.3 million and offering costs of $0.2 million.
2020 Convertible Senior Notes
In September 2020, we issued convertible senior notes with an aggregate principal amount of $230.0 million bearing an interest rate of 1.00% due in 2025 (the "Notes"). The net proceeds from this offering were $222.7 million, after deducting the initial purchasers' discounts and commissions and the estimated offering expenses payable by us. We used $26.5 million of the net proceeds to pay the cost of capped call transactions. We intend to use the remainder of the net proceeds for working capital or other general corporate purposes, which may include potential acquisitions and strategic transactions.
2018 Loan Facility
In April 2022, we amended our loan facility with Pacific Western Bank (the "2018 Loan Facility") to increase the capacity of our asset-backed revolving line of credit (the "2018 Line of Credit") from $50.0 million to $60.0 million upon the completion of the bank's audit and an option to increase to $75.0 million upon syndication. As of June 30, 2022 the bank’s audit was complete. This amendment also extended the maturity date of the 2018 Loan Facility from December 31, 2022 to April 29, 2024. As part of this amendment, the former cash covenant, as described below, was removed and was replaced with a requirement to maintain a minimum level of adjusted contribution and a $25.0 million adjusted cash minimum.
In December 2020, we amended our 2018 Loan Facility to increase the capacity of our 2018 Line of Credit from $40.0 million to $50.0 million. This amendment also extended the maturity date of the 2018 Loan Facility from May 14, 2021 to December 31, 2022. Prior to the December 2020 amendment, the 2018 Loan Facility contained moving trailing 12-month billing covenants, which ranged from $210.0 million to $255.0 million, during the term of the facility. The former terms of the 2018 Loan Facility also required us to maintain a total cash balance plus liquidity under the 2018 Line of Credit of not less than $5.0 million. Effective with the December 2020 amendment, the former billings and liquidity covenants were removed and were replaced with a requirement to maintain a cash to funded senior debt ratio under the 2018 Line of Credit of 1.25:1.00.
We have made no borrowings or repayments on the 2018 Line of Credit during the six months ended June 30, 2022. As of June 30, 2022, we had no outstanding borrowings on our 2018 Line of Credit and had $60.0 million of unused borrowings available. Under the terms of the 2018 Line of Credit, we are able to borrow up to the lesser of $60.0 million or 85% of the amount of our eligible accounts receivable. Interest on advances bears an interest rate equal to the prime rate or 4.75% as of June 30, 2022. In addition, we are required to pay an unused line fee of 0.15% per annum on the average daily unused amount of the $60.0 million revolving commitment. We believe that we are compliant with all financial covenants as of June 30, 2022.
Uses of Funds
Our collection cycles can vary from period to period based on the payment practices of our marketers and their agencies. We are generally obligated to pay Consumer Incentives with respect to the Cardlytics platform between one and three months following redemption, regardless of whether we have collected payment from a marketer or its agency. We are generally obligated to pay Partner Share either three months following marketer billings, regardless of whether we have collected payment from a marketer or its agency, or by the end of the month following our collection of payment from the applicable marketer or its agency. As a result, timing of cash receipts from our marketers can significantly impact our operating cash flows for any period. Further, the timing of payment of commitments and implementation fees to our partners may also result in variability of our operating cash flows for any period.
Our operating cash flows also vary from quarter to quarter due to the seasonal nature of our marketers’ advertising spending. Many marketers tend to devote a significant portion of their marketing budgets to the fourth quarter of the calendar year to coincide with consumer holiday spending and reduce marketing spend in the first quarter of the calendar year. Any lag between the timing of our payment of Consumer Incentives and our receipt of payment from marketers and their agencies can exacerbate our need for working capital during the first quarter of the calendar year.
46
The following table summarizes our cash flows for the periods presented (in thousands):
| Six Months Ended June 30, | |||||||||||
| 2021 | 2022 | ||||||||||
| Cash, cash equivalents and restricted cash — Beginning of period | $ | 293,349 | $ | 233,562 | |||||||
| Net cash used in operating activities | (27,510) | (26,369) | |||||||||
| Net cash used in investing activities | (500,410) | (9,303) | |||||||||
| Net cash received from (used in) financing activities | 485,403 | (39,802) | |||||||||
| Effect of exchange rates on cash, cash equivalents and restricted cash | (118) | (969) | |||||||||
| Cash, cash equivalents and restricted cash — End of period | $ | 250,603 | $ | 157,119 | |||||||
Operating Activities
Cash used in operating activities is primarily driven by our operating loss and changes in working capital for the six months ended June 30, 2021. We expect that we will continue to use cash in operating activities in 2022 as we invest in our business.
Operating activities used $26.4 million of cash during the six months ended June 30, 2022, which reflected our net loss of $93.3 million, which included $139.2 million of non-cash charges offset by a $68.0 million change in estimated contingent consideration, and a $4.3 million change in our net operating assets and liabilities. The non-cash charges primarily related to goodwill impairment, stock-based compensation expense, depreciation and amortization expense, amortization of right–of–use assets and credit losses expense. The change in our net operating assets and liabilities was primarily due to a $5.8 million decrease in other accrued expenses, a $4.8 million decrease in Partner Share liability and a $9.7 million decrease in our Consumer Incentive liability, partially offset by a $19.7 million decrease in accounts receivable. These fluctuations are primarily driven by the quarterly seasonality of our business.
Operating activities used $27.5 million of cash during the six months ended June 30, 2021, which reflected our net loss of $72.2 million and a $0.8 million change in our net operating assets and liabilities, partially offset by $43.9 million of non-cash charges. The non-cash charges primarily related to stock-based compensation expense, depreciation and amortization expense, amortization of right–of–use assets, deferred implementation costs and credit losses expense. The change in our net operating assets and liabilities was primarily due to a $10.2 million decrease in accounts receivable, partially offset by a $8.8 million decrease in Partner Share liability and a $2.8 million decrease in our Consumer Incentive liability. These decreases were primarily a result of significantly lower sales during the first half of 2021, primarily caused by seasonality, compared to the second half of 2022.
Investing Activities
Our cash flows from investing activities are primarily driven by our investments in, and purchases of, property and equipment and costs to develop internal-use software. We expect that we will continue to use cash for investing activities in 2022 as we continue to invest in and grow our business.
Investing activities used $500.4 million and $9.3 million in cash during the six months ended June 30, 2021 and 2022, respectively. Our investing cash flows during the six months ended June 30, 2022 primarily consisted of funds used for the acquisition of Entertainment, purchases of technology hardware and the capitalization of costs to develop internal-use software. Our investing cash flows during six months ended June 30, 2021 primarily consisted of funds used for the acquisitions of Dosh and Bridg, purchases of technology hardware and the capitalization of costs to develop internal-use software.
Financing Activities
Our cash flows from financing activities have primarily been composed of net proceeds from our borrowings under our debt facilities, the issuance of the Notes and the issuance of common stock.
Financing activities used $39.8 million in cash during the six months ended June 30, 2022, consisting of $40.0 million used to repurchase shares of our common stock, partially offset by proceeds received in connection with the exercise of stock options.
Financing activities provided $485.4 million in cash during the six months ended June 30, 2021. During the six months ended June 30, 2021, we raised total gross proceeds of $500.5 million, or net proceeds of $484.0 million after deducting underwriting discounts and commissions of $16.3 million and offering costs of $0.2 million from our public equity offering in which we sold 3,850,000 shares of common stock at a public offering price of $130.00 per share.
47
Off-Balance Sheet Arrangements
We did not have any off-balance sheet arrangements as defined in Item 303(a)(4)(ii) of Regulation S-K.
Critical Accounting Policies and Estimates
Our condensed consolidated financial statements are prepared in accordance with GAAP. The preparation of these condensed consolidated financial statements requires us to make estimates and assumptions that affect the reported amounts of assets, liabilities, revenue, expenses and related disclosures. We evaluate our estimates and assumptions on an ongoing basis.
We believe that the assumptions and estimates associated with the evaluation of revenue recognition criteria, including the determination of revenue recognition as net versus gross in our revenue arrangements, the assumptions used in the valuation models to determine the fair value of equity awards and stock-based compensation expense, the assumptions used both in the initial valuation and ongoing impairment analysis of acquired intangible assets of Dosh, Bridg and Entertainment, the assumptions used in the valuation of contingent consideration related to Bridg's potential first and second anniversary payments, and the assumptions required in determining any valuation allowance recorded against deferred tax assets have the greatest potential impact on our condensed consolidated financial statements.
Therefore, we consider these to be our critical accounting policies and estimates. By their nature, estimates are subject to an inherent degree of uncertainty. Actual results could differ materially from these estimates. There have been no material changes to our critical accounting policies and estimates from those disclosed in our Annual Report on Form 10-K/Afor the year ended December 31, 2021, except as it relates to our adoption of ASU 2020-06. Refer to Note 2 - Significant Account Policies and Recent Accounting Standards to our condensed consolidated financial statements for a description of the impact of our adoption of ASU 2020-06.
ITEM 3. QUALITATIVE AND QUANTITATIVE DISCLOSURES ABOUT MARKET RISK
Market risk represents the risk of loss that may impact our financial position due to adverse changes in financial market prices and rates. Our market risk exposure is primarily the result of fluctuations in interest rates and foreign exchange rates.
Interest Rate Risk
The interest rates under the 2018 Line of Credit are variable. Interest on advances under the 2018 Line of Credit bears an interest rate of the prime rate or 4.75%. As of June 30, 2022, the prime rate was 4.75% and a 10% increase in the current prime rate would, for example, result in a $0.2 million annual increase in interest expense if the maximum amount under the 2018 Line of Credit was outstanding for an entire year. The interest rate on the 2020 Convertible Senior Notes is fixed at 1.00%.
Foreign Currency Exchange Risk
Both revenue and operating expense of Cardlytics UK Limited are denominated in British pounds, and we bear foreign currency risks related to these amounts. For example, if the average value of the British pound had been 10% higher relative to the U.S. dollar during the six months ended June 30, 2021 and 2022, our operating expense would have increased by $0.7 million and $0.5 million, respectively. Our foreign currency risks related to expenses denominated in Indian rupees are insignificant.
Inflation Risk
Historically, we do not believe that inflation has had a material effect on our business, financial condition or results of operations. During the last year our partners have been faced with inflationary pressure. This could potentially impact our current business products and strategy. We continue to monitor the impact of inflation in order to reduce its effects through pricing strategies, productivity improvements, and cost reductions. If our costs were to become subject to significant inflationary pressures, we may not be able to fully offset such higher costs through price increases. Our inability or failure to do so could harm our business, financial condition and results of operations.
ITEM 4. CONTROLS AND PROCEDURES
Evaluation of Disclosure Controls and Procedures
Our management, with the participation of our principal executive officer and principal financial officer, has evaluated the effectiveness of our disclosure controls and procedures (as defined in Rules 13a-15(e) and 15d-15(e)) under the Securities Exchange Act of 1934, as amended ("Exchange Act"), as of the end of the period covered by this Quarterly Report on Form 10-Q. Based upon that evaluation, our Chief Executive Officer and Chief Financial Officer have concluded that as of June 30, 2022, due to the identification of a material weakness in our internal control over financial reporting, as further described in Item 9A of our Annual Report on Form 10-K/A filed with the SEC on May 2, 2022, respectively, the Company's disclosure controls and procedures were not effective.
48
Changes in Internal Control Over Financial Reporting
Aside from our remediation efforts as described below, there was no change in our internal control over financial reporting (as defined in Rules 13a-15(f) and 15d-15(f) under the Exchange Act) that occurred during the period covered by this Quarterly Report on Form 10-Q that has materially affected, or is reasonably likely to materially affect, our internal control over financial reporting. We completed our acquisition of Dosh on March 5, 2021, our acquisition of Bridg on May 5, 2021, and our acquisition of Entertainment on January 7, 2022. As a result of the acquisitions, we have incorporated internal controls over significant processes specific to the acquisitions that we believe to be appropriate and necessary in consideration of the level of related integration. In accordance with our integration efforts, we have incorporated Dosh's and Bridg's operations and plan to incorporate Entertainment's operations into our internal control over financial reporting program within the time provided by the applicable rules and regulations of the U.S. Securities and Exchange Commission.
During the six months ended June 30, 2022, we have taken, and continue to take, the actions described below to remediate the material weakness identified regarding our internal controls related to our review of the reports of third-party valuation specialists, as further described in Item 9A of our Annual Report on Form 10-K and Form 10-K/A filed with the SEC on March 1, 2022 and May 2, 2022, respectively. Management performed the following remediation actions during the six months ended June 30, 2022:
•Evaluated the design of the level of precision of the review of third-party valuation specialists.
•Enhanced level of precision of the review of third-party valuation specialists.
Our remediation efforts were ongoing during the six months ended June 30, 2022. To remediate our existing material weakness, we require additional time to complete the implementation of our remediation plans and demonstrate the effectiveness of our remediation efforts. The material weakness cannot be considered remediated until the applicable remedial controls operate for a sufficient period of time and management has concluded, through testing, that these controls are operating effectively.
PART II. OTHER INFORMATION
ITEM 1. LEGAL PROCEEDINGS
From time to time we may become involved in legal proceedings or be subject to claims arising in the ordinary course of our business. We are not presently a party to any legal proceedings that, if determined adversely to us, would individually or taken together have a material adverse effect on our business, operating results, financial condition or cash flows. Regardless of the outcome, litigation can have an adverse impact on us because of defense and settlement costs, diversion of management resources and other factors.
49
ITEM 1A. RISK FACTORS
Investing in our common stock involves a high degree of risk. You should carefully consider the risks and uncertainties described below, together with all of the other information contained in this report, and in our other public filings in evaluating our business. Our business, financial condition, operating results, cash flow, and prospects could be materially and adversely affected by any of these risks or uncertainties. In that event, the market price of our common stock could decline, and you could lose part or all of your investment.
Risks Related to our Business and Industry
The ongoing COVID-19 pandemic could materially and adversely affect our business, results of operations and financial condition.
In March 2020, the World Health Organization declared the outbreak of COVID-19 a pandemic, which continues to spread throughout the United States and the world and has resulted in authorities, implementing numerous measures to contain the virus. While we are unable to accurately predict the full impact that COVID-19 will have on our results from operations, financial condition, liquidity and cash flows due to numerous uncertainties, including the duration and severity of the pandemic and containment measures, our compliance with these measures has impacted our day-to-day operations and could disrupt our business and operations, as well as that of our marketers, partners, suppliers and others with whom we work, for an indefinite period of time. To support the health and well-being of our employees, marketers, partners and communities, our employees began working remotely in March 2020 and are still largely working from home. In addition, many of our marketers and prospective marketers, as well as our partners, are working remotely. The disruptions to our operations caused by COVID-19 may result in inefficiencies, delays and additional costs that we cannot fully mitigate through remote or other alternative work arrangements. In addition, given the economic uncertainty created by COVID-19, including supply-chain disruptions and inflationary pressures, we have and may continue to see delays in our sales cycle, failures of marketers to renew at all or to renew at a reduced scope their agreements with us, requests from marketers for payment term deferrals as well as pricing concessions, which, if significant, could materially and adversely affect our business, results of operations and financial condition. The extent of the impact of COVID-19 on our operational and financial performance will depend on certain developments, including the duration and spread of the outbreak, its impact on industry events, and its effect on consumer spending, our marketers, partners, suppliers and vendors and other parties with whom we do business, all of which are uncertain and cannot be predicted at this time. To the extent possible, we are conducting business as usual, with necessary or advisable modifications to employee work locations. We will continue to actively monitor the rapidly evolving situation related to COVID-19 and may take actions that alter our business operations, including those that may be required by federal, foreign, state or local authorities, or that we determine are in the best interests of our employees, marketers, partners, suppliers, vendors and stockholders. At this point, the extent to which the COVID-19 pandemic may impact our business, results of operations and financial condition is uncertain.
More generally, the pandemic raises the possibility of an extended global economic downturn and has caused volatility in financial markets, which could materially and adversely affect demand for our solution and materially and adversely impact our results and financial condition even after the pandemic is contained and remaining public safety measures orders are lifted. The pandemic may also have the effect of heightening many of the other risks described in this “Risk Factors” section, including risks associated with our guidance, our marketers, our potential marketers, our market opportunity, renewals and sales cycle, among others. We will continue to evaluate the nature and extent of the impact of COVID-19 on our business.
The full extent of COVID-19’s impact on our operations and financial performance depends on future developments that are uncertain and unpredictable, including the duration and spread of the pandemic, the resurgence or additional mutations of the virus, the effectiveness of the vaccines or effective therapeutics for the virus, the virus’ impact on capital and financial markets, the timing of an economic recovery and any new information that may emerge concerning the severity of the virus, its spread to other regions as well as the actions taken to contain it, among others. Any of these impacts could have a material adverse impact on our business, results of operations and financial condition and ability to execute and capitalize on our strategies. Due to the current uncertainty regarding the severity and duration of the COVID-19 pandemic, we cannot predict whether our response to date or the actions we may take in the future will be effective in mitigating the effects of COVID-19 on our business, results of operations or financial condition.
50
Unfavorable conditions, including inflationary pressure, in the global economy or the industries we serve could limit our ability to grow our business and negatively affect our operating results.
General worldwide economic conditions have experienced significant instability in recent years including the recent global economic uncertainty and financial market conditions, including inflationary pressure, caused by the COVID-19 pandemic and the current hostilities between Russia and Ukraine. These conditions make it extremely difficult for marketers and us to accurately forecast and plan future business activities and could cause marketers to continue to reduce or delay their marketing spending. For example, there has been an impact from the COVID-19 pandemic on spending by our marketers. We have also seen disruption in consumer spending in our data and it is impossible to predict the duration of the disruption. At this time, the potential impact on marketer spend and consumer spending from the COVID-19 pandemic is difficult to predict and, therefore, it is not possible to fully determine the impact on our future results. Historically, economic downturns have resulted in overall reductions in marketing spending. Alternatively, as the market recovers from the pandemic, marketing spend may be volatile and unpredictable as certain industries recover at different speeds. If macroeconomic conditions deteriorate or are characterized by uncertainty or volatility, marketers may curtail or freeze spending on marketing in general and for services such as ours specifically, which could have a material and adverse impact on our business, financial condition and operating results.
In addition, our business may be materially and adversely affected by weak economic conditions in the industries that we serve. We have historically generated a substantial majority of our revenue from marketers in the restaurant, brick and mortar retail, telecommunications and cable industries, and have recently entered new industries such as travel and entertainment, direct-to-consumer, grocery and gas. All of these industries have been negatively impacted by the pandemic and inflationary pressure and certain precautions taken to control the pandemic and inflationary pressure. We cannot predict the timing, strength or duration of any economic slowdown or recovery. In addition, we cannot predict the timing, strength or duration of any economic slowdown or recovery. In addition, even if the overall economy is robust, we cannot assure you that the market for services such as ours will experience growth or that we will experience growth.
Our quarterly operating results have fluctuated and may continue to vary from period to period, which could result in our failure to meet expectations with respect to operating results and cause the trading price of our stock to decline.
Our operating results have historically fluctuated, and our future operating results may vary significantly from quarter to quarter due to a variety of factors, many of which are beyond our control. Period-to-period comparisons of our operating results should not be relied upon as an indication of our future performance. Given our relatively short operating history and the rapidly evolving purchase intelligence industry, our historical operating results may not be useful in predicting our future operating results.
Factors that may impact our quarterly operating results include the factors set forth in this “Risk Factors” section, as well as the following:
•our ability to maintain and grow our business in light of the global COVID-19 pandemic and precautions taken to reduce the risk of this virus;
•our ability to attract and retain marketers and partners;
•the amount and timing of revenue, operating costs and capital expenditures related to the operations and expansion of our business, particularly with respect to our efforts to attract new marketers and partners to our network;
•the revenue mix revenue generated from our operations in the U.S. and U.K.;
•the revenue mix generated from the operations of Cardlytics, Inc. and its subsidiaries;
•decisions made by our FI partners to increase Consumer Incentives or use their Partners Share to fund their Consumer Incentives;
51
•changes in the economic prospects of marketers, the industries that we primarily serve, or the economy generally, which could alter marketers’ spending priorities or budgets;
•the termination or alteration of relationships with our partners in a manner that impacts ongoing or future marketing campaigns;
•reputational harm;
•the amount and timing of expenses required to grow our business, including the timing of our payments of Partner Share and Partner Share commitments as compared to the timing of our receipt of payments from our marketers;
•changes in demand for our solutions or similar solutions;
•seasonal trends in the marketing industry;
•competitive market position, including changes in the pricing policies of our competitors;
•exposure related to our international operations and foreign currency exchange rates;
•quarantine, private travel limitation, or business disruption in regions affecting our operations, stemming from actual, imminent or perceived outbreak of contagious disease, including the COVID-19 pandemic;
•volatile recovery from the pandemic, including inflationary pressure;
•other events or factors, including those resulting from war, such as the current hostilities between Russia and Ukraine or incidents of terrorism;
•expenses associated with items such as litigation, regulatory changes, cyberattacks or security breaches;
•the introduction of new technologies, products or solution offerings by competitors; and
•costs related to acquisitions of other businesses or technologies.
Fluctuations in our quarterly operating results, non-GAAP metrics and other metrics and the price of our common stock may be particularly pronounced in the current economic environment due to the uncertainty caused by and the unprecedented nature of the current COVID-19 pandemic. Each factor above or discussed elsewhere in this "Risk Factors" section or the cumulative effect of some of these factors may result in fluctuations in our operating results. This variability and unpredictability could result in our failure to meet expectations with respect to operating results, or those of securities analysts or investors, for a particular period. If we fail to meet or exceed expectations for our operating results for these or any other reasons, the market price of our stock could fall and we could face costly lawsuits, including securities class action suits.
We may not be able to sustain our revenue and billings growth rate in the future.
Our revenue increased 28% from $58.9 million during the three months ended June 30, 2021 to $75.4 million during three months ended June 30, 2022. Our billings increased 26% from $85.3 million during the three months ended June 30, 2021 to $107.7 million during three months ended June 30, 2022. We may not be able to maintain year-over-year revenue and billings growth in the near term or at all. We expect revenue and billings growth rates will continue to be negatively impacted by the COVID-19 pandemic, and you should not consider our revenue and billings growth in any specific historical periods as indicative of our future performance. Our revenue and billings may be negatively impacted in future periods due to a number of factors, including slowing demand for our solutions, increasing competition, decreasing growth of our overall market, inflationary pressure, our inability to engage and retain a sufficient number of marketers or partners, or our failure, for any reason, to capitalize on growth opportunities. If we are unable to maintain consistent revenue, revenue growth or billings growth, our stock price could be volatile, and it may be difficult for us to achieve and maintain profitability.
We are dependent upon the Cardlytics platform.
Substantially all of our revenue and billings during the three months ended June 30, 2021 and 2022 were derived from sales of advertising via the Cardlytics platform. We have historically derived substantially all of our revenue and billings from our Cardlytics platform. Our operating results could suffer due to:
•lack of continued participation by FI partners in our network or our failure to attract new FI partners;
•any decline in demand for the Cardlytics platform by marketers or their agencies;
•failure by our FI partners to increase engagement with our solutions within their customer bases, improve their customers’ user experience, increase customer awareness, leverage additional customer outreach channels like email or otherwise promote our incentive programs on their websites and mobile applications, including by making the programs difficult to access or otherwise diminishing their prominence;
•our failure to offer compelling incentives to our FI partners’ customers;
•FI partners may elect to use their Partner Share to fund their Consumer Incentives;
52
•the introduction by competitors of products and technologies that serve as a replacement or substitute for, or represent an improvement over, the Cardlytics platform, or an FI partner’s decision to implement any existing or future product or technology of a competitor alongside, or in lieu, of the Cardlytics platform;
•FI partners developing, or acquiring, their own technology to support purchase intelligence marketing or other incentive programs;
•technological innovations or new standards that the Cardlytics platform does not address; and
•sensitivity to current or future prices offered by us or competing solutions.
In addition, in the majority of instances we would be required to pay Consumer Incentives associated with the Cardlytics platform marketing campaigns even if the amount of such Consumer Incentives exceeded the amount of billings that we are paid by the applicable marketer. Further, we are often required to pay such Consumer Incentives before we receive payment from the applicable marketer. Accordingly, if the amount of Consumer Incentives that we are required to pay materially exceeds the billings that we receive or we encounter any significant failure to ultimately collect payment, our business, financial condition and operating results could be adversely affected.
If we are unable to grow our revenue and billings from sales of the Cardlytics platform, our business and operating results would be harmed.
We are substantially dependent on Chase, Bank of America, Wells Fargo and a limited number of other FI partners.
We require participation from our FI partners in the Cardlytics platform and access to their purchase data in order to offer our solutions to marketers and their agencies. We must have FI partners with a sufficient number of customers and levels of customer engagement to ensure that we have robust purchase data and marketing space to support a broad array of incentive programs for marketers.
In addition, we pay most of our FI partners a Partner Share, which is a negotiated and fixed percentage of our billings less certain costs. During the six months ended June 30, 2021, our top two FI partners combined to account for over 75% of the total Partner Share we paid to all partners, with each representing over 30%. During the six months ended June 30, 2022, our top three FI partners combined to account for over 75% of the total Partner Share we paid to all partners, with the top two FI partners each representing over 20% and third largest FI partner representing over 10% of Partner Share. No other partner accounted for over 10% of Partner Share during these periods.
Our agreements with a substantial majority of our FI partners have three- to seven-year terms but are generally terminable by the FI partner on 90 days or less prior notice. If an FI partner terminates its agreement with us, we would lose that FI as a source of purchase data and online banking customers. Our FI partners may elect to withhold from us or limit the use of their purchase data for many reasons, including:
•a change in the business strategy;
•if there is a competitive reason to do so;
•if new technical requirements arise;
•concern by our FI Partners or their customers related to our use of purchase data;
•if they choose to develop and use in-house solutions or use a competitive solution in lieu of our solutions; and
•if legislation is passed restricting the dissemination, or our use, of the data that is currently provided to us or if judicial interpretations result in similar limitations.
To the extent that we breach or are alleged to have breached the terms of our agreement with any FI partner, or a disagreement arises with an FI partner regarding the interpretation of our contractual arrangements, which has occurred in the past and may occur again in the future, such an FI partner may be more likely to cease providing us data or to terminate its agreement with us. The loss of Bank of America, Chase, Wells Fargo or any other significant FI partner would significantly harm our business, results of operations and financial conditions.
53
We may fail to meet our publicly announced guidance or other expectations about our business and future operating results, which would cause our stock price to decline.
We have provided and may continue to provide guidance about our business, future operating results and other business metrics. In developing this guidance, our management must make certain assumptions and judgments about our future performance. Some of those key assumptions relate to the impact of COVID-19 and the associated economic uncertainty on our business and the timing and scope of economic recovery globally, which are inherently difficult to predict. Furthermore, analysts and investors may develop and publish their own projections of our business, which may form a consensus about our future performance. Our business results may vary significantly from such guidance or that consensus due to a number of factors, many of which are outside of our control, including due to the global economic uncertainty and financial market conditions caused by the COVID-19 pandemic, which could adversely affect our operations and operating results. Furthermore, if we make downward revisions of any publicly announced guidance, or if our publicly announced guidance of future operating results fails to meet expectations of securities analysts, investors or other interested parties, the price of our common stock would decline.
If we fail to maintain our relationships with current FI partners or attract new FI partners, we may not be able to sufficiently grow our revenue, which could significantly harm our business, results of operations and financial condition.
Our ability to grow our revenue depends on our ability to maintain our relationships with current FI partners and attract new FI partners. A significant percentage of consumer credit and debit card spending is concentrated with the 10 largest FIs in the U.S., five of which are currently part of our network, while the balance of card spending is spread across thousands of smaller FIs. Accordingly, our ability to efficiently grow our revenue will specifically depend on our ability to maintain our relationships with the large FIs that are currently part of our network and establish relationships with the large FIs that are not currently part of our network. In addition, we must continue to maintain our relationships with our existing bank processor and digital banking provider FI partners and attract new such FI partners because these FI partners aggregate smaller FIs into our network. We have in the past and may in the future be unsuccessful in attempts to establish and maintain relationships with large FIs. If we are unable to maintain our relationships with current FI partners and attract new FI partners, maintain our relationships with our existing bank processor and digital banking provider partners or attract new bank processor and digital provider partners, our business, results of operations and financial condition would be significantly harmed, and we may fail to capture a material portion of the native bank advertising market opportunity.
Our future success will depend, in part, on our ability to expand into new industries.
We have historically generated a substantial majority of our revenue from marketers in the restaurant, brick and mortar retail, telecommunications and cable industries, and have recently entered new industries such as travel and entertainment, direct-to-consumer, grocery and gas, and believe that our future success will depend, in part, on our ability to expand adoption of our solutions in new industries. As we market to a wider group of potential marketers and their agencies, we will need to adapt our marketing strategies to meet the concerns and expectations of customers in these new industries. Our success in expanding sales of our solutions to marketers in new industries will depend on a variety of factors, including our ability to:
•tailor our solutions so that they that are attractive to businesses in such industries;
•hire personnel with relevant industry experience to lead sales and services teams; and
•develop sufficient expertise in such industries so that we can provide effective and meaningful marketing programs and analytics.
If we are unable to successfully market our solutions to appeal to marketers and their agencies in new industries, we may not be able to achieve our growth or business objectives.
We derive a material portion of our revenue from a limited number of marketers, and the loss of one or more of these marketers could adversely impact our business, results of operations and financial conditions.
Our revenue and accounts receivable are diversified among a large number of marketers segregated by both geography and industry. During each of the six months ended June 30, 2021 and 2022, our top five marketers accounted for 34% and 21% of our revenue, respectively, with one marketer accounting for over 10% during six months ended June 30, 2021 . As of June 30, 2021 and 2022, our top five marketers accounted for 30% and 19% of our accounts receivable, respectively, with one marketer representing over 10% as of June 30, 2021.
We do not have material long-term commitments from most of these marketers. If we were to lose one or more of our significant marketers, our revenue may significantly decline. In addition, revenue from significant marketers may vary from period-to-period depending on the timing or volume of marketing spend. Further, our credit risk is concentrated among a limited number of marketers. The loss of one or more of our significant marketers could adversely affect our business, results of operations and financial conditions.
54
An actual or perceived breach of the security of our systems could result in a disruption of our operations, or a third-party’s entry into our FI partners’ systems, which would be detrimental to our business, reputation, financial condition and operating results.
We leverage our FI partners’ purchase data and infrastructures to deliver our Cardlytics platform. We do not currently receive or have access to any personally identifiable information ("PII") from our FI partners, although we may obtain or have access to PII from our FI partners in the future as our business evolves. However, because of the interconnected nature of our infrastructure with that of our FI partners, there is a risk that third parties may attempt to gain access to our systems, or our FI partners’ systems through our systems, for the purpose of stealing sensitive or proprietary data, accessing sensitive information on our network, or disrupting our or their respective operations. Additionally, we receive and have access to PII as a result of other aspects of our business. In turn, we may be a more visible target for cyberattacks and/or physical breaches of our databases or data centers, and we may in the future suffer from such attacks or breaches. Cyberattacks, malicious internet-based activity and online and offline fraud are prevalent and continue to increase. In addition to traditional computer “hackers,” threat actors, software bugs, malicious code (such as viruses and worms), employee theft or misuse, denial-of-service attacks (such as credential stuffing), and ransomware attacks, sophisticated nation-state and nation-state supported actors now engage in attacks (including advanced persistent threat intrusions). We also may be the subject of phishing attacks, viruses, malware installation, server malfunction, software or hardware failures, loss of data or other computer assets, adware, malicious or unintentional actions or in actions by employees or others with authorized access to our network that create or expose vulnerabilities or other similar issues.
Current or future criminal capabilities, discovery of existing or new vulnerabilities in our systems and attempts to exploit those vulnerabilities or other developments may compromise or breach the technology protecting our systems. Due to a variety of both internal and external factors, including defects or misconfigurations of our technology, our services could become vulnerable to security incidents (both from intentional attacks and accidental causes) that cause them to fail to secure networks and detect and block attacks. In the event that our protection efforts are unsuccessful, and our systems are compromised such that a third-party gains entry to our or any of our FI partners’ systems, we could suffer substantial harm. In addition, due to the COVID-19 pandemic, we have transitioned the vast majority of our employees to remote work, which may make us more vulnerable to cyberattacks. A security breach could result in operational or administrative disruptions, or impair our ability to meet our marketers’ requirements, which could result in decreased revenue. Also, our reputation could suffer irreparable harm, causing our current and prospective marketers and FI partners to decline to use our solutions in the future. Further, we could be forced to expend significant financial and operational resources to protect against or in response to a security incident, including repairing system damage, increasing cybersecurity protection costs by deploying additional personnel and protection technologies, dealing with regulatory scrutiny, and litigating and resolving legal claims, all of which could divert resources and the attention of our management and key personnel away from our business operations. In any event, an actual or suspected breach of the security of our systems or data could materially harm our business, financial condition and operating results.
We cannot assure you that any limitations of liability provisions in our contracts would be enforceable or adequate or would otherwise protect us from any liabilities or damages with respect to any particular claim relating to a security lapse or breach. While we maintain cybersecurity insurance, our insurance may be insufficient or may not cover all liabilities incurred by such attacks. We also cannot be certain that our insurance coverage will be adequate for data handling or data security liabilities actually incurred, that insurance will continue to be available to us on economically reasonable terms, or at all, or that any insurer will not deny coverage as to any future claim. The successful assertion of one or more large claims against us that exceeds available insurance coverage, or the occurrence of changes in our insurance policies, including premium increases or the imposition of large deductible or co-insurance requirements, could have a material adverse effect on our business, including our financial condition, operating results and reputation.
Our business could be adversely affected if marketers or their agencies are not satisfied with our solutions or our systems and infrastructure fail to meet their needs.
We derive nearly all of our revenue from marketers and their agencies. Accordingly, our business depends on our ability to satisfy marketers and their agencies with respect to their marketing needs. We are in the process of updating our platforms. Any failure of, or delays in the performance (or in the case of the self-service tool, the rollout) of, our systems could cause service interruptions or impaired system performance. Such failures in our systems could cause us to fail to maximize our earning potential with respect to any given marketing campaign. Such failures in our systems could also cause us to over-run on campaigns, thus committing us to higher redemptions, which may negatively affect the profitability of the affected campaigns. If sustained or repeated, these performance issues could adversely affect our business, financial condition or operating results, and further reduce the attractiveness of our solutions to new and existing marketers and cause existing marketers to reduce or cease using our solutions, which could also adversely affect our business, financial condition or operating results. In addition, negative publicity resulting from issues related to our marketer relationships, regardless of accuracy, may damage our business by adversely affecting our ability to attract new marketers or marketing agencies and maintain and expand our relationships with existing marketers.
55
If the use of our solutions increases, or if marketers or partners demand more advanced features from our solutions, we will need to devote additional resources to improving our solutions, and we also may need to expand our technical infrastructure at a more rapid pace than we have in the past. This may involve purchasing or leasing data center capacity and equipment, upgrading our technology and infrastructure and introducing new or enhanced solutions. It may take a significant amount of time to plan, develop and test changes to our infrastructure, and we may not be able to accurately forecast demand or predict the results we will realize from such improvements. There are inherent risks associated with changing, upgrading, improving and expanding our technical infrastructure. Any failure of our solutions to operate effectively with future infrastructure and technologies could reduce the demand for our solutions, resulting in marketer or partner dissatisfaction and harm to our business. Also, any expansion of our infrastructure would likely require that we appropriately scale our internal business systems and services organization, including without limitation implementation and support services, to serve our growing marketer base. If we are unable to respond to these changes or fully and effectively implement them in a cost-effective and timely manner, our solutions may become ineffective, we may lose marketers and/or partners, and our business, financial condition and operating results may be negatively impacted.
If we fail to generate sufficient revenue to offset our contractual commitments to FIs, our business, results of operations and financial conditions could be harmed.
We have minimum Partner Share commitment to a certain FI partner totaling $10.0 million over a 12-month period which began on April 1, 2022. To the extent that this commitment is expected to exceed the amount of Partner Share otherwise payable to such FI partner in the absence of such commitment, we accrue any expected shortfall over the commitment period. We accrued for zero and $0.9 million of expected minimum Partner Share commitment shortfalls as of December 31, 2021 and June 30, 2022, respectively.
To the extent that we are unable to generate revenue from marketers sufficient to offset our Partner Share commitments and other obligations, our business, results of operations and financial conditions could be harmed.
If we are unable to successfully integrate Dosh’s, Bridg's and Entertainment's businesses and employees, it could have an adverse effect on our future results and the market price of our common stock.
The success of our acquisitions of Dosh, Bridg and HSP EPI Acquisition, LLC ("Entertainment") will depend, in part, on our ability to integrate Dosh’s, Bridg’s and Entertainment's operations and to realize the anticipated benefits, including in certain instances annual net operating synergies and cost reductions from combining the businesses. These integrations may be complex and time-consuming.
The failure to successfully integrate and manage the challenges presented by the integration processes may result in our failure to achieve some or all of the anticipated benefits of the acquisitions. Potential difficulties that may be encountered in the integration processes, which may be enhanced as a result of our efforts to integrate both businesses concurrently, include the following:
•complexities associated with managing the larger combined company;
•integrating personnel from Dosh, Bridg and Entertainment with Cardlytics personnel;
•current and prospective employees may experience uncertainty regarding their future roles with our company, which might adversely affect our ability to retrain, recruit and motivate key personnel;
•difficulties ensuring the proper controls and policies are implemented and followed in the acquired and expanded business;
•increased cyber threats due to the expanded profile of the enlarged business as well as the challenges associated with ensuring the integrating and protecting the expanded IT footprint with security and prevention, detection and response protocols;
•potential lost sales and customers if Dosh's or Bridg's or Entertainment's partners or advertising clients, or our partners or advertising clients, decide not to do business with the combined company;
•issues associated with running a consumer-facing mobile application including proper notifications, rewards, and charges;
•potential lost sales and customers if our FI or advertising clients decide not to do business with the combined company;
•potential unknown liabilities and unforeseen expenses associated with the acquisitions;
•performance shortfalls as a result of the diversion of management's attention caused by integrating the companies' operations;.
•Legal or regulatory hurdles regarding privacy or other data rights in the United States and abroad; and
•Unanticipated challenges in expanding the businesses in the United States and abroad.
In addition, acquisitions are inherently risky, and our due diligence processes in connection with the acquisitions may have failed to identify significant problems, liabilities or other shortcomings or challenges of Dosh’s, Bridg's or Entertainment's businesses.
56
If any of these events were to occur, our ability to maintain relationships with customers, suppliers and employees or our ability to achieve the anticipated benefits of the acquisition could be adversely affected or could reduce our future earnings or otherwise adversely affect our business and financial results and, as a result, adversely affect the market price of our common stock
We have a short operating history, which makes it difficult to evaluate our future prospects and may increase the risk that we will not be successful.
We have a relatively short operating history, which limits our ability to forecast our future operating results and subjects us to a number of uncertainties, including with respect to our ability to plan for and model future growth. We have encountered and will continue to encounter risks and uncertainties frequently experienced by growing companies in developing industries. If our assumptions regarding these uncertainties, which we use to manage our business, are incorrect or change in response to changes in our markets, or if we do not address these risks successfully, our operating and financial results could differ materially from our expectations, our business could suffer and our stock price could decline. Any success that we may experience in the future will depend in large part on our ability to, among other things:
•maintain and expand our network of partners;
•build and maintain long-term relationships with marketers and their agencies;
•develop and offer competitive solutions that meet the evolving needs of marketers;
•expand our relationships with partners to enable us to use their purchase data for new solutions;
•improve the performance and capabilities of our solutions;
•successfully expand our business;
•successfully compete with other companies that are currently in, or may in the future enter, the markets for our solutions;
•increase market awareness of our solutions and enhance our brand;
•manage increased operating expenses as we continue to invest in our infrastructure to scale our business and operate as a public company; and
•attract, hire, train, integrate and retain qualified and motivated employees.
Any failure of our partners to effectively deliver and promote the online incentive programs that comprise the Cardlytics platform could materially and adversely affect our business.
We have spent the last several years and significant resources building out technology integrations with our partners to facilitate the delivery of incentive programs to our partners’ customers and measuring those customers subsequent in-store or digital spending. We are also reliant on our network of partners to promote their digital incentive programs, increase customer awareness and leverage additional customer outreach channels like email, all of which can increase customer engagement, as well as expand our network of partners. We believe that key factors in the success and effectiveness of our incentive program include the level of accessibility and prominence of the program on the partners’ website and mobile applications, as well as the user interface through which a customer is presented with marketing content. In certain cases, we have little control over the prominence of the incentive program and design of the user interface that our partners choose to use. To the extent that our partners de-emphasize incentive programs, make incentive programs difficult to locate on their website and/or mobile applications and/or fail to provide a user interface that is appealing to partners' customers, partners' customers may be less likely to engage with the incentive programs, which could negatively impact the amount of fees that we are able to charge our marketer customers in connection with marketing campaigns, and, therefore, our revenue. In addition, a failure by our partners to properly deliver or sufficiently promote marketing campaigns would reduce the efficacy of our solutions and impair our ability to attract and retain marketers and their agencies. As a result, the revenue we generate from our Cardlytics platform may be adversely affected, which would materially and adversely affect our business, financial condition and results of operations.
57
If we do not effectively grow and train our sales team, we may be unable to add new marketers or increase sales to our existing marketers and our business will be adversely affected.
We continue to be substantially dependent on our sales team to obtain new marketers and to drive sales with respect to our existing marketers. We believe that the characteristics and skills of the best salespeople for our solutions are still being defined, as our market is relatively new. Further, we believe that there is, and will continue to be, significant competition for sales personnel with the skills and technical knowledge that we require. Our ability to achieve significant revenue growth will depend, in large part, on our success in recruiting, training, integrating and retaining sufficient numbers of sales personnel to support our growth. New hires require significant training, and it may take significant time before they achieve full productivity. Our recent hires and planned hires may not become productive as quickly as we expect, and we may be unable to hire or retain sufficient numbers of qualified individuals in the markets where we do business or plan to do business. In addition, as we continue to grow, a large percentage of our sales team will be new to our company and our solutions. If we are unable to hire and train sufficient numbers of effective sales personnel, or the sales personnel are not successful in obtaining new marketers or increasing sales to our existing marketers, our business will be adversely affected.
We generally do not have long-term commitments from marketers, and if we are unable to retain and increase sales of our solutions to marketers and their agencies or attract new marketers and their agencies, our business, financial condition and operating results would be adversely affected.
Most marketers do business with us by placing insertion orders for particular marketing campaigns, either directly or through marketing agencies that act on their behalf. We often do not have any commitment from a marketer beyond the campaign governed by a particular insertion order, and we frequently must compete to win further business from a marketer. In most circumstances, our insertion orders may be canceled by marketers or their marketing agencies prior to the completion of all the campaigns contemplated in the insertion orders; provided that marketers or their agencies are required to pay us for services performed prior to cancellation. As a result, our success is dependent upon our ability to outperform our competitors and win repeat business from existing marketers, while continually expanding the number of marketers for which we provide services. To maintain and increase our revenue, we must encourage existing marketers and their agencies to increase their use of our solutions and add new marketers. Many marketers and marketing agencies, however, have only just begun using our solutions for a limited number of marketing campaigns, and our future revenue growth will depend heavily on these marketers and marketing agencies expanding their use of our solutions across campaigns and otherwise increasing their spending with us. Even if we are successful in convincing marketers and their agencies to use our solutions, it may take several months or years for them to meaningfully increase the amount that they spend with us. Further, larger marketers with multiple brands typically have individual marketing budgets and marketing decision makers for each of their brands, and we may not be able to leverage our success in securing a portion of the marketing budget of one or more of a marketer’s brands into additional business with other brands. Moreover, marketers may place internal limits on the allocation of their marketing budgets to digital marketing, to particular campaigns, to a particular provider or for other reasons. In addition, we are reliant on our FI network to have sufficient marketing inventory within the Cardlytics platform to place the full volume of advertisements contracted for by our marketers and their agencies. Any failure to meet these demands may hamper the growth of our business and the attractiveness of our solutions.
Our ability to retain and increase sales of our solutions and attract new marketers and their agencies may be adversely affected by competitive offerings, marketing methods that are lower priced or perceived as more effective than our solutions, or a general continued reduction or decline in spending by marketers due to the global economic uncertainty and financial market conditions caused by the COVID-19 pandemic. Larger marketers may themselves have a substantial amount of purchase data and they may also seek to augment their own purchase data with additional purchase, impression and/or demographic data acquired from third-party data providers, which may allow them to develop, individually or with partners, internal targeting and measurement capabilities.
Because many of our agreements with our marketers or their agencies are not long-term, we may not be able to accurately predict future revenue streams, and we cannot guarantee that our current marketers will continue to use our solutions, or that we will be able to replace departing marketers with new marketers that provide us with comparable revenue. If we are unable to retain and increase sales of our solutions to existing marketers and their agencies or attract new marketers and their agencies for any of the reasons above or for other reasons, our business, financial condition and operating results would be adversely affected.
58
We have a history of losses and may not achieve profitability in the future.
We have incurred annual net losses since inception and expect to incur net losses in the future. During the three months ended June 30, 2021 and 2022, our net loss was $47.3 million and $126.3 million, respectively. As of June 30, 2022, we had an accumulated deficit of $604.6 million. We have never achieved profitability on an annual basis, and we do not know if we will be able to achieve or sustain profitability. Although our revenue has increased substantially in recent periods, we also do not expect to maintain this rate of revenue growth. We plan to continue to invest in our research and development and sales and marketing efforts, and we anticipate that our operating expenses will continue to increase as we scale our business and expand our operations. We also expect our general and administrative expense to increase as a result of our growth and operating as a public company. Our ability to achieve and sustain profitability is based on numerous factors, many of which are beyond our control. We may never be able to generate sufficient revenue to achieve or sustain profitability.
We operate in an emerging industry and future demand and market acceptance for our solutions is uncertain.
We believe that our future success will depend in large part on the growth, if any, of the market for purchase intelligence. Utilization of consumer purchase data to inform marketing is an emerging industry and future demand and market acceptance for this type of marketing is uncertain. If the market for purchase intelligence does not continue to develop or develops more slowly than we expect, our business, financial condition and operating results could be harmed.
The market in which we participate is competitive and we may not be able to compete successfully with our current or future competitors.
The market for purchase intelligence is nascent and we believe that there is no one company with which we compete directly across our range of solutions. With respect to the Cardlytics platform, we believe that we are the only company that enables marketing through FI channels at scale, although we believe we currently have competition from other companies that deliver similar solutions on a smaller scale. In the future, we may face competition from online retailers, credit card companies, established enterprise software companies, advertising and marketing companies and agencies, digital publishers and mobile pay providers with access to a substantial amount of consumer purchase data. While we may successfully partner with a wide range of companies that are to some extent currently competitive to us, these companies may become more competitive to us in the future. As we introduce new solutions, as our existing solutions evolve and as other companies introduce new products and solutions, we are likely to face additional competition.
Some of our actual and potential competitors may have advantages over us, such as longer operating histories, significantly greater financial, technical, marketing or other resources, stronger brand and recognition, larger intellectual property portfolios and broader global distribution and presence. In addition, our industry is evolving rapidly and is becoming increasingly competitive. Larger and more established companies may focus on purchase intelligence marketing and could directly compete with us. Smaller companies could also launch new products and services that we do not offer and that could gain market acceptance quickly.
Our competitors may be able to respond more quickly and effectively than we can to new or changing opportunities, technologies, standards or customer requirements. Larger competitors are also often in a better position to withstand any significant reduction in capital spending and will therefore not be as susceptible to economic downturns and inflationary pressure. In addition, current or potential competitors may be acquired by third parties with greater available resources. As a result of such relationships and acquisitions, our current or potential competitors might be able to adapt more quickly to new technologies and customer needs, devote greater resources to the promotion or sale of their products and services, initiate or withstand substantial price competition, take advantage of other opportunities more readily or develop and expand their product and service offerings more quickly than we do. For all of these reasons, we may not be able to compete successfully against our current or future competitors.
If we fail to identify and respond effectively to rapidly changing technology and industry needs, our solutions may become less competitive or obsolete.
Our future success depends on our ability to adapt and innovate. To attract, retain and increase new marketers and partners, we will need to expand and enhance our solutions to meet changing needs, add functionality and address technological advancements. Specifically, we are migrating to a cloud-based solution hosted by Amazon Web Services. If we are unable to adapt our solutions to evolving trends in the marketing industry, if we are unable to properly identify and prioritize appropriate solution development projects or if we fail to develop and effectively market new solutions or enhance existing solutions to address the needs of existing and new marketers and partners, we may not be able to achieve or maintain adequate market acceptance and penetration of our solutions, and our solutions may become less competitive or obsolete.
In addition, new, more effective or less costly technologies may emerge that use data sources that we do not have access to, that use entirely different analytical methodologies than we do or that use other indicators of purchases by consumers. If existing and new marketers and their agencies perceive greater value in alternative technologies or data sources, our ability to compete for marketers and their agencies could be materially and adversely affected.
59
A number of factors could impair our ability to collect the significant amounts of data that we use to deliver our solutions.
Our ability to collect and use data may be restricted or prevented by a number of other factors, including:
•the failure of our network or software systems, or the network or software systems of our partners;
•decisions by our partners to restrict our ability to collect data from them (which decision they may make at their discretion) or to refuse to implement the mechanisms that we request to ensure compliance with our legal obligations or technical requirements;
•decisions by our partners to limit our ability to use their purchase data outside of the applicable banking channel;
•decisions by our partners’ customers to opt out of the incentive program or to use technology, such as browser settings, that reduces our ability to deliver relevant advertisements;
•interruptions, failures or defects in our or our partners’ data collection, mining, analysis and storage systems;
•changes in regulations impacting the collection and use of data;
•changes in browser or device functionality and settings, and other new technologies, which impact our partners’ ability to collect and/or share data about their customers; and
•changes in international laws, rules, regulations and industry standards or increased enforcement of international laws, rules, regulations, and industry standards.
Any of the above-described limitations on our ability to successfully collect, utilize and leverage data could also materially impair the optimal performance of our solutions and severely limit our ability to target consumers or bill marketers for our services, which would harm our business, financial condition and operating results.
The efficacy of some of our solutions depends upon third-party data providers.
We rely on several third parties to assist us in matching our anonymized identifiers with third-party identifiers. This matching process enables us to, among other things, use purchase intelligence to measure in-store and online campaign sales impact or provide marketers with valuable visibility into the behaviors of current or prospective customers both within and outside the context of their marketing efforts. If any of these key data providers were to withdraw or withhold their identifiers from us, our ability to provide our solutions could be adversely affected, and certain marketers may severely limit their spending on our solutions or stop spending with us entirely. Replacements for any of these third-party identifiers may not fit the needs of certain marketers or be available in a timely manner or under economically beneficial terms, or at all.
Defects, errors or delays in our solutions could harm our reputation, which would harm our operating results.
The technology underlying our solutions may contain material defects or errors that can adversely affect our ability to operate our business and cause significant harm to our reputation. This risk is compounded by the complexity of the technology underlying our solutions and the large amounts of data that we leverage and process. In addition, with regard to the Cardlytics platform, if we are unable to attribute Consumer Incentives to our partners’ customers in a timely manner, our FI partners may limit or discontinue their use of our solutions. Any such error, failure, malfunction, disruption or delay could result in damage to our reputation and could harm our business, financial condition and operating results.
60
Significant system disruptions, loss of data center capacity, or changes to our data hosting solutions could adversely affect our business, financial condition and operating results.
Our business is heavily dependent upon highly complex data processing capabilities. We contract with our primary third-party data center, located in Atlanta, Georgia, and our redundancy data center, located in Suwanee, Georgia, pursuant to agreements that expire in 2023, subject to earlier termination upon material breach and a failure to cure. We also contract with Amazon Web Services for our cloud-hosting solutions. We have begun to migrate and will continue to migrate our data storage capabilities to Amazon Web Services’ cloud-hosting solution. If we do not complete the migration, are not successful in completing a seamless migration, or fail to administer the cloud-hosting solution in a well-managed, secure and effective manner, we may experience unplanned service disruptions or unforeseen costs. If for any reason our arrangements with our third-party data centers or other data-hosting solutions are terminated, or if we are unable to renew our agreements on commercially reasonable terms, we may be required to transfer that portion of our operations to new data center facilities or other data-hosting solutions, and we may incur significant costs and possible service interruption in connection with doing so. Further, protection of our third-party data centers or other data-hosting solutions against damage or interruption from cyber-attacks, fire, flood, tornadoes, power loss, telecommunications or equipment failure or other disasters and events beyond our control is important to our continued success. Any damage to, or failure of, the systems of the data centers or other data-hosting solutions that we utilize, or of our own equipment located within such data centers, could result in interruptions to the availability or functionality of our solutions. In addition, the failure of the data centers or other data-hosting solutions that we utilize to meet our capacity requirements could result in interruptions in the availability or functionality of our solutions or impede our ability to scale our operations. Any damage to the data centers or other data-hosting solutions that we utilize, or to our own equipment located within such data centers, that causes loss of capacity or otherwise causes interruptions in our operations could materially adversely affect our ability to quickly and effectively respond to our marketers’ or partners’ requirements, which could result in loss of their confidence, adversely impact our ability to attract new marketers and/or partners and force us to expend significant resources. The occurrence of any such events could adversely affect our business, financial condition and operating results.
Seasonal fluctuations in marketing activity could adversely affect our cash flows.
We expect our revenue, operating results, cash flows from operations and other key performance metrics to vary from quarter to quarter in part due to the seasonal nature of our marketers’ spending on digital marketing campaigns. For example, many marketers tend to devote a significant portion of their budgets to the fourth quarter of the calendar year to coincide with consumer holiday spending and to reduce spend in the first quarter of the calendar year. Seasonality could have a material impact on our revenue, operating results, cash flow from operations and other key performance metrics from period to period.
Our corporate culture has contributed to our success, and if we cannot maintain it as we grow, or our corporate culture is negatively impacted by the COVID-19 pandemic, we could lose the innovation, creativity and teamwork fostered by our culture, and our business may be harmed.
As of June 30, 2022, we had 710 full-time employees. We intend to further expand our overall headcount and operations, with no assurance that we will be able to do so while effectively maintaining our corporate culture. Additionally, our corporate culture may be negatively impacted by the COVID-19 pandemic. We believe our corporate culture is one of our fundamental strengths as it enables us to attract and retain top talent and deliver superior results for our customers. As we grow and change, integrate acquired businesses and their employees, and as the COVID-19 pandemic continues, we may find it difficult to preserve our corporate culture, which could reduce our ability to innovate and operate effectively. In turn, the failure to preserve our culture could negatively affect our ability to attract, recruit, integrate and retain employees, continue to perform at current levels and effectively execute our business strategy.
61
If we are unable to attract, integrate and retain additional qualified personnel, including top technical talent, our business could be adversely affected.
Our future success depends in part on our ability to identify, attract, integrate and retain highly skilled technical, managerial, sales and other personnel, including top technical talent from the industry and top research institutions. We face intense competition for qualified individuals from numerous other companies, including other software and technology companies, many of whom have greater financial and other resources than we do. These companies also may provide more diverse opportunities and better chances for career advancement. Some of these characteristics may be more appealing to high-quality candidates than those we have to offer. In addition, new hires often require significant training and, in many cases, take significant time before they achieve full productivity. We may incur significant costs to attract and retain qualified personnel, including significant expenditures related to salaries and benefits and compensation expenses related to equity awards and we may lose new employees to our competitors or other companies before we realize the benefit of our investment in recruiting and training them. Moreover, new employees may not be or become as productive as we expect, as we may face challenges in adequately or appropriately integrating them into our workforce and culture. In addition, as we move into new geographies, we will need to attract and recruit skilled personnel in those areas. We have little experience with recruiting in geographies outside of the U.S., and may face additional challenges in attracting, integrating and retaining international employees. If we are unable to attract, integrate and retain suitably qualified individuals who are capable of meeting our growing technical, operational and managerial requirements, on a timely basis or at all, our business will be adversely affected.
We are dependent on the continued services and performance of our senior management and other key personnel, the loss of any of whom could adversely affect our business.
Our future success depends in large part on the continued contributions of our senior management and other key personnel. In particular, the leadership of key management personnel is critical to the successful management of our company, the development of our solutions and our strategic direction. We do not maintain “key person” insurance for any member of our senior management team or any of our other key employees. Our senior management and key personnel are all employed on an at-will basis, which means that they could terminate their employment with us at any time, for any reason and without notice. The loss of any of our key management personnel could significantly delay or prevent the achievement of our development and strategic objectives and adversely affect our business. Further, if members of our management and other key personnel in critical functions across our organization are unable to perform their duties or have limited availability due to COVID-19, we may not be able to execute on our business strategy and/or our operations may be negatively impacted.
Our international sales and operations subject us to additional risks that can adversely affect our business, operating results and financial condition.
During the three months ended June 30, 2021 and 2022, we derived 8% and 9% of our revenue outside the U.S., respectively. While substantially all of our operations are located in the U.S., we have an office in the U.K. and a research and development and support office in Visakhapatnam, India and may continue to expand our international operations as part of our growth strategy. Our ability to convince marketers to expand their use of our solutions or renew their agreements with us is directly correlated to our direct engagement with such marketers or their agencies. To the extent that we are unable to engage with non-U.S. marketers and agencies effectively with our limited sales force capacity, we may be unable to grow sales to existing marketers to the same degree we have experienced in the U.S.
Our international operations subject us to a variety of risks and challenges, including:
•localization of our solutions, including adaptation for local practices;
•increased management, travel, infrastructure and legal compliance costs associated with having international operations;
•fluctuations in currency exchange rates and related effect on our operating results;
•longer payment cycles and difficulties in collecting accounts receivable or satisfying revenue recognition criteria;
•increased financial accounting and reporting burdens and complexities;
•general economic conditions in each country or region, including inflationary pressure;
•the global economic uncertainty and financial market conditions caused by the COVID-19 pandemic, including inflationary pressure;
•reduction in billings, foreign currency exchange rates, and trade with the European Union;
•contractual and legislative restrictions or changes;
•economic uncertainty around the world;
•compliance with foreign laws and regulations and the risks and costs of non-compliance with such laws and regulations;
62
•compliance with U.S. laws and regulations for foreign operations, including the Foreign Corrupt Practices Act, the U.K. Bribery Act, import and export control laws, tariffs, trade barriers, economic sanctions and other regulatory or contractual limitations on our ability to sell our software in certain foreign markets, and the risks and costs of non-compliance;
•potential changes in a specific country’s or region’s political or economic climate, including the current hostilities between Russia and Ukraine;
•heightened risks of unfair or corrupt business practices in certain geographies and of improper or fraudulent sales arrangements that may impact financial results and result in restatements of financial statements and irregularities in financial statements;
•difficulties in repatriating or transferring funds from or converting currencies in certain countries;
•cultural differences inhibiting foreign employees from adopting our corporate culture;
•reduced protection for intellectual property rights in some countries and practical difficulties of enforcing rights abroad; and
•compliance with the laws of foreign taxing jurisdictions and overlapping of different tax regimes.
Any of these risks could adversely affect our international operations, reduce our international revenues or increase our operating costs, adversely affecting our business, financial condition and operating results.
If we do not manage our growth effectively, the quality of our solutions may suffer, and our business, financial condition and operating results may be negatively affected.
The recent growth in our business has placed, and is expected to continue to place, a significant strain on our managerial, administrative, operational and financial resources, as well as our infrastructure. We rely heavily on information technology ("IT") systems to manage critical functions such as data storage, data processing, matching and retrieval, revenue recognition, budgeting, forecasting and financial reporting. To manage our growth effectively, we must continue to improve and expand our infrastructure, including our IT, financial and administrative systems and controls. In particular, we may need to significantly expand our IT infrastructure as the amount of data we store and transmit increases over time, which will require that we both utilize existing IT products and adopt new technologies. If we are not able to scale our IT infrastructure in a cost-effective and secure manner, our ability to offer competitive solutions will be harmed and our business, financial condition and operating results may suffer.
We must also continue to manage our employees, operations, finances, research and development and capital investments efficiently in an environment where nearly all employees are working from home. Our productivity and the quality of our solutions may be adversely affected if we do not integrate and train our new employees quickly and effectively or if we fail to appropriately coordinate across our executive, research and development, technology, service development, analytics, finance, human resources, marketing, sales, operations and customer support teams. If we continue our rapid growth, we will incur additional expenses, and our growth may continue to place a strain on our resources, infrastructure and ability to maintain the quality of our solutions. If we do not adapt to meet these evolving challenges, or if the current and future members of our management team do not effectively manage our growth, the quality of our solutions may suffer and our corporate culture may be harmed. Failure to manage our future growth effectively could cause our business to suffer, which, in turn, could have an adverse impact on our business, financial condition and operating results.
If currency exchange rates fluctuate substantially in the future, the results of our operations could be adversely affected.
Due to our international operations, we may be exposed to the effects of fluctuations in currency exchange rates, including inflationary pressure. We generate revenue and incur expenses for employee compensation and other operating expenses at our U.K. and Indian offices in the local currency. Fluctuations in the exchange rates between the U.S. dollar, British pound, Canadian dollar and Indian rupee could result in the dollar equivalent of such revenue and expenses being lower, which could have a negative net impact on our reported operating results. Although we may in the future decide to undertake foreign exchange hedging transactions to cover a portion of our foreign currency exchange exposure, we currently do not hedge our exposure to foreign currency exchange risks.
63
Our ability to use net operating losses and certain other tax attributes to offset future taxable income may be limited.
Our net operating loss ("NOL"), carryforwards could expire unused and be unavailable to offset future tax liabilities because of their limited duration or because of restrictions under U.S. tax law. As of December 31, 2021, we had U.S. federal and state NOLs of $586.2 million and $243.6 million, respectively. Our NOLs generated in tax years ending on or prior to December 31, 2017 are only permitted to be carried forward for 20 years under applicable U.S. tax law. Under the Tax Cuts and Jobs Act (the "Tax Act"), as modified by the CARES Act, our federal NOLs generated in tax years ending after December 31, 2017 may be carried forward indefinitely, but the deductibility of federal NOLs, particularly for tax years beginning after December 31, 2020, may be limited. It is uncertain if and to what extent various states will conform to the Tax Act and the CARES Act.
In addition, under Section 382 and Section 383 of the Internal Revenue Code of 1986, as amended, (the "Code") and corresponding provisions of state law, if a corporation undergoes an “ownership change,” which is generally defined as a greater than 50% change, by value, in its equity ownership over a three-year period, the corporation’s ability to use its pre-change net operating loss carryforwards and other pre-change tax attributes to offset its post-change income or taxes may be limited. We have experienced “ownership changes” under IRC Section 382 in the past, and future changes in ownership of our stock, including by reason of future offerings, as well as other changes that may be outside of our control, could result in future ownership changes under IRC Section 382. If we are or become subject to limitations on our use of NOLs under IRC Section 382, our NOLs could expire unutilized or underutilized, even if we earn taxable income against which our NOLs could otherwise be offset. Similar provisions of state tax law may also apply to limit our use of accumulated state tax attributes. In addition, at the state level, there may be periods during which the use of NOLs is suspended or otherwise limited, which could accelerate or permanently increase state taxes owed.
Future acquisitions could disrupt our business and adversely affect our business, financial condition and operating results.
We may choose to expand by making acquisitions that could be material to our business, financial condition or operating results. Our ability as an organization to successfully acquire and integrate technologies or businesses is unproven. Acquisitions involve many risks, including the following:
•an acquisition may negatively affect our business, financial condition, operating results or cash flows because it may require us to incur charges or assume substantial debt or other liabilities, may cause adverse tax consequences or unfavorable accounting treatment, may expose us to claims and disputes by third parties, including intellectual property claims and disputes, or may not generate sufficient financial return to offset additional costs and expenses related to the acquisition;
•we may encounter difficulties or unforeseen expenditures in integrating the business, technologies, products, personnel or operations of any company that we acquire, particularly if key personnel of the acquired company decide not to work for us;
•an acquisition, whether or not consummated, may disrupt our ongoing business, divert resources, increase our expenses and distract our management;
•an acquisition may result in a delay or reduction of purchases for both us and the company that we acquired due to uncertainty about continuity and effectiveness of solution from either company;
•we may encounter difficulties in, or may be unable to, successfully sell any acquired products or solutions;
•an acquisition may involve the entry into geographic or business markets in which we have little or no prior experience or where competitors have stronger market positions;
•challenges inherent in effectively managing an increased number of employees in diverse locations;
•the potential strain on our financial and managerial controls and reporting systems and procedures;
•potential known and unknown liabilities associated with an acquired company;
•our use of cash to pay for acquisitions would limit other potential uses for our cash;
•if we incur debt to fund such acquisitions, such debt may subject us to material restrictions on our ability to conduct our business as well as financial maintenance covenants;
•the risk of impairment charges related to potential write-downs of acquired assets or goodwill in future acquisitions; and
•to the extent that we issue a significant amount of equity or convertible debt securities in connection with future acquisitions, existing stockholders may be diluted and earnings (loss) per share may decrease (increase).
We may not succeed in addressing these or other risks or any other problems encountered in connection with the integration of any acquired business. The inability to successfully integrate the business, technologies, products, personnel or operations of any acquired business, or any significant delay in achieving integration, could have a material adverse effect on our business, financial condition and operating results.
64
Charges to earnings resulting from our acquisitions may cause our operating results to suffer.
Under accounting principles, we have allocated the total purchase price of Dosh’s, Bridg’s and Entertainment's net tangible assets and intangible assets based on their fair values as of the date of the acquisitions, and we have recorded the excess of the purchase price over those fair values as goodwill. Our management’s estimates of fair value will be based upon assumptions that they believe to be reasonable but that are inherently uncertain. The following factors, among others, could result in material charges that would cause our financial results to be negatively impacted:
•impairment of goodwill;
•charges for the amortization of identifiable intangible assets and for stock-based compensation; and
•accrual of newly identified pre-acquisition contingent liabilities that are identified subsequent to the finalization of the purchase price allocation.
Additional costs may include costs of employee redeployment, relocation and retention, including salary increases or bonuses, taxes and termination of contracts that provide redundant or conflicting services. Some of these costs may have to be accounted for as expenses that would negatively impact our results of operations.
We may in the future may become involved in securities class action litigation that could divert management's attention and harm our business and insurance coverage may not be sufficient to cover all costs and damages.
It is common for securities class-action litigation to follow acquisitions. Responding to any litigation could divert management's attention and harm our business. Moreover, insurance coverage may not be sufficient to cover all costs and damages we incur in connection with the litigation.
We may require additional capital to support growth, and such capital might not be available on terms acceptable to us, if at all, which may in turn hamper our growth and adversely affect our business.
We intend to continue to make investments to support our business growth and may require additional funds to respond to business challenges, including the need to develop new solutions or enhance our solutions, improve our operating infrastructure or acquire complementary businesses and technologies. Accordingly, we may need to engage in equity, equity-linked or debt financings to secure additional funds. If we raise additional funds through future issuances of equity or equity-linked securities, including convertible debt securities, our existing stockholders could suffer significant dilution, and any new equity securities that we issue could have rights, preferences and privileges superior to those of holders of our common stock. Any debt financing that we secure in the future could involve restrictive covenants relating to our capital-raising activities and other financial and operational matters, including the ability to pay dividends or repurchase shares of our capital stock. This may make it more difficult for us to obtain additional capital, to pursue business opportunities, including potential acquisitions, or to return capital to our stockholders. We also may not be able to obtain additional financing on terms favorable to us, if at all. For example, while the potential impact and duration of the COVID-19 pandemic on the global economy and our business in particular may be difficult to assess or predict, the pandemic has resulted in, and may continue to result in significant disruption of global financial markets, reducing our ability to access capital, which could in the future negatively affect our liquidity. If we are unable to obtain adequate financing or financing on terms satisfactory to us when we require it, our ability to continue to support our business growth, service our indebtedness and respond to business challenges could be significantly impaired, and our business may be adversely affected. Regulatory, legislative or self-regulatory developments regarding Internet privacy matters could adversely affect our ability to conduct our business.
Through our consumer application, users accumulate rewards that could be deemed subject to abandoned property laws and/or could be deemed to constitute stored value subject to certain legal requirements under applicable state and federal laws and regulations.
The Dosh application enables consumers to accumulate non-monetary rewards (“Dosh Rewards”) within the application, which may be converted to U.S. dollars only when certain requirements are met. Dosh Rewards have no cash value but users are able to receive U.S. dollar payouts from Dosh based on Dosh Rewards provided that certain requirements are met. State regulators could deem that Dosh Rewards constitute property that is subject to state property laws, which could potentially create a large liability for us as well as legal and related compliance obligations and costs to manage escheatment of any Dosh Rewards constituting abandoned property. Additionally, state and/or federal regulators could conclude that Dosh Rewards constitute monetary value or money and therefore subject to regulation pursuant to laws regulating the issuance, sale, redemption, and maintenance of stored value, prepaid access, or gift cards (or similar terminology). Such laws and regulations may include, but are not necessarily limited to, U.S. state money-transmitter licensing laws and the federal Bank Secrecy Act (including registration requirements), and our failure to comply with applicable laws could expose us to monetary penalties or damages and adversely affect our ability to operate our business in its current form.
65
Bringing new FI partners into our network can require considerable time and expense and can be long and unpredictable.
Our FI partners and FI partner prospects engage in highly regulated businesses, are often slow to adopt technological innovation and have rigorous standards with respect to providing third parties, like us, with access to their data. Our operating results depend in part on expanding our FI network to maintain and enhance the scale of our solutions. The length of time that it takes to add an FI partner to our network, from initial evaluation to integration into our network, varies substantially from FI to FI and may take several years. Our sales and integration cycle with respect to our FI partners is long and unpredictable, requires considerable time and expense and may not ultimately be successful. It is difficult to predict exactly when, or even if, a new FI partner will join our network and we may not generate revenue from a new FI partner in the same period as we incurred the costs associated with acquiring such FI partner, or at all. Once an FI partner has agreed to work with us, it may take a lengthy period of time for the implementation of our solutions to be prioritized and integrated into the FI partner’s infrastructure. Because a substantial portion of our expenses are relatively fixed in the short-term, our operating results will suffer if revenue falls below our expectations in a particular quarter, which could cause the price of our stock to decline. Ultimately, if additions to our FI network are not realized in the time period expected or not realized at all, or if an FI partner terminates its agreement with us, our business, financial condition and operating results could be adversely affected.
Bringing new FI partners into our network may impede our ability to accurately forecast the performance of our network.
Bringing new FI partners into our network may impede our ability to accurately predict how certain marketing campaigns will perform, and thus may impede our ability to accurately forecast the performance of our network. Such inaccurate predictions could result in marketing campaigns underperforming, which impacts the total fees we can collect from marketers, or over performing, which may result is us paying certain Consumer Incentives to consumers without adequate compensation from the marketers. The amount of time it will take us to be able to understand the impact of a new FI partner on our network is uncertain and difficult to predict. Additionally, our understanding of the impact of any given FI is subject to change at any time, as such understanding can be impacted by factors such as changes to an FI’s business strategy, changes to an FI’s user interface, or changes in the behavior or makeup of an FI's consumer base.
If we are not able to maintain and enhance our brand, our business, financial condition and operating results may be adversely affected.
We believe that developing and maintaining awareness of the Cardlytics brand in a cost-effective manner is critical to achieving widespread acceptance of our existing solutions and future solutions and is an important element in attracting new marketers and partners. Furthermore, we believe that the importance of brand recognition will increase as competition in our market increases. Successful promotion of our brand will depend largely on the effectiveness of our marketing efforts and on our ability to deliver valuable solutions for our marketers, their agencies and our partners. In the past, our efforts to build our brand have involved significant expense. Brand promotion activities may not yield increased revenue and billings, and even if they do, any increased revenue and billings may not offset the expenses that we incurred in building our brand. If we fail to successfully promote and maintain our brand or incur substantial expenses in an unsuccessful attempt to promote and maintain our brand, we may fail to attract enough new marketers or partners or retain our existing marketers or partners and our business could suffer.
Risks Related to our Outstanding Convertible Senior Notes
Servicing our debt may require a significant amount of cash. We may not have sufficient cash flow from our business to pay our indebtedness, and we may not have the ability to raise the funds necessary to settle for cash conversions of the Notes or to repurchase the Notes for cash upon a fundamental change, which could adversely affect our business and results of operations.
In September 2020, we issued convertible senior notes with an aggregate principal amount of $230.0 million bearing an interest rate of 1.00% due in 2025 (the "Notes"). The interest rate is fixed at 1.00% per annum and is payable semi-annually in arrears on March 15 and September 15 of each year, beginning on March 15, 2021. Our ability to make scheduled payments of the principal of, to pay interest on or to refinance our indebtedness, including the Notes, depends on our future performance, which is subject to economic, financial, competitive and other factors beyond our control. Our business may not generate cash flows from operations in the future that are sufficient to service our debt. If we are unable to generate such cash flows, we may be required to adopt one or more alternatives, such as selling assets, restructuring debt or obtaining additional debt financing or equity capital on terms that may be onerous or highly dilutive. Our ability to refinance any future indebtedness will depend on the capital markets and our financial condition at such time. We may not be able to engage in any of these activities or engage in these activities on desirable terms, which could result in a default on our debt obligations. In addition, any of our future debt agreements may contain restrictive covenants that may prohibit us from adopting any of these alternatives. Our failure to comply with these covenants could result in an event of default which, if not cured or waived, could result in the acceleration of our debt.
66
Holders of the Notes have the right to require us to repurchase their Notes upon the occurrence of a fundamental change (as defined in the indenture governing the Notes) at a repurchase price equal to 100% of the principal amount of the Notes to be repurchased, plus accrued and unpaid interest, if any. Upon conversion, unless we elect to deliver solely shares of our common stock to settle such conversion (other than paying cash in lieu of delivering any fractional share), we will be required to make cash payments in respect of the Notes being converted. We may not have enough available cash or be able to obtain financing at the time we are required to make repurchases in connection with such conversion and our ability to pay may additionally be limited by law, by regulatory authority or by agreements governing our existing and future indebtedness. Our failure to repurchase the Notes at a time when the repurchase is required by the indenture governing the Notes or to pay any cash payable on future conversions as required by such indenture would constitute a default under such indenture. A default under the indenture or the fundamental change itself could also lead to a default under agreements governing our existing and future indebtedness. If the repayment of the related indebtedness were to be accelerated after any applicable notice or grace periods, we may not have sufficient funds to repay the indebtedness and repurchase the Notes or make cash payments upon conversions thereof.
In addition, our indebtedness, combined with our other financial obligations and contractual commitments, could have other important consequences. For example, it could:
•make us more vulnerable to adverse changes in general U.S. and worldwide economic, industry, and
•competitive conditions and adverse changes in government regulation;
•limit our flexibility in planning for, or reacting to, changes in our business and our industry;
•place us at a disadvantage compared to our competitors who have less debt;
•limit our ability to borrow additional amounts for funding acquisitions, for working capital, and for other general corporate purposes; and
•make an acquisition of our company less attractive or more difficult.
Any of these factors could harm our business, results of operations, and financial condition. In addition, if we incur additional indebtedness, the risks related to our business and our ability to service or repay our indebtedness would increase.
The conditional conversion feature of the Notes, if triggered, may adversely affect our financial condition and results of operations.
In the event the conditional conversion feature of the Notes is triggered, holders of Notes will be entitled to convert the Notes at any time during specified periods at their option. If one or more holders elect to convert their Notes, unless we elect to satisfy our conversion obligation by delivering solely shares of our common stock (other than paying cash in lieu of delivering any fractional share), we would be required to settle a portion or all of our conversion obligation through the payment of cash, which could adversely affect our liquidity. In addition, even if holders do not elect to convert their Notes, we could be required under applicable accounting rules to reclassify all or a portion of the outstanding principal of the Notes as a current rather than long-term liability, which would result in a material reduction of our net working capital.
Transactions relating to our Notes may affect the value of our common stock.
The conversion of some or all of the Notes would dilute the ownership interests of existing stockholders to the extent we satisfy our conversion obligation by delivering shares of our common stock upon any conversion of such Notes. Our Notes may become in the future convertible at the option of their holders under certain circumstances. If holders of our Notes elect to convert their Notes, we may settle our conversion obligation by delivering to them a significant number of shares of our common stock, which would cause dilution to our existing stockholders.
In addition, in connection with the pricing of the Notes, we entered into capped call transactions (the "Capped Calls") with certain financial institutions (the "Option Counterparties"). The Capped Calls are expected generally to reduce the potential dilution to our common stock upon any conversion or settlement of the Notes and/or offset any cash payments we are required to make in excess of the principal amount of converted Notes, as the case may be, with such reduction and/or offset subject to a cap.
In connection with establishing their initial hedges of the Capped Calls, the Option Counterparties or their respective affiliates entered into various derivative transactions with respect to our common stock and/or purchased shares of our common stock concurrently with or shortly after the pricing of the Notes.
From time to time, the Option Counterparties or their respective affiliates may modify their hedge positions by entering into or unwinding various derivative transactions with respect to our common stock and/or purchasing or selling our common stock or other securities of ours in secondary market transactions prior to the maturity of the Notes (and are likely to do so following any conversion of the Notes, any repurchase of the Notes by us on any fundamental change repurchase date, any redemption date, or any other date on which the Notes are retired by us, in each case, if we exercise our option to terminate the relevant portion of the Capped Calls). This activity could cause a decrease and/or increased volatility in the market price of our common stock.
67
We do not make any representation or prediction as to the direction or magnitude of any potential effect that the transactions described above may have on the price of the Notes or our common stock. In addition, we do not make any representation that the Option Counterparties will engage in these transactions or that these transactions, once commenced, will not be discontinued without notice.
We are subject to counterparty risk with respect to the Capped Calls.
The Option Counterparties are financial institutions, and we will be subject to the risk that any or all of them might default under the Capped Calls. Our exposure to the credit risk of the Option Counterparties will not be secured by any collateral. Past global economic conditions have resulted in the actual or perceived failure or financial difficulties of many financial institutions. If an Option Counterparty becomes subject to insolvency proceedings, we will become an unsecured creditor in those proceedings with a claim equal to our exposure at that time under the Capped Calls with such Option Counterparty. Our exposure will depend on many factors but, generally, an increase in our exposure will be correlated to an increase in the market price and in the volatility of our common stock. In addition, upon a default by an Option Counterparty, we may suffer adverse tax consequences and more dilution than we currently anticipate with respect to our common stock. We can provide no assurances as to the financial stability or viability of the Option Counterparties.
The accounting method for convertible debt securities that may be settled in cash, such as the Notes, could have a material effect on our reported financial results.
The accounting method for reflecting the notes on our balance sheet, accruing interest expense for the notes and reflecting the underlying shares of our common stock in our reported diluted earnings per share may adversely affect our reported earnings and financial condition. We expect that, under applicable accounting principles, the initial liability carrying amount of the notes will be the fair value of a similar debt instrument that does not have a conversion feature, valued using our cost of capital for straight, unconvertible debt. We expect to reflect the difference between the net proceeds from this offering and the initial carrying amount as a debt discount for accounting purposes, which will be amortized into interest expense over the term of the notes. As a result of this amortization, the interest expense that we expect to recognize for the notes for accounting purposes will be greater than the cash interest payments we will pay on the notes, which will result in lower reported income or higher reported loss. The lower reported income or higher reported loss resulting from this accounting treatment could depress the trading price of our common stock and the notes. However, in August 2020, the Financial Accounting Standards Board published an Accounting Standards Update ("ASU") 2020-06, eliminating the separate accounting for the debt and equity components as described above. ASU 2020-06 effective for SEC-reporting entities for fiscal years beginning after December 15, 2021, including interim periods within those fiscal years. On January 1, 2022, we adopted this standard using the modified retrospective method which allowed for a cumulative-effect adjustment to the opening balance sheet without restating prior periods. As we did not elect the fair value option in the process, the notes, net of issuance costs, are accounted for as a single liability measured at amortized cost. Upon adoption, we recorded a decrease in accumulated deficit of $11.2 million, an increase to the notes, net of $40.2 million and a decrease to additional paid in capital of $51.4 million.
If accounting standards change in the future and we are not permitted to use the treasury stock method, then our diluted earnings per share may decline. For example, the Financial Accounting Standards Board’s ASU described above amends these accounting standards, effective as of the dates referred to above, to eliminate the treasury stock method for convertible instruments that can be settled in whole or in part with equity and instead require application of the “if-converted” method. Under that method, diluted earnings per share would generally be calculated assuming that all the notes were converted solely into shares of common stock at the beginning of the reporting period, unless the result would be anti-dilutive. The application of the if-converted method may reduce our reported diluted earnings per share.
Furthermore, if any of the conditions to the convertibility of the notes is satisfied, then we may be required under applicable accounting standards to reclassify the liability carrying value of the notes as a current, rather than a long-term, liability. This reclassification could be required even if no noteholders convert their notes and could materially reduce our reported working capital.
Risks Related to Regulatory and Intellectual Property Matters
We and our FI partners are subject to stringent and changing privacy and data security laws, contractual obligations, self-regulatory schemes, government regulation, and standards related to data privacy and security. The actual or perceived failure by us, our customers, our partners, or other third parties upon whom we rely to comply with such obligations could harm our reputation, result in significant expense, subject us to significant fines and liability or otherwise adversely affect our business.
We collect, receive, store, process, use, generate, transfer, disclose, make accessible, protect and share personal information and other information (“Process” or “Processing”) necessary to operate our business, for legal and marketing purposes, and for other business-related purposes.
68
We, our FI partners, our marketers and other third parties upon whom we rely are subject to a number of domestic and international privacy and security laws, rules, regulations and guidance regarding privacy, information security and Processing (“Data Protection Laws”) as well as laws and regulations regarding online services and the Internet generally. In the U.S., the rules and regulations to which we, directly or contractually through our partners, or our marketers may be subject include those promulgated under the authority of the Federal Trade Commission, the Electronic Communications Privacy Act, the Computer Fraud and Abuse Act, the Health Insurance Portability and Accountability Act, the Gramm-Leach-Bliley Act and state cybersecurity and breach notification laws, as well as regulator enforcement positions and expectations reflected in federal and state regulatory actions, settlements, consent decrees and guidance documents.
The regulatory framework for online services and data privacy and security issues worldwide can vary substantially from jurisdiction to jurisdiction, is rapidly evolving and is likely to remain uncertain for the foreseeable future. Many of these obligations conflict with each other, and interpretation of these laws, rules and regulations and their application to our solutions in the U.S. and foreign jurisdictions is ongoing and cannot be fully determined at this time. A number of existing bills are pending in the U.S. Congress that contain provisions that would regulate how companies can use cookies and other tracking technologies to collect and utilize user information. Additionally, new legislation proposed or enacted in various other states will continue to shape the data privacy environment nationally.
U.S. and non-U.S. regulators also may implement “Do-Not-Track” legislation, particularly if the industry does not implement a standard. Effective January 1, 2014, the California Governor signed into law an amendment to the California Online Privacy Protection Act of 2003. Such amendment requires operators of commercial websites and online service providers, under certain circumstances, to disclose in their privacy policies how such operators and providers respond to browser “do not track” signals. In addition, the regulatory environment for the collection and use of consumer data by marketers is evolving in the U.S. and internationally and is currently, in part, a self-regulatory framework, which relies on market participants to ensure self-compliance. The voluntary nature of this self-regulatory framework may change.
The California Consumer Privacy Act (“CCPA”), which took effect on January 1, 2020, is an example of the trend towards increasingly comprehensive privacy legislation being introduced in the United States. The CCPA gives California residents expanded rights to request access to and deletion of their personal information, opt out of certain personal information sharing, and receive detailed information about how their personal information is used. The CCPA also increases the privacy and security obligations on entities handling personal information, which is broadly defined under the law. The CCPA provides for civil penalties for violations, as well as a private right of action for data breaches, and includes statutorily defined damages of up to $750 per citizen, which is expected to increase data breach litigation. The CCPA also imposes requirements on businesses that “sell” information (which is defined broadly under the CCPA); there is significant ambiguity regarding what constitutes a sale and many of our or our partner’s business practices may qualify. Further, California voters approved a new privacy law, the California Privacy Rights Act (“CPRA”), in the November 3, 2020 election. Effective starting on January 1, 2023, the CPRA will significantly modify the CCPA, including by expanding consumers’ rights with respect to certain sensitive personal information. The CPRA also creates a new state agency that will be vested with authority to implement and enforce the CCPA and the CPRA.
New legislation proposed or enacted in various other states will continue to shape the data privacy environment nationally. For example, on March 2, 2021, Virginia enacted the Virginia Consumer Data Protection Act, or CDPA, which becomes effective on January 1, 2023, on June 8, 2021, Colorado enacted the Colorado Privacy Act, or CPA, which takes effect on July 1, 2023, and on March 24, 2022 Utah enacted the Utah Consumer Privacy Act which becomes effective on December 31, 2023. The CPA and CDPA are similar to the CCPA, and CPRA but aspects of these state privacy statutes remain unclear, resulting in further legal uncertainty and potentially requiring us to modify our data practices and policies and to incur substantial additional costs and expenses in an effort to comply. Complying with the CCPA, CPRA, CDPA, CPA, or other laws, regulations, amendments to or re-interpretations of existing laws and regulations, and contractual or other obligations relating to privacy, data protection, data transfers, data localization, or information security may require us to make changes to our services to enable us or our customers to meet new legal requirements, incur substantial operational costs, modify our data practices and policies, and restrict our business operations. Any actual or perceived failure by us to comply with these laws, regulations, or other obligations may lead to significant fines, penalties, regulatory investigations, lawsuits, significant costs for remediation, damage to our reputation, or other liabilities.
69
Internationally, virtually every jurisdiction in which we operate has established its own data security and privacy legal frameworks with which we, directly or contractually through our partners, our marketers or other third parties upon whom we rely may be required to comply, even if we are not established or based in such jurisdictions. An example of the type of international regulation to which we may be subject is the U.K.’s Privacy and Electronic Communications Regulations 2011 (“PECR”), which implements the requirements of Directive 2009/136/EC (which amended Directive 2002/58/EC), which is known as the ePrivacy Directive. The PECR regulates various types of electronic direct marketing that use cookies and similar technologies. The PECR also imposes sector-specific breach reporting requirements, but only as applicable to providers of particular public electronic communications services. Additional European Union member state laws of this type may follow.
The European General Data Protection Regulation ("GDPR") is another example of the type of data protection legislation that may present a risk to our business. The GDPR imposes additional obligations and risk upon our business and increases substantially the penalties to which we could be subject in the event of any non–compliance. The GDPR imposes more stringent data protection requirements and requires us and our customers to give more detailed disclosures about how we collect, use and share personal information; contractually commit to data protection measures in our contracts with clients; maintain adequate data security measures; notify regulators and affected individuals of certain data breaches; meet extensive privacy governance and documentation requirements; and honor individuals’ data protection rights, including their rights to access, correct and delete their personal information. The GDPR provides greater penalties for noncompliance than previous data protection laws. Administrative fines under the GDPR can amount up to 20 million Euros or four percent of the group’s annual global turnover, whichever is highest. We may also be obligated to assist our customers, partners, and vendors with their own compliance obligations under the GDPR, which could require expenditure of significant resources. Assisting our customers, partners, and vendors in complying with the GDPR, or complying with the GDPR ourselves, may cause us to incur substantial operational costs or require us to change our business practices.
The GDPR also imposes strict rules on the transfer of personal data out of the European Economic Area, or EEA, to the United States. Although one of the primary mechanisms for legally transferring personal data (known as Privacy Shield) was invalidated, the European Commission released a set of “Standard Contractual Clauses” in June 2021 that is designed to be a valid mechanism by which entities can validly transfer personal data out of the EEA to jurisdictions that the European Commission has not found to provide an adequate level of protection. The Standard Contractual Clauses, however, require parties that rely upon that legal mechanism to comply with additional obligations, such as conducting transfer impact assessments to determine whether additional security measures are necessary to protect the at-issue personal data. Moreover, due to potential legal challenges, there exists some uncertainty regarding whether the Standard Contractual Clauses will remain a valid mechanism for transfers of personal data out of the EEA.
Additionally, Brexit took effect in January 2020, which will lead to further legislative and regulatory changes. Although the European Commission announced a decision of “adequacy” concluding that the U.K. ensures an equivalent level of data protection to the GDPR, which provides some relief regarding the legality of continued personal data flows from the EEA to the U.K., some uncertainty remains, as this adequacy determination must be renewed after four years and may be modified or revoked in the interim.
In addition to governmental regulation, we are also subject to the terms of our external and internal privacy and security policies, representations, certifications, standards, publications and frameworks, and contractual obligations to third parties related to privacy, information security and Processing (“Data Protection Obligations”), including without limitation, operating rules and standards imposed by industry organizations. Government regulation and industry standards may increase the costs of doing business online.
Given that existing and proposed Data Protection Laws, industry standards and Data Protection Obligations can impose increasingly complex and burdensome obligations, and with substantial uncertainty over the interpretation and application of these requirements, we and our partners have faced and may face additional challenges in addressing and complying with them, and making necessary changes to our privacy policies and practices. In particular, there has been increasing public and regulatory concern and public scrutiny about the use of personally identifiable information. Because the interpretation and application of privacy and data protection laws are still uncertain, it is possible that these laws may be interpreted and applied in a manner that is inconsistent with our existing data management practices. To comply with our data protection and privacy obligations, we may be required to: fundamentally change our business models or practices, including, changing the information we collect or share; incur material costs and expenses; and/or divert management’s time and attention. Any of these effects could materially adversely affect our business operations and financial results, and may limit the adoption and use of, and reduce the overall demand for, our products, which could have an adverse impact on our business. Additionally, our partners may choose to alter or discontinue our program in light of the CCPA or other laws or regulations, which could adversely affect our financial condition.
70
We may, for example, be required to, or otherwise may determine that it is advisable to, develop or obtain additional tools and technologies for validation of certain of our limited sales related to online purchases to compensate for a potential lack of cookie data. Even if we are able to do so, such additional tools may be subject to further regulation, time consuming to develop or costly to obtain, and less effective than our current use of cookies.
While we strive to comply with applicable Data Protection Laws and Data Protection Obligations to the extent possible, we may at times fail to do so, or may be perceived to have failed to do so. For example, if we inadvertently received personal information from our partners, we may not comply with applicable Data Protection Laws and Data Protection Obligations with respect to that personal information. Moreover, despite our efforts, we may not be successful in achieving compliance if our personnel or vendors do not comply with applicable Data Protection Laws and Data Protection Obligations. Additionally, in many cases we or our partners take steps to anonymize information such that it no longer constitutes personal information; we may fail, or be accused of failing, to properly anonymize such information. We may also be subject to claims of liability or responsibility for the actions of third parties with whom we interact or upon whom we rely in relation to various solutions, including but not limited to our marketers and their agencies and partners. If we, or our business associates or other third parties upon whom we rely fail, or are perceived to have failed, to address or comply with applicable data protection laws, privacy policies and data protection obligations, or if our privacy policies are, in whole or part, found to be inaccurate, incomplete, deceptive, unfair or misrepresentative of our actual practices, it could: increase our compliance and operational costs; expose us to regulatory scrutiny, actions, fines and penalties; result in reputational harm; lead to a loss of consumers; reduce the use of our products by end users or our customers; affect our ability to attract new marketers and partners and maintain relationships with our existing marketers and partners; lead to special, compensatory punitive and statutory damages, litigation, injunctive relief, or consent orders regarding our privacy and security practices; introduce requirements that we provide notices, credit monitoring services and/or credit restoration services or other relevant services to impacted individuals; lead to an inability to Process data; lead to other adverse actions against our licenses to do business; and/or otherwise adversely affect our business.
If the use of matching technologies, such as cookies, pixels and device identifiers, is rejected by Internet users, restricted or otherwise subject to unfavorable terms, such as by non-governmental entities, our validation methodologies could be impacted and we may lose customers and revenue.
Our solution can be utilized by in-store and online marketers; however, a large majority of consumer purchases continue to be made in-store. For validation of certain of these limited online purchases, our solutions may use digital matching technologies, such as mobile advertising identifiers, pixels and cookies to match the Cardlytics IDs we have assigned to our FIs’ customers with their digital presence outside of the FI partners’ websites and mobile applications. In most cases, the matching technologies we use relate to mobile advertising identifiers that we use in limited cases to validate that we influenced an online purchase. If our access to matching technology data is reduced, our ability to validate certain online purchases in the current manner may be affected and thus undermine the effectiveness of our solutions.
On occasion, “third-party cookies” may be placed through an Internet browser to validate online purchases. Internet users may easily block and/or delete cookies (e.g., through their browsers or “ad blocking” software). The most commonly used Internet browsers allow Internet users to modify their browser settings to prevent cookies from being accepted by their browsers or are set to block third-party cookies by default. Further, Google recently announced its plans to eliminate third-party cookies from its browser in 2022. If more browser providers and Internet users adopt these settings or delete their cookies more frequently than they currently do, our practices related to the validation of limited online purchases could be impacted, which could result in us needing to implement other available methodologies. Some government regulators and privacy advocates have suggested creating a “Do Not Track” standard that would allow Internet users to express a preference, independent of cookie settings in their browser, not to have website browsing recorded. If Internet users adopt a “Do Not Track” browser setting and the standard either gets imposed by state or federal legislation or agreed upon by standard-setting groups, it may curtail or prohibit us from using non-personal data as we currently do. This could hinder growth of marketing on the Internet generally and cause us to change our business practices and adversely affect our business, financial condition and operating results. In addition, browser manufacturers could replace cookies with their own product and require us to negotiate and pay them for use of such product to record information about Internet users’ interactions with our marketers, which may not be available on commercially reasonable terms, or at all.
Failure to protect our proprietary technology and intellectual property rights could substantially harm our business, financial condition and operating results.
Our future success and competitive position depend in part on our ability to protect our intellectual property and proprietary technologies. To safeguard these rights, we rely on a combination of patent, trademark, copyright and trade secret laws and contractual protections in the U.S. and other jurisdictions, all of which provide only limited protection and may not now or in the future provide us with a competitive advantage.
71
As of the date of filing, we had seven issued patents relating to our software. We cannot assure you that any patents will issue from any patent applications, that patents that issue from such applications will give us the protection that we seek or that any such patents will not be challenged, invalidated, or circumvented. Any patents that may issue in the future from our pending or future patent applications may not provide sufficiently broad protection and may not be enforceable in actions against alleged infringers. We have registered, or are registering, the “Cardlytics,” “Dosh," "Bridg" and "Entertainment" names and logos in the U.S. and certain other countries. We have registrations and/or pending applications for additional marks in the U.S. and other countries; however, we cannot assure you that any future trademark registrations will be issued for pending or future applications or that any registered trademarks will be enforceable or provide adequate protection of our proprietary rights. We also license software from third parties for integration into our products, including open source software and other software available on commercially reasonable terms. We cannot assure you that such third parties will maintain such software or continue to make it available.
In order to protect our unpatented proprietary technologies and processes, we rely on trade secret laws and confidentiality agreements with our employees, consultants, vendors and others. Despite our efforts to protect our proprietary technology and trade secrets, unauthorized parties may attempt to misappropriate, reverse engineer or otherwise obtain and use them. Bank of America also has a right to purchase some of the source code underlying the Cardlytics platform upon the occurrence of specified events, which could compromise the proprietary nature of the Cardlytics platform and/or allow Bank of America to discontinue the use of our solutions. Additionally, other FIs have a right to obtain the source code underlying Cardlytics Ad Server through the release of source code held in escrow upon the occurrence of specified events, which could compromise the proprietary nature of the Cardlytics platform and/or allow these FIs to discontinue the use of our solutions.
In addition, others may independently discover our trade secrets, in which case we would not be able to assert trade secret rights or develop similar technologies and processes. Further, the contractual provisions that we enter into may not prevent unauthorized use or disclosure of our proprietary technology or intellectual property rights and may not provide an adequate remedy in the event of unauthorized use or disclosure of our proprietary technology or intellectual property rights. Moreover, policing unauthorized use of our technologies, trade secrets and intellectual property is difficult, expensive and time-consuming, particularly in foreign countries where the laws may not be as protective of intellectual property rights as those in the U.S. and where mechanisms for enforcement of intellectual property rights may be weak. We may be unable to determine the extent of any unauthorized use or infringement of our solutions, technologies or intellectual property rights.
From time to time, legal action by us may be necessary to enforce our patents and other intellectual property rights, to protect our trade secrets, to determine the validity and scope of the intellectual property rights of others or to defend against claims of infringement or invalidity. Such legal action could result in substantial costs and diversion of resources and could negatively affect our business, financial condition and operating results.
Assertions by third parties of infringement or other violations by us of their intellectual property rights, whether or not correct, could result in significant costs and harm our business, financial condition and operating results.
Patent and other intellectual property disputes are common in our industry. We have in the past and may in the future be subject to claims alleging that we have misappropriated, misused, or infringed other parties’ intellectual property rights. Some companies, including certain of our competitors, own larger numbers of patents, copyrights and trademarks than we do, which they may use to assert claims against us. Third parties may also assert claims of intellectual property rights infringement against our partners, whom we are typically required to indemnify. As the numbers of solutions and competitors in our market increases and overlap occurs, claims of infringement, misappropriation and other violations of intellectual property rights may increase. Any claim of infringement, misappropriation or other violation of intellectual property rights by a third-party, even those without merit, could cause us to incur substantial costs defending against the claim and could distract our management from our business.
The patent portfolios of our most significant competitors are larger than ours. This disparity may increase the risk that they may sue us for patent infringement and may limit our ability to counterclaim for patent infringement or settle through patent cross-licenses. In addition, future assertions of patent rights by third parties, and any resulting litigation, may involve patent holding companies or other adverse patent owners who have no relevant product revenues and against whom our own patents may therefore provide little or no deterrence or protection. There can be no assurance that we will not be found to infringe or otherwise violate any third-party intellectual property rights or to have done so in the past.
An adverse outcome of a dispute may require us to:
•pay substantial damages, including treble damages, if we are found to have willfully infringed a third-party’s patents or copyrights;
•cease developing or selling solutions that rely on technology that is alleged to infringe or misappropriate the intellectual property of others;
•expend additional development resources to attempt to redesign our solutions or otherwise develop non-infringing technology, which may not be successful;
72
•enter into potentially unfavorable royalty or license agreements in order to obtain the right to use necessary technologies or intellectual property rights; and
•indemnify our partners and other third parties.
In addition, royalty or licensing agreements, if required or desirable, may be unavailable on terms acceptable to us, or at all, and may require significant royalty payments and other expenditures. Some licenses may also be non-exclusive, and therefore our competitors may have access to the same technology licensed to us. Any of the foregoing events could seriously harm our business, financial condition and operating results.
Our use of open source software could negatively affect our ability to sell our solutions and subject us to possible litigation.
We use open-source software to deliver our solutions and expect to continue to use open-source software in the future. Some of these open-source licenses may require that source code subject to the license be made available to the public and that any modifications or derivative works to open-source software continue to be licensed under open source licenses. This may require that we make certain proprietary code available under an open-source license. We may face claims from others claiming ownership of, or seeking to enforce the license terms applicable to, such open source software, including by demanding release of the open source software, derivative works or our proprietary source code that was developed using such software. Few of the licenses applicable to open-source software have been interpreted by courts, and there is a risk that these licenses could be construed in a manner that could impose unanticipated conditions or restrictions on our ability to commercialize our products. These claims could also result in litigation, require us to purchase costly licenses or require us to devote additional research and development resources to change the software underlying our solutions, any of which would have a negative effect on our business, financial condition and operating results and may not be possible in a timely manner. We and our customers may also be subject to suits by parties claiming infringement due to the reliance by our solutions on certain open-source software, and such litigation could be costly for us to defend or subject us to an injunction. In addition, if the license terms for the open-source code change, we may be forced to re-engineer our software or incur additional costs. Finally, we cannot assure you that we have not incorporated open-source software into the software underlying our solutions in a manner that may subject our proprietary software to an open-source license that requires disclosure, to customers or the public, of the source code to such proprietary software. In the event that portions of our proprietary technology are determined to be subject to an open source license, we could be required to publicly release portions of our source code, re-engineer all or a portion of our technologies, or otherwise be limited in the licensing of our technologies, each of which could reduce or eliminate the value of our solutions and technologies and materially and adversely affect our ability to sustain and grow our business. Many open-source licenses also limit our ability to bring patent infringement lawsuits against open-source software that we use without losing our right to use such open-source software. Therefore, the use of open-source software may limit our ability to bring patent infringement lawsuits, to the extent we ever have any patents that cover open-source software that we use.
73
We are subject to government regulation, including import, export, economic sanctions and anti-corruption laws and regulations that may expose us to liability and increase our costs.
Various of our products are subject to U.S. export controls, including the U.S. Department of Commerce’s Export Administration Regulations and economic and trade sanctions regulations administered by the U.S. Treasury Department’s Office of Foreign Assets Controls. These regulations may limit the export of our products and provision of our solutions outside of the U.S., or may require export authorizations, including by license, a license exception or other appropriate government authorizations, including annual or semi-annual reporting. Export control and economic sanctions laws may also include prohibitions on the sale or supply of certain of our products to embargoed or sanctioned countries, regions, governments, persons and entities. In addition, various countries regulate the importation of certain products, through import permitting and licensing requirements, and have enacted laws that could limit our ability to distribute our products. The exportation, reexportation, and importation of our products and the provision of solutions, including by our partners, must comply with these laws or else we may be adversely affected, through reputational harm, government investigations, penalties and a denial or curtailment of our ability to export our products or provide solutions. Complying with export control and sanctions laws may be time consuming and may result in the delay or loss of sales opportunities. Although we take precautions to prevent our products from being provided in violation of such laws, our products may have previously been, and could in the future be, provided inadvertently in violation of such laws, despite the precautions we take. If we are found to be in violation of U.S. sanctions or export control laws, it could result in substantial fines and penalties for us and for the individuals working for us. Changes in export or import laws or corresponding sanctions, may delay the introduction and sale of our products in international markets, or, in some cases, prevent the export or import of our products to certain countries, regions, governments, persons or entities altogether, which could adversely affect our business, financial condition and results of operations.
We are also subject to various domestic and international anti-corruption laws, such as the U.S. Foreign Corrupt Practices Act and the U.K. Bribery Act, as well as other similar anti-bribery and anti-kickback laws and regulations. These laws and regulations generally prohibit companies and their employees and intermediaries from authorizing, offering or providing improper payments or benefits to officials and other recipients for improper purposes. We rely on certain third parties to support our sales and regulatory compliance efforts and can be held liable for their corrupt or other illegal activities, even if we do not explicitly authorize or have actual knowledge of such activities. Although we take precautions to prevent violations of these laws, our exposure for violating these laws increases as our international presence expands and as we increase sales and operations in foreign jurisdictions.
Risks Related to Ownership of Our Common Stock
The market price of our common stock has been and is likely to continue to be volatile.
The market price of our common stock may be highly volatile and may fluctuate substantially as a result of a variety of factors, some of which are related in complex ways. Since shares of our common stock were sold in our initial public offering in February 2018 at a price of $13.00 per share, our stock price has ranged from an intraday low of $9.80 to an intraday high of $161.47 through July 29, 2022. Factors that may affect the market price of our common stock include:
•actual or anticipated fluctuations in our financial condition and operating results;
•variance in our financial performance from expectations of securities analysts or investors;
•changes in the prices of our solutions;
•changes in laws or regulations applicable to our solutions;
•announcements by us or our competitors of significant business developments, acquisitions or new offerings;
•our involvement in litigation;
•our sale of our common stock or other securities in the future;
•changes in senior management or key personnel;
•trading volume of our common stock;
•changes in the anticipated future size and growth rate of our market; and
•general economic, regulatory and market conditions.
74
Recently, the stock markets have experienced extreme price and volume fluctuations that have affected and continue to affect the market prices of equity securities of many companies due to, among other factors, the actions of market participants or other actions outside of our control, including general market volatility caused by expected interest rate changes, inflation and the COVID-19 pandemic. These fluctuations have often been unrelated or disproportionate to the operating performance of those companies. Broad market and industry fluctuations, as well as general economic, political, regulatory and market conditions, may negatively impact the market price of our common stock. In the past, companies that have experienced volatility in the market price of their securities have been subject to securities class action litigation. We may be the target of this type of litigation in the future, which could result in substantial costs and divert our management’s attention.
We do not intend to pay dividends for the foreseeable future and, as a result, your ability to achieve a return on your investment will depend on appreciation in the price of our common stock.
We have never declared or paid any cash dividends on our common stock and do not intend to pay any cash dividends in the foreseeable future. We anticipate that we will retain all of our future earnings for use in the development of our business and for general corporate purposes. Any determination to pay dividends in the future will be at the discretion of our board of directors. Accordingly, investors must rely on sales of their common stock after price appreciation, which may never occur, as the only way to realize any future gains on their investments.
Anti-takeover provisions in our charter documents and under Delaware law could make an acquisition of us more difficult, limit attempts by our stockholders to replace or remove our current management and limit the market price of our common stock.
Provisions in our amended and restated certificate of incorporation and amended and restated bylaws may have the effect of delaying or preventing a change in control or changes in our management. Our amended and restated certificate of incorporation and amended and restated bylaws include provisions that:
•authorize our board of directors to issue preferred stock without further stockholder action and with voting liquidation, dividend and other rights superior to our common stock;
•require that any action to be taken by our stockholders be effected at a duly called annual or special meeting and not by written consent, and limit the ability of our stockholders to call special meetings;
•establish an advance notice procedure for stockholder proposals to be brought before an annual meeting, including proposed nominations of persons for director nominees;
•establish that our board of directors is divided into three classes, with directors in each class serving three-year staggered terms;
•require the approval of holders of two-thirds of the shares entitled to vote at an election of directors to adopt, amend or repeal our amended and restated bylaws or amend or repeal the provisions of our amended and restated certificate of incorporation regarding the election and removal of directors and the ability of stockholders to take action by written consent or call a special meeting;
•prohibit cumulative voting in the election of directors; and
•provide that vacancies on our board of directors may be filled only by a majority of directors then in office, even though less than a quorum.
These provisions may frustrate or prevent any attempts by our stockholders to replace or remove our current management by making it more difficult for stockholders to replace members of our board of directors, which is responsible for appointing the members of our management. In addition, because we are incorporated in Delaware, we are governed by the provisions of Section 203 of the Delaware General Corporation Law, which generally prohibits a Delaware corporation from engaging in any of a broad range of business combinations with any “interested” stockholder for a period of three years following the date on which the stockholder became an “interested” stockholder. Any of the foregoing provisions could limit the price that investors might be willing to pay in the future for shares of our common stock, and they could deter potential acquirers of our company, thereby reducing the likelihood that you would receive a premium for your shares of our common stock in an acquisition.
75
Our amended and restated certificate of incorporation designates the Court of Chancery of the State of Delaware as the exclusive forum for certain litigation that may be initiated by our stockholders, which could limit our stockholders’ ability to obtain a favorable judicial forum for disputes with us.
Pursuant to our amended and restated certificate of incorporation, unless we consent in writing to the selection of an alternative forum, the Court of Chancery of the State of Delaware will be the sole and exclusive forum for the following types of actions or proceedings under Delaware statutory or common law. (1) any derivative action or proceeding brought on our behalf, (2) any action asserting a claim of breach of a fiduciary duty owed by any of our directors, officers or other employees to us or our stockholders, (3) any action asserting a claim arising pursuant to any provision of the Delaware General Corporation Law, our amended and restated certificate of incorporation or our amended and restated bylaws or (4) any action asserting a claim governed by the internal affairs doctrine. However, this exclusive forum provision would not apply to suits brought to enforce a duty or liability created by the Securities Act or the Exchange Act. The forum selection clause in our amended and restated certificate of incorporation may limit our stockholders’ ability to obtain a favorable judicial forum for disputes with us.
We have identified a material weakness in our internal control over financial reporting, and if our remediation of such material weakness is not effective, or if we fail to develop and maintain an effective system of disclosure controls and internal control over financial reporting, our ability to produce timely and accurate financial statements or comply with applicable laws and regulations could be impaired.
In the course of preparing our financial statements for the year ended December 31, 2021, we identified a material weakness in our internal control over financial reporting. A material weakness is a deficiency, or combination of deficiencies, in internal control over financial reporting, such that there is a reasonable possibility that a material misstatement of the annual or interim financial statements will not be prevented or detected on a timely basis. The material weakness identified pertains to significant acquisitions, including the oversight of third-party valuation specialists and sufficiently precise reviews of the related valuation reports for our goodwill and acquired intangible assets, contingent consideration and liabilities assumed.
If we are unable to further implement and maintain effective internal control over financial reporting or disclosure controls and procedures, our ability to record, process and report financial information accurately, and to prepare financial statements within required time periods could be adversely affected, which could subject us to litigation or investigations requiring management resources and payment of legal and other expenses, negatively affect investor confidence in our financial statements and adversely impact our stock price. If we are unable to assert that our internal control over financial reporting is effective, or if our independent registered public accounting firm is unable to express an unqualified opinion as to the effectiveness of our internal control over financial reporting, investors may lose confidence in the accuracy and completeness of our financial reports, the market price of our common stock could be adversely affected and we could become subject to litigation or investigations by Nasdaq, the SEC or other regulatory authorities, which could require additional financial and management resources.
Furthermore, we cannot assure you that the measures we have taken to date, and actions we may take in the future, will be sufficient to remediate the control deficiencies that led to our material weakness in our internal control over financial reporting or that they will prevent or avoid potential future material weaknesses. Our current controls and any new controls that we develop may become inadequate because of changes in conditions in our business. Further, weaknesses in our disclosure controls and internal control over financial reporting may be discovered in the future. Any failure to develop or maintain effective controls or any difficulties encountered in their implementation or improvement could harm our operating results or cause us to fail to meet our reporting obligations and may result in a restatement of our financial statements for prior periods.
Any failure to implement and maintain effective internal control over financial reporting could adversely affect the results of periodic management evaluations and annual independent registered public accounting firm attestation reports regarding the effectiveness of our internal control over financial reporting that we are required to include in our periodic reports that are filed with the SEC. Ineffective disclosure controls and procedures and internal control over financial reporting could also cause investors to lose confidence in our reported financial and other information, which would likely have a negative effect on the trading price of our common stock. In addition, if we are unable to continue to meet these requirements, we may not be able to remain listed on the Nasdaq.
76
General Risk Factors
Natural or man-made disasters, pandemics and other similar events may significantly disrupt our business, and negatively impact our business, financial condition and operating results.
A significant public health crisis, epidemic or pandemic (including the ongoing COVID-19 pandemic), or a natural disaster, such as an earthquake, fire or a flood, or a significant power outage could have a material adverse impact on our business, operating results and financial condition. A significant portion of our employee base, operating facilities and infrastructure are centralized in Atlanta, Georgia. Any of our facilities may be harmed or rendered inoperable by natural or man-made disasters, including earthquakes, tornadoes, hurricanes, wildfires, floods, nuclear disasters, acts of terrorism or other criminal activities, infectious disease outbreaks and power outages, which may render it difficult or impossible for us to operate our business for some period of time. Our facilities would likely be costly to repair or replace, and any such efforts would likely require substantial time. Any disruptions in our operations could negatively impact our business, financial condition and operating results, and harm our reputation. In addition, we may not carry business insurance or may not carry sufficient business insurance to compensate for losses that may occur. Any such losses or damages could have a material adverse effect on our business, financial condition and operating results. In addition, the facilities of significant marketers, partners or third-party data providers may be harmed or rendered inoperable by such natural or man-made disasters, which may cause disruptions, difficulties or material adverse effects on our business.
An active trading market for our common stock may not develop or be sustained.
Although our common stock is listed on the Nasdaq Global Market, we cannot assure you that an active trading market for our shares will be sustained. If an active market for our common stock is not sustained, it may be difficult for investors in our common stock to sell shares without depressing the market price for the shares or to sell the shares at all.
Future sales of our common stock in the public market could cause our share price to decline.
Sales of a substantial number of shares of our common stock in the public market, or the perception that these sales might occur, could depress the market price of our common stock and could impair our ability to raise capital through the sale of additional equity securities. We are unable to predict the effect that sales, particularly sales by our directors, executive officers, and significant stockholders, may have on the prevailing market price of our common stock. With the exception of 172,880 shares issued in the purchase of Entertainment, which are subject to holding periods under the restrictions of Rule 144 under the Securities Act as of the time of this filing, all of our outstanding shares of common stock are available for sale in the public market, subject only to the restrictions of Rule 144 under the Securities Act in the case of our affiliates. In addition, the shares of common stock subject to outstanding options under our equity incentive plans and the shares reserved for future issuance under our equity incentive plans, as well as shares issuable upon vesting of restricted stock unit awards, will become eligible for sale in the public market in the future, subject to certain legal and contractual limitations. In addition, certain holders of our common stock have the right, subject to various conditions and limitations, to request we include their shares of our common stock in registration statements we may file relating to our securities.
We may issue common stock or other securities if we need to raise additional capital. The number of new shares of our common stock issued in connection with raising additional capital could constitute a material portion of our then-outstanding shares of our common stock.
If securities or industry analysts do not publish research or reports about our business, or publish negative reports about our business, our stock price and trading volume could decline.
The trading market for our common stock will depend, in part, on the research and reports that securities or industry analysts publish about us or our business. We do not have any control over these analysts. If our financial performance fails to meet analyst estimates or one or more of the analysts who cover us downgrade our stock or change their opinion of our business or market value, our share price would likely decline. If one or more of these analysts cease providing coverage of us or fail to regularly publish reports on us, we could lose visibility in the financial markets, which could cause our share price or trading volume to decline.
77
Our reported financial results may be adversely affected by changes in accounting principles generally accepted in the U.S.
Generally accepted accounting principles in the U.S. are subject to interpretation by the Financial Accounting Standards Board ("FASB"), the SEC, and various bodies formed to promulgate and interpret appropriate accounting principles. A change in these principles or interpretations could have a significant effect on our reported financial results and could affect the reporting of transactions completed before the announcement of a change.
We have incurred and will continue to incur increased costs as a result of being a public company.
As a public company, and particularly as we are no longer an “emerging growth company,” we have incurred and will continue to incur significant legal, accounting and other expenses that we did not incur as a private company. The Sarbanes-Oxley Act, the Dodd-Frank Wall Street Reform and Consumer Protection Act, the listing requirements of the Nasdaq Stock Market and other applicable securities rules and regulations impose various requirements on public companies. We expect that compliance with these requirements will continue to increase certain of our expenses and make some activities more time-consuming than they have been in the past when we were a private company. Such additional costs going forward could negatively affect our financial results.
ITEM 2. UNREGISTERED SALES OF EQUITY SECURITIES AND USE OF PROCEEDS
Purchases of Equity Securities by the Issuer
On May 11, 2022, our board of directors authorized a share repurchase of up to $40.0 million of our outstanding common stock, which was fully executed during the second quarter of 2022. The following table summarizes our stock repurchase activity for the second quarter of 2022 (in thousands except for price per share). Except as detailed in the table below there were no stock repurchases in April, May or June 2022:
| Month | Total Number of Shares Purchased | Average Price Paid Per Share | Total Number of Shares Purchased as Part of Publicly Announced Plans or Programs | Approximate Dollar Value of Shares that May Yet Be Purchased Under the Plans or Program | ||||||||||||||||||||||
| May 11th - May 31st | 795 | $ | 28.45 | 795 | $ | 17,377 | ||||||||||||||||||||
| June 1st - June 9th | 611 | $ | 28.42 | 611 | $ | — | ||||||||||||||||||||
| Total | 1,406 | 1,406 | ||||||||||||||||||||||||
Recent Issuances of Unregistered Securities
In connection with our acquisition of Entertainment described above, during the six months ended June 30, 2022, we issued 172,880 shares of our common stock to former membership interest holders of Entertainment who were “accredited investors,” as that term is defined in the Securities Act in reliance on the exemption from registration afforded by Section 4(a)(2) of the Securities Act and Rule 506 of Regulation D promulgated under the Securities Act and corresponding provisions of state securities or “blue sky” laws. In addition, we will issue 22,549 shares of our common stock to these same membership interest holders upon the one year anniversary of the acquisition, subject to adjustment for indemnification. Each of the Entertainment membership interest holders receiving shares as part of the acquisition represented that they were acquiring such shares for investment only and not with a view towards, or for resale in connection with, the public sale or distribution thereof. Such shares have not been registered under the Securities Act and such securities may not be offered or sold in the United States absent registration or an exemption from registration under the Securities Act and any applicable state securities laws.
78
ITEM 6. EXHIBITS
The exhibits listed below are filed or incorporated by reference into this Quarterly Report on Form 10-Q.
| Incorporated by Reference | ||||||||||||||||||||||||||||||||||||||
| Exhibit | Exhibit Description | Schedule /Form | File Number | Exhibit | Filing Date | Filed Herewith | ||||||||||||||||||||||||||||||||
| 10.1 | X | |||||||||||||||||||||||||||||||||||||
| 10.2 | ||||||||||||||||||||||||||||||||||||||
| 10.3 | ||||||||||||||||||||||||||||||||||||||
| 31.1 | X | |||||||||||||||||||||||||||||||||||||
| 31.2 | X | |||||||||||||||||||||||||||||||||||||
| 32.1* | X | |||||||||||||||||||||||||||||||||||||
| 101.ins | XBRL Instance Document - the instance document does not appear in the Interactive Data File because its XBRL tags are embedded within the Inline XBRL document. | X | ||||||||||||||||||||||||||||||||||||
| 101.sch | XBRL Taxonomy Schema Linkbase Document | X | ||||||||||||||||||||||||||||||||||||
| 101.cal | XBRL Taxonomy Calculation Linkbase Document | X | ||||||||||||||||||||||||||||||||||||
| 101.def | XBRL Taxonomy Definition Linkbase Document | X | ||||||||||||||||||||||||||||||||||||
| 101.lab | XBRL Taxonomy Label Linkbase Document | X | ||||||||||||||||||||||||||||||||||||
| 101.pre | XBRL Taxonomy Presentation Linkbase Document | X | ||||||||||||||||||||||||||||||||||||
| 104 | Cover page formatted as Inline XBRL and contained in Exhibit 101 | X | ||||||||||||||||||||||||||||||||||||
* The certifications furnished in Exhibit 32.1 hereto are deemed to accompany this Quarterly Report on Form 10-Q and will not be deemed “filed” for purposes of Section 18 of the Securities Exchange Act of 1934, as amended, except to the extent that the registrant specifically incorporates it by reference.
79
SIGNATURES
Pursuant to the requirements of the Securities Exchange Act of 1934, the registrant has duly caused this report to be signed on its behalf by the undersigned thereunto duly authorized.
| Cardlytics, Inc. | ||||||||||||||
| Date: | August 2, 2022 | By: | /s/ Lynne M. Laube | |||||||||||
| Lynne M. Laube | ||||||||||||||
Chief Executive Officer (Principal Executive Officer) | ||||||||||||||
| Date: | August 2, 2022 | By: | /s/ Andrew Christiansen | |||||||||||
| Andrew Christiansen | ||||||||||||||
Chief Financial Officer (Principal Financial and Accounting Officer) | ||||||||||||||
80
Exhibit 10.1
Transition Agreement
This Transition Agreement (the “Agreement”), by and between Cardlytics, Inc. (the “Company”) and Kirk Somers (“You” or “Your”) (collectively the “Parties”), is entered into and effective as of June 20, 2022 (the “Effective Date”).
1.Termination of Separation Agreement. As of the Effective Date, the Parties acknowledge and agree that the Amended and Restated Separation Pay Agreement between You and the Company dated January 26, 2018 (the “Separation Agreement”) shall terminate. The termination of the Separation Agreement does not and will not result in the vesting, acceleration, or triggering of any employment benefit in Your favor, including, but not limited to, any post-termination payment obligation or any separation payment or benefit, or any other right which You may have under the Separation Agreement.
2.Terms of Transition.
(a)At-Will Employment. The Company shall continue to employ You on an at-will basis through December 31, 2023 (the “Separation Date”). The time period from the Effective Date through the Separation Date shall be referred to herein as the “Transition Term.” During the Transition Term, either You or the Company may terminate Your employment at any time, with or without cause or notice. In the event that Your employment is terminated prior to the Separation Date, the date of termination shall be the Separation Date for all purposes of this Agreement. During the Transition Term, You are not eligible for (i) any bonuses except as set forth in this Agreement, and (ii) any vesting of restricted stock units, except those explicitly identified in Paragraph 2(c). During the Transition Term, if Your employment terminates prior to December 31, 2023 for any reason (including without limitation termination by reason of Your death or permanent disability) other than (A) Your termination by the Company for Cause (as defined in the Cardlytics, Inc. 2018 Equity Incentive Plan (the “Plan”)), or (B) Your resignation for any reason, then, provided that You otherwise satisfy all requirements for the payment of the consideration described in Section 3, You (or the representative of Your estate) will be entitled to payment of (1) any bonus that You otherwise would have received pursuant to Section 2(c)(iii) to the extent it has not yet been paid; (2) the amounts set forth in Section 3; (3) an amount equal to Four Hundred and Eighty Thousand Dollars and No Cents ($480,000.00) less the amount of compensation paid to You pursuant to Section 2(c), paid in equal installments (each of which shall constitute a separate payment for purposes of §409A of the Internal Revenue Code) over the period commencing with the first Company payroll date that is at least eight (8) days after You return an executed version of the Release Agreement (as hereinafter defined) and ending with December 31, 2023, and (4) an amount equal to the value, calculated on the Separation Date, of any restricted stock units or shares of restricted stock or stock options that are forfeited on the Separation Date but would have vested had Your employment continued through December 31, 2023, paid on the first Company payroll date that is at least eight (8) days after You return an executed version of the Release Agreement.
(b)Transition Duties. From the Effective Date through December 31, 2023, You agree to perform duties as requested and authorized by the Company, including, but not limited to, cooperating with the Company in effecting a smooth transition of Your duties and responsibilities as Chief Legal and Privacy Officer. After July 15, 2022, You shall only perform duties on an as-needed basis as reasonably instructed by the Company, and if instructed by the Company, shall refrain from performing any service or services. Any and all duties performed during the Transition Term shall be referred to herein as the “Transition Duties.” You agree to perform all Transition Duties faithfully, diligently, and industriously, and agree to use Your best efforts to complete the Transition Duties to the reasonable satisfaction of the Company. For avoidance of doubt, You will not be considered to have failed to perform the Transition Duties, or otherwise to have breached this Agreement, by reason of activities related to seeking new employment or, after July 15, 2022, by obtaining or commencing new employment, provided that such new employment would not violate the terms of the Prior Agreements (as hereinafter defined).
(c)Transition Compensation. During the Transition Term, the Company shall,
(i)Continue to pay You 90% of Your salary or $288,000 at the gross semi-monthly rate of Twelve Thousand Dollars ($12,000.00), subject to all applicable withholdings and paid in accordance with the Company’s regular payroll schedule. You shall remain eligible to participate in all employee benefit plans in which You participated immediately prior to the Effective Date, subject to the terms and conditions of such plans.
(ii)Continue to provide You medical benefits under the Company’s major medical group health plan through the Separation Date, and pay Your portion of Your monthly premiums as the Company has done prior to the Effective Date; provided, however, that in the event that You obtain other employment that offers group health benefits, the Company’s obligation to provide such coverage shall immediately cease when You become eligible to participate in such group health benefit plan.
(i)Pay You the bonus You would have earned for the second quarter of 2022 based on the Company’s performance but only if similarly situated executives are actually paid such a bonus, paid on the same date the Company pays all such other bonuses for the second quarter of 2022.
(ii)Pay You a half of the annual bonus You would have earned for the year of 2022 based on the Company’s performance but only if similarly situated executives are actually paid such a bonus, paid on the same date the Company pays all such other bonuses for the year of 2022.
(iii)Ensure that all previously granted unvested Restricted Stock Units (performance and time-based) for which the performance criteria have already been achieved shall vest on schedule unless You are in possession of material non-public information of the Company in which case such RSUs will be released when You are no longer in possession of material non-public information. For clarity, the above referenced RSUs are expected to vest during the Transition Term:
A.6/9/2022 (delivered after vesting when the trading window opens): 7,813 shares based on achieving the adj contribution growth rate, Award Number 2905-E;
Exhibit 10.1
B.10/6/2022: 7,812 shares based on achieving the targeted advertiser count, Award Number 2905-L;
C.12/9/2022: 7,812 shares based on achieving the adj contribution growth rate, Award Number 2905-F;
D.3/22/2023: 4,649 time based restricted shares, Award Number 5756;
E.4/1/2023: 8,468 time based restricted shares, Award Number 3424;
F.4/5/2023: 1,705 time based restricted shares, Award Number 4960;
G.6/22/2023: 1,162 time based restricted shares, Award Number 5756;
H.9/22/2023: 1,163 time based restricted shares, Award Number 5756;
I.12/22/2023: 1,162 time based restricted shares, Award Number 5756; and
J.Any performance shares that vest prior to 12/31/2023.
3.Consideration. Provided You complete the entire Transition Term and otherwise comply with this Agreement, then following the completion of the entire Transition Term, You shall have twenty-one (21) days within which to return an executed version of the Release Agreement attached as Exhibit A to the Company’s Vice President of People Operations, James Hart, located at 675 Ponce de Leon Avenue, Suite 6000, Atlanta, Georgia, 30308, and, only if You do so, and do not revoke Exhibit A, the Company shall pay You a lump sum separation payment equal to Forty-Eight Thousand Dollars ($48,000.00), minus all applicable withholdings, including taxes and Social Security (the “Separation Payment”). The Separation Payment shall be paid on the first Company payroll date that is at least eight (8) days after You return an executed version of the Release Agreement to the Company’s Vice President of People Operations.
Because You will no longer be employed by the Company following the Separation Date, Your rights to any particular employee benefit will be governed by applicable law and the terms and provisions of the Company’s various employee benefit plans and arrangements. You acknowledge that the Separation Date shall be the date used in determining benefits under all Company employee benefit plans. Notwithstanding the foregoing, it is expressly agreed that Your Continuous Service as defined in the Plan shall continue through the Separation Date. The Company’s obligation to provide the payments and benefits set forth above shall terminate immediately if You breach this Agreement, the Release Agreement, or any post-termination obligations to which You are subject.
Notwithstanding anything to the contrary set forth above, if You breach this Agreement, the Release Agreement, or any post-termination obligations to which You are subject, You acknowledge and agree that (i) You shall return to the Company ninety-five percent (95%) of any amounts You received under this Section above within ten (10) calendar days after receiving notice from the Company of such breach, as such amounts are not deemed earned absent Your compliance with this Agreement and the Release Agreement, and (ii) the remaining five percent (5%) shall constitute full and complete consideration sufficient to support enforcement of this Agreement and the Release Agreement, including, but not limited to, Your release of claims hereunder.
Exhibit 10.1
4. Release. In exchange for continuing Your employment through the Transition Term and the consideration set forth in Section 3, You release and discharge the Company1 from any and all claims or liability, whether known or unknown, arising out of any event, act or omission occurring on or before the day You sign this Agreement, including, but not limited to, claims arising out of Your employment or the cessation of Your employment, claims arising out of the Employment Retirement Income Security Act of 1974 (ERISA), 29 U.S.C. §§ 1001-1461, claims for breach of contract, tort, negligent hiring, negligent training, negligent supervision, negligent retention, employment discrimination, retaliation, or harassment, as well as any other statutory or common law claims, at law or in equity, recognized under any federal, state, or local law. You also release any claims for unpaid back pay, sick pay, vacation pay, expenses, bonuses, claims arising out of or relating to equity or other ownership interest in the Company, claims to commissions, attorneys’ fees, or any other compensation. You agree that You are not entitled to any additional payment or benefits from the Company, except as set forth in this Agreement. You further agree that You have suffered no harassment, retaliation, employment discrimination, or work- related injury or illness, and that You do not believe that this Agreement is a subterfuge to avoid disclosure of sexual harassment or gender discrimination allegations. You acknowledge and represent that You (i) have been fully paid (including, but not limited to, any overtime to which You are entitled, if any) for hours You worked for the Company and
(ii) do not claim that the Company violated or denied Your rights under the Fair Labor Standards Act. Notwithstanding the foregoing, the release of claims set forth above does not waive (a) Your right to receive benefits under the Company’s employee benefit plans, if any, that either (1) have accrued or vested prior to the Effective Date, or (2) are intended, under the terms of such plans, to survive Your separation from the Company, (b) Your rights arising under this Agreement,
(c) Your rights as a holder of equity interests in the Company, or (d) Your rights to indemnification against any third party claims asserted against You as a result of service as an employee or officer of the Company or a fiduciary of any employee benefit plan maintained by the Company.
5. OWBPA/ADEA Waiver By agreeing to this provision, You release and waive any right or claim against the Company1 arising out of Your employment or the termination of Your employment with the Company under the Age Discrimination in Employment Act, as amended, 29 U.S.C. § 621 et seq. (“ADEA”), the Older Workers Benefit Protection Act, 29 U.S.C. § 621 et seq. (“OWBPA”), and the Georgia Prohibition of Age Discrimination in Employment, O.C.G.A.
§ 34-1-2 (such release and waiver referred to as the “Waiver”). You understand and agree that, (i) this Agreement is written in a manner that You understand; (ii) You do not release or waive rights or claims that may arise after You sign this Agreement; (iii) You waive rights and claims You may have had under the OWBPA and the ADEA, but only in exchange for payments and/or benefits in addition to anything of value to which You are already entitled; (iv) You are advised to consult with an attorney before signing this Agreement; (v) You have twenty-one (21) calendar days from receipt of this Agreement to consider whether to sign it (the “Offer Period”). The Parties agree that the Company may revoke this offer at any time. However, if You sign before the end of the Offer Period, You acknowledge that Your decision to do so was knowing, voluntary, and not induced by fraud, misrepresentation, or a threat to withdraw, alter, or provide different terms prior to the expiration of the Offer Period. You agree that changes or revisions to this Agreement, whether material or immaterial, do not restart the running of the Offer Period; (vi) You have seven (7) calendar days after signing this Agreement to revoke this Agreement (the “Revocation Period”). If You revoke, the Agreement shall not be effective or enforceable and You shall not be entitled to the consideration set forth in this Agreement. To be effective, the revocation must be in writing and received by the Company’s Vice President of People Operations, James Hart, at 675 Ponce de Leon Avenue, Suite 6000, Atlanta, Georgia, 30308, prior to expiration of the Revocation Period; and (vii) this Waiver shall not become effective or enforceable until the Revocation Period has expired.
6. No Admission of Liability. This Agreement is not an admission of liability by You or the Company1. The Company and You each denies any liability whatsoever. You and the Company enter into this Agreement to reach a mutual agreement concerning Your separation from the Company.
7. Non-Disparagement/ Future Employment. You shall not make any disparaging or defamatory statements, whether written or oral, regarding the Company.1 The Company shall instruct its senior executives not to make, any disparaging or defamatory statements, whether written or oral, regarding You. You agree that the Company has no obligation to consider You for employment should You apply in the future.
1 For purposes of Sections 4, 5, 6, and 7 of this Agreement, the term “Company” includes the Company, the Company’s parents, subsidiaries, affiliates and all related companies, as well as each of their respective current and former officers, directors, shareholders, members, managers, employees, agents and any other representatives, any employee benefits plan of the Company, and any fiduciary of those plans.
Exhibit 10.1
8.Expense Reimbursement. You agree that, within ten (10) days of the Separation Date, You will submit a final expense reimbursement statement and supporting documentation reflecting all business expenses You incurred through the Separation Date for which You seek reimbursement, if any. The Company shall review and reimburse You for these business expenses pursuant to its regular business practice. The Company shall not reimburse You for any business expenses submitted more than ten (10) days after the Separation Date.
9.Assignability. If the Company and all its assets and liabilities or stock are acquired during Transition Term, this Agreement, will be assigned to the acquiring entity.
10.Confidentiality. You acknowledge and agree that neither You nor anyone acting on Your behalf has made or shall make any disclosures concerning the existence or terms of this Agreement to any person or entity, including, but not limited to, any representative of the media, Internet web page, social networking site, “blog,” or “chat room,” judicial or administrative agency or body, business entity, or association, except: (i) Your spouse; (ii) Your attorneys, accountants, or financial advisors; or (iii) any court or government agency pursuant to an official request by such government agency, court order, or legally enforceable subpoena. If You are contacted, served, or learn that You shall be served with a subpoena to compel Your testimony or the production of documents concerning this Agreement or Your employment with the Company, You agree to immediately notify the Company’s Chief Legal and Privacy Officer, Nick Lynton, by telephone and as soon as possible thereafter in writing, unless You are precluded by law from doing so. If You disclose the existence or terms of this Agreement pursuant to sub-clauses (i) or (ii) of this paragraph, You shall inform such person or entity (a) of this confidentiality provision, and (b) to maintain the same level of confidentiality required by this provision. Any breach of this provision by such person or entity shall be considered a breach by You. You may not use this Agreement as evidence, except in a proceeding in which a breach of this Agreement is alleged.
11.Return of Company Property. You shall, on or before the date Your employment with the Company ends for any reason or at any time upon the Company’s request, return to the Company all of the Company’s property, including, but not limited to, computers, computer equipment, office equipment, mobile phone, keys, passcards, credit cards, confidential or proprietary lists (including, but not limited to, customer, supplier, licensor, and client lists), tapes, laptop computer, electronic storage device, software, computer files, marketing and sales materials, and any other property, record, document, or piece of equipment belonging to the Company; provided, however, that as long as You continue providing services to the Company pursuant to the terms of this Agreement, You may retain the laptop and monitors that You have used while working at home so You can continue to provide support to the Company. You shall not (a) retain any copies of the Company’s property, including any copies existing in electronic form, which are in Your possession, custody, or control, or (b) destroy, delete, or alter any Company property, including, but not limited to, any files stored electronically, without the Company’s prior written consent. The obligations contained in this Section shall also apply to any property which belongs to a third party, including, but not limited to, (i) any entity which is affiliated with or related to the Company, or
(ii) the Company’s customers, licensors, or suppliers.
12.Attorneys’ Fees. In the event of litigation relating to this Agreement other than a challenge to the Waiver, the prevailing party shall be entitled to recover attorneys’ fees and costs of litigation, in addition to all other remedies available at law or in equity.
13.Entire Agreement. This Agreement, including Exhibit A which is incorporated by reference, and the Employment Covenants Agreements executed by You on June 25, 2014 and March 1, 2022 (the “Prior Agreements”) (collectively the “Agreements”) constitute the entire agreement between the Parties. The Prior Agreements are incorporated by reference, and any of Your post-termination obligations contained in the Prior Agreements shall remain in full force and effect, and shall survive cessation of Your employment. You acknowledge that Your post-termination obligations contained in the Prior Agreements are valid, enforceable and reasonably necessary to protect the interests of the Company, and You agree to abide by such obligations. These Agreements supersede any prior communications, agreements or understandings, whether oral or written, between the Parties arising out of or relating to Your employment and the termination of that employment. Other than the Agreements, no other representation, promise or agreement has been made with You to cause You to sign this Agreement.
14.Non-Interference. Notwithstanding anything to the contrary set forth in this Agreement or in any other Agreement between You and the Company, nothing in this Agreement or in any other Agreement shall limit Your ability, or otherwise interfere with Your rights, to (a) file a charge or complaint with the Equal Employment Opportunity Commission, the National Labor Relations Board, the Occupational Safety and Health Administration, the Securities and Exchange Commission, or any other federal, state, or local governmental agency or commission (each a “Government Agency”),
(b) communicate with any Government Agency or otherwise participate in any investigation or proceeding that may be conducted by any Government Agency, including providing documents or other information, without notice to the Company, (c) receive an award for information provided to any Government Agency, or (d) engage in activity specifically protected by Section 7 of the National Labor Relations Act, or any other federal or state statute or regulation.
Exhibit 10.1
15.Governing Law/Consent to Jurisdiction and Venue. The laws of the State of Georgia shall govern this Agreement. If Georgia’s conflict of law rules would apply another state’s laws, the Parties agree that Georgia law shall still govern. You agree that any and all claims arising out of or relating to this Agreement shall be brought solely and exclusively in a state or federal court of competent jurisdiction in Georgia. You consent to the personal jurisdiction of the state and/or federal courts located in Georgia. You waive (i) any objection to jurisdiction or venue, or (ii) any defense claiming lack of jurisdiction or improper venue, in any action brought in such courts.
16.Voluntary Agreement. You acknowledge the validity of this Agreement and represent that You have the legal capacity to enter into this Agreement. You acknowledge and agree You have carefully read the Agreement, know and understand the terms and conditions, including its final and binding effect, and sign it voluntarily.
17.Execution. This Agreement may be executed in one or more counterparts, including, but not limited to, facsimiles and scanned images. Each counterpart shall for all purposes be deemed to be an original, and each counterpart shall constitute this Agreement.
If the terms set forth in this Agreement are acceptable, please initial each page, sign below, and return the signed original to the Company on or before the 21st day after You receive this Agreement. You understand that this Agreement can be revoked at any time after the expiration of the Offer Period. If the Company does not receive a signed original on or before the 21st day after You receive this Agreement, then this offer is automatically revoked and You shall not be entitled to the consideration set forth in this Agreement.
IN WITNESS WHEREOF, the Parties hereto have executed this Agreement as of the Effective Date.
| Cardlytics, Inc. | Kirk Somers | |||||||
| /s/ Lynne Laube | /s/ Kirk Somers | |||||||
| Date: June 22, 2022 | Date: June 22, 2022 | |||||||
| Chief Executive Officer | ||||||||
Exhibit 10.1
Exhibit A: Release Agreement
[Release Agreement begins on next page.]
[The Parties should only execute the Release Agreement following expiration of the Transition Term.]
Exhibit 10.1
Release Agreement
This Release Agreement (the “Agreement”) by and between Cardlytics, Inc. (the “Company”) and Kirk Somers (“You” or “Your”) (collectively the “Parties”) is entered into and effective as of , (the “Effective Date”).
1.Release. In exchange for the consideration set forth in the Transition Agreement between the Parties dated June
, 2022 (the “Transition Agreement”), incorporated herein by reference, You release and discharge the Company1 from any and all claims or liability, whether known or unknown, arising out of any event, act or omission occurring on or before the day You sign this Agreement, including, but not limited to, claims arising out of Your employment or the cessation of Your employment, claims arising out of the Employment Retirement Income Security Act of 1974 (ERISA), 29 U.S.C. §§ 1001-1461, claims for breach of contract, tort, negligent hiring, negligent training, negligent supervision, negligent retention, employment discrimination, retaliation, or harassment, as well as any other statutory or common law claims, at law or in equity, recognized under any federal, state, or local law. You also release any claims for unpaid back pay, sick pay, vacation pay, expenses, bonuses, claims arising out of or relating to equity or other ownership interest in the Company, claims to commissions, attorneys’ fees, or any other compensation. You agree that You are not entitled to any additional payment or benefits from the Company, except as set forth in this Agreement. You further agree that You have suffered no harassment, retaliation, employment discrimination, or work-related injury or illness, and that You do not believe that this Agreement is a subterfuge to avoid disclosure of sexual harassment or gender discrimination. You acknowledge and represent that You (i) have been fully paid (including, but not limited to, any overtime to which You are entitled, if any) for hours You worked for the Company and (ii) do not claim that the Company violated or denied Your rights under the Fair Labor Standards Act. Notwithstanding the foregoing, the release of claims set forth above does not waive (a) Your right to receive benefits under the Company’s employee benefit plans, if any, that either (1) have accrued or vested prior to the Effective Date, or (2) are intended, under the terms of such plans, to survive Your separation from the Company, (b) Your rights arising under this Agreement, (c) Your rights as a holder of equity interests in the Company, or (d) Your rights to indemnification against any third party claims asserted against You as a result of service as an employee or officer of the Company or a fiduciary of any employee benefit plan maintained by the Company.
2.OWBPA/ADEA Waiver. By agreeing to this provision, You release and waive any right or claim against the Company1 arising out of Your employment or the termination of Your employment with the Company under the Age Discrimination in Employment Act, as amended, 29 U.S.C. § 621 et seq. (“ADEA”), the Older Workers Benefit Protection Act, 29 U.S.C. § 621 et seq. (“OWBPA”), and the Georgia Prohibition of Age Discrimination in Employment, O.C.G.A.
§ 34-1-2 (such release and waiver referred to as the “Waiver”). You understand and agree that, (i) this Agreement is written in a manner that You understand; (ii) You do not release or waive rights or claims that may arise after You sign this Agreement; (iii) You waive rights and claims You may have had under the OWBPA and the ADEA, but only in exchange for payments and/or benefits in addition to anything of value to which You are already entitled; (iv) You are advised to consult with an attorney before signing this Agreement; (v) You have twenty-one (21) calendar days from receipt of this Agreement to consider whether to sign it (the “Offer Period”). The Parties agree that the Company may revoke this offer at any time. However, if You sign before the end of the Offer Period, You acknowledge that Your decision to do so was knowing, voluntary, and not induced by fraud, misrepresentation, or a threat to withdraw, alter, or provide different terms prior to the expiration of the Offer Period. You agree that changes or revisions to this Agreement, whether material or immaterial, do not restart the running of the Offer Period; (vi) You have seven (7) calendar days after signing this Agreement to revoke this Agreement (the “Revocation Period”). If You revoke, the Agreement shall not be effective or enforceable and You shall not be entitled to the consideration set forth in this Agreement. To be effective, the revocation must be in writing and received by the Company’s Vice President of People Operations, James Hart, at 675 Ponce de Leon Avenue, Suite 6000, Atlanta, Georgia, 30308, prior to expiration of the Revocation Period; and (vii) this Waiver shall not become effective or enforceable until the Revocation Period has expired.
3.No Admission of Liability. This Agreement is not an admission of liability by You or the Company.1 You and the Company each denies any liability whatsoever. You and the Company enter into this Release Agreement to reach a mutual agreement concerning Your separation from the Company.
4.Entire Agreement. This Agreement, the Transition Agreement, and the Employment Covenants Agreements executed by You on June 25, 2014 and March 1, 2022 (the “Prior Agreements”) (collectively the “Agreements”) constitute the entire agreement between the Parties. The Prior Agreements are incorporated by reference, and any of Your post- termination obligations contained in the Prior Agreements shall remain in full force and effect, and shall survive cessation of Your employment. You acknowledge that Your post-termination obligations contained in the Prior Agreements are valid, enforceable and reasonably necessary to protect the interests of the Company, and You agree to abide by such obligations. These Agreements supersede any prior communications, agreements or understandings, whether oral or written, between the Parties arising out of or relating to Your employment and the termination of that employment. Other than the Agreements, no other representation, promise or agreement has been made with You to cause You to sign this Agreement.
1 For purposes of Sections 1, 2, and 3 of this Agreement, the term “Company” means the Company, the Company’s parents, subsidiaries, affiliates, and all related companies, as well as each of their respective current and former officers, directors, shareholders, members, managers, employees, agents, and any other representatives, any employee benefits plan of the Company, and any fiduciary of those plans.
Exhibit 10.1
5.Non-Interference. Notwithstanding anything to the contrary set forth in this Agreement or in any other agreement between You and the Company, nothing in this Agreement or in any other agreement shall limit Your ability, or otherwise interfere with Your rights, to (a) file a charge or complaint with the Equal Employment Opportunity Commission, the National Labor Relations Board, the Occupational Safety and Health Administration, the Securities and Exchange Commission, or any other federal, state, or local governmental agency or commission (each a “Government Agency”),
(b) communicate with any Government Agency or otherwise participate in any investigation or proceeding that may be conducted by any Government Agency, including providing documents or other information, without notice to the Company, (c) receive an award for information provided to any Government Agency, or (d) engage in activity specifically protected by Section 7 of the National Labor Relations Act, or any other federal or state statute or regulation
6.Governing Law/Consent to Jurisdiction and Venue. The laws of the State of Georgia shall govern this Agreement. If Georgia’s conflict of law rules would apply another state’s laws, the Parties agree that Georgia law shall still govern. You agree that any and all claims arising out of or relating to this Agreement shall be brought solely and exclusively in a state or federal court of competent jurisdiction in Georgia. You consent to the personal jurisdiction of the state and/or federal courts located in Georgia. You waive (i) any objection to jurisdiction or venue, or (ii) any defense claiming lack of jurisdiction or improper venue, in any action brought in such courts.
7.Voluntary Agreement. You acknowledge the validity of this Agreement and represent that You have the legal capacity to enter into this Agreement. You acknowledge and agree You have carefully read the Agreement, know and understand the terms and conditions, including its final and binding effect, and sign it voluntarily.
8.Execution. This Agreement may be executed in one or more counterparts, including, but not limited to, facsimiles and scanned images. Each counterpart shall for all purposes be deemed to be an original, and each counterpart shall constitute this Agreement.
If the terms set forth in this Agreement are acceptable, please initial each page, sign below, and return the signed original to the Company on or before the 21st day after You receive this Agreement. If the Company does not receive a signed original on or before the 21st day after You receive this Agreement, then this offer is automatically revoked, and You shall not be entitled to the consideration set forth in Section 3 of the Transition Agreement.
IN WITNESS WHEREOF, the Parties hereto have executed this Agreement as of the Effective Date.
| Cardlytics, Inc. | Kirk Somers | |||||||
| /s/ Lynne M. Laube | /s/ Kirk Somers | |||||||
| Date: June 22, 2022 | Date: June 22, 2022 | |||||||
| Chief Executive Officer | ||||||||
Exhibit 10.2
| General Services Agreement | ||
| Contract Title: | General Services | Agreement Number: CW1649578 | ||||||||||||
| Vendor Name: | Cardlytics, Inc. | Effective Date: Upon date of last signature | ||||||||||||
| Vendor Address: | 675 Ponce de Leon Ave., Suite 6000 Atlanta, GA 30308 | Expiration Date: July 31, 2025 | ||||||||||||
| Vendor Telephone: | 888-798-5802 | |||||||||||||
------------------------------------------------------------------------------------------------------------------------------------------------------------------
Proprietary & Confidential | Table of Contents - 1 | Rev 10/2020 | ||||||
Certain information has been excluded from this agreement (indicated by “[***]”) because such information (i) is not material and (ii) would be competitively harmful if publicly disclosed.
Exhibit 10.2
| General Services Agreement | ||
This GENERAL SERVICES AGREEMENT ("Agreement") is entered into as of the Effective Date by and between Bank of America, N.A. ("Company"), a national banking association, and the above-named Vendor, a Delaware corporation, and consists of this signature page and the attached Terms and Conditions, Schedules, and all other documents attached hereto, which are incorporated in full by this reference.
Cardlytics, Inc. (“Vendor”)
Name: Andy Christiansen
Title: CFO
Address for Notices:
675 Ponce de Leon Ave. Suite 6000
Atlanta, GA 30308
ATTN: Legal Department
Telephone: N/A
Email: [***]
Bank of America, N.A. ("Company")
Name: Sam Griffin
Title: Sr. Sourcing Specialist
Address for Notices:
ATTN: Vendor Management
Bank of America
201 N. Tryon St.
Charlotte, NC 28255, NC1-022-15-21
ATTN: General Counsel
Bank of America
201 N. Tryon St.
Charlotte, NC 28255, NC1-022-15-21
In the case of a Time Sensitive Notice, a copy to:
ATTN: Sourcing Manager
Bank of America
201 N. Tryon St.
Bank of America
201 N. Tryon St.
Charlotte, NC 28255, NC1-022-15-21
Proprietary & Confidential | Table of Contents - 1 | Rev 10/2020 | ||||||
Certain information has been excluded from this agreement (indicated by “[***]”) because such information (i) is not material and (ii) would be competitively harmful if publicly disclosed.
Exhibit 10.2
| General Services Agreement | ||
Table of Contents
1.0 DEFINITIONS | |||||
2.0 SCOPE OF THE AGREEMENT | |||||
3.0 RELATIONSHIP MANAGER | |||||
4.0 TERM OF AGREEMENT | |||||
5.0 TERMINATION | |||||
6.0 PRICING/FEES | |||||
7.0 INVOICES/TAXES/PAYMENT | |||||
8.0 MUTUAL REPRESENTATIONS AND WARRANTIES | |||||
9.0 REPRESENTATIONS AND WARRANTIES OF VENDOR | |||||
10.0 FINANCIAL RESPONSIBILITY | |||||
11.0 BUSINESS CONTINUITY | |||||
12.0 RELATIONSHIP OF THE PARTIES | |||||
13.0 VENDOR PERSONNEL | |||||
14.0 INSURANCE | |||||
15.0 CONFIDENTIALITY | |||||
16.0 DATA USAGE | |||||
17.0 INFORMATION PROTECTION | |||||
18.0 INDEMNITY | |||||
19.0 LIMITATION OF LIABILITY | |||||
20.0 VENDOR DIVERSITY | |||||
21.0 ENVIRONMENTAL, SOCIAL, AND GOVERNANCE | |||||
22.0 AUDIT | |||||
23.0 NON-ASSIGNMENT | |||||
24.0 GOVERNING LAW | |||||
25.0 DISPUTE RESOLUTION | |||||
26.0 MEDIATION/ARBITRATION | |||||
27.0 NON-EXCLUSIVE NATURE OF AGREEMENT | |||||
28.0 OWNERSHIP OF WORK PRODUCT | |||||
29.0 DIVESTITURE | |||||
30.0 MISCELLANEOUS | |||||
31.0 ENTIRE AGREEMENT | |||||
32.0 PERSONAL DATA PROTECTION – EUROPEAN ECONOMIC AREA | |||||
SCHEDULES
SCHEDULE SERVICES
SCHEDULE SERVICE FEES
SCHEDULE PERFORMANCE MEASUREMENTS
SCHEDULE INFORMATION SECURITY
SCHEDULE BACKGROUND CHECKS
SCHEDULE RECOVERY
SCHEDULE USE OF CLOUD SERVICES
Proprietary & Confidential | Table of Contents – 2 | Rev 10/2020 | ||||||
Certain information has been excluded from this agreement (indicated by “[***]”) because such information (i) is not material and (ii) would be competitively harmful if publicly disclosed.
Exhibit 10.2
1.0 DEFINITIONS | ||
All capitalized terms in this Agreement not defined in this Section shall have the meanings set forth in the Sections or Schedules of this Agreement in which they are defined.
1.1Affiliate – a business entity now or hereafter controlled by, controlling or under common control with a Party. Control exists when an entity owns or controls directly or indirectly at least fifty percent (50%) plus one share of the outstanding equity representing the right to vote for the election of directors or other managing authority of another entity.
1.2Aggregated Consumer Information means information that relates solely to a group or category of consumers, from which individual consumer identities have been removed that is not linked or reasonably linkable to any one consumer or household, including via any device or other physical object that is capable of connecting to the Internet, directly or indirectly, or to another device.
1.3Associate Information – any information about a Company Representative (whether past, present or prospective), whether in paper, electronic, or other form that is maintained by or on behalf of Company.
1.4Business Day – Monday through Friday, excluding days on which Company is not open for business in the United States of America.
1.5Consumer Information – any record about an individual, whether in paper, electronic, or other form, that is a consumer report as such term is defined in the Fair Credit Reporting Act (15 USC 1681 et seq.) or is derived from a consumer report and that is maintained or otherwise possessed by or on behalf of Company for a business purpose. Consumer Information also means a compilation of such records. The term does not include any record that does not identify an individual.
1.6Customer Information – any record containing information about a customer (whether past, present or prospective), its usage of Company’s services, or about a customer’s accounts, whether in paper, electronic, or other form that is maintained by or on behalf of Company for a business purpose.
1.7Data Protection Laws – all laws, regulations or other binding rules regarding the processing of Personal Data that are applicable to the Services, including without limitation the U.S. Privacy Laws as defined in the Section entitled “CONFIDENTIALITY.”
1.8Effective Date – the date set forth on the signature page on which this Agreement, or an Order, as applicable, takes effect.
1.9Expiration Date – the date set forth on the signature page on which this Agreement, or an Order, as applicable, expires, unless terminated earlier or extended under the terms hereof.
1.10Governmental Authority - any nation or government, any state or other political subdivision thereof and any entity exercising executive, legislative, judicial, regulatory or administrative functions of or pertaining to government.
1.11Information Security Program – the policies, procedures, plans, processes, practices, roles, responsibilities, resources and structures that describe how the Vendor protects information and information systems from unauthorized access, use, disclosure, disruption, modification, and destruction in order to provide confidentiality, integrity, and availability in a manner that complies with the confidentiality and information protection requirements of this Agreement and all pertinent Schedules and Exhibits hereto.
1.12Intellectual Property Rights – all intellectual property rights throughout the world, including copyrights, patents, mask works, trademarks, service marks, trade secrets, inventions (whether or not patentable), know how, authors’ rights, rights of attribution, sui generis rights on databases, and other proprietary rights and all applications and rights to apply for registration or protection of such rights.
1.13Local Participation Agreement – an amendment or addendum to this Agreement in a form agreeable to the Parties and signed by the Parties as well as (if required by local law or desired by a Party) a Party’s Affiliates giving or receiving the Services subject to the Local Participation Agreement, which modifies this Agreement to permit performance or delivery of the Services in one or more countries or other autonomous or semi-autonomous territories outside of the United States
1.14Model - a quantitative method, system or approach that applies statistical, economic, financial or mathematical theories, techniques and assumptions to process input data into quantitative estimates, which ,includes,.1) an information input component that delivers assumptions and data to the model; 2) a processing component that transforms inputs into estimates; and 3) a reporting/output component that translates estimates into useful business information; or 4) any artificial intelligence using deep learning, ensemble learning, natural language processing, neural networks, or reinforcement learning.
Proprietary & Confidential | Terms and Conditions –1 | Rev 10/2020 | ||||||
Certain information has been excluded from this agreement (indicated by “[***]”) because such information (i) is not material and (ii) would be competitively harmful if publicly disclosed.
Exhibit 10.2
1.15Order – any written agreement or instrument which documents and constitutes the description of Services Vendor will render to Company and the fees for such Services however denominated, including without limitation a product license schedule, statement of work, purchase order or work order, and which is executed by, or is an electronic transmission originated by, an authorized officer of Company’s Procurement Services and Vendor Management groups, substantially conforming to a form provided to Vendor by Company. Unless otherwise provided in writing, the business terms in each Order relating to description of Services, pricing, and performance standards shall apply only to such Order.
1.16Party – Company or Vendor.
1.17Personal Data, Personal Information - (a) any "personal data" or “personally identifiable information” as defined or regulated by the Data Protection Laws; and (b) any information that relates to a living individual who can be identified either from that information alone or when combined with other information.
1.18Personal Data Breach- a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, Personal Data.
1.19Process, Processing, Processed – with respect to Personal Data applicable to or relating to the Services, the collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction thereof, including without limitation all activities ascribed to such term(s) in the General Data Protection Regulation (EU 2016/679) any regulatory interpretations, guidance, orders and similar publications concerning the same.
1.20Records – information created, received and maintained as evidence and information by an organization or person, in pursuit of legal obligations or in the transaction of business.
1.21Regulator - each Governmental Authority having regulatory or supervisory authority over Company or a Company Affiliate.
1.22Relationship Manager(s) – the employee designated by a Party to act on its behalf with regard to matters arising under this Agreement who shall be the person the other Party shall contact in writing regarding matters concerning this Agreement.
1.23Representative – an employee, officer, director, or agent of a Party.
1.24Services (also referred to herein as "Products" or "products") - the services as may be generally described on an attached SCHEDULE to this Agreement and/or as described in each Order, including without limitation all professional, management, labor and general services, together with any materials, supplies, products, tangible items or other goods Vendor furnishes in connection with such services.
1.25Special Resolution Event - shall mean any of the following events affecting Company or a Company Affiliate: (a) a transfer of the shares of Company or a Company Affiliate to a Special Resolution Recipient so that such entity is no longer an Affiliate; (b) a transfer of all or part of the business of Company or a Company Affiliate by way of asset transfer to an entity that is not an Affiliate; (c) with respect to Company or a Company Affiliate, the appointment of a Special Resolution Regulator as receiver of such entity; (d) with respect to Company or a Company Affiliate, the invocation of the Orderly Liquidation Authority by the Secretary of the United States Department of the Treasury; or (e) with respect to Company or a Company Affiliate, an insolvency filing or order or an administration order imposed by a Governmental Authority.
1.26Special Resolution Recipient - any entity to which all or a substantial part of the assets of Company or a Company Affiliate has been transferred as a result of a Special Resolution Event so that such entity after such transfer is not an Affiliate of Company (including in each case, without limitation, the creation of a bridge bank, bridge holding company or bridge finance company).
1.27Special Resolution Regulators - the Federal Deposit Insurance Corporation, other agencies, or regulators entrusted with administering the Special Resolution Events or their successors, or equivalent authorities outside of the US entrusted with administering Special Resolution Events.
1.28Subcontractor – a third party, including, but not limited to, Sub-processors, to whom Vendor has delegated or subcontracted any portion of its obligations set forth herein.
1.29Sub-processor - a Personal Data processor engaged by Vendor to undertake all or part of Vendor’s Processing obligations pursuant to this Agreement.
1.30Term – the initial term of the Agreement or any renewal or extension.
1.31Time Sensitive Notice - any notice provided under this Agreement pursuant to any of the following: SECTIONS entitled “TERM OF AGREEMENT,” “TERMINATION,” “FINANCIAL RESPONSIBILITY,” “CONFIDENTIALITY,” “INFORMATION PROTECTION,” “AUDIT,” “OWNERSHIP OF WORK PRODUCT” and the SCHEDULE entitled “INFORMATION SECURITY.”
Proprietary & Confidential | Terms and Conditions –2 | Rev 10/2020 | ||||||
Certain information has been excluded from this agreement (indicated by “[***]”) because such information (i) is not material and (ii) would be competitively harmful if publicly disclosed.
Exhibit 10.2
1.32Vendor Security Controls – those controls implemented by Vendor as part of its Information Security Program that address each of the applicable Bank Security Requirements.
1.33Work Product – all information, data, materials, discoveries, inventions, works of authorship, documents, documentation, models, computer programs, software (including source code and object code), firmware, designs, drawings, specifications, processes, procedures, techniques, algorithms, diagrams, methods, and all tangible embodiments of each of the foregoing (in whatever form and media) conceived, created, reduced to practice or prepared by or for Vendor at the request of Company pursuant to this Agreement or within the scope of Services provided under this Agreement, whether or not prepared on Company’s premises and all Intellectual Property Rights therein.
2.0 SCOPE OF THE AGREEMENT | ||
2.1Vendor shall perform the Services described in each applicable Order in accordance with this Agreement and the service levels, specifications and timeframes set forth in such Order, and in accordance with performance measurements set forth in the SCHEDULE entitled “PERFORMANCE MEASUREMENTS,” or an applicable Order.
2.2All Services shall be processed and/or provided, whether in part or in whole, by Vendor, its employees, Representatives and/or Subcontractors on and from a location or locations in one (1) or more of the fifty (50) states of the United States of America or in the District of Columbia, unless Company agrees in advance in writing, which writing may include the Parties’ execution of a mutually agreed Local Participation Agreement for Services that are provided outside the United States as provided below in this Section. Vendor shall not relocate the provision of Services to another location without Company’s prior written consent. Any request for approval of such relocation shall designate the Services and Vendor Representative involved and the location of the proposed Vendor facility for performance of such Services. Vendor shall remain responsible for compliance with all of its obligations under this Agreement with respect to the relocated Services, and shall ensure that any such relocation does not adversely affect Company or its Affiliates. Any such relocation shall be at Vendor’s sole expense, and Company shall not be responsible for any expenses incurred or increases in charges or costs resulting from any such relocation, including increased operational costs of Company. Vendor shall be responsible for complying with all laws with respect to its relocation effort and the provision of Services from the site to which such Services are relocated.
2.3To the extent available, all documentation will be provided in printed and electronic formats. Except as otherwise provided in the SECTION entitled “OWNERSHIP OF WORK PRODUCT,” Company may use and reproduce for internal purposes all documentation furnished by Vendor, including displaying the documentation on Company’s intranet or other internal electronic distribution system, in part or in whole.
2.4All instruments, such as Orders, acknowledgments, invoices, schedules used in conjunction with this Agreement ("Instruments") shall be for the sole purpose of defining quantities, prices and describing the Services to be provided hereunder, and to this extent only are incorporated as a part of this Agreement. Any preprinted terms and conditions included in Instruments, posted on any website, or included with any media (including terms where acquiescence, approval or agreement requires a mouse click or an electronic signature) shall not be, incorporated into nor construed to amend the terms of this Agreement. Any Instrument submitted to Company by Vendor in connection with this Agreement shall reference, as applicable, Order number and Agreement number.
2.5Vendor shall deliver to Company and keep current a list of persons, emails and telephone numbers ("Contact List") for Company to contact in order to obtain answers to questions related to the Services set out in the Order. The Contact List shall include (1) the first person to contact if a question arises or problem occurs and (2) the persons in successively more responsible or qualified positions to provide the answer or assistance desired. If Vendor does not respond promptly to any request by Company for consultative service, then Company may attempt to contact the next more responsible or qualified person on the Contact List until contact is made and a designated person responds accordingly.
2.6Vendor expressly acknowledges and agrees that the rights of Company set forth in this Agreement shall inure to all Company Affiliates and such Affiliates may execute Orders and purchase Services hereunder. Company expressly acknowledges and agrees that the Services may be provided by Vendor Affiliates and such Vendor Affiliates may execute Orders and deliver Services hereunder. Notwithstanding the foregoing two sentences, neither the delivery of Services by Affiliates of Vendor or receipt of Services by Affiliates of Company, nor the execution of Orders by Affiliates of Company or Vendor, shall relieve or release Company and Vendor from primary liability for the obligations, representations, warranties and covenants under this Agreement. For Services performed by Vendor or an Affiliate of Vendor for Company or any Affiliate of Company in countries outside the United States, the Parties and their appropriate local Affiliates (to the extent local Affiliate execution is required by law or desired by the applicable Party) will execute a Local Participation Agreement. Vendor shall have the right to assert against Company all of the claims, offsets, and defenses that the applicable Vendor Affiliate has under this Agreement or the relevant Order, including any express limitations of liability set forth in this Agreement. All claims relating to the rights and obligations of Company or its Affiliates or Vendor or its Affiliates or Subcontractors under this Agreement or any Order shall be resolved between Company and Vendor in accordance with the SECTIONS entitled "DISPUTE RESOLUTION" and "MEDIATION/ARBITRATION" in this Agreement, regardless of the location where the claim originates, and under no circumstances will Company or its Affiliates or Vendor or its Affiliates or Subcontractors bring any legal action, suit or proceeding in any way arising out of this Agreement and any Order in any jurisdiction except as set forth in such Sections.
Proprietary & Confidential | Terms and Conditions –3 | Rev 10/2020 | ||||||
Certain information has been excluded from this agreement (indicated by “[***]”) because such information (i) is not material and (ii) would be competitively harmful if publicly disclosed.
Exhibit 10.2
2.7If no data transfer agreement satisfying applicable Data Protection Laws is appended to this Agreement covering all Services to be provided under this Agreement, Vendor shall enter into one or more data transfer agreements as Company may reasonably require to ensure its compliance with such Data Protection Laws (which agreements may be part of an Order) in the event (a) Vendor intends to transfer or is required to transfer any Personal Information outside the country in which the Services are provided, and/or (b) Company intends to or is required to transfer any Personal Information to Vendor or a Vendor Affiliate outside the country in which the Services are provided. Such agreements shall be made prior to any such transfer of Personal Information occurring. Vendor shall provide such commercially reasonable assistance to Company as may be required for Company to register or file such data transfer agreements or other data transfer information with local authorities with jurisdiction over such agreements or data transfers, and shall take any steps that are legally required to adequately implement and legitimize such data transfers in accordance with Applicable Law of the country with jurisdiction over the data transfers.
3.0 RELATIONSHIP MANAGER | ||
3.1Each Party shall designate an employee Relationship Manager(s) to act on its behalf with regard to matters arising under this Agreement and shall notify the other Party in writing of the name of its Relationship Manager; however, the Relationship Manager shall have no authority to alter or amend any term, condition, or provision of this Agreement. Either Party may change its Relationship Manager(s) by providing the other Party prior written notice. The Relationship Manager must be identified in a writing delivered to the other Party at least one (1) week prior to the commencement of any work under this Agreement.
3.2The Relationship Manager(s) shall meet via conference call with such frequency as Company’s Relationship Manager(s) shall reasonably request. Company may require meetings in person at a site designated by Company.
4.0 TERM OF AGREEMENT | ||
4.1This Agreement shall be in effect from the Effective Date through the Expiration Date indicated on the signature page ("Initial Term") unless terminated earlier or extended under the terms of this Agreement. Company shall have the right to extend this Agreement for an additional twelve (12) month(s) (“Renewal Term”) by giving Vendor written notice of its intent at least ninety (90) calendar days prior to the end of the Initial Term or any Renewal Term. If Company does not notify Vendor of its intent to renew or terminate this Agreement, the Agreement shall continue in effect on a month-to-month basis, at the prices in effect in each applicable Order, for the Term just expired, until terminated by either Party upon at least ninety (90) calendar days prior written notice to the other.
5.0 TERMINATION | ||
5.1Company may terminate this Agreement or any Order (or portion thereof) under this Agreement for its convenience, without cause, at any time without further charge or expense upon at least ninety (90) calendar days prior written notice to Vendor. Termination of one Order (or portion thereof) shall not cause a termination of this Agreement or any other Order (or portion thereof), unless otherwise specified by Company.
Proprietary & Confidential | Terms and Conditions –4 | Rev 10/2020 | ||||||
Certain information has been excluded from this agreement (indicated by “[***]”) because such information (i) is not material and (ii) would be competitively harmful if publicly disclosed.
Exhibit 10.2
5.2In addition to any other remedies available to either Party, upon the occurrence of a Termination Event (as defined below) with respect to either Party, the other Party may immediately terminate this Agreement or the Order that is subject of the Termination Event by providing written notice of termination. A Termination Event shall have occurred if: (a) a Party materially breaches its obligations under this Agreement or an Order under this Agreement, and the breach is not cured within thirty (30) calendar days after written notice of the breach and intent to terminate is provided by the other Party; (b) Vendor breaches one or more of its obligations under this Agreement or an Order three (3) times in any six (6) month period with written notification of such to Vendor, whether or not cure is effected; (c) Vendor breaches an obligation under the Agreement or an Order that is not susceptible to cure; (d) to the extent Vendor’s performance obligations under this Agreement or any Order are subject to service level requirements, performance indicators or similar measurement standards, Vendor fails to meet such measurement standards more frequently than the allowable maximum, if any, of missed measurement standards provided in this Agreement or the relevant Order, (e) a Party becomes insolvent (generally unable to pay its debts as they become due) or the subject of a bankruptcy, conservatorship, receivership, dissolution, winding up or similar proceeding, or makes a general assignment for the benefit of its creditors; (f) Vendor either: (i) merges with another entity , (ii) suffers a transfer involving fifty percent (50%) or more of any class of its voting securities or (iii) transfers all, or substantially all, of its assets; (g) in providing Services hereunder, Vendor violates any law or regulation, or causes Company to be in material violation of any law or regulation; (h) Company has the right to terminate under the SECTION entitled “PRICING/FEES”; (i) a Party attempts to assign this Agreement in breach of the SECTION entitled “NON-ASSIGNMENT;” or (j) Company is directed or instructed by a Governmental Authority to terminate or exit this Agreement. Breach of one Order shall not cause a breach of any other Order, unless otherwise specified in writing by the non-breaching Party in the applicable Order. In the event of a transfer in 5.2 (f) above, Vendor shall provide notice to Company as soon as reasonably practicable prior to the legal closing of such transfer to the extent such notice is legally permitted, or if prior notice is not legally permitted, in no event later than five (5) Business Days after such transfer is made public. Termination based upon a Termination Event shall be without fee or charge to Company notwithstanding any other term or provision of this Agreement to the contrary; provided, however, that Company shall be obligated to pay undisputed amounts as provided in the SCHEDULE entitled “PERFORMANCE MEASUREMENTS,” or any Order for Services already performed or provided, and provided further that nothing herein shall constitute a release by Vendor of Company relative to any claims or actions that Vendor is otherwise entitled to bring under this Agreement or at law or in equity.
5.3In the event of expiration or termination of this Agreement or an Order under this Agreement, Vendor agrees that upon the request of Company, Vendor will, at no additional cost to Company, continue uninterrupted operations, conclude and cooperate with Company in the transition of the business at Company’s direction and in a manner that causes no material disruption to Company business and operations. The fees associated with such transition shall be in accordance with the fees in effect at the expiration or termination of this Agreement. In no event shall the transition be more than one hundred eighty (180) calendar days from the date of termination unless the Parties otherwise agree in writing; provided, however, if the event of termination constitutes, results from or is caused by a Special Resolution Event, the transition shall be no more than twenty-four (24) months starting from the applicable Special Resolution Event, with the specific period to be specified by Company as soon as practicable following the Special Resolution Event, unless the Special Resolution Regulators require the transition to be provided for a different period (whether longer or shorter) in which case, the transition permitted shall be the period required by the Special Resolution Regulators. For the avoidance of doubt, Company agrees to pay Vendor all undisputed fees for Services rendered up to the date of termination or expiration pursuant to the related terms hereunder. Reimbursement of all extraordinary costs and expenses incurred outside of the Agreement terms and conditions will be agreed upon by Vendor and Company in writing prior to their incurrence.
5.4The rights and obligations of the Parties which by their nature must survive termination or expiration of this Agreement in order to achieve its fundamental purposes including, without limitation, the provisions of the SECTIONS entitled “AUDIT,” “CONFIDENTIALITY” “INFORMATION PROTECTION,” “INDEMNITY,” “LIMITATION OF LIABILITY,” “MEDIATION/ARBITRATION,” “OWNERSHIP OF WORK PRODUCT,” “MISCELLANEOUS,” and subsections 5.5 and 5.6 of the “TERMINATION” provisions shall survive in perpetuity any termination of this Agreement.
5.5Following the occurrence of a Special Resolution Event, but prior to the execution of an applicable Special Resolution Services Agreement (as defined below): (a) Vendor shall not terminate this Agreement as a result of the occurrence of such Special Resolution Event notwithstanding anything to the contrary set forth in this Agreement and each Special Resolution Recipient shall be entitled to continue to receive the benefit of this Agreement for a period of twenty-four (24) months from the occurrence of the triggering Special Resolution Event, or any longer period if required by the Special Resolution Regulators (the “Interim Period”), provided that in the case of an asset transfer transferred assets shall be entitled to receive the benefit of this Agreement; (b) no Special Resolution Recipient is a party to, or intended third party beneficiary under, this Agreement and has no rights to enforce this Agreement; provided, however, that Company or its Affiliates may directly enforce this Agreement for and on behalf of such Special Resolution Recipient and Vendor may enforce this Agreement against Company in connection with Services provided to a Special Resolution Recipient; and (c) in the event that any Special Resolution Recipient elects to continue to use Services under this Agreement during the Interim Period, Vendor shall bill such Special Resolution Recipient directly for that portion of the Services received by Special Resolution Recipient and shall proportionately adjust the fees due and owing, if any, by Company or its Affiliates.
Proprietary & Confidential | Terms and Conditions –5 | Rev 10/2020 | ||||||
Certain information has been excluded from this agreement (indicated by “[***]”) because such information (i) is not material and (ii) would be competitively harmful if publicly disclosed.
Exhibit 10.2
5.6Within a reasonable time following the occurrence of a Special Resolution Event, Vendor shall offer to enter into a direct agreement (the “Special Resolution Services Agreement”) for the supply of all or part of the relevant Services or use of all or part of the Work Product on terms substantially the same as this Agreement (revised to the extent necessary to account for changes resulting from the Special Resolution Event) with each Special Resolution Recipient. Upon execution of each Special Resolution Services Agreement, the fees due and owing under this Agreement shall be adjusted proportionately to reflect any reduction in the scope and volume of the Services, if any, utilized by Company or its Affiliates after the transfer to the Special Resolution Recipient. Upon the effective date of each Special Resolution Services Agreement, the Special Resolution Recipient that is a party to such agreement shall cease to have any entitlement to Services or Work Product under this Agreement.
6.0 PRICING/FEES | ||
6.1Company shall pay Vendor for Services provided under this Agreement as set forth in the applicable Order. Vendor shall pay in full prior to delinquency any Representative or Subcontractor utilized by Vendor in connection with the Services, and shall indemnify, defend and hold Company harmless for Vendor’s failure to make any such payments, including that Vendor shall promptly cause the release of any lien filed or assessed against any property of Company by a Vendor Representative or Subcontractor. If Vendor fails to pay any Representative or Subcontractor following the expiration of ten (10) Business Days after Company delivers written demand upon Vendor to make any such payment or payments, then Company may, but shall have no obligation to, pay such Representative or Subcontractor directly and Vendor shall promptly on Company’s demand reimburse Company for the amount of such payment or payments. If Vendor fails to reimburse Company promptly on demand, Company may offset such payment or payments against amounts Company owes to Vendor under this Agreement. For the avoidance of doubt, Vendor’s failure to make payment to any Representative or Subcontractor or to reimburse Company under this Section shall constitute a material breach of this Agreement.
6.2Company shall not be required to pay for Services that are: (a) not requested by Company and documented in an Order signed by a Company signatory or notice addressee identified on page 1 of this Agreement (provided, however, that in such circumstance Company may at its discretion pay for such Services subject to a discount of twenty-five percent (25%) of the total invoice amount without waiver of its rights under this Section with respect to future violations, and Vendor shall accept such amount in full satisfaction of compensation and reimbursement for such Services), or (b) not meeting the requirements of this Agreement and all pertinent Schedules and Exhibits hereto or any of the service levels, specifications, performance measurements and timeframes set forth in the applicable Order. Fees for additional Services not listed in the SCHEDULE entitled "SERVICE FEES" or an applicable Order shall be as mutually agreed in writing between Company and Vendor prior to performance. No fees for additional Services shall be due unless such Services and fees are agreed to in writing by Company prior to Vendor’s performance thereof.
6.3[intentionally omitted]
6.4[intentionally omitted]
7.0 INVOICES/TAXES/PAYMENT | ||
7.1Vendor shall electronically conduct purchase order and invoice transactions in accordance with the then-current requirements specified by Company, including, but not limited to, use of the Ariba Network (unless otherwise specified in an Order or Local Participation Agreement). Vendor shall, at no additional cost to Company, ensure Vendor has the capability to transact utilizing the Ariba Network, if applicable to Vendor, or other processor network designated by Company. Vendor shall be responsible for payment of any fees assessed by Ariba or any other processors for registration, participation in or use of the Ariba Network or any other processor network. Under no circumstance shall Company be liable for any costs, fees or other liabilities arising out of or related to Vendor’s use of Ariba or any other processor designated by Company.
7.2Vendor shall submit invoices on a monthly basis, or as set forth in the applicable Order, and invoices shall contain such detail as Company may reasonably require from time to time, including reference to the Agreement number at the top of this Agreement and any Order numbers. Company requires Vendor to bill for Services and tangible personal property separately. Company also requires Vendor to include, on the face of the invoice, the “ship to” address for any purchase of tangible personal property and the location where the Services are performed. Amounts shall be invoiced promptly after the Services performed or Work Product delivered. Amounts not invoiced by Vendor to Company within three (3) months after such amounts could first be invoiced under this Agreement may not thereafter be invoiced, and Company shall not be required to pay such amounts.
7.3Payments will be made according to Company’s then-current payment policies. Unless otherwise specified in a Local Participation Agreement, Company requires Vendor to accept payment through electronic media in one of the following agreed upon methods: a credit card using the Company ePayables process, ACH, or electronic check. In the event that the agreed upon method of payment is through the Company ePayables process using purchase cards, the Vendor shall, at no additional cost to Company, ensure Vendor has the capability to process purchasing cards, prior to submitting invoices to Company.
Proprietary & Confidential | Terms and Conditions –6 | Rev 10/2020 | ||||||
Certain information has been excluded from this agreement (indicated by “[***]”) because such information (i) is not material and (ii) would be competitively harmful if publicly disclosed.
Exhibit 10.2
7.4Company shall pay Vendor for all Services and applicable taxes, including, without limitation, all sales, use and excise taxes, and also including any tax imposed outside the United States such as value added tax, GST, sales tax, purchase tax, turnover tax or similar taxes that apply now or in the future and including without limitation value added tax chargeable under or pursuant to the Value Added Tax Act 1994 and Council Directive 2006/112/EC and any replacements thereof (all of the foregoing taxes outside the United States being hereinafter “Foreign Services Taxes”), invoiced in arrears in accordance with the terms of this Agreement, within sixty (60) calendar days of the date of receipt of a valid invoice by Company. Company reserves the right to pay prior to the expiration of the sixty (60) day period.
7.5Invoices shall include and list all applicable sales, use or excise taxes and Foreign Services Taxes that are a statutory obligation of Company as separate line items identifying each separate tax category and taxing authority. Company will reimburse Vendor for all sales, use or excise taxes and Foreign Services Taxes levied in accordance with the general statutes or other authoritative directives of the taxing authority on amounts payable by Company to Vendor pursuant to this Agreement; however, Company shall not be responsible for remittance of such taxes to applicable tax authorities.
7.6Any withholding or other tax requirements imposed on Company that may arise in respect of any fees or other payments made under this Agreement to Vendor are solely the liability of Vendor. In the event that Company is required by laws of any relevant jurisdiction to withhold any amounts from payments made by Company to Vendor hereunder, Company will use commercially reasonable efforts to provide Vendor with tax certificates documenting remittance of such amounts to the relevant tax authorities upon Vendor’s written request. In the alternative, Vendor shall provide Company with validly executed certificates reasonably satisfactory to Company evidencing Vendor’s exemption from any withholding or other tax requirements at least ten (10) Business Days prior to the payment date to the extent provided by Applicable Laws.
7.7Company shall not be responsible for any ad valorem, income, gross receipts, franchise, privilege, value added or occupational taxes of Vendor. Company and Vendor shall each bear sole responsibility for all taxes, assessments and other real or personal property-related levies on its owned or leased real or personal property. If applicable, Vendor must ensure that the business personal property tax exemption granted to financial institutions by California, Missouri, Virginia, Maryland, South Carolina, or other states is properly applied.
7.8Vendor shall be responsible for the payment of all taxes (including Foreign Services Taxes), interest and penalties related to any assessment by a taxing authority as contemplated by this Section to the extent that Vendor fails to accurately and timely invoice Company for such taxes and remit such taxes directly to the applicable taxing authority. In the event that a taxing authority performs a sample and projection audit on Company, then Vendor shall be responsible for the payment of all projected tax amounts including all interest and penalties on any projected taxes assessed resulting from taxing errors identified by such taxing authority on Vendor’s invoices, provided however, that Vendor shall receive timely notice that such invoice is included in a tax authority’s audit and Vendor has the right to produce documentation to support that the tax was satisfied. In the event Vendor voluntarily registers to collect sales tax at some future date, and wishes to remit historical taxes Vendor deems due, Company will only be responsible for the taxes due for the time period that Company is statutorily obligated to the tax authorities in each state.
7.9Vendor shall fully cooperate with Company's efforts to identify taxable and nontaxable portions of amounts payable pursuant to this Agreement (including segregation of such portions on invoices) and to obtain refunds of taxes paid, where appropriate. Company may furnish Vendor with certificates or other evidence supporting applicable exemptions from sales, use, excise or Foreign Services taxation. If Company pays or reimburses Vendor under this Section, Vendor hereby assigns and transfers to Company all of its right, title and interest in and to any refund for taxes paid. Any claim for refund of taxes against the assessing authority may be made in the name of Company or Vendor, or both, at Company's option. Company may initiate and manage litigation brought in the name of Company or Vendor, or both, to obtain refunds of amounts paid under this Section. Vendor shall cooperate fully with Company in pursuing any refund claims, including any related litigation or administrative procedures.
7.10Vendor shall keep and maintain complete and accurate accounting Records in accordance with generally accepted accounting principles consistently applied to support and document all amounts becoming payable to Vendor hereunder. Upon request from Company and within a reasonably prompt time after such request, Vendor shall provide to Company (or a Representative designated by Company) access to such Records for the purpose of auditing such Records during normal business hours. Vendor shall retain all Records required under this Section in accordance with the SECTION entitled “AUDIT” of this Agreement, after the amounts documented in such Records become due. Vendor shall cooperate fully with Company and any taxing authority involving any audit of sales, use or excise taxes or Foreign Services Taxes. Upon request from Company, Vendor will provide copies of invoices in electronic form that have been selected for review by any taxing authority, together with documents supporting the identification of taxable and nontaxable portions of amounts reflected on such invoices as contemplated by this Section.
8.0 MUTUAL REPRESENTATIONS AND WARRANTIES | ||
8.1Each Party represents and warrants the following: (a) the Party’s execution, delivery and performance of this Agreement: (i) have been authorized by all necessary corporate action, (ii) do not violate the terms of any law, regulation, or court order to which such Party is subject or the terms of any material agreement to which the Party or any of its assets may be subject and (iii) are not subject to the consent or approval of any third party; (b) this Agreement is the valid and binding obligation of the representing Party, enforceable against such Party in accordance with its terms;
Proprietary & Confidential | Terms and Conditions –7 | Rev 10/2020 | ||||||
Certain information has been excluded from this agreement (indicated by “[***]”) because such information (i) is not material and (ii) would be competitively harmful if publicly disclosed.
Exhibit 10.2
and (c) such Party is not subject to any pending or threatened litigation or governmental action which could interfere with such Party's performance of its obligations hereunder.
9.0 REPRESENTATIONS AND WARRANTIES OF VENDOR | ||
9.1In rendering its obligations under this Agreement, without limiting other applicable performance warranties, Vendor represents and warrants to Company as follows: (a) Vendor is in good standing in the state of its incorporation and is qualified to do business as a foreign corporation in each of the other states in which it is providing Services hereunder; (b) Vendor shall secure or has secured all permits, licenses, regulatory approvals and registrations required to render Services set forth herein, including without limitation, registration with the appropriate taxing authorities for remittance of taxes; and (c) Vendor’s Representatives and Subcontractors are not employees or agents of, or otherwise affiliated with, any government or government instrumentality. With respect to 9.1(c), Vendor will inform Company of any change in status.
9.2Vendor represents and warrants that it shall perform the Services in a timely and professional manner using competent personnel having expertise suitable to their assignments. Vendor represents and warrants that the Services shall conform to or exceed, in all material respects, the specifications described herein, as well as the standards generally observed in the industry for similar services. Vendor represents and warrants that Services supplied hereunder shall be free of defects in workmanship, design and material. Vendor represents and warrants that the Work Product and Services furnished under this Agreement do not and shall not infringe, misappropriate or otherwise violate any Intellectual Property Rights or any other rights of any third party.
9.3As of the Effective Date, there are no actions, suits or proceedings pending, or to the knowledge of Vendor threatened, against Vendor, Vendor’s Representatives and Subcontractors alleging infringement, misappropriation or other violation of any Intellectual Property Rights related to any Work Product or Service contemplated by this Agreement.
9.4(a) Vendor shall, and shall be responsible for ensuring that Vendor’s Representatives and Subcontractors shall, perform all obligations of Vendor under this Agreement in compliance with all laws, rules, regulations and other legal requirements applicable to Vendor as well as applicable to Company as and to the extent such laws, rules, regulatory guidance, regulations and legal requirements relate to the Services (all such laws, rules, regulatory guidance, regulations and legal requirements being, hereinafter, “Applicable Laws”). With regard to compliance with Applicable Laws, Vendor acknowledges that Company has an obligation to its customers to prohibit unfair or deceptive acts in violation of section 5(a)(1) of the Federal Trade Commission Act, 15 U.S.C. 45(a)(1) and to comply with all applicable unclaimed property state regulatory requirements, among other Applicable Laws. All software, websites, web-based applications, online content and other electronic or information technology provided to or accessed by Company, its Affiliates, or their customers receiving Services under this Agreement shall conform with the World Wide Web Consortium’s Web Content Accessibility Guidelines 2.1, Conformance Level AA Success Criteria, or as amended, updated or successor guidelines that may be adopted by the World Wide Web Consortium. Applicable Laws shall include, without limitation, all labor and employment laws applicable to Vendor in the jurisdictions in which it or its Affiliates conduct business, including without limitation those that address child labor, forced labor, slavery, human trafficking, equal pay and nondiscrimination in the workforce. For purposes of child labor under the Agreement, a child is any person under the age of 15 unless Applicable Law sets a higher age. Vendor shall not engage in or encourage others to engage in human trafficking or the use of child labor, forced labor or slavery. Additionally, Vendor shall, and shall be responsible for ensuring that Vendor’s Representatives and Subcontractors shall, perform all obligations of Vendor under this Agreement in compliance with all policies, procedures, standards and other instructions of Company or its Affiliates, as the same may be amended from time to time in the sole discretion of Company or its Affiliates. Applicable policies, procedures and other instructions will be provided to Vendor by Company. Additionally, Vendor acknowledges that the appropriate Representatives of Vendor have or will read and are or will become familiar with Company’s Vendor Code of Conduct, from time to time revised by Company, as the same is made available to Vendor.
(b) Vendor shall implement policies, procedures, training and guidelines to ensure compliance with Applicable Laws. In addition, Vendor shall ensure that all Vendor’s Representatives and Subcontractors successfully complete and implement, on an annual basis, such training as Company may require in connection with compliance with Applicable Laws. Required training may include training programs and materials provided by Company. Where Company does not provide the training program and materials, Vendor and its Subcontractors, at their sole cost and expense, shall provide or procure their own training satisfying Company’s requirements. Company’s requirements for training programs or content may be revised, replaced or terminated at any time at Company’s sole discretion. Vendor shall provide to Company on Company’s request a certification of completion of such training by Vendor’s Representatives and Subcontractors. Vendor and its Representatives and Subcontractors shall follow all procedures, processes, and guidelines outlined in any Company-provided training. Upon Company’s request and pursuant to the “VENDOR PERSONNEL” SECTION of this Agreement, any Vendor Representative or Subcontractor who fails to successfully complete Company’s required training on an annual basis shall be immediately removed from working on the Company’s account. The foregoing is not intended to be applicable to process servers in the course of serving process nor upon licensed attorneys during the course of their appearance with a Company customer before a court of law.
Proprietary & Confidential | Terms and Conditions –8 | Rev 10/2020 | ||||||
Certain information has been excluded from this agreement (indicated by “[***]”) because such information (i) is not material and (ii) would be competitively harmful if publicly disclosed.
Exhibit 10.2
9.5Vendor represents, and warrants that it is familiar with, all applicable domestic and foreign anti-bribery or anticorruption laws, including, without limitation, the UK Bribery Act 2010, US Foreign Corrupt Practices Act and other laws prohibiting the Company and/or Vendor, and, if applicable, its officers, employees, agents and others working on its behalf, from taking actions in furtherance of an offer, payment, promise to pay or authorization of the payment of anything of value, including but not limited to cash, checks, wire transfers, tangible and intangible gifts, favors, services, offers of employment and those entertainment and travel expenses that go beyond what is reasonable and customary and of modest value, to: (i) an executive, official, employee or agent of a governmental department, agency or instrumentality, (ii) a director, officer, employee or agent of a wholly or partially government-owned or -controlled company or business, (iii) a political party or official thereof, or candidate for political office, or (iv) an executive, official, employee or agent of a public international organization (e.g., the International Monetary Fund or the World Bank) (“Government Official”) or any other person; while knowing or having a reasonable belief that all or some portion will be used for the purpose of rewarding or: (a) influencing any act, decision or failure to act by a Government Official in his or her official capacity; (b) inducing a Government Official to use his or her influence with a government or instrumentality to affect any act or decision of such government or entity; (c) inducing any person to use his or her influence to improperly affect any act or decision of their employer; or (d) securing an improper advantage, in order to obtain, retain, or direct business (the “Anti-Bribery and Corruption Laws”). The Vendor agrees that it will immediately notify the Company in writing in the event that it becomes aware of any conduct that would violate Anti-Bribery and Corruption Laws, or that it is being investigated by any government body for conduct potentially in violation of the Anti-Bribery and Corruption Laws.
9.6Vendor represents and warrants that it currently complies with the Anti-Bribery and Corruption Laws, and will remain in compliance with all applicable laws; that it will not authorize, offer or make payments directly or indirectly to any Government Official; and that no part of the payments received by it (whether compensation or otherwise) from Company will be used for any purpose that could constitute a violation of any Anti-Bribery and Corruption Laws.
9.7Vendor represents and warrants that neither it nor its Representatives and/or Subcontractors is the subject of any sanctions administered or enforced by the U.S. Department of the Treasury’s Office of Foreign Assets Control (“OFAC”), the United Nations Security Council (“UNSC”), the European Union (“EU”), Her Majesty’s Treasury (“HMT”), or other relevant sanctions authority (collectively, “Sanctions”), nor is the Vendor, or its Representatives or Subcontractors located, organized or resident in a country or territory that is the subject of Sanctions. Vendor represents and warrants that neither it nor its Representatives and/or Subcontractors has violated, and during the term of this Agreement will not violate or cause Company to be in violation of, any Sanctions.
9.8THE WARRANTIES CONTAINED IN THIS AGREEMENT ARE IN LIEU OF ALL OTHER WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THOSE OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
Upon request, Vendor shall provide its fraud policy which addresses the following components: list of the fraud risks associated with the Products and/or Services performed for Company, controls in place for prevention, detection, monitoring and remediation of such fraud risks, including the logging and tracking of suspicious activity immediately upon discovery. In the event that Vendor or a Subcontractor discovers any unusual or potentially suspicious activity arising in connection with the Products and/or Services, including without limitation activity that could be indicative of fraud, money laundering, terrorist financing or other financial crimes, Vendor shall treat such information as Confidential Information and either: (a) file an online referral through The Referral Management System (“TRMS”) for Company; or, (b) if Vendor does not have access to the Company TRMS system, immediately notify and cooperate with the appropriate Relationship Manager of such activity to ensure proper reporting and escalation of such activity within Company. Vendor shall not inform those suspected of such activity that the activity is under review or that Company has been notified.
Proprietary & Confidential | Terms and Conditions –9 | Rev 10/2020 | ||||||
Certain information has been excluded from this agreement (indicated by “[***]”) because such information (i) is not material and (ii) would be competitively harmful if publicly disclosed.
Exhibit 10.2
10.0FINANCIAL RESPONSIBILITY | ||
10.1Upon Company’s request, Vendor shall promptly furnish its audited financial statements in English or translated to English, when applicable, as prepared by or for Vendor, including without limitation Vendor’s balance sheets, statements of income and retained earnings and statements of changes in financial position and auditor’s letter. If appropriate, such financial statements may be consolidated with those of Vendor’s Affiliates. All financial statements shall be prepared in accordance with Generally Accepted Accounting Procedures. If Vendor is subject to laws and regulations of the U.S. Securities & Exchange Commission (“SEC”), the financial reporting and notification requirements contained herein shall be limited to all information that is legally permitted to be provided and at such times as it is legally permitted to be provided, under securities laws, rules and regulations applicable to Vendor. Financial information provided hereunder shall be used by Company solely for the purpose of determining Vendor’s ability to perform its obligations under this Agreement. To the extent any such financial information is not otherwise publicly available, it shall be deemed Confidential Information (as defined in the SECTION entitled "CONFIDENTIALITY") of Vendor. If Company’s review of financial statements causes Company to question Vendor’s ability to perform its duties hereunder, Company may request, and Vendor shall provide to Company within ten (10) business days of receipt of Company’s request, reasonable assurances of Vendor’s ability to perform its duties hereunder. If Vendor fails to respond within such ten (10) business day period, or if Company in its reasonable discretion believes that Vendor’s assurances are not sufficient to address Company’s concerns, Company may issue a written notice indicating that Vendor has failed to provide reasonable assurances as required in this Section and setting forth the basis for Company’s determination; provided, however, that Company’s failure to provide such notice shall not prevent or limit the exercise of Company’s remedies under this Agreement for Vendor’s failure to provide reasonable assurance, and irrespective of the giving of notice, such failure shall be deemed a material breach of this Agreement and comprising a Termination Event as provided in the SECTION of this Agreement entitled “TERMINATION.” Furthermore, and without waiver of Company’s rights under the SECTION entitled "TERMINATION,” Vendor shall notify Company immediately in the event there is, or based on the then current circumstances a strong likelihood of, a change of control or material adverse change in Vendor’s business or financial condition.
11.0BUSINESS CONTINUITY | ||
11.1Definitions:
Business Continuity Planning – is the process of developing a Business Continuity Plan that enables the Vendor to respond to an event in such a manner that critical business functions can continue within planned levels of disruption.
Business Continuity Management Program – the ongoing management and governance process supported by executive management and appropriately resourced to coordinate the efforts of Business Continuity Planning and Disaster Recovery Planning, and to identify the impact of potential losses, maintain viable recovery strategies and plans, and ensure continuity of services through training, testing, maintenance and review.
Business Continuity Plan – Vendor’s policies and procedures and advance arrangements to maintain or resume business in the event of a disruption or disaster, including both technology recovery capability and business unit recovery capability. For the purposes of this Agreement, the Business Continuity Plan shall also include contingency exercise and testing schedules and contingency exercise final reports, including, but not limited to, disaster scenario descriptions, contingency exercise scope and objectives, detailed tasks, exercise issues lists and remediation plans, and exercise results.
Disaster Recovery Planning – the process of developing a Business Continuity Plan that enables the Vendor to minimize loss and ensure continuity of its critical business functions in the event of a disaster, including the continued availability and restoration of the Vendor’s information technology infrastructure and telecommunications.
Business Continuity Planning – is the process of developing a Business Continuity Plan that enables the Vendor to respond to an event in such a manner that critical business functions can continue within planned levels of disruption.
Business Continuity Management Program – the ongoing management and governance process supported by executive management and appropriately resourced to coordinate the efforts of Business Continuity Planning and Disaster Recovery Planning, and to identify the impact of potential losses, maintain viable recovery strategies and plans, and ensure continuity of services through training, testing, maintenance and review.
Business Continuity Plan – Vendor’s policies and procedures and advance arrangements to maintain or resume business in the event of a disruption or disaster, including both technology recovery capability and business unit recovery capability. For the purposes of this Agreement, the Business Continuity Plan shall also include contingency exercise and testing schedules and contingency exercise final reports, including, but not limited to, disaster scenario descriptions, contingency exercise scope and objectives, detailed tasks, exercise issues lists and remediation plans, and exercise results.
Disaster Recovery Planning – the process of developing a Business Continuity Plan that enables the Vendor to minimize loss and ensure continuity of its critical business functions in the event of a disaster, including the continued availability and restoration of the Vendor’s information technology infrastructure and telecommunications.
11.2Vendor shall establish prior to the Effective Date, and maintain during the Term, a Business Continuity Management Program that includes all aspects of Business Continuity Planning and Disaster Recovery Planning. The Business Continuity Management Program and the resulting Business Continuity Plan shall cover all the Services to be provided under this Agreement, and address the applicable business continuity requirements described in the SCHEDULE entitled "RECOVERY" and the Bank Security Requirements. The Business Continuity Management Program must have been approved by the Vendor’s board of directors or applicable board-delegated executive management or management committee within twelve (12) months prior to the Effective Date and at least on an annual basis thereafter. Prior to the Effective Date and annually thereafter, Vendor shall provide Company with the opportunity to review and evaluate the Business Continuity Management Program, including the Business Continuity Plan, and shall remediate any findings. Such review and evaluation may include participation in Company’s (a) third party assessment program (or any successor program) including the completion of online and/or on-site assessment(s), as appropriate, and (b) recovery testing of a mutually agreed-upon scope and frequency. Company acknowledges and agrees that the information Vendor provides to Company under this subsection is and shall be Confidential Information, as defined in this Agreement, and is the valuable proprietary information of Vendor.
Proprietary & Confidential | Terms and Conditions –10 | Rev 10/2020 | ||||||
Certain information has been excluded from this agreement (indicated by “[***]”) because such information (i) is not material and (ii) would be competitively harmful if publicly disclosed.
Exhibit 10.2
11.3Vendor shall continually assess its Business Continuity Management Program and risks to the loss of service of systems acquired or maintained by Vendor and its agents and Subcontractors in connection with Services, including (a) identification and monitoring of events that could cause disruption to the Services, (b) assessment of likelihood of such events and potential damage, and (c) assessment of the sufficiency of policies, procedures and systems of Vendor and its agents and Subcontractors and other arrangements in place to control such risks. Vendor shall promptly notify Company of any significant changes to Vendor's Business Continuity Management Program and/or Business Continuity Plan(s) pertaining to the Services, and upon request, provide Company with an opportunity to review and evaluate the changes to the Vendor's Business Continuity Management Program and Business Continuity Plan(s).
11.4In the event of a disaster or any other disruption event that prevents or impairs Vendor from providing the Services, Vendor will notify Company and immediately implement its Business Continuity Plan to restore and continue providing the Services to meet the recovery objectives contained in the SCHEDULE entitled "RECOVERY." Upon cessation of the disaster or disruption event, Vendor will as soon as reasonably practicable, provide Company with an incident report detailing the reason for the disaster or disruption and all actions taken by Vendor to resolve the disaster or disruption. In addition, Vendor shall also immediately notify Company of any Technology Incidents and/or Business Operations Incidents affecting the Services by reporting them to Command Center at 1-804-593-2552. A “Technology Incident” is any actual or potential technology disruption of an application, technology infrastructure component, or IT service. A “Business Operations Incident” is a failure or disruption to normal business operations resulting from inadequate or failed internal processes, human errors, deliberate acts, or external events.
11.5If Vendor fails to recommence providing the Services within the prescribed period, Company shall have, in addition to any other rights of Company hereunder, the right to retain a third party to provide such Services or to perform the affected Services itself for so long as the impairment or disruption continues. If either Vendor or Company retains a third party to provide the affected Services, then Vendor agrees to pay to the third party or reimburse Company for the excess cost of such third party (costs above amounts that would have been paid to Vendor under this Agreement), and the costs of transfer to such party shall be at Vendor’s expense. If Company performs the affected Services itself, then Vendor agrees to reimburse Company for any costs or expenses Company incurs to perform the affected Services less any amounts that would have been paid to Vendor under this Agreement.
11.6No failure, delay or default in performance of any obligation of a Party to this Agreement or any Order shall constitute an event of default or breach of this Agreement or such Order to the extent that such failure, delay or default in performance (i) arises out of a Force Majeure Event (hereinafter defined), (ii) is beyond the control and without negligence of such Party, (iii) is promptly and thereafter diligently addressed by the affected Party to minimize the consequences, and (iv), in the case of Vendor, is not caused by Vendor’s non-compliance with the business continuity requirements as provided in this Agreement or in any Order. “Force Majeure Event” shall mean fire; flood, earthquake, wind or other natural disaster; war, riot or civil disorder; strike, lockout or other labor dispute; and embargo, quarantine or similar governmental action. A Party desiring to rely upon the foregoing as an excuse from performance shall give to the other Party prompt notice in writing of the facts which excuse performance including when such facts first arose. When such facts cease to exist, the Party claiming excuse from performance shall give prompt notice thereof to the other Party. If a Force Majeure Event causes a material failure, delay or default in Vendor’s providing of all or any part of the Services for more than five (5) consecutive calendar days, Company may, at its election, and in addition to any other rights Company may have under this Agreement and any Order or at law or in equity, procure the affected or similar Services from an alternate source or perform the affected or similar Services itself until Vendor is again able to provide the affected Services. Company shall continue to pay Vendor as provided under this Agreement or any Order, less any amounts payable by Company to the alternate source or less any costs or expenses Company incurs to perform the affected or similar Services itself, but Vendor shall not be entitled to any additional payments as a result of the Force Majeure Event.
12.0RELATIONSHIP OF THE PARTIES | ||
12.1The Parties are independent contractors. Nothing in this Agreement or in the activities contemplated by the Parties hereunder shall be deemed to create an agency, partnership, employment or joint venture relationship between the Parties or any of their Subcontractors or Representatives.
13.0VENDOR PERSONNEL | ||
13.1Company shall provide Vendor, if necessary and at a mutually agreed upon time, reasonable access to Company to provide its Services, subject to the existing security regulations at Company.
13.2Vendor's personnel are not eligible to participate in any of the employee benefit or similar programs of Company. Vendor shall inform all of its personnel providing Services pursuant to this Agreement that they will not be considered employees of Company for any purpose, and that Company shall not be liable to any of them as an employer for any claims or causes of action arising out of or relating to their assignment. Vendor is and shall be solely responsible for determining the classification of its employees/independent contractors and shall indemnify Company and its Affiliates from and against any claims relating to employee classification pursuant to the Section of this Agreement entitled “INDEMNITY.”
Proprietary & Confidential | Terms and Conditions –11 | Rev 10/2020 | ||||||
Certain information has been excluded from this agreement (indicated by “[***]”) because such information (i) is not material and (ii) would be competitively harmful if publicly disclosed.
Exhibit 10.2
13.3Upon the request of Company and after consultation with Company, Vendor shall promptly address any reasonable concerns or issues raised by Company regarding any of Vendor’s Representatives or Subcontractors performing Services under this Agreement. If any such concerns or issues are not adequately addressed in Company’s sole discretion, Vendor shall promptly remove from Company’s account any of the applicable Vendor’s Representatives or Subcontractors and replace the same on Company’s account as soon as practicable. Without limiting Vendor’s obligations under the SECTION entitled “REPRESENTATIONS AND WARRANTIES OF VENDOR,” Vendor shall comply and shall cause its Representatives and Subcontractors to comply with all Company requirements for training of personnel performing Services under this Agreement and shall provide certification of completion of such training to Company when requested.
13.4Vendor shall obtain Company’s prior written consent before Vendor: (a) engages any Subcontractor to perform any work or Services under the Agreement, (b) replaces a previously approved Subcontractor with a new Subcontractor, (c) gives a new scope of work to a previously approved Subcontractor, (d) materially changes the scope of work of a previously approved Subcontractor, or (e) authorizes Subcontractor to begin performing work or Services from a location outside of the United States. Vendor must obtain such consent before the Subcontractor commences any work or Services on a Company account. Company’s consent may not be unreasonably withheld, and shall not relieve Vendor of any of its obligations under this Agreement. Vendor shall be responsible for the performance or nonperformance of its Subcontractors as if such performance or nonperformance were that of Vendor. Vendor shall require all Subcontractors, as a condition to their engagement, to agree to be bound by provisions substantially the same as those included in this Agreement particularly the SECTIONS entitled “VENDOR PERSONNEL,” “INSURANCE,” “CONFIDENTIALITY,” “INFORMATION PROTECTION,” “AUDIT” and "BUSINESS CONTINUITY."
13.5Vendor shall comply and shall cause its Representatives and Subcontractors to comply with all personnel, facility, safety and security policies, rules and regulations and other instructions of Company when performing work at a Company facility or accessing any Company systems or data, and shall conduct its work at Company facilities or on Company systems in such a manner as to avoid endangering the safety of, or interfering with the convenience of, Company Representatives or customers. Vendor understands that Company operates under various laws and regulations that are unique to the security-sensitive banking industry. As such, persons engaged by Vendor to provide Services under this Agreement are held to a higher standard of conduct and scrutiny than in other industries or business enterprises. Vendor represents that its Representatives and Subcontractors providing Services hereunder shall possess appropriate character, disposition and honesty for the Services for which they are engaged. Vendor shall not knowingly permit a Representative or Subcontractor to be assigned to perform the Services for Company when such Representative or Subcontractor (a) has been convicted of, or has agreed to or entered into a pretrial diversion or similar program in connection with, a felony or misdemeanor involving dishonesty or a breach of trust as set forth in Section 19 of the Federal Deposit Insurance Act, 12 U.S.C. 1829(a); (b) unless Vendor obtains Company’s prior written consent, has been convicted of any other felony; or (c) uses illegal drugs. With respect to Vendor or Subcontractor employees who require Company credentials to perform work using Company data or systems, Company reserves the right to review such Vendor or Subcontractor employees’ past employment with Company, if any, and to determine, in its sole and absolute discretion, whether to grant or deny such credentials. In the event Company determines to deny such credentials based on the results of its review, Vendor or the Subcontractor shall not assign such Vendor or Subcontractor employee to that portion of the Services requiring such credentials.
13.6With respect to employees or contract labor assigned by Vendor or any Subcontractor to perform the Services for Company Vendor shall both (i) to the extent permitted by law, conduct at its expense background checks and other investigations of Vendor’s employees and contract laborers, and (ii) ensure Vendor’s Subcontractors conduct background checks of the Subcontractor’s employees and contract laborers. All such background checks and other investigations shall comply with Company procedures and requirements as set forth in the SCHEDULE entitled “BACKGROUND CHECKS” to this Agreement and updated in writing delivered to Vendor from time to time., all as subject to Applicable Law. Vendor shall report to Company on background checks and other investigations done prior to an employee or contract laborer being assigned to perform the Services. Vendor shall keep copies of documentation of background screening and other investigations and provide certification of completion to Company when requested during the time that the Vendor or Subcontractor employee or contract laborer provides any of the Services. Additionally, Vendor shall allow Company to audit screening documentation and compliance when requested as provided in the SECTION entitled “AUDIT.”
13.7Company and Vendor shall each notify the other of any known or suspected crime of dishonesty or breach of trust committed against Company of which the notifying Party becomes aware and which may involve a Vendor Representative or Subcontractor. Following such notice, at the request of Company and to the extent permitted by law, Vendor shall cooperate with investigations conducted by or on behalf of Company.
13.8To the extent Executive Order 13496 applies to this Agreement or the work performed hereunder, the text of 29 CFR Part 471, Appendix A to Subpart A (as amended, modified, restated or supplemented from time to time) is hereby incorporated by reference into this Agreement as if set forth fully herein. Vendor shall comply with all requirements set forth in 29 CFR Part 471, Appendix A to Subpart A, and all promulgated regulations applicable thereto (collectively, “EO 13496 Requirements”). At least annually, and on a more frequent basis as determined by Company, Vendor shall certify in writing, in a form acceptable to Company, that Vendor has fully complied with all EO 13496 Requirements. Failure to comply with the EO 13496 Requirements or the written certification requirements shall be deemed a material breach of this Agreement.
Proprietary & Confidential | Terms and Conditions –12 | Rev 10/2020 | ||||||
Certain information has been excluded from this agreement (indicated by “[***]”) because such information (i) is not material and (ii) would be competitively harmful if publicly disclosed.
Exhibit 10.2
13.9Vendor shall indemnify, defend, and hold harmless Company and its Representatives, successors and permitted assigns from and against any and all claims or legal actions of whatever kind or nature that are made or threatened by any third party or government agency and all related losses, expenses, damages, costs and liabilities, including reasonable attorneys' fees and expenses incurred in investigation, defense or settlement, which arise out of, are alleged to arise out of, or relate to Vendor’s failure to comply with the EO 13496 Requirements. Vendor’s liability pursuant to this subsection shall not be subject to or limited in any way by the limitations set forth in the SECTION entitled “LIMITATION OF LIABILITY.”
13.10Vendor shall comply and cause its Subcontractors, if applicable, to comply with the pertinent provisions of the Patient Protection and Affordable Care Act, as amended by the Health Care and Education Reconciliation Act of 2010 (collectively, the ‘ACA’), including, but not limited to, either avoiding the assessment of employer shared responsibility payments under Section 4980H of the Code or payment of any such payments that are assessed by the IRS. In the event that Vendor and/or its Subcontractor fails to avoid the assessment of employer shared responsibility payments under Section 4980H of the Code, Vendor and/or its Subcontractors shall indemnify, defend and hold Company harmless from all claims, actions, fines, penalties, and liabilities resulting from any such failure, including, but not limited to, any claims, actions, fines, penalties and liabilities imposed on Company with respect to Vendor’s full-time employees arising out of Vendor’s failure to avoid the assessment of employer shared responsibility payments under Section 4980H of the Code with respect to its full-time employees or Vendor’s failure to require its Subcontractors to avoid the assessment of employer shared responsibility payments under Section 4980H of the Code with respect to Subcontractor employees.
14.0INSURANCE | ||
14.1Vendor shall at its own expense secure and continuously maintain, and shall require its Subcontractors to secure and continuously maintain, throughout the Term, the following insurance with companies qualified to do business in the jurisdiction in which the Services will be performed and rating A-VII or better in the current Best's Insurance Reports published by A. M. Best Company. If such insurance covers only claims made during policy life, insurance shall be maintained for [six] years following expiration or termination of the Term. Vendor shall, within thirty (30) calendar days of the Effective Date and prior to commencing work, and thereafter upon Company’s request, furnish to Company certificates and required endorsements evidencing such insurance. Company shall be named as an “Additional Insured” to the coverages described in subsections (c), (d) and (e) below for the purpose of protecting Company from any expense and/or liability arising out of, alleged to arise out of, related to, or connected with the Services provided by Vendor and/or its Subcontractors. The certificates shall state the amount of all deductibles and self-insured retentions. Vendor shall, or shall cause its insurer to, notify Company in writing at least thirty (30) days in advance of the policy or policies being canceled or materially altered. Vendor and its Subcontractors shall pay any and all costs which are incurred by Company as a result of any such deductibles or self-insured retentions to the extent that Company is named as an “Additional Insured,” and to the same extent as if the policies contained no deductibles or self-insured retention. The insurance coverages and limits required to be maintained by Vendor and its Subcontractors shall be primary and non-contributory to insurance coverage, if any, maintained by Company. Vendor and its Subcontractors and their underwriters shall waive subrogation against Company and shall cause their insurer(s) to waive subrogation against Company.
Insurance Coverages
Insurance Coverages
(a)Workers’ Compensation Insurance which shall fully comply with the statutory requirements of all applicable state and federal laws.
(b)Employer’s Liability Insurance which limit shall be one million dollars ($1,000,000) per accident for Bodily Injury and one million dollars ($1,000,000) per employee/aggregate for disease.
(c)Commercial General Liability Insurance with a minimum combined single limit of liability of one million dollars ($1,000,000) per occurrence and two million dollars ($2,000,000) aggregate for bodily injury, death, property damage and personal injury. This policy shall include products/completed operations coverage and shall also include contractual liability coverage.
(d)Business Automobile Liability Insurance covering all owned, hired and non-owned vehicles and equipment used by Vendor with a minimum combined single limit of liability of one million dollars ($1,000,000) for injury and/or death and/or property damage.
(e)Excess/Umbrella coverage with respect to subsections (b), (c) and (d) above with a per occurrence limit of five million dollars ($5,000,000). The limits of liability required in such subsections may be satisfied by a combination of those policies with an Umbrella/Excess Liability policy.
(f)Errors and Omissions coverage with a minimum limit of five million dollars ($5,000,000).
(g)Fidelity Bond or Crime Coverage: Vendor shall be responsible for loss to bank property and customer property, directly or indirectly, and shall maintain Fidelity Bond or Crime coverage for the dishonest acts of its employees in a minimum amount of five million dollars ($5,000,000).
Proprietary & Confidential | Terms and Conditions –13 | Rev 10/2020 | ||||||
Certain information has been excluded from this agreement (indicated by “[***]”) because such information (i) is not material and (ii) would be competitively harmful if publicly disclosed.
Exhibit 10.2
14.2The failure of Company to obtain certificates, endorsements, or other forms of insurance evidence from Vendor and its Subcontractors is not a waiver by Company of any requirements for the Vendor and its Subcontractors to secure and continuously maintain the specified coverages. Vendor shall notify and shall advise its Subcontractors to notify insurers of the coverages required hereunder. Company’s acceptance of certificates and/or endorsements that in any respect do not comply with the requirements of this Section does not release the Vendor and its Subcontractors from compliance herewith. Should Vendor and/or its Subcontractors fail to secure and continuously maintain the insurance coverage required under this Agreement, Vendor shall itself be responsible to Company for all the benefits and protections that would have been provided by such coverage, including without limitation, the defense and indemnification protections.
15.0CONFIDENTIALITY | ||
15.1The term “Confidential Information” shall mean this Agreement and all data, trade secrets, business information, proprietary and other information of any kind and in whatever form whatsoever or however it may be marked or denominated, including data developed or produced through access to Confidential Information, that a Party (“Discloser”) discloses, in writing, orally, visually or in any other medium, to the other Party (“Recipient”) or to which Recipient obtains access and that relates to Discloser or, in the case of Vendor, to Company or its Affiliates, Representatives, customers, third-party vendors or licensors. Confidential Information includes Associate Information, Personal Information, Customer Information and Consumer Information. A “writing” shall include an electronic transfer of information by e-mail, over the Internet or otherwise. All Confidential Information disclosed by Company and any results of processing such Confidential Information or derived in any way therefrom shall at all times remain the property of Company. Notwithstanding the foregoing, any confidential or proprietary information, reports or documents generated in connection with the provision of Services by Vendor or its Representatives to Company hereunder shall be deemed Company’s Confidential Information.
15.2Subject to the exceptions in subsection 15.8 below, each of the Parties, as Recipient, hereby agrees that it will not, and will cause its Representatives, consultants, Affiliates and independent contractors not to disclose Confidential Information of the other Party during or after the Term of this Agreement, other than on a “need to know” basis and then only: (a) to Affiliates of Company or Vendor; (b) to Recipient’s employees, officers or directors; (c) to Recipient’s Affiliates, Subcontractors, independent contractors at any level, agents, advisors, consultants, accountants and insurers, provided that all such persons are subject to a written confidentiality agreement that shall be no less restrictive than the provisions of this Section, evidence of which shall be provided to Company upon request; (d) where applicable, pursuant to the exceptions set forth in 15 U.S.C 6802(e) and accompanying regulations, which disclosures are made in the ordinary course of business; (e) to bank external regulators and examiners, tax auditors, economic development controllers or others with lawful enforcement and oversight powers over Company and/or its Affiliates ("External Examiners"); and (f) as required by law or as otherwise expressly permitted by this Agreement or an Order. Unless otherwise authorized by this Agreement, Recipient shall not use or disclose Confidential Information of the other Party for any purpose other than to carry out this Agreement. Recipient shall treat Confidential Information of the other Party with no less care than it employs for its own Confidential Information of a similar nature that it does not wish to disclose, publish or disseminate, but in no event less than a commercially reasonable degree of care. Upon (i) expiration or termination of this Agreement for any reason or (ii) any time at the written request of Company during the Term of this Agreement, Vendor shall promptly return or destroy according to the Information Destruction and Return Requirements described within the SCHEDULE entitled "INFORMATION SECURITY," at Company’s election, all Company Confidential Information and data in the possession of Vendor or Vendor’s Subcontractors, subject to and in accordance with the terms and provisions of this Agreement. Notwithstanding anything herein to the contrary, Vendor shall have the right to retain a copy of Confidential Information of Company only to the extent required for legal, regulatory, archival or other governmental compliance purposes provided that such retention is in accordance with this Agreement and Bank Security Requirements (hereinafter defined), and when such retention period ends, Company’s Confidential Information subject to such retention shall be promptly destroyed according to the Information Destruction and Return Requirements described within the SCHEDULE entitled “INFORMATION SECURITY.”
15.3To the extent legally permitted, subject to the exceptions in subsection 15.8 below, Recipient shall notify Discloser of any actual or threatened requirement of law to disclose Confidential Information promptly upon receiving actual knowledge thereof and shall cooperate with Discloser's reasonable, lawful efforts to resist, limit or delay disclosure. Nothing in this Section shall require any notice or other action by Company in connection with requests or demands for Confidential Information by External Examiners.
15.4Vendor shall not remove or download from Company’s premises or systems, the original or any reproduction of any data, notes, memoranda, files, records, or other documents, whether in electronic or tangible format, containing Company’s Confidential Information or any document prepared by or on behalf of Vendor that contains or is based on Company’s Confidential Information, without the prior written consent of an authorized Representative of Company. Any document or media expressly provided by an authorized Company Representative for Vendor to retain, or notes taken by Vendor’s Representatives to document discussions with Company Representatives pertaining to specific instructions or clarifications relating to the Services performed hereunder will be deemed to fall outside this consent requirement unless otherwise stated by the Company Representative.
Proprietary & Confidential | Terms and Conditions –14 | Rev 10/2020 | ||||||
Certain information has been excluded from this agreement (indicated by “[***]”) because such information (i) is not material and (ii) would be competitively harmful if publicly disclosed.
Exhibit 10.2
15.5With the exception of Associate Information, Customer Information and Consumer Information or other Personal Information under the Data Protection Laws, the obligations of confidentiality in this Section shall not apply to any information that (i) Recipient rightfully has in its possession when disclosed to it, free of obligation to Discloser to maintain its confidentiality; (ii) Recipient independently develops without access to Discloser’s Confidential Information; (iii) is or becomes known to the public other than by breach of this Section or (iv) is rightfully received by Recipient from a third party without the obligation of confidentiality. Any combination of Confidential Information disclosed with information not so classified shall not be deemed to be within one of the foregoing exclusions merely because individual portions of such combination are free of any confidentiality obligation or are separately known in the public domain. All confidentiality obligations are subject to the exceptions in subsection 15.8 below.
15.6Company may disclose Confidential Information of Vendor to independent contractors for the purpose of further handling, processing, modifying and adapting the Services for use by or for Company or for developing bank processes, conducting analyses and similar internal purposes, provided that such independent contractors have agreed to observe in substance the obligations of Company set forth in this Section.
15.7Vendor acknowledges that Company is required to comply with the information security standards required by the Gramm-Leach-Bliley Act (15 U.S.C. 6801, 6805(b)(1)) and the regulations issued thereunder (12 C.F.R. 1016), the Fair Credit Reporting Act (15 U.S.C. 1681, et. seq.) as amended by the Fair and Accurate Credit Transactions Act (15 U.S.C. 1681, 1681w) and the regulations issued thereunder (12 C.F.R. Parts 30 and 41) and with all other federal or state statutory, legal and regulatory requirements applicable to Company regarding the protection and privacy of information relating to individuals, including, by way of example only and not limitation, the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”), and the Massachusetts Standards for the Protection of Personal Information of Residents of the Commonwealth (201 CMR 17.00) (collectively, “the U.S. Privacy Laws”). As applicable to the Services and upon Company’s request, Vendor shall employ commercially reasonable efforts to assist Company to comply with the applicable U.S. Privacy Laws. Furthermore, if Vendor at any time has access to Company Confidential Information covered by the U.S. Privacy Laws, Vendor shall comply and conform with such applicable U.S. Privacy Laws, as amended from time to time, and the applicable Bank Security Requirements.
15.8Notwithstanding the foregoing, this confidentiality provision does not prevent Representatives, consultants, Affiliates and independent contractors from providing information in response to valid and enforceable subpoenas or otherwise required by law or regulation, for financial reporting, or from using this Agreement to enforce its terms, or from making statements related to information that was required to be provided pursuant to such law, regulation, financial reporting requirement and, as a result, became publicly available. Further, nothing in this Agreement prohibits Representatives, consultants, Affiliates and independent contractors or other individuals from initiating communications directly with, responding to any inquiry from, volunteering information to, or providing testimony before, the Securities and Exchange Commission, the Department of Justice, Financial Industry Regulatory Authority, Inc., any other self-regulatory organization or any other governmental, law enforcement, or regulatory authority, in connection with any reporting of, investigation into, or proceeding regarding suspected violations of law, and no individual is required to advise or seek permission from Company before engaging in any such activity. In connection with any such activity permitted above, individuals should identify any information that is confidential and ask the government agency for confidential treatment of such information. Despite the foregoing, individuals are not permitted to reveal to any third party, including any governmental, law enforcement, or regulatory authority, information an individual came to learn during the course of providing Services under this Agreement that is protected from disclosure by any applicable privilege, including but not limited to the attorney-client privilege, attorney work product doctrine and/or other applicable legal privileges. Company does not waive any applicable privileges or the right to continue to protect its privileged attorney-client information, attorney work product, and other privileged information. Additionally, an individual’s ability to disclose information may be limited or prohibited by applicable law and Company does not consent to disclosures that would violate applicable law. Such applicable laws include, without limitation, laws and regulations restricting disclosure of confidential supervisory information or disclosures subject to the Bank Secrecy Act (31 U.S.C. §§ 5311-5330), including information that would reveal the existence or contemplated filing of a suspicious activity report.
15.9In the event of a breach of Vendor responsibilities under this Section 15 related to statements made by Vendor regarding Company [***], which have not yet been approved by the Company, the Company reserves the right to levy a penalty on the Vendor of [***] due and payable by the Vendor within 30 days of invoice by the Company provided that Company notifies Vendor in writing of its intent to levy the penalty within ninety (90) days of the alleged breach.
16.0DATA USAGE | ||
16.1Subject to Section 15, Vendor may: use, reproduce, and retain Aggregated Consumer Information solely for the purposes of delivering the Services outlined in this Agreement including in connection with: [***] Except for the limited rights granted herein for purposes of this Agreement and the use of Aggregated Consumer Information, Vendor shall not otherwise use or retain any Customer Information or Consumer Information. Notwithstanding anything to the contrary to the Agreement, Vendor may not under any circumstances [***].
Proprietary & Confidential | Terms and Conditions –15 | Rev 10/2020 | ||||||
Certain information has been excluded from this agreement (indicated by “[***]”) because such information (i) is not material and (ii) would be competitively harmful if publicly disclosed.
Exhibit 10.2
17.0INFORMATION PROTECTION | ||
17.1Company’s information security and business continuity practices and standards are described in the Information Security Program Features section within the SCHEDULE entitled “INFORMATION SECURITY” and set forth in the Company Service Provider Security Requirements document (“SPSRD”) provided separately and incorporated into this Agreement by reference. Company may also provide Vendor with documents containing additional information security practices and standards (“Additional Security Documents”) based upon the type of Services being provided or the location from where the Services are provided. Vendor shall comply with those Company information security and business continuity practices and standards described in the Information Security Program Features section within the SCHEDULE entitled “INFORMATION SECURITY” and set forth in the SPSRD and the Additional Security Documents that are applicable to the Services being provided and the classification of the Confidential Information that Vendor will access, store or process (the “Bank Security Requirements”). Vendor acknowledges and agrees that the Bank Security Requirements are Company’s Confidential Information, and are valuable proprietary information of Company. From time to time, Company may, in its sole discretion, modify the Bank Security Requirements and will provide such modified Bank Security Requirements to Vendor. Upon receiving notice of any changed Bank Security Requirements, Vendor shall make commercially reasonable modifications to its Information Security Program or to the Vendor Security Controls thereunder to conform at least to such Bank Security Requirements.
17.2As a condition of access to the Confidential Information of Company, Vendor shall provide Company with an opportunity to review and evaluate a copy of Vendor's and Vendor's Subcontractors written Information Security Program. Vendor’s Information Security Program shall be designed to:
A.Ensure the security, integrity and confidentiality of Company Confidential Information;
B.Protect against any anticipated threats or hazards to the security or integrity of such Confidential Information;
C.Protect against unauthorized access to or use of such Confidential Information that could result in substantial harm or inconvenience to the person or entity that is the subject of such Confidential Information;
D.Ensure the proper disposal of such Confidential Information; and
E.Have network infrastructure, physical and electronic security procedures and controls that protect Company Confidential Information, which meets or exceeds the Bank Security Requirements.
17.3Company may, in its sole discretion and at any time during the Term of this Agreement, suspend, revoke or terminate Vendor's right to access Company Confidential Information upon written notice to Vendor. Upon receipt of such notice, Vendor shall (i) immediately stop accessing and/or accepting Company Confidential Information and (ii) promptly return or destroy according to the Information Destruction and Return Requirements described within the SCHEDULE entitled "INFORMATION SECURITY," at Company’s election, all Company Confidential Information and data in the possession of Vendor or Vendor’s Subcontractors, subject to and in accordance with the terms and provisions of this Agreement. In the event that Company exercises its rights pursuant to this Section and, as a direct result, Vendor becomes unable to perform the Services, then, if such event is not due to Vendor’s action or inaction in breach of the Agreement, Vendor’s performance shall be waived for so long as it remains unable to perform the Services due to the suspension, revocation or termination of its right to access Confidential Information. Notwithstanding anything herein to the contrary, Vendor shall have the right to retain a copy of Confidential Information of Company only to the extent required for legal, regulatory, archival or other governmental compliance purposes provided that such retention is in accordance with this Agreement and Bank Security Requirements, and when such retention period ends, Company’s Confidential Information subject to such retention shall be promptly destroyed according to the Information Destruction and Return Requirements described within the SCHEDULE entitled “INFORMATION SECURITY.”
17.4Vendor shall have responsibility for and bear all risk of loss or damage to Company Confidential Information resulting from improper or inaccurate processing of such Confidential Information arising from the negligence or willful misconduct of Vendor, its Representatives or Subcontractors. Vendor shall also take commercial best measures to prevent the unintended or malicious loss, destruction or alteration of Company's files, Confidential Information, software and other property received and held by Vendor or its Subcontractors. Vendor shall maintain back-up files (including off-site back-up copies) thereof and of resultant output to facilitate their reconstruction in the case of such loss, destruction or alteration, in order to ensure uninterrupted Services in accordance with the terms of this Agreement, its Schedules, Bank Security Requirements and Vendor’s Business Continuity Plan.
17.5For any Subcontractors or other persons or entities who provide services to Vendor for delivery to Company directly or indirectly, or who hold, process or access Company Confidential Information, Vendor shall:
A. Require such Subcontractors or other persons or entities to implement and administer an information protection program and plan that complies with the Bank Security Requirements;
B. Include or shall cause to be included in written agreements with such Subcontractors or other persons or entities terms substantially similar to the terms of this Section and the provisions of the SCHEDULE entitled “INFORMATION SECURITY,” and shall provide proof of the same to Company upon its reasonable request;
Proprietary & Confidential | Terms and Conditions –16 | Rev 10/2020 | ||||||
Certain information has been excluded from this agreement (indicated by “[***]”) because such information (i) is not material and (ii) would be competitively harmful if publicly disclosed.
Exhibit 10.2
C. Require such Subcontractor or other person or entity to permit Company, upon Company’s request, to inspect their physical system equipment, operational environment, and data handling procedures;
D. Upon Company’s request, secure permission from such Subcontractor or other entity, for Company to conduct security vulnerability and/or penetration testing on such Subcontractor or other entity related to the services being provided;
E. Require such Subcontractors or other persons or entities to have a security awareness program in place that communicates security policies to all their personnel that have access to Company Confidential Information; and
F. Require such Subcontractors or other person or entities to notify Vendor, in accordance with the Detection and Response requirements described in the SCHEDULE entitled “INFORMATION SECURITY,” following the discovery of any Significant Security Incident at such Subcontractor or other person or entity. Vendor shall then immediately notify Company of such Significant Security Incident at such Subcontractor or other person or entity in accordance with the notification requirements in the Detection and Response section in the SCHEDULE entitled “INFORMATION SECURITY.”
17.6 One aspect of the determination of Vendor's compliance with the Bank Security Requirements is a review of Vendor Security Controls. As a condition precedent to performance under this Agreement, Vendor agrees to satisfy the following validation requirements:
A.Participation in Company’s vendor testing and assessment process including the completion of online and/or on-site assessment(s), as appropriate, and remediation of any findings;
B.Permit Company or its third party representatives, subject to Vendor’s reasonable security policies and procedures, to inspect the physical system equipment, operational environment, and data handling procedures;
C.Upon prior notice, (i) permit Company or its third party representatives to conduct security vulnerability and/or penetration testing on Vendor, including but not limited to application and network testing, related to the Services; and (ii) permit Company or its third party representatives, following a Significant Security Incident, to conduct security vulnerability and/or penetration testing on Vendor’s systems to test the remediation measures implemented by Vendor after such Significant Security Incident. Application vulnerability and/or penetration testing shall be conducted in a non-production environment with production equivalent security controls;
D.Periodic discussions between Company Representatives and Vendor information technology security personnel to review Vendor Security Controls; and
E.Provide Company the opportunity to review and evaluate (i) network diagrams depicting Vendor perimeter controls and security policies and processes relevant to the protection of Company’s Confidential Information, (ii) detailed information on the Information Security Program Features described within the SCHEDULE entitled "INFORMATION SECURITY," and (iii) the results of any vulnerability and/or penetration testing conducted by Vendor or a qualified third party provider of this service. Examples of the security policies include, but are not limited to, access control, physical security, patch management, password standards, encryption standards, and change control. Company acknowledges and agrees that the information Vendor so provides under this subsection is Vendor’s Confidential Information, as defined in this Agreement, and is valuable proprietary information of Vendor.
17.7 During the course of performance under this Agreement, Vendor shall ensure the following:
A.Adequate governance and risk assessment processes are in place to maintain controls over Confidential Information. A security awareness program must be in place or implemented that communicates security policies to all Vendor personnel having access to Confidential Information.
Proprietary & Confidential | Terms and Conditions –17 | Rev 10/2020 | ||||||
Certain information has been excluded from this agreement (indicated by “[***]”) because such information (i) is not material and (ii) would be competitively harmful if publicly disclosed.
Exhibit 10.2
B.Notification to Company’s Relationship Manager of: (i) Changes that may impact the security of Company’s Confidential Information, including by way of example and not limitation, outsourcing of computer networking, data storage, management and processing or other information technology functions or facilities, the implementation of external web-enabled (Internet) access to Company’s Confidential Information, and the storage or processing of Company’s Confidential Information in a cloud or multi-tenant environment; (ii) Any planned system configuration changes or other changes affecting the Information Security Program or Vendor Security Controls applicable to the security and protection of Company’s Confidential Information, setting forth how such change will impact the security and protection of Company’s Confidential Information; (iii) Any other planned updates, upgrades or service disruptions that may impact Company’s systems, customers or clients, providing both sufficient detail to enable Company to evaluate and test the changes and sufficient lead time to allow Company to prepare for any changes and (iv) the use or planned use of any Model in connection with the Services, including the following documentation: (a) developmental evidence explaining product components and Model purpose and design; (b) products, processes or applications that the Model will support; (c) analysis and support for methodology; (d) procedures used to test or validate Model outputs and results of those procedures; (e) relevant tests that demonstrate Model performance; (f) discussion of the appropriate application of the Model outputs and any limitations; (g) any customization of the Vendor Model for Company use, along with supporting rationale; (h) an executive summary that outlines the purpose of the Model, its limitations and major assumptions; and (i) where applicable, relevant change control procedures. No such change which could reasonably be expected by Company to have a material adverse impact on the security and protection of Company’s Confidential Information may be implemented without the prior written consent of the Company’s Relationship Manager, such approval not to be unreasonably withheld or delayed. Vendor shall implement changes only after adhering to rigorous processes to evaluate and test such changes, and Vendor shall notify Company’s Relationship Manager of the results of any changes promptly following the implementation of such changes In the event of a change identified in item (i) above that results from Vendor’s use of a third party cloud or multi-tenant environment, Vendor shall observe and comply with the requirements set forth in the SCHEDULE entitled “USE OF CLOUD SERVICES.”
C.Notification to Company, in accordance with the Detection and Response requirements described in the SCHEDULE entitled “INFORMATION SECURITY,” following the discovery of any Significant Security Incident at Vendor.
D.Installation and use of a change control process to ensure that access to Vendor’s systems and to Company’s Confidential Information is controlled and recorded.
E.Monitoring for and fixing newly identified system vulnerabilities in accordance with the Protection requirements described in the SCHEDULE entitled “INFORMATION SECURITY.”
F.When applicable, compliance with Bank Security Requirements regarding protection and mitigation of Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks.
G.Use of strong, industry-standard encryption of Company’s Confidential Information (i) transmitted over public networks (e.g. Internet, non-dedicated leased lines), or (ii) contained on any electronic/magnetic media, including any residing at off-site storage facilities.
H.Company’s Confidential Information shall not be stored on any portable media or devices, including without limitation notebook/laptop computers, tablets, smartphones, USB storage devices, external drives, personal digital assistants (e.g. Blackberry) or similar equipment. Use of such devices to store Company’s Confidential Information shall be only as approved by Company (provided however, to the extent that Vendor needs to store Company’s Confidential Information on notebook/laptop computers, tablets, smartphones or personal digital assistants (e.g. Blackberry), use of such devices to store Company’s Confidential Information is permitted without Company approval provided that such notebook/laptop computers, tablets, smartphones and personal digital assistants are configured in a manner designed to secure and protect confidential information, including, but not limited to, the use of strong industry standard encryption and power-on passwords or PINs, and Company Confidential Information is deleted from such mobile devices as soon as it is no longer needed), and security precautions such as encryption of data and remote network connectivity must be addressed in Vendor’s Information Security Program.
I.Implementation of record retention processes and controls and other measures to ensure that all records transferred from Company to Vendor (including without limitation, and as applicable, originals of promissory notes, mortgage documents and other Customer Information) or created by Vendor on behalf of Company, remain within the custody and control of Vendor during the Term and until transferred back to Company.
17.8 Company reserves the right to monitor Vendor-maintained platforms that reside on the Company network. The Vendor may be required, at the expense of Company, to assist with installation, support and problem resolution of Company owned equipment or processes, or to provide an information feed from the Vendor-maintained platform to the Company monitoring processes.
Proprietary & Confidential | Terms and Conditions –18 | Rev 10/2020 | ||||||
Certain information has been excluded from this agreement (indicated by “[***]”) because such information (i) is not material and (ii) would be competitively harmful if publicly disclosed.
Exhibit 10.2
1.34The Information Security Program must have been approved by Vendor’s board of directors or equivalent executive management within twelve (12) months prior to the Effective Date and at least on an annual basis thereafter. Vendor shall continually assess its written Information Security Program and risks to the security of Company Confidential Information and systems acquired or maintained by Vendor and its agents and Subcontractors in connection with the Services, including: (a) identification of internal and external threats that could result in a security breach; (b) assessment of the likelihood and potential damage of such threats, taking into account the sensitivity of Company Confidential Information; and (c) assessment of the sufficiency of policies, procedures, and information systems of Vendor and its agents and Subcontractors, and other arrangements in place, to control risks; and take appropriate protection against such risks. Vendor shall promptly notify Company of any significant changes to Vendor's Information Security Program and, upon request, provide Company with an opportunity to review and evaluate the changes to the Vendor's Information Security Program.
17.1Vendor shall use the latest, up-to-date commercially available virus and malicious code detection and protection products on all workstations and servers used to provide software and Services to Company. Vendor shall inform Company, as soon as possible, of any advanced threat that Vendor discovers on such workstations or servers that was not previously detected by any of the Vendor’s deployed virus and malicious code detection and protection measures. By way of example, and not limitation, an “advanced threat” may be software, firmware, code or script intended to perform an unauthorized process with the potential to commit fraud or other criminal activity or to adversely impact the confidentiality, integrity or availability of an information system via backdoors, malicious active content, worms, key loggers or other processes that are designed to cause undesired effects or to continuously monitor and extract data.
17.2Unless prohibited by law, Vendor shall promptly notify Company if it becomes the subject of any regulatory or other investigation or of any government or other enforcement or private proceeding relating to its data handling practices.
18.0INDEMNITY | ||
18.1Vendor shall indemnify, defend, and hold harmless Company and its Representatives, successors and permitted assigns from and against any and all claims or legal actions of whatever kind or nature that are made or threatened by any third party and all related losses, expenses, damages, costs and liabilities, including reasonable attorneys' fees and expenses incurred in investigation, defense or settlement (“Damages”), which arise out of, are alleged to arise out of, or relate to the following: (a) any negligent act or omission or willful misconduct by Vendor, its Representatives or any Subcontractor engaged by Vendor in the performance of Vendor’s obligations under this Agreement; or (b) any breach in a representation, covenant or obligation of Vendor contained in this Agreement.
18.2Vendor shall defend or settle at its expense any threat, claim, suit or proceeding arising from or alleging infringement, misappropriation or other violation of any Intellectual Property Rights or any other rights of any third party in connection with Work Product or Services furnished under this Agreement. Vendor shall indemnify and hold Company, its Affiliates and each of their Representatives and customers harmless from and against and pay any Damages, including royalties and license fees attributable to such threat, claim, suit or proceeding.
A.If any Work Product or Services furnished under this Agreement, including, without limitation, software, system design, equipment or documentation, becomes, or in Company’s or Vendor's reasonable opinion is likely to become, the subject of any claim, suit, or proceeding arising from or alleging facts that if true would constitute infringement, misappropriation or other violation of, or in the event of any adjudication that such Work Product or Service infringes, misappropriates or otherwise violates, any Intellectual Property Rights or any other rights of a third party, Vendor, at its own expense, shall take the following actions in the listed order of preference: (a) secure for Company the right to continue using the Work Product or Service; or if commercially reasonable efforts are unavailing, (b) replace or modify the Work Product or Service to make it non-infringing; provided, however, that such modification or replacement shall not degrade the operation or performance of the Work Product or Service.
B.The indemnity in the preceding provision shall not extend to any claim of infringement resulting solely from Company's unauthorized modification or use of the Work Product or Service.
18.3Company shall give Vendor notice of, and the Parties shall cooperate in, the defense of any such claim, suit or proceeding, including appeals, negotiations and any settlement or compromise thereof, provided that Company must approve the terms of any settlement or compromise that may impose any unindemnified or nonmonetary liability on Company or that requires any admission of wrongdoing or liability by Company.
19.0LIMITATION OF LIABILITY | ||
19.1Neither Party shall be liable to the other for any special, indirect, incidental, consequential, punitive or exemplary damages, including, but not limited to, lost profits, even if such Party alleged to be liable has knowledge of the possibility of such damages, provided, however, that the limitations set forth in this Section shall not apply to or in any way limit the obligations of the SECTION entitled “INDEMNITY,” the SECTION entitled “CONFIDENTIALITY,” and the SECTION entitled “INFORMATION PROTECTION,” or Vendor’s gross negligence or willful misconduct.
Proprietary & Confidential | Terms and Conditions –19 | Rev 10/2020 | ||||||
Certain information has been excluded from this agreement (indicated by “[***]”) because such information (i) is not material and (ii) would be competitively harmful if publicly disclosed.
Exhibit 10.2
20.0VENDOR DIVERSITY | ||
20.1Vendor represents that it is an equal opportunity employer that does not discriminate in employment of persons or awarding of subcontracts because of a person’s race, sex, age, religion, national origin, sexual orientation, gender identity, veteran status, handicap status or any other factor that is irrelevant to the ability to provide products or Services to Company and that provides a workplace free of discrimination or harassment. Vendor shall maintain, implement, and provide to Company upon request, policies and procedures to recruit, develop and retain such diverse Representatives of all types and shall provide, upon Company’s request, reports on its workforce representation by gender and by race.
20.2Vendor acknowledges and supports the Company vendor diversity efforts supporting minority, woman, veteran, disabled veteran, service-disabled veteran, disabled-owned business enterprises, and lesbian, gay, bi-sexual or transgender-owned business enterprises and Historically Underutilized Business Zone business enterprises (also known as HUBZone business enterprises) and Company’s commitment to the participation of such business enterprises in its procurement of goods and services.
20.3Definitions: For purposes of this Agreement, the following are the definitions of “Minority-Owned Business Enterprise,” “Minority Group,” “Woman-Owned Business Enterprise,” “Veteran, Disabled Veteran, Service-Disabled Veteran Owned Business Enterprise,” “Disabled-Owned Business Enterprise,” “Lesbian, Gay, Bisexual or Transgender-Owned Business Enterprise” and “HUBZone Business Enterprise.”
A."Minority-Owned Business Enterprise" is recognized as a "for profit" enterprise, regardless of size, physically located in the United States or its trust territories, which is at least fifty-one percent (51%) owned, operated and controlled, by one or more member(s) of a Minority Group who maintain United States citizenship.
B."Minority Group" means African Americans, Hispanic Americans, Native Americans (American Indians, Eskimos, Aleuts, and native Hawaiians), Asian-Pacific Americans, and other minority group as recognized by the United States Small Business Administration Office of Minority Small Business and Capital Ownership Development.
C."Woman-Owned Business Enterprise" is recognized as a "for profit" enterprise, regardless of size, located in the United States or its trust territories, which is at least fifty-one percent (51%) owned, operated and controlled by a female of United States citizenship. The ownership and control shall be real and continuing and not created solely to take advantage of special programs aimed at vendor diversity.
D.“Veteran, Disabled Veteran, and Service-Disabled Veteran Owned Business Enterprise” is recognized as a “for profit” enterprise, regardless of size, located in the United States or its trust territories, which is at least fifty-one percent (51%) owned, operated, and controlled by a veteran, disabled or service-disabled veteran. The ownership and control shall be real and continuing and not created solely to take advantage of special programs aimed at vendor diversity.
E.“Disabled-Owned Business Enterprise” is recognized as a “for profit” enterprise, regardless of size, located in the United States or its trust territories, which is at least fifty-one percent (51%) owned, operated and controlled, by an individual of United States citizenship with a permanent mental or physical impairment that substantially limits one or more of the major life activities and which has a significant negative impact upon the company’s ability to successfully compete. The ownership and control shall be real and continuing and not created solely to take advantage of special programs aimed at vendor diversity.
F.“Lesbian, Gay, Bi-sexual or Transgender-Owned Business Enterprise” or “LGBT-Owned Business Enterprise” is a “for profit” enterprise, regardless of size, located in the United States or its trust territories, which is at least fifty-one percent (51%) owned, operated and controlled, by an individual of United States citizenship with a certified LGBT certification. Certification for LGBT Businesses can be obtained through the National Gay and Lesbian Chamber of Commerce (www.NGLCC.org). The ownership and control shall be real and continuing and not created solely to take advantage of special programs aimed at vendor diversity.
G.“Historically Underutilized Business Zone or HUBZone Business Enterprise” is a small business as determined under the standards set from time to time by the United States Small Business Administration (“SBA”) or its successors, and which (i) is at least fifty-one percent (51%) owned and controlled by U.S. citizens, a Community Development Corporation, an agricultural cooperative or a federal recognized Indian tribe, (ii) maintains its principal office within a HUBZone as such zones are determined from time to time by the SBA, and (iii) demonstrates that at least thirty-five percent (35%) of its employees reside in a HUBZone.
20.4In addition to the above criteria to qualify as a Minority-Owned, Woman-Owned, “Veteran, Disabled Veteran, and Service-Disabled Veteran Owned , Disabled-Owned, LGBT-Owned Business Enterprise or HUBZone Business Enterprise under this Agreement, the diverse vendor must be certified by an agency acceptable to Company.
20.5Participation Representation: Vendor represents it is not a Minority, Woman, Disabled, Veteran, Disabled Veteran, Service-Disabled Veteran, LGBT-Owned or HUBZone Business Enterprise. Vendor represents that, upon the execution of this Agreement, it is publicly traded company.
Proprietary & Confidential | Terms and Conditions –20 | Rev 10/2020 | ||||||
Certain information has been excluded from this agreement (indicated by “[***]”) because such information (i) is not material and (ii) would be competitively harmful if publicly disclosed.
Exhibit 10.2
A.During the Term of this Agreement, at no additional charge to Company and consistent with the efficient performance of this Agreement, Vendor shall, regardless of Vendor’s Diversity Participation Representation, obtain from Minority-Owned Business Enterprise(s), Woman-Owned Business Enterprise(s), Disabled-Owned Business Enterprise(s), Veteran, Disabled Veteran, Service-Disabled Veteran Owned Business Enterprises(s), and LGBT Owned Business Enterprise(s) and HUBZone Business Enterprise(s) as Vendors or Subcontractors to Vendor, a quantity of goods and services that is equal to or greater in dollar amount to five percent (5%) of Company’s total revenue earned under this Agreement.
B.Reports. Vendor shall provide Company, in a format acceptable to Company, one report a calendar year which specify the total amounts invoiced by and paid collectively to Minority-Owned, Woman-Owned, Disabled-Owned, LGBT-Owned, Veteran, Disabled Veteran, Service-Disabled Veteran Owned, HUBZone Business Enterprises for the previous calendar year for which the Vendor remitted invoices. Vendor shall report the previous year spend beginning Q1 2023. Provided, however, that Vendor’s failure to meet such diversity spend commitment outlined in Sections 19.12(A)-(B) shall not constitute a breach of the Agreement.
C.Disability Inclusion Assessment. Upon request, Vendor shall report to Company the results of its participation in an annual assessment, conducted or administered by a nationally recognized assessor, of its disability inclusion performance, such as the Disability Equality Index from Disability:IN and the American Association of People with Disabilities, Disability Employment Tracker™ from the National Organization on Disability, or the BenchmarkABILITY tool from Cornell University. The provisions of this Section shall apply only to Services rendered in the United States; any diversity requirements to be applied for Services rendered outside of the United States
21.0ENVIRONMENTAL, SOCIAL, AND GOVERNANCE | ||
21.1Vendor shall use beneficial practices to control and reduce the environmental and social impacts of its operations in line with best practices of Vendor’s industry in the location or locations of Vendor’s operations. Vendor shall maintain, implement and provide to Company upon request, its environmental, social and governance (ESG) policies and procedures which are directed at a senior executive level.
21.2Vendor shall establish environmental management procedures and initiatives to measure and mitigate any potential negative environmental impacts associated with its operations, products and services including, energy and water consumption, greenhouse gas emissions, waste and, if applicable, hazardous materials.
21.3Vendor shall publish public goals to reduce the environmental impacts of its operations, products and services, and publicly disclose its progress relative to these commitments.
21.4In addition to ensuring compliance with Applicable Laws, Vendor shall maintain policies and procedures, which shall be provided to Company upon request, that effectively address the following topics:
(a)Grievance Mechanism. Vendor shall provide its Representatives with access to transparent and confidential processes to raise workplace concerns. Vendor shall investigate such concerns fairly, provide a clear resolution, and prevent retaliation against such Representatives.
(b)Fair Wages and Benefits. Vendor shall provide fair and competitive compensation and benefits to Representatives that meets or exceeds the requirements of Applicable Law or, where legal requirements do not exist, provides for an adequate standard of living for all Representatives.
(c)Freely Chosen Employment. Vendor shall not withhold wages or security payments, confiscate identity documents, allow Representatives to pay recruitment fees or restrict movement of Representatives. Vendor shall document terms of employment, including compensation and benefits, in a written agreement. No involuntary work of any type is permitted, including, but not limited to: forced or compulsory labor, trafficked labor, indentured labor, bonded labor, involuntary prison labor, or forced overtime.
(d)Child Labor. Vendor shall have age verification procedures and policies to prevent workers under the age of 18 from performing hazardous work.
(e)Safe Workplace Conditions. Vendor shall maintain and implement occupational health and safety programs, as well as, the provision of appropriate personal protective equipment, potable drinking water, clean toilet facilities, adequate lighting, temperature, ventilation and sanitation and, if applicable, safe and healthy worker accommodations.
21.5Vendor shall satisfy validation requirements to ensure its compliance with the requirements of this Section, including, providing copies of its relevant policies, procedures and participation in Company’s assessment questionnaires, on-site audits, reporting or other means of due diligence requested by Company.
Proprietary & Confidential | Terms and Conditions –21 | Rev 10/2020 | ||||||
Certain information has been excluded from this agreement (indicated by “[***]”) because such information (i) is not material and (ii) would be competitively harmful if publicly disclosed.
Exhibit 10.2
21.6For Vendors and their Subcontractors with at least fifty (50) employees, Vendor shall pay Vendor personnel, and shall ensure that Subcontractors pay Subcontractor personnel, who are working in the United States and are providing Services exclusively to Company under this Agreement a minimum rate of pay of fifteen dollars ($15) per hour. Personnel are deemed to provide Services exclusively to Company when all of their hours worked in the United States for Vendor in any pay period are dedicated to providing Services to Company.
22.0AUDIT | ||
22.1Company may, at its sole expense, perform confidential audits, tests and inspections of all aspects of Vendor’s and Vendor’s Representatives and Subcontractors policies, procedures, controls and operations as they pertain to the Services provided under this Agreement and Vendor’s obligations, covenants and representations under this Agreement, including, without limitation, Vendor’s processes and procedures concerning compliance with Applicable Laws, for providing information to be used for detecting and preventing money laundering, terrorist financing and other financial crimes, and for identifying and preventing fraud. Such audits, tests or inspections are in addition to, and not in lieu of, any other audits, tests or inspections permitted elsewhere under this Agreement. Such audits shall be conducted on a mutually agreed upon date (which shall be no more than ten (10) Business Days after Company’s written notice of time, location and duration), subject to reasonable postponement by Vendor upon Vendor’s reasonable request, provided, however, that no such postponement shall exceed twenty (20) Business Days, and shall be conducted during regular business hours but no more frequently than once per year unless (i) Company has a reasonable concern of operational or compliance risks or knowledge of significant regulatory change that would warrant additional audits, tests or inspections, or (ii) the annual audit results in findings of noncompliance as provided below in this subsection. Company will provide Vendor a summary of the findings from each report prepared in connection with any such audit and discuss results, including any remediation plans. If audit results find Vendor is not in substantial compliance with the requirements of this Agreement, then Company shall be entitled, at Vendor’s expense, to perform up to two (2) additional such audits in that year in accordance with the procedure set forth in this Section. Vendor agrees to promptly take action at its expense to correct those matters or items identified in any such audit that require correction. Failure to correct such matters shall be considered a material breach of this Agreement. Any restrictions on the frequency of audits performed by Company under this Section shall not apply to any such audit that Company reasonably deems necessary to ensure that Vendor’s performance of Services complies with the representations and warranties set forth in the SECTION of this Agreement entitled "REPRESENTATIONS AND WARRANTIES OF VENDOR."
22.2Vendor shall maintain at no additional cost to Company, in a reasonably accessible location, all Records pertaining to its Services provided to Company under this Agreement. For Records that are owned by Vendor, such retention shall be for not less than the period required by Applicable Laws, or if no legal requirement exists, for such period as dictated by prudent business practice or as otherwise directed by Company. For Records that are owned by the Company and are held by Vendor on the Company’s behalf in connection with the Services, such retention shall be as directed by the Company. Such Vendor Records referenced above may be inspected, audited and copied by Company, its Representatives or by federal or state agencies having jurisdiction over Company, during normal business hours and at such reasonable times as Company and Vendor may determine. Records available for review shall exclude any records pertaining to Vendor’s other customers deemed proprietary and confidential and Vendor confidential and proprietary records not associated with the Services provided under the Agreement. Vendor will give prior notice to Company of requests by federal or state authorities to examine Vendor’s Company Records. At Company’s written request, Vendor shall reasonably cooperate with Company in seeking a protective order with respect to such Records.
22.3Vendor shall provide a copy of the latest operational audit for facilities not managed by Company that are used to provide Services under this Agreement. If necessary, Vendor, at its sole cost and expense, will engage a nationally recognized certified public accounting firm within the jurisdiction of the country of contract to conduct the audit and prepare applicable reports. Each report will cover a minimum consecutive six (6) calendar month period each calendar year during the Term. Such audits may be on a rotating site basis where operations and procedures of Vendor Services provided to Company are in multiple locations in order to confirm that Vendor is in compliance in all aspects of the Agreement. Vendor shall provide Company with a copy of each report prepared in connection with each such audit within thirty (30) calendar days after it receives such report.
Proprietary & Confidential | Terms and Conditions –22 | Rev 10/2020 | ||||||
Certain information has been excluded from this agreement (indicated by “[***]”) because such information (i) is not material and (ii) would be competitively harmful if publicly disclosed.
Exhibit 10.2
22.4Upon prior written notice and at a mutually acceptable time, Company personnel or its Representatives (e.g., independent and external audit consultants) may audit, test or inspect Vendor’s Information Security Program and its practices, systems, equipment, hardware and facilities to assure Company’s data and Confidential Information are adequately protected. This right to audit is in addition to the other audit rights granted herein. Company will determine the scope of such audits, tests or inspections, which may extend to Vendor’s Subcontractors and other Vendor resources (other systems, environmental support, recovery processes, etc.) used to support the systems and handling of Confidential Information. The foregoing audit rights may include, without limitation, audits: (a) of practices and procedures; (b) of systems; (c) of general and specific controls and security practices and procedures; (d) of disaster recovery and backup procedures; (e) of charges under any Order; (f) necessary to enable Company to meet applicable regulatory requirements; and (g) for any other reasonable purpose as determined by Company. Vendor shall provide full cooperation to such auditors, inspectors, regulators and Representatives, including the installation and operation of audit and investigative and forensic software. Vendor will inform Company of any internal auditing capability it possesses and permit Company’s personnel or its Representatives to consult on a confidential basis with such auditors at all reasonable times. Company may provide Vendor a summary of the findings from each report prepared in connection with any such audit and discuss results, including any remediation plans. Independent external auditors are subject to the provisions contained in the "CONFIDENTIALITY" SECTION of this Agreement. In no event shall Representatives be required to execute a separate non-disclosure or confidentiality agreement in connection with performing such audit. Notwithstanding anything to the contrary in this Agreement, if Vendor is in breach or otherwise not compliant with any of the provisions set forth in the SECTIONS of this Agreement entitled “CONFIDENTIALITY” and “INFORMATION PROTECTION” and/or the SCHEDULE entitled "INFORMATION SECURITY," then Company may conduct additional audits.
22.5Vendor will provide reasonable access to Company’s federal and state governmental regulators (at a minimum, to the extent required by law), at Company’s expense, to Company’s Records held by Vendor and to the procedures and facilities of Vendor relating to the Services provided under this Agreement. Pursuant to 12 U.S.C. 1867(c), the performance of such Services will be subject to regulation and examination by the appropriate federal banking agency to the same extent as if the Services were being performed by Company itself. Vendor acknowledges and agrees that regulatory agencies may audit Vendor’s performance of Services to Company at any time during normal business hours and that such audits may include both methods and results under this Agreement.
22.6In addition to the requirements under this Section and upon Company’s request, Vendor shall deliver to Company, within thirty (30) calendar days after its receipt by its board of directors or senior management, a copy of (i) any final report of audit of Vendor by any third-party auditors retained by Vendor, including any management letter such auditors submit, (ii) any internal audit that examines anti-money laundering processes and/or procedures employed by Vendor in delivering the Services, and (iii) any other audit or inspection upon which Company and Vendor may mutually agree.
22.7Records required to be maintained by Vendor shall include without limitation documentation of Vendor’s adhering to the Company’s policy and standards and regulatory requirements related to complaint handling processes, procedures and controls for quality assurance, quality control, records retention, personnel training, compliance with legal requirements, handling of customer complaints and such other documentation necessary to establish Vendor’s compliance with the requirements of this Agreement (including without limitation the representations and warranties set forth in the SECTION entitled “REPRESENTATIONS AND WARRANTIES OF VENDOR”) and all pertinent Schedules and Exhibits hereto and any applicable Order.
22.8Vendor shall, on Vendor’s premises, provide to Company and such auditors and inspectors as Company may designate in writing, space, office furnishings (including lockable cabinets), telephone and facsimile service, utilities and office-related equipment and duplicating services as Company or such auditors and inspectors may reasonably require to perform the audits described herein.
23.0NON-ASSIGNMENT | ||
23.1Neither Party may assign this Agreement or any of the rights hereunder or delegate any of its obligations hereunder, without the prior written consent of the other Party, and any such attempted assignment shall be void, except that Company or any permitted Company assignee may assign any of its rights and obligations under this Agreement (including, without limitation, any individual Order) to any Company Affiliate, the surviving corporation with or into which Company or such assignee may merge or consolidate or an entity to which Company or such assignee transfers all, or substantially all, of its business and assets or all or substantially all of the business and assets of any Affiliate, subsidiary or division.
23.2Notwithstanding anything to the contrary in this Agreement, Company shall be entitled to assign, transfer (including, without limitation, by way of novation) or other dispose, in whole or in part, of any of its rights and obligations under this Agreement (including, without limitation, any individual Order) without the prior written consent of the Vendor to any Special Resolution Recipient, in each case, solely in connection with any Special Resolution Event. Any provision in this Agreement that provides that an assignment is in breach of that provision shall be void shall not apply to any exercise by Company of its rights under this Section.
Proprietary & Confidential | Terms and Conditions –23 | Rev 10/2020 | ||||||
Certain information has been excluded from this agreement (indicated by “[***]”) because such information (i) is not material and (ii) would be competitively harmful if publicly disclosed.
Exhibit 10.2
24.0GOVERNING LAW | ||
24.1This Agreement shall be governed by the internal laws, and not by the laws regarding conflicts of laws, of the State of New York. Each Party hereby submits to the exclusive jurisdiction of the courts of such state, and waives any objection to venue with respect to actions brought in such courts. This provision shall not be construed to conflict with the provisions of the SECTION entitled “MEDIATION/ARBITRATION.”
25.0DISPUTE RESOLUTION | ||
25.1The following procedure will be adhered to in all disputes arising under this Agreement which the Parties cannot resolve informally through their Relationship Managers. The aggrieved Party shall notify the other Party in writing of the nature of the dispute with as much detail as possible about the deficient performance of the other Party. The Relationship Managers shall meet (in person or by telephone) within fourteen (14) calendar days (or other mutually agreed upon date) after the date of the written notification to reach an agreement about the nature of the deficiency and the corrective action to be taken by the respective Parties. If the Relationship Managers do not meet or are unable to agree on corrective action, senior managers of the Parties having authority to resolve the dispute without the further consent of any other person ("Management") shall meet or otherwise act to facilitate an agreement within fourteen (14) calendar days (or other mutually agreed upon date) of the date of the written notification. If Management does not meet or cannot resolve the dispute or agree upon a written plan of corrective action to do so within seven (7) calendar days (or other mutually agreed upon date) after their initial meeting or other action, or if the agreed-upon completion dates in the written plan of corrective action are exceeded, either Party may request mediation and/or arbitration as provided for in this Agreement. Except as otherwise specifically provided, neither Party shall initiate arbitration, mediation or litigation unless and until this dispute resolution procedure has been substantially complied with or waived. Failure of a Party to fulfill its obligations in this Section, including failure to meet timely upon the other Party’s notice, shall be deemed such a waiver.
26.0MEDIATION/ARBITRATION | ||
26.1If the Parties are unable to resolve a dispute arising out of or relating to this Agreement in accordance with the SECTION entitled “DISPUTE RESOLUTION,” the Parties will in good faith attempt to resolve such dispute through non-binding mediation. The mediation shall be conducted before a mediator acceptable to both sides, who shall be an attorney or retired judge practicing in the areas of banking and/or information technology law. The mediation shall be held in New York, NY.
26.2Any controversy or claim, other than those specifically excluded, between or among the Parties not resolved through mediation under the preceding provision, shall at the request of a Party be determined by arbitration. The arbitration shall be conducted by one independent arbitrator who shall be an attorney or retired judge practicing in the areas of banking and/or information technology law. The arbitration shall be held in New York, NY in accordance with the United States Arbitration Act (9 U.S.C. 1 et seq.), notwithstanding any choice of law provision in this Agreement, and under the auspices and the Commercial Arbitration Rules of the American Arbitration Association.
26.3Consistent with the expedited nature of arbitration, each Party will, upon the written request of the other Party, promptly provide the other with copies of documents relevant to the issues raised by any claim or counterclaim on which the producing Party may rely in support of or in opposition to any claim or defense. At the request of a Party, the arbitrator shall have the discretion to order examination by deposition of witnesses to the extent the arbitrator deems such additional discovery relevant and appropriate. Depositions shall be limited to a maximum of three (3) per Party and shall be held within thirty (30) calendar days of the making of a request. Additional depositions may be scheduled only with the permission of the arbitrator, and for good cause shown. Each deposition shall be limited to a maximum of three (3) hours duration. All objections are reserved for the arbitration hearing except for objections based on privilege and proprietary or confidential information. Any dispute regarding discovery, or the relevance or scope thereof, shall be determined by the arbitrator, which determination shall be conclusive. All discovery shall be completed within sixty (60) calendar days following the appointment of the arbitrator.
26.4The arbitrator shall give effect to statutes of limitation in determining any claim, and any controversy concerning whether an issue is arbitrable shall be determined by the arbitrator. The arbitrator shall follow the law in reaching a reasoned decision and shall deliver a written opinion setting forth findings of fact, conclusions of law and the rationale for the decision. The arbitrator shall reconsider the decision once upon the motion and at the expense of a Party. The SECTION of this Agreement entitled “CONFIDENTIALITY” shall apply to the arbitration proceeding, all evidence taken, and the arbitrator’s opinion, which shall be Confidential Information of both Parties. Judgment upon the decision rendered by the arbitrator may be entered in any court having jurisdiction.
26.5No provision of this Section shall limit the right of a Party to obtain provisional or ancillary remedies from a court of competent jurisdiction before, after, or during the pendency of any arbitration. The exercise of a remedy does not waive the right of either Party to resort to arbitration. The institution and maintenance of an action for judicial relief or pursuit of a provisional or ancillary remedy shall not constitute a waiver of the right of either Party to submit the controversy or claim to arbitration if the other Party contests such action for judicial relief.
Proprietary & Confidential | Terms and Conditions –24 | Rev 10/2020 | ||||||
Certain information has been excluded from this agreement (indicated by “[***]”) because such information (i) is not material and (ii) would be competitively harmful if publicly disclosed.
Exhibit 10.2
27.0NON-EXCLUSIVE NATURE OF AGREEMENT | ||
27.1Vendor agrees that it shall not be considered Company’s exclusive provider of any goods or Services provided hereunder. Unless otherwise stated in an Order, Company retains the unconditional right to utilize other vendors in the provision of similar services.
28.0OWNERSHIP OF WORK PRODUCT | ||
28.1Company will own exclusively all Work Product and Vendor hereby assigns to Company all right, title and interest (including all Intellectual Property Rights) in the Work Product. Work Product, to the extent permitted by law, shall be deemed “works made for hire” (as that term is defined in the United States Copyright Act). Vendor shall provide Company upon request with all assistance reasonably required to register, perfect or enforce such right, title and interest, including providing pertinent information and, executing all applications, specifications, oaths, assignments and all other instruments that Company shall deem necessary. Vendor shall enter into agreements with all of its Representatives and Subcontractors necessary to establish Company’s sole ownership in the Work Product. Company acknowledges Vendor’s and its licensors’ claims of proprietary rights in preexisting works of authorship and other intellectual property (“Pre-existing IP”) Vendor uses in its work pursuant to this Agreement. Company does not claim any right not expressly granted by this Agreement in such Pre-existing IP, which shall not be deemed Work Product, even if incorporated with Work Product in the Services Vendor delivers to Company. Unless otherwise agreed in an Order, Vendor grants Company a perpetual, worldwide, irrevocable, nonexclusive, royalty free license to any Pre-existing IP embedded in the Work Product, which shall permit Company and any transferee or sublicensee of Company, subject to the restrictions in this Agreement, to make, use, import, reproduce, display, distribute, make derivative works and modify such Pre-existing IP as necessary or desirable for the use of the Work Product.
28.2Vendor shall promptly notify Company in writing, of any threat, or the filing of any action, suit or proceeding, against Vendor, its Affiliates, Subcontractors or Representatives, (i) alleging infringement, misappropriation or other violation of any Intellectual Property Right related to any Work Product or Service furnished under this Agreement, or (ii) in which an adverse decision would reasonably be expected to have a material adverse effect on the Vendor or the use by Company of the Work Product or Services furnished under this Agreement.
28.3Immediately prior to (a) an assignment, sale or grant of an exclusive license of a patent or patent application by Vendor or any of its Affiliates, or (b) Vendor or any of its Affiliates becoming a Patent Assertion Entity, Vendor, on behalf of itself and its Affiliates, hereby grants Company and its Affiliates, the following rights: (i) a worldwide, non-exclusive, royalty-free, perpetual, irrevocable license under such Vendor’s or its Affiliates’ patent and patent application to make, have made, use (including distribute products or services), sell, offer to sell, import or otherwise distribute products and services, alone or in combination with other products or services, upon such patent being asserted by a Patent Assertion Entity against Company or its Affiliates; and (ii) a release from and a covenant not to sue for any and all past damages relating to alleged infringement by Company and its Affiliates, or by their direct and indirect customers solely with respect to such customers’ use of Company’s or its Affiliates’ products or services, alone or in combination with other products or services, upon Vendor’s or its Affiliates’ patent being asserted by a Patent Assertion Entity against Company or its Affiliates. These licenses, releases and covenants shall bind and apply to all entities that subsequently obtain any right to enforce any patent to which such licenses and covenants pertain. A “Patent Assertion Entity” means any entity, inclusive of all Affiliates, that primarily earns revenue (or that primarily seeks to earn revenue) from (i) monetizing patents or patent applications through assertion and/or assertion-based or threat-of-assertion-based licensing, or (ii) transferring patents or patent applications to an entity that does subpart (i).
29.0DIVESTITURE | ||
29.1Vendor agrees that if (i) any Company unit, division or Affiliate receiving Services under this Agreement becomes the subject of an asset sale, stock sale, business sale, spinoff, restructuring, divestiture or similar transaction (such unit, division or Affiliate being hereinafter a "Transferee"), then Company shall have the right, exercisable in its sole discretion, at no additional charge, to require Vendor to continue to provide the Services to the Transferee for a period of twelve (12) months from the date of the closing of the transaction whereby the Transferee becomes divested (the “Transfer Transition Period”) on the same basis as if the Transferee had continued to be a part of Company. Company acknowledges that any Services provided by Vendor to a Transferee during a Transfer Transition Period hereunder must be performed while this Agreement remains in effect (unless otherwise agreed to in writing by Vendor). In the event any Transfer Transition Period exceeds the then remaining Term of this Agreement, this Agreement shall automatically be extended for an additional period of time, a Renewal Term, to satisfy the Transfer Transition Period at the then current prices in effect under this Agreement.
Proprietary & Confidential | Terms and Conditions –25 | Rev 10/2020 | ||||||
Certain information has been excluded from this agreement (indicated by “[***]”) because such information (i) is not material and (ii) would be competitively harmful if publicly disclosed.
Exhibit 10.2
29.2Company shall continue to be responsible for payment of all fees to Vendor with respect to the Services provided to or for the benefit of the Transferee during the Transfer Transition Period, unless Company provides to Vendor a written assumption of such liability executed by the party acquiring the Transferee, in which event neither Company nor any Affiliate of Company shall thereafter be liable for any such fees in relation to Services Vendor provides to the Transferee.
29.3During the Transfer Transition Period or as soon as possible thereafter, Vendor shall, if so required by the Transferee, negotiate in good faith with the Transferee a separate agreement for the continuation of the Services to the Transferee after the Transfer Transition Period. If, during the Transfer Transition Period, the Transferee enters into a separate agreement with Vendor, then neither Company nor any Affiliate of Company shall be liable in any way for any related costs or fees under that separate agreement.
29.4At the conclusion of the Transfer Transition Period, (a) Vendor shall cease to provide the Services to the Transferee; and (b) neither Company nor any Affiliate of Company shall thereafter be liable for any Service Fees in relation to Services Vendor provides to the Transferee. All restrictions set forth in this Agreement on Company’s use of the Services shall be deemed also to apply to any divested Affiliate’s or division’s use of the Services. In no event shall Company be responsible to Vendor for any such use of the Services by the divested Affiliate or division after the expiration of the Transfer Transition Period.
30.0MISCELLANEOUS | ||
30.1Vendor is aware of and fully informed of Vendor's responsibilities and agrees to the provisions under the following: (a) Executive Order 11246, as amended or superseded in whole or in part, and as contained in Section 202 of the Executive Order as found at 41 C.F.R. § 60-1.4(a)(1-7); (b) Section 503 of the Rehabilitation Act of 1973 as contained in 41 C.F.R. § 60-741.5; and (c) The Vietnam Era Veterans' Readjustment Assistance Act of 1974 as contained in 41 C.F.R. § 60-300.5 (1) This contractor and subcontractor shall abide by the requirements of 41 CFR §§ 60-1.4(a), 60-300.5(a) and 60-741.5(a). These regulations prohibit discrimination against qualified individuals based on their status as protected veterans or individuals with disabilities, and prohibit discrimination against all individuals based on their race, color, religion, sex, or national origin. Moreover, these regulations require that covered prime contractors and subcontractors take affirmative action to employ and advance in employment individuals without regard to race, color, religion, sex, national origin, protected veteran status or disability. (2) This contractor and subcontractor shall abide by the requirements of 29 CFR Part 471, Appendix A to Subpart A. [Note: for purposes of the above contractor means Vendor]
30.2Section headings are included for convenience or reference only and are not intended to define or limit the scope of any provision of this Agreement and should not be used to construe or interpret this Agreement.
30.3No delay, failure or waiver of either Party's exercise or partial exercise of any right or remedy under this Agreement shall operate to limit, impair, preclude, cancel, waive or otherwise affect such right or remedy. Any waiver by either Party of any provision of this Agreement shall not imply a subsequent waiver of that or any other provision of this Agreement.
30.4If any provision of this Agreement is held invalid, illegal or unenforceable, the validity, legality or enforceability of the remaining provisions shall in no way be affected or impaired thereby.
30.5No amendments of any provision of this Agreement shall be valid unless made by an instrument in writing signed by both Parties specifically referencing this Agreement. The terms of any Order or schedule to this Agreement shall supplement and not replace or amend the Terms and Conditions of this Agreement and the Terms and Conditions of this Agreement shall control in the event of any conflict with any such Order or schedule, and such conflict shall be resolved in the following order of precedence: 1) Terms and Conditions, then 2) schedule to this Agreement, then 3) Order under this Agreement and then all other documents attached hereto. The Terms and Conditions of this Agreement shall be incorporated by reference into any Order under this Agreement.
30.6Anything in this Agreement to the contrary notwithstanding, the Parties hereby agree that thirty (30) calendar days after written notice by Company of any amendment to this Agreement for compliance with a change in federal law, rule or regulation affecting financial services companies or the vendors to financial services companies, this Agreement shall be amended by such notice and the amendment contained therein and without need for further action of the Parties, and the Agreement, as amended thereby, shall be enforceable against the Parties, their successors and assigns. The notice provided hereunder shall set forth such change and provide the relevant amendment to the Agreement. Company shall have the right to terminate immediately the Agreement, without further liability to Vendor, in the event of Vendor’s failure to comply with the terms and conditions of any such amendment to the Agreement.
30.7This Agreement may be executed by the Parties in one or more counterparts, and each of which when so executed shall be an original but all such counterparts shall constitute one and the same instrument.
30.8The remedies under this Agreement shall be cumulative and are not exclusive. Election of one remedy shall not preclude pursuit of other remedies available under this Agreement or at law or in equity. In arbitration a Party may seek any remedy generally available under the governing law.
Proprietary & Confidential | Terms and Conditions –26 | Rev 10/2020 | ||||||
Certain information has been excluded from this agreement (indicated by “[***]”) because such information (i) is not material and (ii) would be competitively harmful if publicly disclosed.
Exhibit 10.2
30.9Notwithstanding the general rules of construction, both Company and Vendor acknowledge that both Parties were given an equal opportunity to negotiate the terms and conditions contained in this Agreement, and agree that the identity of the drafter of this Agreement is not relevant to any interpretation of the terms and conditions of this Agreement.
30.10All notices or other communications required under this Agreement shall be given to the Parties in writing to the applicable addresses set forth on the signature page, or to such other addresses as the Parties may substitute by written notice given in the manner prescribed in this Section as follows: (a) by first class, registered or certified United States mail, return receipt requested and postage prepaid, (b) over-night express courier or (c) by hand delivery to such addresses. Such notices shall be deemed to have been duly given (i) five (5) Business Days after the date of mailing as described above, (ii) one (1) Business Day after being received by an express courier during business hours, or (iii) the same day if by hand delivery. Time Sensitive Notices shall only be delivered by the methods described in (b) or (c) above.
30.11Wherever this Agreement requires either Party's approval or consent such approval or consent shall not be unreasonably withheld or delayed.
30.12This Agreement shall be binding upon, and inure to the benefit of, the Parties and their respective permitted successors and assigns. With the exception of the Affiliates of Company, the Parties do not intend the benefits of this Agreement to inure to any third party, and nothing contained herein shall be construed as creating any right, claim or cause of action in favor of any such other third party, against either of the Parties hereto.
30.13Any transaction undertaken pursuant to this Agreement in which Vendor furnishes services shall be governed by Article 2 of the Uniform Commercial Code as if the services were goods, unless the Applicable Laws of the state of the governing law expressly otherwise provides.
30.14Unless otherwise permitted by this Agreement, neither Party nor any of such Party’s Affiliates, without the express written consent of the other Party, shall (i) issue any media releases, public disclosures or public announcements (for purposes of this Section, “public announcement” shall mean any announcement or release of information made to a person or entity outside of a Party’s organization) relating to this Agreement, or (ii) use the name, logo, trademarks or service marks of the other Party or its Affiliates in promotional or marketing material or on a list of customers, or (iii) except to the extent required as part of the Services, use the name, logo, trademarks or service marks of the other Party in any communication that would by intent or inference imply such other Party’s sponsorship, approval or recommendation of, or participation in, any person, place or event, or (iv) except to the extent required as part of the Services, use the name, logo, trademarks, or service marks of the other Party in any username, handle, profile name, or other object identifier, in the case of each of (i) –(iv), inclusive, whether appearing in mainstream media, social media, virtual reality, augmented reality, games, personal device applications or any form. Nothing in this paragraph shall restrict any disclosure required by legal, accounting or regulatory requirements beyond the reasonable control of the releasing Party or its Affiliates. For monitoring purposes, during [***], the Vendor shall provide the Company [***]days prior written notification with details, including subject matter and talking points, of all Vendor public speaking engagements or public disclosures which are covered by this section, including but not limited to, conferences and investor calls.
30.15Upon the terms and conditions hereinafter set forth, Company hereby grants to Vendor and Vendor hereby accepts a limited, non-exclusive, non-transferable, revocable license to use the Marks solely to provide the Services. For purpose of Section 30.15, “Marks” shall mean BANK OF AMERICA and the STRIPES LOGO, which Company owns and has developed extensive good will therein.
Vendor shall submit all proposed uses of the Marks to Company in advance of any use of the Marks. Vendor may not make use of the Marks without the specific prior written approval of Company of such use.
All uses of Company’s Marks by Vendor shall include any designations, such as "(R)", "(TM)" or "(SM)" as directed by Company. Company shall have the right to revise the designation requirements and to require such other notices as it deems reasonably necessary.
Company may provide notice to Vendor to use different marks owned by Company or may request Vendor cease use of all Marks at any time. Upon such notice, Vendor shall cease using the Marks or use different marks in accordance with such notice.
Vendor acknowledges that its use of the Marks shall not create any right, title, or interest in or to the Marks in Vendor, and that all uses of the Marks by the Vendor shall inure to the benefit of Company.
Vendor acknowledges that its failure to comply with the provisions of this Section 30.15 may result in immediate and irremediable damage to Company for which there is no adequate remedy at law, and Vendor agrees that, in the event of such failure, Company shall be entitled to seek equitable relief by way of temporary and permanent injunctions and such other further relief as any court with jurisdiction may deem just and proper.
30.16[intentionally omitted]
30.17THE PARTIES HEREBY WAIVE TRIAL BY JURY IN ANY ACTION, PROCEEDING OR COUNTERCLAIM BROUGHT BY EITHER OF THE PARTIES AGAINST THE OTHER ON ANY MATTERS WHATSOEVER ARISING OUT OF OR IN ANY WAY CONNECTED WITH THE INTERPRETATION, PERFORMANCE, ENFORCEMENT AND OTHER ASPECTS OF, AND OPERATIONS UNDER, THIS AGREEMENT, THE SERVICES, THE RELATIONSHIP OF THE PARTIES WITH RESPECT TO THIS AGREEMENT OR ANY CLAIM OF INJURY OR DAMAGE ARISING OUT OF UNDER OR RELATING TO THIS AGREEMENT.
Proprietary & Confidential | Terms and Conditions –27 | Rev 10/2020 | ||||||
Certain information has been excluded from this agreement (indicated by “[***]”) because such information (i) is not material and (ii) would be competitively harmful if publicly disclosed.
Exhibit 10.2
31.0ENTIRE AGREEMENT | ||
31.1This Agreement, the Schedules, and other documents incorporated herein by reference, is the final, full and exclusive expression of the agreement of the Parties and supersedes all prior agreements, understandings, writings, proposals, representations and communications, oral or written, of either Party with respect to the subject matter hereof and the transactions contemplated hereby. The Parties agree to accept a digital image of this Agreement, as executed, as a true and correct original and admissible as best evidence to the extent permitted by a court with proper jurisdiction.
32.0PERSONAL DATA PROTECTION – EUROPEAN ECONOMIC AREA | ||
32.1The provisions of this Section entitled “PERSONAL DATA PROTECTION – EUROPEAN ECONOMIC AREA” shall apply only in the event Services during the Term require the Processing (as hereinafter defined) of Personal Data where either of the following is true: (i) Company or the Company Affiliate receiving the Services is established in the European Economic Area, or (ii) Company or the Company Affiliate receiving the Services is established outside the European Economic Area but is offering goods or services to, or is monitoring, individuals within the European Economic Area. These provisions shall be in addition to and not in lieu of Data Protection Laws applicable in the territory where the Services are performed. In the event of a conflict between local territory Data Protection Laws and the General Data Protection Regulation (hereinafter defined), Vendor shall comply with the obligations that provide the most protection for Personal Data.
32.2Definitions applicable to the application of this Section entitled “PERSONAL DATA PROTECTION – EUROPEAN ECONOMIC AREA” to the Services and to the rights and obligations of Vendor and Company under this Agreement:
(f)“Company” shall include Affiliates of Company and where applicable, “Vendor” shall mean and include Affiliates of Vendor.
(g)“Data Protection Laws” shall, for the purposes of this Section entitled “PERSONAL DATA PROTECTION – EUROPEAN ECONOMIC AREA,” include the General Data Protection Regulation (EU 2016/679).
32.3To the extent Vendor’s Services include or require the Processing of Personal Data delivered or made available to Vendor by Company, or Processed by Vendor on behalf of Company, under or pursuant to this Agreement or any Order, and notwithstanding anything to the contrary in this Agreement or any Order, Vendor agrees as follows:
(h)It is the intention of the Parties that Company will be the data controller and Vendor will be a data processor. Vendor will Process the Personal Data Company provides to Vendor only (i) as needed to provide contracted products or services to Company; and (ii) in accordance with the specific documented instructions Vendor and/or its Affiliates receive from Company, including as set forth in this Agreement with Company and any related Orders, schedules, statements of work or project documentation, unless otherwise required by Applicable Law (in which case, Vendor will provide prior notice to Company of such legal requirement, unless that law prohibits this disclosure on important grounds of public interest).
(i)Vendor shall, upon the request of Company, provide Company with sufficient information regarding its privacy and data protection policies, practices and processes to allow Company to evaluate the same.
(j)Vendor shall comply with any relevant processes and procedures maintained by Company and provide Company with all assistance required by the Company to comply with Company's obligations under Data Protection Laws.
(k)Taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of Vendor’s Processing of Personal Data, as well as the risk of varying likelihood and severity of infringement upon the rights and freedoms of individuals, Vendor will implement appropriate technical and organizational security measures to ensure an appropriate level of security of Personal Data in its possession and/or transmitted by Vendor. Vendor will include in its security measures, as appropriate: (a) the pseudonymization and encryption of Personal Data; (b) the ability to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services; (c) the ability to restore the availability and access to Personal Data in a timely manner in the event of a physical or technical incident; and (d) a process for regularly testing, assessing and evaluating the effectiveness of technical and organizational measures for ensuring the security of the Processing. If required under the Data Protection Laws, such requirements may go beyond the applicable information security and business continuity practices and standards set forth in the Bank Security Requirements, and the requirements set out in the Sections entitled “BUSINESS CONTINUITY” and “INFORMATION PROTECTION” and the Schedules entitled “INFORMATION SECURITY” and “RECOVERY.”
(l)Company will be permitted to conduct audits and inspections of Vendor’s compliance with all aspects of Data Protection Laws in accordance with the Section entitled “AUDIT”. Vendor will provide Company with all information necessary to demonstrate compliance with and satisfaction of all obligations set forth in any relevant Data Protection Laws. When responding to a Company-mandated audit or request for information, Vendor will inform Company if Vendor believes that any of Company’s instructions regarding the Personal Data violate Applicable Laws.
Proprietary & Confidential | Terms and Conditions –28 | Rev 10/2020 | ||||||
Certain information has been excluded from this agreement (indicated by “[***]”) because such information (i) is not material and (ii) would be competitively harmful if publicly disclosed.
Exhibit 10.2
(m)Taking into account the nature of the Personal Data Processing and the information available to Vendor. Vendor shall comply and assist Company to comply with obligations and requirements regarding Personal Data Breaches, data protection impact assessments and prior consultation in accordance with the relevant Data Protection Laws and as may be specifically set forth elsewhere in this Agreement, including as set forth in the SCHEDULE entitled “INFORMATION SECURITY,” including notifying Company of any breach of Data Protection Laws in accordance with the timescales set out in the “DETECTION AND RESPONSE” Section of the “INFORMATION SECURITY” Schedule, or any timescales set out in relevant Data Protection Laws, whichever is the shorter.
(n)Vendor will ensure that persons authorized to Process Personal Data have committed themselves to confidentiality or are under an appropriate statutory obligation of confidentiality, and any such persons will be subject to the requirements as set out in the Sections entitled “CONFIDENTIALITY” and “INFORMATION PROTECTION.” Vendor will not disclose or transfer Personal Data to, or allow Processing of Personal Data by, any third party (including Vendor’s Affiliates and Subcontractors) without the prior written consent of Company, except as otherwise authorized in writing between the Parties. Vendor will be liable for all actions by such third parties with respect to the Personal Data as though they were the actions of Vendor.
(o)To the extent required under any relevant Data Protection Laws, using appropriate technical and organizational measures, Vendor will assist Company in the fulfillment of its obligation to respond to requests for exercising individuals’ rights, taking into account the nature of Vendor’s Processing of such Personal Data. If Vendor receives: (i) a request with respect to the data subject’s Personal Data Processed under this Agreement or any Order, including but not limited to opt-out requests, requests for access and/or rectification, erasure, restriction, requests for data portability, and all similar requests; or (ii) any complaint relating to the Processing of Personal Data, including allegations that the Processing infringes on an individual’s rights, Vendor: (a) shall promptly notify Company of the request; (b) shall not respond to any such request or complaint unless expressly authorized to do so by Company; (c) shall assist and cooperate with Company with respect to any action taken relating to such request or complaint; and (d) shall provide any information requested by Company within the lesser of five (5) working days of such request or in accordance with timescales set out in any relevant Data Protection Laws.
(p)Vendor shall not transfer any Personal Data outside of the European Economic Area or any other relevant jurisdiction in providing Services or otherwise without the prior written consent of Company, which may be subject to Vendor entering into such additional data transfer agreements as Company may require to ensure its compliance with the applicable Data Protection Laws.
(q)To the extent they are applicable to Vendor’s Services for Company, Vendor will (a) maintain all records with specificity as required by the Data Protection Laws, including of the nature and use of all Personal Data that Vendor and its Affiliates and Subcontractors Process in connection with the Services, (b) make such records available to Company and/or its regulators promptly upon request, and (c) on (i) termination of this Agreement or any Order; or (ii) the written request of Company, Vendor shall promptly and in a secure manner in accordance with the obligations set forth in the Sections entitled “INFORMATION PROTECTION” and the “INFORMATION DESTRUCTION AND RETURN REQUIREMENTS” section of the Schedule entitled “INFORMATION SECURITY” and any additional Bank Security Requirements, return to Company all such Personal Data held by Vendor under this Agreement (including any copies and on whatever media it is stored) or at Company’s written direction, destroy such Personal Data. Upon request Vendor shall provide a written certification that the relevant Personal Data has been returned or securely destroyed in accordance with this Agreement, unless any legislation or legal action prevents it from doing so, in which case it shall keep such Personal Data and copies secure and confidential and shall no longer Process them and shall return or, at Company’s written direction, destroy such Personal Data and copies (and certify that it has done so) as soon as such legislation or legal action no longer prevents it from doing so.
Proprietary & Confidential | Terms and Conditions –29 | Rev 10/2020 | ||||||
Certain information has been excluded from this agreement (indicated by “[***]”) because such information (i) is not material and (ii) would be competitively harmful if publicly disclosed.
Exhibit 10.2
| Services | ||
Vendor is being retained to provide Services as described in this Schedule or in each Order.
Proprietary & Confidential | Services –1 | Rev 10/2020 | ||||||
Certain information has been excluded from this agreement (indicated by “[***]”) because such information (i) is not material and (ii) would be competitively harmful if publicly disclosed.
Exhibit 10.2
| Service Fees | ||
Fees for services shall be set forth in each Order.
Proprietary & Confidential | Services –2 | Rev 10/2020 | ||||||
Certain information has been excluded from this agreement (indicated by “[***]”) because such information (i) is not material and (ii) would be competitively harmful if publicly disclosed.
Exhibit 10.2
| Performance Measurements | ||
[TO BE COMPLETED BY SOURCING LEAD/SOURCING MANAGER]
Unless otherwise provided in an Order, all Services shall comply with the following standards:
Any performance measurements provided in this Schedule are and shall be in addition to and not in lieu of Vendor’s representation and warranties of performance provided in subsection 9.2 of the SECTION of the Agreement entitled “REPRESENTATIONS AND WARRANTIES OF VENDOR.”
Financial or other penalties expressly stated in this Schedule or elsewhere this Agreement, or in any Order, with respect to Vendor’s failure to satisfy particular service levels, specifications, timeframes or performance measurements:
(A) are not and shall not create a limitation of any of Company’s rights of termination that may be provided elsewhere in this Agreement or in any Order, whether for convenience, for cause or otherwise, and such termination may be based upon the applicable Vendor failure to satisfy particular service levels, specifications, timeframes or performance measurements; and
(B) shall not prohibit, bar or serve as a defense against Company’s ability to seek the protection of equitable remedies such as (without limitation) specific performance and injunctive relief to address the applicable Vendor failure to satisfy particular service levels, specifications, timeframes or performance measurements.
Any financial or other penalties expressly stated in this Schedule or elsewhere this Agreement, or in any Order, with respect to Vendor’s failure to satisfy particular service levels, specifications, timeframes or performance measurements shall not apply (1) to Company’s losses that are also exempt under the SECTION entitled “LIMITATION OF LIABILITY,” and (2) in the event Vendor fails to satisfy service levels, specifications, timeframes or performance measures more than three (3) times in any successive twelve (12) month period. In the event of (1) and (2), Company shall be entitled to seek recovery under all rights and claims available to it at law or in equity.
Proprietary & Confidential | Services Fees –1 | Rev 10/2020 | ||||||
Certain information has been excluded from this agreement (indicated by “[***]”) because such information (i) is not material and (ii) would be competitively harmful if publicly disclosed.
Exhibit 10.2
| Information Security | ||
INFORMATION SECURITY PROGRAM FEATURES
The following topics, as applicable, shall be addressed in Vendor’s Information Security Program:
1. Diagrams. The diagrams shall show the detail of the system architecture including, without limitation, the logical topology of routers, switches, Internet firewalls, management or monitoring firewalls, servers (web, application and database), intrusion detection systems, network and platform redundancy. The diagrams shall include all hosting environments, including those provided by Vendor’s Subcontractors.
2. Firewalls. State the specifications of the firewalls in use and who manages them. Specify the services, tools and connectivity required to manage the firewalls.
3. Intrusion Detection Systems. Describe the intrusion detection system (“IDS”) environment and the security breach and event escalation process. Indicate who manages the IDS environment. Specify the services, tools and connectivity required to manage the IDS environment, and if the IDS network is host based.
4. Change Management. Describe the change management process for automated systems used to provide Services. Describe the process for information handling policies and practices.
5. Business Continuity. Describe the Business Continuity Management Program.
6. System Administration Access Control. Describe the positions that perform administration functions on servers, firewalls or other devices within the application and network infrastructure. Detail level of access needed to perform functions. Describe how application access rights are designed and maintained to ensure separation of duties. Explain the access control mechanisms. Describe the frequency and process by which recurring access review of the system(s) is conducted to ensure permissions are granted on a “need to know” basis. Detail access reports generated and when reports are reviewed periodically. Describe methods used to track/log/monitor the usage of each account.
7. Customer/Employee Access Control. Describe each logon process to be followed by Company customers and employees to obtain access to Services provided to Company. Describe the initial enrollment process for such customers and employees. Describe the password policies and procedures Vendor’s system enforces, including, without limitation, password expiration, length of password, password revocation, invalid logon attempt threshold, etc. Describe methods used to track/log/monitor the usage of each account. Vendor shall demonstrate how a customer, employee or end user authenticates to each application.
(A) Requirements for System Administration Access Controls and Customer/Employee Access Controls (Access Management Requirements).
Ensure that Company minimum required standards are met including but not limited to the following items: Provide documentation on process for granting access to the application. Provide documentation on process for access removal ensuring that all Company revocation timelines are met. Describe the frequency and process by which recurring access review of the system(s) is conducted to ensure permissions are granted on a “need to know” basis (inclusive of separation of duties). Agree that the Vendor will provide Company, upon Company’s request, a file upload of all Company employee entitlement information-including user accounts, service accounts and access entitlement levels. Describe the ID and password policies and procedures Vendor’s system enforces, including, without limitation, password expiration, length of password, password revocation, invalid logon attempt threshold, authentication, inactivity time out, ID strength, etc.
8. Access to Confidential Information in Human-Perceptible Forms. Describe policies, procedures and controls used to protect confidential information when it is printed or in other perceptible forms; how and how often these policies and procedures are reviewed and tested; and what methods are used to ensure destruction of confidential information on hard copy.
9. Operating System Baselines. Describe Vendor’s operating system security controls and configurations. Examples: Operating system services that have been removed because not required by Vendor’s Services to Company. Identify and provide current operating system fixes that have not been applied, if any.
10. Encryption. Describe in detail the technology and usage of encryption for protecting Confidential Information, including passwords and authentication information, during transit and in all forms and locations where it may be stored by Vendor or its Subcontractors.
11. Application and Network Management. Specify the services, tools and connectivity required to manage the application and network environments; who carries out the management functions; and what level of physical security applies to managed devices.
12. Physical Security. For each location where Confidential Information will be processed or stored or Services for Company produced by Vendor, describe in detail the arrangements in place for physical security.
Proprietary & Confidential | Performance Measurements – 1 | Rev 10/2020 | ||||||
Certain information has been excluded from this agreement (indicated by “[***]”) because such information (i) is not material and (ii) would be competitively harmful if publicly disclosed.
Exhibit 10.2
13. Privacy: Describe Vendor’s privacy and security policies.
14. Location of Servers. Describe the location of web servers on the Vendor’s network. If not on a separate segment of the network from the application and database servers, explain the reason this has not been done. At Company’s request, Vendor shall make reasonable efforts to create this separation.
PROTECTION
Vendor shall monitor industry-standard information channels for newly identified system or security vulnerability regarding the technologies and Services provided to Company. Such information channels to monitor must include the following sources:
| Source | URL | Source | URL | ||||||||
| US-CERT | https://www.us-cert.gov/ | OSVDB | http://www.osvdb.org/ | ||||||||
| CERT | http://www.kb.cert.org/vuls/ | SANS | http://isc.sans.org/ | ||||||||
| CVE Details | https://www.cvedetails.com/ | Secunia | http://secunia.com/community/advisories/ | ||||||||
| Exploit DB | http://www.exploit-db.com/ | Vuldb | https://vuldb.com/ | ||||||||
| Mitre | http://cve.mitre.org/ | BugTraq | http://www.securityfocus.com/archive/1 | ||||||||
| NVD | http://nvd.nist.gov/ | ||||||||||
Vendor shall immediately report all known and verified information security vulnerabilities affecting the technologies and Services provided to Company by contacting Bank of America’s InfoSafe team at infosafe@bankofamerica.com or by calling either 1.800.207-2322 (U.S. Domestic) or 1.704.317.5350 (Global), and selecting option 1. Such notification shall include the following information:
CVE – The unique identifier of the vulnerability obtained from Mitre.
Summary – A description of the vulnerability
Exploit result - What could occur if successfully exploited? (i.e., code execution, denial of service, elevation of privilege, etc.)
Was the vulnerability identified by the vendor or a third party?
Is the vendor aware of an exploit for this vulnerability?
Identification of affected product(s)/service(s), including version #
CVSS 3.0 Base & Temporal metrics. For CVSS 3.0 details please refer to – CVSS 3.0 website
To the extent information is not known at the time of notification, Vendor shall promptly update Company when such information becomes known and provide updates to previously provided information.
Additionally, Vendor shall promptly report all such vulnerabilities through the CVE reporting process at Mitre and take all other notification actions in accordance with industry best practice, including promptly reporting the vulnerabilities on Vendor’s website. In addition to any other notification obligations set forth herein, Vendor shall notify the InfoSafe team via email at infosafe@bankofamerica.com no later than 1 hour after publication on Vendor’s website.
Vendor shall fix or patch any such vulnerabilities in an adequate and timely manner, and shall provide Company with all test results for any proposed fix or patch prior to the implementation of such fix or patch. If Company notifies Vendor of any newly identified system or security vulnerability, Vendor shall immediately determine whether its systems are affected by such vulnerability and, if so, comply with the notification and fix/patch requirements of this section. Unless otherwise expressly agreed in writing, “timely” shall mean that Vendor shall introduce such fix or patch as soon as commercially reasonable after Vendor becomes aware of the security problem. This obligation extends to all devices that comprise Vendor’s system, e.g., application software, databases, servers, firewalls, routers and switches, hubs, etc., and to all of Vendor’s other confidential information handling practices.
Proprietary & Confidential | Information Security – 1 | Rev 10/2020 | ||||||
Certain information has been excluded from this agreement (indicated by “[***]”) because such information (i) is not material and (ii) would be competitively harmful if publicly disclosed.
Exhibit 10.2
DETECTION AND RESPONSE
Vendor shall notify Company in accordance with the notification schedule below following discovery of (1) any actual or suspected Personal Data Breach of the Personal Data of any data subject (“Affected Persons”) provided to Vendor by Company under this Agreement including any circumstance pursuant to which applicable law requires notification of such breach to be given to Affected Persons or other activity in response to such circumstance; (2) any actual or suspected breach or compromise of the security, confidentiality, or integrity of Company Confidential Information provided to Vendor by Company under this Agreement; or (3) any actual, attempted, suspected, threatened, or reasonably foreseeable circumstance that compromises, or could reasonably be expected to compromise, either physical security or systems security in a fashion that either does or could reasonably be expected to permit unauthorized processing, use, disclosure, destruction or acquisition of or access to any Company software, work product or any Company Confidential Information developed, maintained, processed or transmitted by Vendor or its agents or Subcontractors in connection with the Services (collectively referred to as a “Security Breach”). Pings or scans of Vendor’s network or systems shall not be considered a suspected breach or compromise under this paragraph unless and until Vendor reasonably suspects that such pings or scans resulted in the breach or compromise of the security, confidentiality, or integrity of the nonpublic Personal Information of any Affected Person or Company’s Confidential Information.
Notification One (1): Vendor shall notify Company immediately but no later than twenty-four (24) hours following the discovery of any Security Breach. Notification to Company of a Security Breach shall precede notifications to any other party except relevant law enforcement.
Notification Two (2): Vendor shall provide updates to Company on the current status of the Security Breach every four (4) hours, or more frequently as warranted by the severity of the Security Breach or the remediation efforts taken by the Vendor to resolve the Security Breach.
Notification Three (3): Vendor shall provide a final notification to Company once the Security Breach has been mitigated, not to exceed four (4) hours from the completion of the remediation efforts.
Vendor shall also notify Company within one (1) hour following the discovery of any security incident or event that has a significant impact on the availability or integrity of the Services, including but not limited to DoS or DDoS attacks (a “Security Event”; a Security Breach and a Security Event are collectively referred to as a “Significant Security Incident”), and shall promptly notify Company upon the restoration of the Services to pre-Security Event levels.
All notifications described above shall be made to the Company Incident Response Team (“InfoSafe”) by calling (800) 207-2322, option 1, or by such other method prescribed by Company from time to time. Callers will be asked to identify themselves as a vendor.
Company reserves the right in its sole discretion to make appropriate privacy breach notifications to Affected Persons and regulators pursuant to federal guidelines, including but not limited to the Interagency Guidance on Response Programs for Unauthorized Access to Customer Information and Customer Notice, and/or state laws or regulations. To assist Company in such notifications, Vendor shall include a brief summary of the available facts, the status of any investigation, and, if known, the potential number of Affected Persons. With the exception of communications with applicable law enforcement agencies, Vendor agrees that it shall not communicate with any third party, including, but not limited to the media, vendors, consumers, and Affected Persons regarding any Security Breach involving Company Confidential Information without the express written consent of Company; provided, however, if Vendor needs to communicate with a third party regarding such Security Breach, Vendor may communicate with such third party without the consent of Company provided that Vendor does not disclose or provide any information that informs, suggests, implies or leads such third party to believe that such Security Breach involved Company or Company’s Confidential Information or such third party is subject to a non-disclosure agreement with the Vendor.
Vendor agrees to fully reimburse Company for the cost of providing to Affected Persons appropriate credit monitoring services for two (2) years. In addition, all costs associated with any Security Breach, including but not limited to, the costs of the notices to, and credit monitoring for, Affected Persons, preparation and mailing or other transmission of legally required notifications; preparation and mailing or other transmission of such other communications to customers, agents or others as Company deems reasonably appropriate; establishment of a call center or other communications procedures in response to such Security Breach (e.g., customer service FAQs, talking points and training); public relations and other similar crisis management services; and legal and accounting fees and expenses associated with Company’s investigation of and response to such event shall be the sole responsibility of Vendor.
Vendor shall cooperate fully with all Company security investigation activities related to any Significant Security Incidents. Vendor shall maintain, in accordance with the Bank Security Requirements, all records and logs of that portion of Vendor’s network that stores or processes Company Confidential Information. Following a Significant Security Incident, Vendor shall maintain such records and logs for a mutually agreed-upon additional length of time and, upon request, afford Company reasonable access to such records and logs. Company may review and inspect any record of system activity or Company Confidential Information handling upon reasonable prior notice. Vendor acknowledges and agrees that records of system activity and of Confidential Information handling may be evidence (subject to appropriate chain of custody procedures) in the event of a Significant Security Incident or other inappropriate activity. Upon the request of Company, Vendor shall deliver the originals or properly authenticated copies of such records to Company for use in any legal, investigatory or regulatory proceeding.
Proprietary & Confidential | Information Security – 2 | Rev 10/2020 | ||||||
Certain information has been excluded from this agreement (indicated by “[***]”) because such information (i) is not material and (ii) would be competitively harmful if publicly disclosed.
Exhibit 10.2
INFORMATION DESTRUCTION AND RETURN REQUIREMENTS
Overall Requirements
Unless Vendor is directed to return Company Confidential Information and data, Vendor shall destroy all Company Confidential Information and data at all locations where it is stored after it is no longer needed for performance under this Agreement or to satisfy regulatory or retention requirements. Vendor must have in place or develop information destruction schedules and processes that meet the Bank Security Requirements and that must be used in all cases when Company Confidential Information and data is no longer needed. These information destruction requirements are to be applied to paper, microfiche, disks, disk drives, tape and other destroyable electronic or digital media containing Company Confidential Information and data.
Paper and Other Shreddable Media
Paper and other shreddable media includes paper, microfiche, microfilm, compact disks (CDs) and any other media that can be shredded. This media must be shredded using shredding techniques or machines such that Company Confidential Information and data in this media is completely destroyed as set forth herein when Vendor is finished with the Company Confidential Information and data contained thereon and it is no longer needed. This media may be shredded immediately or temporarily stored in a highly secured, locked container. The media may be shredded at a location other than Vendor's facilities; however it must be transferred in a highly secured, locked container. Vendor is responsible for supervising the shredding regardless of where the shredding activity occurs and by whom the shredding is performed. Company Confidential Information and data in this media must be completely destroyed by shredding such that the results are not readable or useable for any purpose.
Electronic Media
Electronic media includes, but is not limited to, disk drives, diskettes, tapes, universal serial bus (USB) and other media that is used for electronic recording and storage. This media is to be wiped or degaussed using a wipe or degaussing tool that complies with the Bank Security Requirements. Wiping uses a program that repeatedly writes data to the media and thereby destroys the original content. Degaussing produces an electronic field that electronically eliminates the original data and clears the media. These techniques must meet the Bank Security Requirements. The resulting media must be free from any machine or computer content readable for any purpose.
Certification
These processes must be documented as a procedure by Vendor and should outline the techniques and methods to be used. The procedure must also indicate when and where Company Confidential Information and data is to be destroyed. Vendor shall keep records of all Company Confidential Information and data destruction completed and provide such records to Company upon request.
Return of Confidential Information
When Vendor is instructed by Company to return Company Confidential Information and data, such Confidential Information and data shall be returned to Company, or such other party as directed by Company, (i) at no additional expense to Company, and (ii) unless a specific format is requested by Company, in a format reasonably acceptable to Company.
Proprietary & Confidential | Information Security – 3 | Rev 10/2020 | ||||||
Certain information has been excluded from this agreement (indicated by “[***]”) because such information (i) is not material and (ii) would be competitively harmful if publicly disclosed.
Exhibit 10.2
| Background Checks | ||
BACKGROUND SCREENING GUIDELINES
1.As provided in the SECTION entitled “VENDOR PERSONNEL,” prior to assignment of a Vendor or Subcontractor employee or contract laborer (“Contract Person” in this Schedule) to the Services, Vendor shall administer and comply with, and shall ensure that Vendor’s Subcontractors administer and comply with, the background screening requirements as set forth below or with such other requirements as may be set forth in a Local Participation Agreement or Order relating to Services to be performed and/or delivered outside the United States.
(a)Validate United States citizenship and/or certification to work in the United States. The Vendor or Subcontractor Contract Person shall not be assigned to Company’s account if Vendor or Subcontractor is unable to confirm United States citizenship or obtain proper evidence of certification to work in the United States.
(b)Search the Contract Person’s social security number to verify the accuracy of the individual’s identity. Vendors with employees providing Services to Bank of America on U.S. federal contracts must enroll in E-Verify and, upon request must provide Bank of America with a copy of its “Company Information Profile” page in E-Verify as proof of enrollment. E-Verify is an Internet-based system that compares information from an employee's Form I-9, Employment Eligibility Verification, to data from U.S. Department of Homeland Security and Social Security Administration records to confirm employment eligibility. The Vendor or Subcontractor Contract Person shall not be assigned to Company’s account if Vendor or Subcontractor is unable to verify the accuracy of the individual’s identity.
(c)Conduct or obtain a comprehensive criminal background check of all criminal court records (misdemeanor and felony in federal courts and state courts) in each venue of the Vendor or Subcontractor Contract Person’s current and previous home addresses for the past ten (10) years prior to the date of being assigned to provide any of the Services, unless local or state laws or regulations mandate a lesser period. Subject to the SECTION entitled “VENDOR PERSONNEL,” the Vendor or Subcontractor Contract Person shall not be assigned to Company’s account if Vendor or Subcontractor’s criminal background check discloses matters set forth in the SECTION entitled “VENDOR PERSONNEL,” subsection 13.5 (a)-(c), inclusive.
2. If a Vendor or Subcontractor Contract Person had a break in continuous service with the Vendor or Subcontractor of longer than ninety (90) consecutive days, then Vendor or Subcontractor shall perform a new background check according to the requirements in #1 above, prior to re-assignment of the Contract Person to the Services.
3.If required for the role or Services and requested by the applicable Company business unit for which the Services are being provided, Vendor or Subcontractor will verify completion of any post high school education or degrees (i.e., B.A., B.S., Associate, or professional certifications).
4.Any other additional checks that Company may require will be submitted to Vendor for review, and Vendor will be allowed a reasonable and mutually agreed upon timeframe to implement such additional checks for Vendor and Subcontractor Contract Persons. In the event Company determines in its sole discretion that additional checks need to be conducted on currently engaged Vendor or Subcontractor Contract Persons, such checks shall be at Company’s expense based upon a mutually agreed process and timeline as evidenced in writing.
(a)Contract Persons of Vendor or Subcontractors who are placed within the Consumer Real Estate/Mortgage business and any other lines of business that may have similar requirements may have additional databases checked upon Company’s request and at Company’s discretion as part of the Financial Sanctions Search, such check to be administered by a Company’s preferred service provider.
(b)In the event Company requests, in its sole discretion, Financial Industry Regulatory Authority (FINRA) fingerprint screening and/or FBI fingerprint screening, such fingerprint screening will be managed and paid for by Company, provided, however, that Vendor shall be obligated to obtain from each affected Vendor or Subcontractor Contract Person a completed background check and fingerprint authorization in a form reasonably acceptable to the Parties and compliant with any applicable laws.
Proprietary & Confidential | Information Security – 4 | Rev 10/2020 | ||||||
Certain information has been excluded from this agreement (indicated by “[***]”) because such information (i) is not material and (ii) would be competitively harmful if publicly disclosed.
Exhibit 10.2
| Recovery | ||
1. Vendor’s Business Continuity Management Program (“BCM Program”) shall include, but not be limited to, on-going proper risk identification and controls, planning, testing, response and recovery strategy procedures with executive governance. The Business Continuity Plan shall include, but not be limited to, recovery and contingency plans, recovery strategies, loss of critical personnel and vital records protection covering all areas of Vendor’s operations necessary to deliver the Services pursuant to this Agreement. The Business Continuity Plan shall also provide, without limitation, for off-site backup of critical data files, Confidential Information, software, documentation, forms and supplies as well as alternative means of transmitting and processing Confidential Information. The BCM Program must contain testing and validation of the Business Continuity Plan, and response and recovery procedures.
2. The recovery strategy shall provide for recovery after both short and long term disasters and disruptions in facilities, environmental support, workforce availability, and data processing equipment. Although short term outages can be protected with redundant resources and network diversity, the long term strategy must allow for total destruction of Vendor’s business operations for a period of six (6) months or longer and set forth a recovery strategy. If Vendor provides critical products or services, as determined by Company in its sole discretion, Vendor’s recovery strategy must also provide for recoverability during periods lasting up to three (3) months of the potential unavailability of up to fifty percent (50%) of Vendor’s workforce.
3. Vendor’s recovery objectives shall not exceed the following during any recovery period:
A. Recovery Time Objective (RTO) (the time period within which the Services must be restored after a disaster or disruption event): 10.5 Hours
B. Recovery Point Objective (RPO) (maximum amount of acceptable data loss, measured in hours or minutes preceding a disaster or disruption event): 1 Hour
In the event Company requires a change, Company agrees to work with Vendor to determine a mutually agreeable date for Vendor to match the new recovery objectives, if necessary.
4. Vendor shall continue to provide service to Company within the established recovery objectives if Company activates its contingency plan or moves to an interim site to conduct its business, including during tests of Company's contingency operations plans.
5. If requested, Vendor shall allow Company, at its own expense, to observe and participate in, subject to Vendor’s reasonable security policies and procedures, a scheduled test of Vendor’s BCM Program and applicable Business Continuity Plan.
6. Vendor must provide Company the opportunity to review and evaluate evidence of capability to meet any applicable regulatory requirements concerning Vendor’s BCM Program and Business Continuity Plan.
7. If requested by Company, Vendor shall participate in Company’s application resiliency program. Participation includes the validation of Vendor’s recovery strategy through a full-scale test where applications must failover production workload to an alternate site for a minimum duration of five (5) consecutive days.
Proprietary & Confidential | Background Checks – 1 | Rev 10/2020 | ||||||
Certain information has been excluded from this agreement (indicated by “[***]”) because such information (i) is not material and (ii) would be competitively harmful if publicly disclosed.
Exhibit 10.2
| USE of CLOUD SERVICES | ||
The following provisions shall apply to and be a requirement of Vendor’s use of Cloud Services (as defined below) to store or process Company Confidential Information in relation to the performance of Services under this Agreement. The Cloud Provider (as defined below) shall be considered a Subcontractor under the Agreement and the terms of this Schedule entitled “USE of CLOUD SERVICES” shall be in addition to any Subcontractor requirements in the Agreement; provided, however, that the provisions of this SCHEDULE entitled “USE OF CLOUD SERVICES” shall prevail in the event of any express conflict with any information protection term in the Agreement applying to Vendor’s use of a Subcontractor generally.
1.For the purposes of this Schedule entitled “USE of CLOUD SERVICES”, the following definitions apply:
A.Cloud Provider means the third party approved by Company in accordance with Section 3 below, providing the Cloud Services to the Vendor.
B.Cloud Services means information technology services, including Software as a Service (SaaS), Infrastructure as a Service (IaaS) and Platform as a Service (PaaS), delivered or provided via the Internet from a Cloud Services Platform.
C.Cloud Services Platform means the hardware, software, infrastructure, facilities and operating environment used by the Cloud Provider to provide the Cloud Services.
2.Vendor agrees that it will provide Company with at least three (3) months prior written notice before Vendor stores or processes any Company Confidential Information with a new, additional or replacement third party provider of Cloud Services. Such notice shall include the name of the third party, the Cloud Services such third party will provide under this Agreement, and the geographic locations where Company’s Confidential Information will be stored or processed. Vendor also agrees to promptly provide any information requested by Company regarding the cloud provider, the Cloud Services and the Cloud Services Platform, including, but not limited to, information about cloud provider’s information security program.
3.Vendor acknowledges and agrees that Vendor may not use a third party’s Cloud Services Platform to store or process Company Confidential Information without the prior written consent of the Company Relationship Manager after receipt of the required notice under Section 2 above. Upon Vendor’s receipt of such written consent from Company, such third party identified in the required notice in Section 2 above shall be considered a Cloud Provider under this Schedule entitled “USE of CLOUD SERVICES.” Vendor agrees that consent of Company under this Section 3 shall be at the sole discretion of Company and may be subject to certain additional terms and conditions required by Company.
4.Vendor agrees to immediately notify Company if:
D.Vendor receives notice from Cloud Provider that Cloud Provider is acquiring, merging with, or being acquired by, another entity;
E.Cloud Provider (i) ceases operations for any reason, or (ii) becomes insolvent (generally unable to pay its debts as they become due) or the subject of a bankruptcy, conservatorship, receivership or similar proceeding, or makes a general assignment for the benefit of its creditors;
F.Cloud Provider withholds, for any reason, Vendor’s access to the Cloud Services and/or any Company Confidential Information stored on the Cloud Services Platform;
G.Vendor receives notice from Cloud Provider of a breach or compromise involving Company Confidential Information under Section 6.F below or otherwise learns of such event;
H.Vendor receives notice from Cloud Provider of any actual or threatened requirement of law or any government data request under Section 6.G below that may require Cloud Provider to seize or disclose Company Confidential Information; or
I.Vendor receives or provides any notice of termination of Vendor’s agreement with Cloud Provider.
5.Vendor shall:
Proprietary & Confidential | Use of Cloud Services – 1 | Rev 10/2020 | ||||||
Certain information has been excluded from this agreement (indicated by “[***]”) because such information (i) is not material and (ii) would be competitively harmful if publicly disclosed.
Exhibit 10.2
A.Have a program to actively manage Cloud Provider and to assess how Cloud Provider secures and protects information and data stored or processed on its Cloud Services Platform, including, but not limited to:
(1)Obtaining and reviewing on at least an annual basis, Cloud Provider’s most current SOC 2, Type II audit report (or successor audit report) and/or other available equivalent independent third party audit reports (collectively, the “Cloud Provider Audit Reports);
(2)Mapping Vendor’s Information Security Program to the controls and associated testing results in the Cloud Provider Audit Reports. Any gaps identified during the mapping (each a “Control Gap”) shall be listed in an assessment report (the “Assessment Report”) with an explanation of the risk associated with each Control Gap. Vendor shall use commercially reasonable efforts to address each Control Gap with the Cloud Provider. Vendor shall include in the Assessment Report an explanation of how each Control Gap was remediated, including any compensating and mitigating controls;
(3)Verifying Cloud Provider’s remediation of any testing exceptions contained in the Cloud Provider Audit Reports;
(4)If permitted by Cloud Provider, inspecting at least annually, Cloud Provider’s Cloud Services Platform and data handling procedures; and
(5)Performing periodic vulnerability and/or penetration testing (hereinafter referred to as a “Vulnerability Assessment”) in accordance with the Bank Security Requirements, on any application(s) hosted by Cloud Provider on its Cloud Services Platform and used by Vendor to store or process Company Confidential Information.
J.Provide Company, at Company’s request, information on Vendor’s program to manage and assess Cloud Provider under Section 5.A. above, including an opportunity to review a copy of the Assessment Report and the results of any Vulnerability Assessment performed under Section 5.A(5) above. If Company determines that any Control Gap presents a critical risk to the confidentiality, availability or integrity of Company Confidential Information or systems, and such Control Gap was not adequately remediated, or cannot be remediated within a mutually agreed upon time period, then Company may immediately terminate this Agreement without additional cost or penalty.
K.Ensure Cloud Provider stores or processes all Company Confidential Information in one (1) or more of the fifty (50) states of the United States of America or in the District of Columbia, unless Company agrees in advance in writing.
L.Upon Company’s reasonable, written request:
(6)If permitted by Cloud Provider, secure permission from Cloud Provider for Company to review and evaluate Cloud Provider’s information security program and to visually inspect Cloud Provider’s Cloud Services Platform and data handling procedures. In lieu of such review and inspection, at Company’s election, Vendor shall provide Company with an opportunity to review a copy of the Assessment Report and the results of any Vulnerability Assessment performed under Section 5.A(5) above.
(7)If Cloud Provider is hosting an application(s) on its Cloud Services Platform that is used by Vendor to store or process Company Confidential Information, secure permission from Cloud Provider for Company to perform a Vulnerability Assessment on such application(s). Notwithstanding the foregoing, if Cloud Provider will only permit a third party security assessment firm to conduct the Vulnerability Assessment, Vendor shall contract with a third party security assessment firm, selected from Company’s most current list of approved security assessment firms, to conduct the Vulnerability Assessment. Such Vulnerability Assessment shall be conducted in a non-production environment using production equivalent security controls. Any Vulnerability Assessment conducted by a third party shall use a methodology and scope that complies with Company’s most current Ethical Hacking Guidelines (or any successor guidelines) and Vendor shall provide Company with the opportunity to review the resulting report prepared by such third party security assessment firm.
6.Vendor’s agreement with Cloud Provider shall:
Proprietary & Confidential | Use of Cloud Services – 2 | Rev 10/2020 | ||||||
Certain information has been excluded from this agreement (indicated by “[***]”) because such information (i) is not material and (ii) would be competitively harmful if publicly disclosed.
Exhibit 10.2
B.Provide that (i) between Vendor and Cloud Provider, Vendor owns, either for itself or on behalf of its clients, all information and data Vendor stores or processes on Cloud Provider’s Cloud Services Platform, and (ii) Cloud Provider has no right to use, access or disclose such information and data, including aggregated or de-identified data, without Vendor’s prior written consent unless required by applicable law.
C.Contain performance-level requirements that will allow Vendor to meet any applicable Service Levels attached to this Agreement.
D.Contain business continuity and disaster recovery provisions that will allow Vendor to meet or exceed the recovery objectives (Recovery Time Objective and Recovery Point Objective) listed in the Schedule entitled “RECOVERY” attached to this Agreement.
E.Permit Vendor and Company (in accordance with Section 9 below) to immediately access, retrieve and destroy all information and data Vendor stores or processes on Cloud Provider’s Cloud Services Platform.
F.Require Cloud Provider to communicate Cloud Provider’s security and privacy policies to all Cloud Provider personnel that have access to the information and data Vendor stores or processes on Cloud Provider’s Cloud Services Platform.
G.Require Cloud Provider to have a security incident response plan that (i) requires Cloud Provider to notify Vendor promptly and without undue delay following the discovery of any breach or compromise of any information or data Vendor stores or processes on Cloud Provider’s Cloud Services Platform, including, but not limited to, any unauthorized access to, alteration, destruction or misuse of such information or data by Cloud Provider personnel, and (ii) requires Cloud Provider to provide regular updates to Vendor regarding such breach or compromise.
H.Require Cloud Provider to promptly notify Vendor of any actual or threatened requirement of law (for example, a subpoena) or any government data request that may require Cloud Provider to disclose or seize information or data Vendor stores or processes on Cloud Provider’s Cloud Services Platform upon receiving actual knowledge thereof and prior to any disclosure, and to cooperate with Vendor’s reasonable, lawful efforts to resist, limit or delay disclosure.
I.Permit Vendor to specify in what country or countries Vendor’s information or data must be stored or processed.
J.Require Cloud Provider’s subcontractors that have access to the Cloud Services Platform or information stored or processed on the Cloud Services Platform to have an information security program that is periodically assessed by Cloud Provider.
K.Require Cloud Provider to have a vulnerability management program to fix or patch newly identified vulnerabilities in a timely manner based upon risk.
7.Vendor acknowledges and agrees that all Company Confidential Information Vendor stores or processes on the Cloud Services Platform, and any results of processing such Company Confidential Information or derived in any way therefrom, shall at all times remain the property of Company.
8.Vendor agrees to ensure that all Company Confidential Information while stored or processed on the Cloud Services Platform is (a) encrypted in transit, in motion and at rest, using an encryption method and standard that meets or exceeds Bank Security Requirements; and (b) logically separated from information and data of Vendor’s and Cloud Provider’s other clients. Vendor must ensure Cloud Provider utilizes a hardware security module (“HSM”) for key management (i) that complies with the Bank Security Requirements, and (ii) with Vendor or Company controlling the master key.
9.Vendor agrees, upon Company’s request, to allow Company to immediately access and retrieve any Company Confidential Information stored on the Cloud Services Platform. Vendor agrees that upon receiving such request, to immediately provide Company with the necessary instructions, including any required access codes, to allow Company to access and retrieve Company Confidential Information from the Cloud Services Platform.
10.Upon Company’s request to destroy Company Confidential Information stored on the Cloud Services Platform, Vendor shall ensure all such Company Confidential Information is completely destroyed in accordance with the Bank Security Requirements and is unable to be recovered from the Cloud Services Platform by Cloud Provider or any other party by any means. Upon completion of such destruction, Vendor shall provide a certification to Company as to its compliance with this Section 10.
Proprietary & Confidential | Use of Cloud Services – 3 | Rev 10/2020 | ||||||
Certain information has been excluded from this agreement (indicated by “[***]”) because such information (i) is not material and (ii) would be competitively harmful if publicly disclosed.
Exhibit 10.2
11.Upon expiration or termination of Vendor’s agreement with Cloud Provider for any reason during the Term of this Agreement and following the transfer of all Company Confidential Information stored on the Cloud Services Platform to either (a) a new Cloud Provider approved by Company in accordance with Section 3 above, (b) Vendor, or (c) Company, Vendor shall ensure all Company Confidential Information is completely destroyed from the Cloud Services Platform in accordance with the Bank Security Requirements and is unable to be recovered from the Cloud Services Platform by Cloud Provider or any other party by any means. Upon completion of such transfer and destruction, Vendor shall certify as to its compliance with this Section 11.
12.Failure of the Cloud Provider to provide the Cloud Services to Vendor, for any reason, including but not limited to a force majeure event, shall be addressed in Vendor’s Business Continuity Plan.
Proprietary & Confidential | Use of Cloud Services – 4 | Rev 10/2020 | ||||||
Certain information has been excluded from this agreement (indicated by “[***]”) because such information (i) is not material and (ii) would be competitively harmful if publicly disclosed.
Exhibit 10.3
Statement of WorkContract ID Number:
| Statement of Work (SOW) Cover Sheet | ||
| BANA SOW Number | |||||
| Vendor SOW Number | Not applicable | ||||
| BANA Master Agreement Number | CW1649578 | ||||
| Effective Date | Upon date of last Signature | ||||
| Expiration Date | 07-31-2025 | ||||
| Vendor Name | Cardlytics, Inc. | ||||
| Vendor Contact Name | [***] | ||||
| Vendor Contact Phone Number | [***] | ||||
| Vendor Contact Email Address | [***] | ||||
| Vendor Contact Mailing Address | 675 Ponce de Leon Ave., Suite 6000, Atlanta, Georgia 30308 | ||||
Certain information has been excluded from this agreement (indicated by “[***]”) because such information (i) is not material and (ii) would be competitively harmful if publicly disclosed.
Exhibit 10.3
Statement of WorkContract ID Number:
This Statement of Work (“SOW”) defines the scope of work to be accomplished by Cardlytics, Inc. (“Vendor”) under the terms and conditions of Bank of America Master Agreement Number
CW1649578 (“Agreement”), effective as of the Effective Date as stated above, by and between Bank of America, N.A. (“Company”) and Vendor. The tasks to be performed by Vendor are defined and an estimated schedule is provided. In addition, the responsibilities of Company are listed.
The following are incorporated in and made a part of this SOW:
APPENDIX A. Statement of Work Change Control Procedure
APPENDIX B. Statement of Work Change Order Form
APPENDIX C. Statement of Work Change Order Log
APPENDIX D. Vendor Reports and Data Fields
1.SOW Changes
Changes to this SOW will be processed in accordance with the procedure described in Appendix A. SOW Change Control Procedure.
2.Definition of Terms, Acronyms, and Abbreviations Used in this SOW
All capitalized terms used in this SOW not defined in this Section shall have the meanings set forth in the Sections of the Agreement in which they are defined. The meaning of the terms defined in this section shall apply only to this SOW and any Change Orders.
1.“Allowable Expenses” means, for any Measurement Period, the aggregate amount of expenses incurred for the following as approved by Company:
i. [***]
ii. [***]
iii. [***]
2.[***] “Company Referred Content Provider” means a Content Provider that Company referred to Vendor for the purpose of promoting Offers to Users with which Vendor has not had an active relationship or contract within the last [***] months, and which Vendor acknowledges shall serve as a Company Referred Content Provider for the purposes of this SOW.
3.“Content Provider” means a third party that provides Offers to Users, and which Company approves to present to Users, which may be (1) a merchant that desires to provide an Offer for their products or services via Vendor (e.g., a restaurant, a home-improvement store, a CPG brand), or (2) a third-party-content source or aggregator that allows Vendor to display the selected content via Vendor to Company. The Parties acknowledge that Company may engage with a merchant, third-party content source or aggregator that provides offers to Company outside of Vendor and the terms of this SOW. For clarity, any merchant is only considered a “Content Provider” for purposes of the specific offers or content that they provide through Vendor under the Service, and not for purposes of any other content (Offers, services, or products), that the same merchant provides to Company either directly or through any source other than Vendor.
4.“Financial Package” means Vendor provided monthly package detailing activity, payments and collections based on prior month and historical performance.
5.“Measurement Period” means a calendar month.
6.“Offer” means a deal tile that is provided by Vendor and presented to Company Users, and which may include market products, services, coupons, discount offers, and other marketing communications, including without limitation the new advertising campaigns from time to time developed by Vendor. While Offers are provided by Vendor, the Parties acknowledge that Company may source other Offers from third parties outside the terms of this SOW, and said Offers are not within the scope of this SOW. For clarity, any merchant is only considered a “Content Provider” for purposes of the specific offers or content that they provide through Vendor under the Service, and not for purposes of any other content (Offers, services, or products), that the same merchant provides to Company either directly or through any source other than Vendor.
7.“Privacy Partner” means a Company approved trusted third-party such as Equifax, Experian, and Acxiom/Live Ramp that anonymously connects Vendor IDs to IDs provided by other entities
8.“Receivables” means the aggregate amount of Total Revenue billed by Vendor to its Content Providers, net of any Revenue Adjustments, which remains uncollected as of any measurement date.
9.“Receivables Adjustment” means, for purposes of adjusting Total Revenue for the portion not collected by Vendor from its Content Providers, an adjustment calculated by subtracting (x) Receivables on the last day of the current Measurement Period from (y) Receivables on the last day of the preceding Measurement Period. If the Receivables Adjustment is positive, it shall be added to Total Revenue. If the Receivables Adjustment is negative, it will be subtracted from Total Revenue.
10.“Redemption Rate” means the number of Offers redeemed divided by the total number of Offers presented.
Certain information has been excluded from this agreement (indicated by “[***]”) because such information (i) is not material and (ii) would be competitively harmful if publicly disclosed.
Exhibit 10.3
Statement of WorkContract ID Number:
11.“Revenue Adjustments” includes invoice credits granted by Vendor to its Content Providers for any of the following and shall be subtracted from Total Revenue: Fee discounts, rebates, adjustments, disputed fee invoices.
12.“Revenue Share Amount” means the amount as calculated below in the Service Payments section below.
13.“Revenue Share Percentage” means the applicable percentage as set forth in the Service Payments section below
14.“Reward Summary Offers” means Offers served in a summary format of all Offers available to the individual User.
15.“Rewards” means the economic value of rewards earned by Users.
16.“Term” shall mean the term of this SOW.
17.“Total Redemptions” means total number of redemptions in a calendar month.
18.“Total Revenue” means the aggregate amount of fees billed by Vendor as applicable to its Content Providers and actually collected during the Measurement Period for advertising, Offer placement, and any other activities directly related to the Service and directly identified with, or allocable to, Users; however, the following are not included in Total Revenue and are not to be any part of Revenue Share: (i) User Incentives, and (ii) any markup amounts or other sums charged or received by other third parties that are not collected by Vendor.
19.“User” means a Company account holder that is served an Offer from Vendor in a calendar month regardless of delivery channel.
20.“User Incentive” means the stated or calculated cash value earned by a User upon redemption of an Offer, based upon the value currency of the Offer, including cash, points, miles, or any other rewards currency offered by Company.
21.“User Incentive Adjustments” means, for any Measurement Period, the aggregate amount of the following:
i.Adjustments to User Incentives awarded in the current or any previous Measurement Period resulting from any of the following:
1.Correction of errors by Vendor in the calculation of any User Incentives.
2.Resolution of User disputes regarding determination of User Incentives.
3.Other adjustments to User Incentives mutually agreed to by Company and Vendor.
1.“User Incentive Amount” means (x) the aggregate amount of User Incentives for a Measurement Period (y) plus or minus, as the case may be, the User Incentive Adjustments.
2.“Vendor OPS” means the Vendor Offer Platform System installed on Company’s servers in Company’s data center.
3.“Vendor TMS” means the Vendor Targeted Marketing System which manages the matching, serving and redemption of Offers
3.Description and Scope of the Project
Service Overview: For purposes of this SOW, Vendor will offer the following services to Company (each a “Service” and collectively the “Services”) and will pay Company Revenue Share Amount on such Services as outlined in the Service Payments section:
i.On-Platform Services.
Vendor shall provide Offers via certain Company distribution channels, including Company online banking, mobile applications, and emails offered via Company channels, and in connection with these Offers shall provide analytics, assessments, consumer groupings, insights, market information reports or marketing services (in any such instance, from which individual consumer identities have been removed such that any information is not linked or reasonably linkable to any consumer or household, including via a device or other physical object that is capable of connecting to the Internet, directly or indirectly, or to another device) (“On-Platform Analytics”), to Content Providers incorporating Company data subject to the terms of this SOW and the Agreement (collectively, the “On-Platform Services”).
Additional Service Terms:
Vendor has developed Services that enable Company to target end-users of Company’s debit and credit cards. Activities of Vendor and Company pertaining to the promotion and operation of the Services shall include, but is not limited to, the standard offering of Vendor as it is from time to time revised and enhanced by Vendor, including without limitation those features and services detailed in this SOW and any agreements executed by both parties hereafter.
Certain information has been excluded from this agreement (indicated by “[***]”) because such information (i) is not material and (ii) would be competitively harmful if publicly disclosed.
Exhibit 10.3
Statement of WorkContract ID Number:
Vendor shall provide the Services with respect to Offers, including the development of advertising campaigns. Vendor shall be solely responsible for billing and collecting User Incentives and advertising fees from its Content Providers. User incentives and revenue share with respect to Content Providers shall be paid as described below in the Service Payments section.
During the Term, Vendor shall provide a dedicated team to Company consisting of a sufficient number of resources with the appropriate skill set to complete the work necessary to provide the Service. This team will be solely dedicated to Company and will not work on any other Vendor customer.
The Offers will be hosted by Company.
Company will have sole discretion over which Offers to display. Notwithstanding the foregoing, the Parties agree that Company will not have any right to change the specific content or copy within an Offer.
4.Out of Scope Activities for each Party
Intentionally Left Blank
5.SOW Term
This SOW shall be in effect from the Effective Date through the Expiration Date indicated on the cover page unless terminated earlier or extended under the terms of the Agreement.
6.Location of Work and Facilities
Intentionally Left Blank
7.Favorable Terms
During the Term the net economic value, where net economic value is calculated as [***], [***] will be [***]
8.Vendor Responsibilities
Responsibilities of Vendor are listed below.
Task Deliverables
Vendor shall provide the following deliverable(s) to Company:
Task Deliverable: Development of On-Platform Services for Vendor TMS
Vendor will develop the systems, technologies, relationships, and training to enable Company to electronically accept and process Offers through the Vendor TMS. This process will involve linking the Vendor TMS to Company and installing Vendor OPS on Company’s servers in Company’s data center.
Certain information has been excluded from this agreement (indicated by “[***]”) because such information (i) is not material and (ii) would be competitively harmful if publicly disclosed.
Exhibit 10.3
Statement of WorkContract ID Number:
Task Deliverable: Vendor TMS Service Processes
Vendor will operate and manage the On-Platform Services to and for Company and its Content Providers, which Services will take the following form and also as may be further described in this and other schedules:
i.Vendor is responsible for the design, development, maintenance, and on-going enhancement of the Vendor TMS.
ii.Company acknowledges Vendor utilizes sales materials where Company marks are included in efforts to secure Content Providers. All materials that include Company marks must be pre-approved by Company. These materials may be approved in template form. Authorized templates are required to be approved at a minimum annually. Any changes to authorized templates must be approved in advance of use.
iii.Vendor will form relationships with its Content Providers and obtain and publish Offers available for Users to Company.
22.Vendor will develop [***] seasonal concepts throughout the year such as spring home improvement, back-to-school, and summer vacation planning
23.Vendor will provide real time messaging capabilities and enhance such capabilities to allow Company to deliver ‘missed reward’ notifications.
24.Subject to Company providing the relevant User identification information, Vendor will ensure a minimum amount of content is aspirational in nature for the relevant User segment as outlined below. Aspirational content means content from Content Providers that is reasonably considered to be desirable to the relevant customer segment (e.g., Brooks Brothers for Preferred or Office Depot for Small Business).
Customer Segment (as defined and updated by Company) | Minimum Aspirational Content | ||||
| Preferred | [***]% | ||||
| GWIM | [***]% | ||||
| Small Business | [***]% | ||||
iv.Vendor will be solely responsible for setting ad pricing with its Content Providers pursuant to separate agreements between Vendor and its Content Providers that shall not be considered beneficiaries of this SOW.
v.Vendor will operate the Vendor TMS so that it enables its Content Providers to manage market campaigns. Vendor or Content Providers will build advertising campaigns that target Users with particular spend behaviors based on then-current Company Offer approval guidelines.
vi.Vendor will screen its Content Providers’ Offers to ensure that they meet Company media and message standards. Vendor will also conduct ongoing monitoring of its Content Providers for any developments that may result in reputational, regulatory, or other risks to Company or Company Users, and will take all necessary action to mitigate any such risks detected, including immediate notification to Company of the risk identified. Company will have the ability to control Content Provider advertising campaigns in the following manner:
25.Company can eliminate any Content Provider or category of Content Providers from placing Offers to Company. These exclusions will be identified by Company before launching the Vendor Service and will be excluded forever unless Company requests changes, additions, or deletions from the Content Provider exclusions.
26.Company will have access to a review queue where they can preview all Offers that are scheduled to be published to Company. Offers will be in the review queue until Company has approved such offers. Company will make reasonable efforts to approve or disapprove offers within [***] unless mutually agreed between Company and Vendor. Company has the right to veto any Content Provider or Offer for any reason. Publishing of Offers without Company approval shall be considered a breach of this SOW.
vii.Vendor will install and assist Company in operating the Vendor OPS that will be hosted with Company’s data center.
viii.Vendor will provide technology support to Company for problems arising solely out of the Vendor TMS.
ix.Vendor will provide dedicated client management support to Company.
x.Vendor will receive from Company and review and resolve relevant customer care tickets for customer payment inquiries.
xi.Vendor will provide integration work and training on the Vendor TMS as necessary for activities under this SOW.
xii.Vendor will continue to enhance the Vendor TMS to extend value to Company and create additional earnings for Company.
Certain information has been excluded from this agreement (indicated by “[***]”) because such information (i) is not material and (ii) would be competitively harmful if publicly disclosed.
Exhibit 10.3
Statement of WorkContract ID Number:
Task Deliverable: Process for Escalating Production Support Issues
Company will submit Production Support Issues through email to [***]. This email distribution group will be monitored [***]. Additionally, in the event of a Severity 1 or 2 issue, in addition to emailing, Company shall call Vendor’s production support line at 1[***].
It will be the responsibility of the active – on call member to acknowledge the Company’s request within the first [***] minutes.
The first responder will escalate the issue to the relative on-call technician (“On-Call Technician”) to begin troubleshooting the issue. The On-Call Technician will assign a severity level, as approved by Company, to the issue, and follow the below Service Level Agreement (“SLA”). If the below SLA elapses, the On-Call Technician will escalate to the next level following the below escalation chart.
The on-call technician will communicate to the party (or parties) on the original issue email following the below communication SLA. On-Call Technician will use all available resources in an attempt to resolve the issues.
Upon successful resolution of a Severity 1 or Severity 2 issue as confirmed by Company, the on-call technician will provide a follow-up email to the party (or parties) and any relative business units within Vendor, with a detailed description of the issue, what the identified root cause was, as outlined in the Production Issue Root Cause Analysis SLA within the SLA table.
Task Deliverable: Reports
Vendor shall provide Company reports in a manner approved by Company on the Company/Vendor Program that include but are not limited to the list below and the information set forth in APPENDIX D. Vendor Reports and Data Fields. The reports provided by Vendor to Company will be [***] Further, upon request by Company, Vendor shall provide Company with [***]. Any changes to the reporting content, schedule, or format must be pre-approved by Company in writing.
Task Deliverable: Offer Details
The parties shall work together to reach an agreed-upon plan regarding Company’s utilization of Offer details and targeting data for the Offers Vendor provides Company, so that Company can facilitate the presentation of Offers in personalized placements, by [***]. As part of this agreement, Company and Vendor shall mutually determine applicable technical and functional requirements, usage details, and other applicable matters.
Upon the delivery of the data, Company shall be solely authorized to use this data to facilitate the presentation of Offers in personalized placements and this data shall not be shared with any third parties. Any presentation of offers utilizing this data shall meet Vendor’s program and data requirements, such that Vendor can manage these Offers, and meet its obligations to Content Providers, in the same way that it manages Offers in connection with the On-Platform Services.
Certain information has been excluded from this agreement (indicated by “[***]”) because such information (i) is not material and (ii) would be competitively harmful if publicly disclosed.
Exhibit 10.3
Statement of WorkContract ID Number:
Service Level Agreement (SLA) & Liquidated Damages:
| Customer Care SLA | Liquidated Damages | ||||
Vendor will resolve customer care cases in a Tier 2/Tier 3 environment. Company will be responsible for entering dispute data into the agreed upon system for submitting tickets. Vendor will confirm resolution of [***] ([***]%) of cases each month within [***] business days from initial case generation by Company. | If Vendor fails to resolve more than [***]percent ([***]%) of cases within [***]days in any month, Company shall be entitled to assess against Vendor, as liquidated damages, and not as a penalty, [***] *If Company chooses to assess liquidated damages against Vendor in connection with this SLA or any other SLA in this SOW, Company shall notify Vendor in writing of its liquidated-damages assessment within [***] days of the purported occurrence, and any liquidated damages due shall be paid [***]. | ||||
Certain information has been excluded from this agreement (indicated by “[***]”) because such information (i) is not material and (ii) would be competitively harmful if publicly disclosed.
Exhibit 10.3
Statement of WorkContract ID Number:
| Offer Approval SLA | Liquidated Damages | ||||
| All Offers and Offer changes (which for purposes of this SLA shall not include date extensions of Offers or placement changes) must be approved by Company prior to presentment to Company Users. Under no circumstances should Vendor Offers and Offer changes be presented to Company Users without Company approval. | Vendor shall provide a root-cause analysis and mitigation plan to correct Offer approval errors. In any month where Vendor fails to meet this SLA, Company shall be entitled to assess against Vendor, as liquidated damages, and not as penalty, [***]. | ||||
| Offer Quality SLA | Liquidated Damages | ||||
Vendor shall endeavor to provide customer facing Error-free Offers for the Services herein [***]% of the time each month and must notify Company when Errors are identified. For purposes of this SLA, an “Error” shall constitute a mistake received from Vendor that should have been corrected by Vendor prior to publishing to Users that falls into one of the following categories: [***] [***] [***] [***] [***] [***] [***] [***] [***] [***] [***] | Vendor shall provide root-cause analysis and mitigation plan to correct Offer quality Errors and User impacts as contemplated by this SLA, if any. Any rewards expenses tied to the Offer quality error, as deemed by Company will be [***]. If Vendor fails to provide [***]in any month pursuant to the terms of this SLA, Company shall be entitled to assess against Vendor, as liquidated damages, and not as penalty, [***]. | ||||
| Near-Real-Time Messaging SLA | Liquidated Damages | ||||
Vendor agrees to ensure [***]% of all redemption-eligible transactions are recognized and provided at initial authorization for Company to send near real-time notifications to Users | Vendor shall provide root-cause analysis and mitigation plan to achieve [***]% and correct customer impacts, if any, at full expense to Vendor. If Vendor fails to meet this SLA in any month, Company shall be entitled to assess against Vendor, as liquidated damages, and not as a penalty, [***]. | ||||
| Production Issue Resolution SLA | Liquidated Damages: | ||||
Certain information has been excluded from this agreement (indicated by “[***]”) because such information (i) is not material and (ii) would be competitively harmful if publicly disclosed.
Exhibit 10.3
Statement of WorkContract ID Number:
Severity Level 1 Definition: An event causing severe impact to Vendor’s ability to interact with Company No workaround is available. Services down or unusable: An error stops the Services from running, or so severely impacts production use of the Services that customer’s business operations are critically affected, and Company cannot reasonably continue work Status Update Frequency: Vendor provides a Bridgeline and a status every [***] to Company Target Service Restoration: Within [***] Resolution: up to [***]days or longer if approved by Company Severity Level 2 Definition: An event causing major impact to Vendor’s support of Company. This could involve severe impact to one or more functions. No workaround is available. Functionality disabled: An error causes important features of the Service to be unavailable with no reasonable workaround and there is a serious impact on Company’s productivity, but production use of the Service is continuing, and Company can reasonably continue work using the Service. Status Update Frequency: [***]to Company Target Service Restoration: Within [***] Resolution: up to [***] or longer if approved in writing by Company Severity Level 3 Definition: An event causing moderate impact to Vendor’s ability to support Company. This could involve major impact to one or more business function. A workaround may be available. Degraded operations: An error which causes important features of the application to be unavailable or to function other than as specified in the applicable documentation, but a workaround exists, or an error causes less significant features of the application to be unavailable or to function other than as specified in the applicable documentation, with no reasonable workaround. Status Update Frequency: Vendor status update is communicated [***] to Company Target Service Restoration: Workaround as soon as reasonable and practical in all the circumstances; but not to exceed [***] Resolution: Fix for the error within the next Maintenance release or as approved by Company Severity Level 4 Definition: An event causing minor impact to Vendor’s ability to support Company, but potentially moderate impact on one or more individuals. A workaround may or may not exist. Minor error: An error which does not affect essential use of the application, but which represents a deviation from the applicable documentation. Status Update Frequency: Vendor status update is communicated [***] to Company Target Service Restoration: Vendor workaround as soon as reasonable and practical in all the circumstances; but not to exceed [***] Resolution: Vendor fix for the error within [***] or as approved by Company | If Vendor fails to meet the Production Issue Resolution SLA as outlined in this SLA, Company shall be entitled to assess against Vendor, as liquidated damages, and not as a penalty the amounts stated herein [***]. Vendor restores a Sev 1 issue [***]–[***]. Vendor restores a Sev1 issue [***]–[***]. Vendor restores a Sev 2 issue [***]–[***]. | ||||
| SLAs with NO LIQUIDATED DAMAGES | |||||
| General Merchant Cleaning SLA | |||||
For customer care cases requiring general merchant cleaning (where the cleaned merchant name is required to generate the appropriate redemption), Vendor will attempt to clean [***] percent ([***]%) of the merchant names within an average of [***] days of initial Company contact case generation | |||||
| Financial Reporting | |||||
Certain information has been excluded from this agreement (indicated by “[***]”) because such information (i) is not material and (ii) would be competitively harmful if publicly disclosed.
Exhibit 10.3
Statement of WorkContract ID Number:
Vendor shall supply financial reporting to Company with all details necessary to validate the metrics herein, by [***], as further detailed in this SOW. Vendor shall make all changes to the reporting reasonably requested by Company in a timely manner to allow for full Company reconciliation. Vendor will provide back-up documentation and other support as necessary to validate any such reporting. | |||||
| Uptime/Availability; Scheduled Maintenance; Performance | |||||
Uptime: Vendor will ensure that the TMS Service will be available to Company and their Users [***]% of the time in any given calendar month, exclusive of scheduled downtime; database maintenance, upgrades, or migrations; hardware maintenance or faults; or connectivity issues. This assumes that Company is maintaining the Vendor OPS installed in their environment per this SOW. In the event of scheduled downtime, Vendor agrees to: a)Provide Company with at least: i.[***] prior written notice for Priority 3-4 Changes ii.[***] prior written notice for Priority 2 Changes iii.[***] notice for Priority 1 Changes b)Schedule for off-peak hours c)Ensure that such downtime does not exceed [***] at any one time; and does not exceed [***] in aggregate in any given month related to core Vendor OPS software. This will not include database maintenance, upgrades, or migrations, hardware maintenance or faults, or connectivity issues caused, by Company. The Service availability calculation will exclude “scheduled downtime” which meets the foregoing criteria. The Company is responsible for calculating Uptime. | |||||
| Production Issue Root Cause Analysis | |||||
Vendor will provide a written analysis of the problem provided within [***] days with the required information listed below. Issue: Brief description of the issue/event Total Outage (if applicable): Include total outage (hours/minutes) Start Date/Time: Start time of the incident & date End Date/Time: End time of the incident & date User Experience: What was experienced as a result of this issue? What did the User/Company Associate see? Customer Impact: How many Users were affected? Technical Impacts: Applications Impact: Root Cause: If the information is not available, state that it is still being investigated or that the information will be provided by a specific date. Otherwise, describe the root cause Short-Term Actions Taken: Describe the steps that were taken to restore Service. Next Steps: Describe what steps will need to be taken and include any target dates that the action will be taken | |||||
| Payments | |||||
Vendor shall be solely responsible for paying the User Incentives for its Offers, subject to the User Incentive Adjustments, to Company for payment to Users. [***]. The User Incentive will be paid to Company no later than [***] days from the last day of the calendar month following in which the incentive was earned by the Users. Vendor agrees to enforce the obligations of its Content Providers to pay any User Incentives provided in Offers from its Content Providers and the other fees and charges owed by that Content Provider. For avoidance of doubt, Vendor will have sole obligation [***]. The User Incentive Amount from Vendor Content Providers shall be payable by Vendor by wire transfer no later than [***] days from the last day of the calendar month in which the incentive was earned by the Users. Each payment shall be accompanied by a data file, in a format acceptable to Company, reconciled to the User Incentive Amount, reflecting the amount of User Incentives and User Incentive Adjustments to be applied to each User account. Vendor will pay Revenue Share payments to Company no later than [***] days from the last day of the calendar month in which it was accrued. | |||||
Certain information has been excluded from this agreement (indicated by “[***]”) because such information (i) is not material and (ii) would be competitively harmful if publicly disclosed.
Exhibit 10.3
Statement of WorkContract ID Number:
| Financial Package | |||||
For each month, by [***], Vendor will provide Company with a financial package detailing the amounts and supporting documentation for all activity for the preceding month as further detailed in APPENDIX D hereto (the “Financial Package”). Vendor shall make all changes to the reporting as reasonably requested by Company in a timely manner as requested. For the avoidance of doubt, the Financial Package shall be considered Confidential Information and Vendor shall not share any information from the Financial Package with a third party. | |||||
8. Disaster Recovery/Business Continuity
As stated in the Agreement
9. Company Responsibilities
Responsibilities of Company are listed below.
Company will:
• Obtain any necessary information required for initial testing and integration.
• Maintain Vendor OPS in the Company’s data center including physical installation, networking, web server configuration and security.
• On a [***] basis, send to the Vendor OPS a list of transactions and account information for Users.
• On a [***] basis, enable Vendor to provide Company with the amount of rewards earned by each User. Company will credit the rewards to each account.
• On a [***] basis, enable Vendor to reimburse Company for the rewards earned by each User.
• Perform the tasks required to display Offers to Users on electronic statements.
• Ensure cardholder terms and conditions allow Company to offer the Vendor Service.
• Provide Level 1 Customer support
• Provide assistance and cooperation in the design and preparation of the product display and provide resources to enable the product design and look and feel in the website and computer system of Company operating the Service.
• Provide the computers and other hardware that is determined to be appropriate for the operation of the Vendor TMS in the data centers of Company in accordance with the scope and specifications in the plan created and agreed to by Vendor and Company.
• Provide the personnel, hardware and software resources required to support the operation of the Vendor OPS and Services, including without limitation technology and operations support, database management and customer support.
11. Redemption Control
Vendor shall protect against inaccurate redemptions by approving those with certain criteria. Vendor shall hold and review redemptions that meet any of the following:
1.Duplicates
a.REASON: To guard against technical issues. This flag is in place in case a customer loads a transaction file twice.
2.Statistical Deviation
a.REASON: Operations control to ensure campaigns are configured correctly.
3.High Priority
b.REASON: Operations control to ensure all redemptions are reviewed and investigated following the initial launch of a high priority/important campaign. This is an additional safeguard to guarantee Vendor delivers correct results from the campaigns.
i.Set at the discretion of the merchant services team based on priority of merchant relationship.
Certain information has been excluded from this agreement (indicated by “[***]”) because such information (i) is not material and (ii) would be competitively harmful if publicly disclosed.
Exhibit 10.3
Statement of WorkContract ID Number:
12. Service Payments
Vendor shall pay to Company a revenue share for Services during the Term of this Agreement. Vendor agrees to enforce the obligations of its Content Providers.
| Source | Company Revenue Share Percentage | Vendor Revenue Share Percentage | ||||||
From Vendor Content Providers From Company Referred Content Providers | [***]% [***]% + [***]% of Vendor total advertising fees from non-Company customers. | [***]% [***]% | ||||||
Revenue Share Schedule: Vendor shall make commercially reasonable efforts to collect in a timely fashion all receivables that it is obligated to collect for its Offers. Regardless of when receivables are collected, they will be shared with the other party per the terms of this Agreement. Vendor is not obligated to pay any Revenue Share Amount with respect to a sum that Vendor has not collected and received. In the unlikely event that receivables are never collected, those sums will not be owed. For all Offers, uncollected receivables will be capped at [***]% of Total Revenues for any given Measurement Period.
Calculation of Revenue Share:
1.For each Measurement Period, the Revenue Share Amount due to Company shall be calculated as follows:
i.An amount equal to:
c.Total Revenues from the Services in Section 3. Description of Scope of Project,
d.minus total Revenue Adjustments
e.plus/minus the Receivables Adjustment
f.minus Company approved Allowable Expenses
ii.Multiplied by the applicable Revenue Share Percentage
2.Notwithstanding anything else in this Agreement, Vendor’s Revenue Share under this Agreement for any Measurement Period, will not fall below [***] percent ([***]%).
3.For the avoidance of doubt, all monetary amounts in this SOW are calculated on an accrual basis.
Performance Requirements: The Parties acknowledge that Vendor’s ability to meet its performance obligations under the Agreement is dependent on Company operational performance. The Parties agree to document such performance goals and meet regularly to discuss, update and resolve any concerns.
Portfolio Development Expenses
The Parties contemplate continuing user interface updates and annual projects related to the development of system and product improvements throughout the Term. As such, the Parties agree to reasonably cooperate and agree on finalizing such improvements and projects along with any corresponding Vendor funded development expenses.
13. Designated Contacts for Change Orders
The Designated Contacts for this SOW are listed below. If Vendor’s Designated Contact changes during the Term, Vendor shall notify Company immediately.
Certain information has been excluded from this agreement (indicated by “[***]”) because such information (i) is not material and (ii) would be competitively harmful if publicly disclosed.
Exhibit 10.3
Statement of WorkContract ID Number:
Designated Contacts
| Bank of America, N.A. | Cardlytics, Inc. | ||||||||||
| Name: | Name: | [***] | |||||||||
| Address: | Address: | 675 Ponce de Leon Ave., Suite 6000, Atlanta, GA 30308 | |||||||||
| Phone: | Phone: | [***] | |||||||||
| Fax: | Fax: | N/A | |||||||||
| Email: | Email: | [***] | |||||||||
14. Invoicing Information
Vendor shall prepare the Financial Package as set forth in the Agreement and make payments as described in the Service Payments section of this Agreement.
15. Signatures
Vendor agrees to provide the Services described in this SOW provided Bank of America accepts this SOW, without modification, by signing in the space below.
Each Party agrees that the complete Agreement between us for these Services consists of 1) this SOW and 2) the Agreement.
| Agreed to: Bank of America, N.A. | Agree to: Cardlytics, Inc. | |||||||
| /s/ W. Sam Griffin | /s/ Andy Christiansen | |||||||
| W. Sam Griffin | Andy Christiansen | |||||||
Title: Procurement Specialist | Title: Cheif Financial Officer | |||||||
APPENDIX A. Statement of Work Change Control Procedure
APPENDIX B. Statement of Work Change Order Form
APPENDIX C. Statement of Work Change Order Log
APPENDIX D. Vendor Reports and Data Fields
Certain information has been excluded from this agreement (indicated by “[***]”) because such information (i) is not material and (ii) would be competitively harmful if publicly disclosed.
Exhibit 31.1
CERTIFICATION OF PRINCIPAL EXECUTIVE OFFICER
PURSUANT TO SECTION 302 OF THE SARBANES-OXLEY ACT OF 2002
I, Lynne M. Laube, certify that:
1.I have reviewed this Quarterly Report on Form 10-Q of Cardlytics, Inc. (the “registrant”);
2.Based on my knowledge, this report does not contain any untrue statement of a material fact or omit to state a material fact necessary to make the statements made, in light of the circumstances under which such statements were made, not misleading with respect to the period covered by this report;
3.Based on my knowledge, the financial statements, and other financial information included in this report, fairly present in all material respects the financial condition, results of operations and cash flows of the registrant as of, and for, the periods presented in this report;
4.The registrant’s other certifying officer(s) and I are responsible for establishing and maintaining disclosure controls and procedures (as defined in Exchange Act Rules 13a-15(e) and 15d-15(e)) and internal control over financial reporting (as defined in Exchange Act Rules 13a-15(f) and 15d-15(f)) for the registrant and have:
a.Designed such disclosure controls and procedures, or caused such disclosure controls and procedures to be designed under our supervision, to ensure that material information relating to the registrant, including its consolidated subsidiaries, is made known to us by others within those entities, particularly during the period in which this report is being prepared;
b.Designed such internal control over financial reporting, or caused such internal control over financial reporting to be designed under our supervision, to provide reasonable assurance regarding the reliability of financial reporting and the preparation of financial statements for external purposes in accordance with generally accepted accounting principles;
c.Evaluated the effectiveness of the registrant’s disclosure controls and procedures and presented in this report our conclusions about the effectiveness of the disclosure controls and procedures, as of the end of the period covered by this report based on such evaluation; and
d.Disclosed in this report any change in the registrant’s internal control over financial reporting that occurred during the registrant’s most recent fiscal quarter (the registrant’s fourth fiscal quarter in the case of an annual report) that has materially affected, or is reasonably likely to materially affect, the registrant’s internal control over financial reporting; and
5.The registrant’s other certifying officer(s) and I have disclosed, based on our most recent evaluation of internal control over financial reporting, to the registrant’s auditors and the audit committee of the registrant’s board of directors (or persons performing the equivalent functions):
a.All significant deficiencies and material weaknesses in the design or operation of internal control over financial reporting which are reasonably likely to adversely affect the registrant’s ability to record, process, summarize and report financial information; and
b.Any fraud, whether or not material, that involves management or other employees who have a significant role in the registrant’s internal control over financial reporting.
| Date: | August 2, 2022 | By: | /s/ Lynne M. Laube | ||||||||
| Lynne M. Laube | |||||||||||
Chief Executive Officer (Principal Executive Officer) | |||||||||||
Exhibit 31.2
CERTIFICATION OF PRINCIPAL FINANCIAL OFFICER
PURSUANT TO SECTION 302 OF THE SARBANES-OXLEY ACT OF 2002
I, Andrew Christiansen, certify that:
1.I have reviewed this Quarterly Report on Form 10-Q of Cardlytics, Inc. (the “registrant”);
2.Based on my knowledge, this report does not contain any untrue statement of a material fact or omit to state a material fact necessary to make the statements made, in light of the circumstances under which such statements were made, not misleading with respect to the period covered by this report;
3.Based on my knowledge, the financial statements, and other financial information included in this report, fairly present in all material respects the financial condition, results of operations and cash flows of the registrant as of, and for, the periods presented in this report;
4.The registrant’s other certifying officer(s) and I are responsible for establishing and maintaining disclosure controls and procedures (as defined in Exchange Act Rules 13a-15(e) and 15d-15(e)) and internal control over financial reporting (as defined in Exchange Act Rules 13a-15(f) and 15d-15(f)) for the registrant and have:
a.Designed such disclosure controls and procedures, or caused such disclosure controls and procedures to be designed under our supervision, to ensure that material information relating to the registrant, including its consolidated subsidiaries, is made known to us by others within those entities, particularly during the period in which this report is being prepared;
b.Designed such internal control over financial reporting, or caused such internal control over financial reporting to be designed under our supervision, to provide reasonable assurance regarding the reliability of financial reporting and the preparation of financial statements for external purposes in accordance with generally accepted accounting principles;
c.Evaluated the effectiveness of the registrant’s disclosure controls and procedures and presented in this report our conclusions about the effectiveness of the disclosure controls and procedures, as of the end of the period covered by this report based on such evaluation; and
d.Disclosed in this report any change in the registrant’s internal control over financial reporting that occurred during the registrant’s most recent fiscal quarter (the registrant’s fourth fiscal quarter in the case of an annual report) that has materially affected, or is reasonably likely to materially affect, the registrant’s internal control over financial reporting; and
5.The registrant’s other certifying officer(s) and I have disclosed, based on our most recent evaluation of internal control over financial reporting, to the registrant’s auditors and the audit committee of the registrant’s board of directors (or persons performing the equivalent functions):
a.All significant deficiencies and material weaknesses in the design or operation of internal control over financial reporting which are reasonably likely to adversely affect the registrant’s ability to record, process, summarize and report financial information; and
b.Any fraud, whether or not material, that involves management or other employees who have a significant role in the registrant’s internal control over financial reporting.
| Date: | August 2, 2022 | By: | /s/ Andrew Christiansen | ||||||||
| Andrew Christiansen | |||||||||||
Chief Financial Officer (Principal Financial and Accounting Officer) | |||||||||||
Exhibit 32.1
CERTIFICATIONS OF
PRINCIPAL EXECUTIVE OFFICER AND PRINCIPAL FINANCIAL OFFICER
PURSUANT TO 18 U.S.C. SECTION 1350,
AS ADOPTED PURSUANT TO
SECTION 906 OF THE SARBANES-OXLEY ACT OF 2002
Pursuant to the requirement set forth in Rule 13a-14(b) of the Securities Exchange Act of 1934, as amended, (the “Exchange Act”) and Section 1350 of Chapter 63 of Title 18 of the United States Code (18 U.S.C. §1350), Lynne M. Laube, Chief Executive Officer of Cardlytics, Inc. (the “Company”), and Andrew Christiansen, Chief Financial Officer of the Company, each hereby certifies that, to the best of his or her knowledge:
1.The Company’s Quarterly Report on Form 10-Q for the period ended June 30, 2022 (the "Report"), fully complies with the requirements of Section 13(a) or Section 15(d) of the Exchange Act; and
2.The information contained in the Report fairly presents, in all material respects, the financial condition and results of operations of the Company.
| Date: | August 2, 2022 | By: | /s/ Lynne M. Laube | ||||||||
| Lynne M. Laube | |||||||||||
Chief Executive Officer (Principal Executive Officer) | |||||||||||
| Date: | August 2, 2022 | By: | /s/ Andrew Christiansen | ||||||||
| Andrew Christiansen | |||||||||||
Chief Financial Officer (Principal Financial and Accounting Officer) | |||||||||||
This certification accompanies the Report to which it relates, is not deemed filed with the Securities and Exchange Commission and is not to be incorporated by reference into any filing of the Company under the Securities Act of 1933, as amended, or the Exchange Act, whether made before or after the date of this Report, irrespective of any general incorporation language contained in such filing.
A signed original of this written statement required by Section 906 of the Sarbanes-Oxley Act of 2002 has been provided to the Company and will be retained by the Company and furnished to the Securities and Exchange Commission or its staff upon request.