Exhibit 4.47

NORTHERN TRUST CONFIDENTIAL

MASTER AGREEMENT

This MASTER AGREEMENT (“Master”), is entered into this 1^st of March, 2021 (“Effective date”) by and between The Northern Trust Company¹, Singapore Branch (“Northern”), a company incorporated and existing under the laws of State of Illinois, whose principal place of business is at One George Street, #12-06, Singapore 049145² and WellteQ Pte Ltd (“Provider”), a company incorporated in Singapore with offices at CIDC Building, 90 Eu Tong Sen Street, #03-02B, Singapore 059811. The Master, along with any Exhibits, Modules (including any Attachments thereto), Schedules and Statements of Work (including any Appendices) and Purchase Orders shall be referred to collectively as the “Agreement”. Both Northern and Provider may be referred to as a “Party” or collectively, as the “Parties”. The Parties hereby agree as follows:

The following terms, as used in this Agreement, have the meanings set forth below. Additional defined terms may be contained in the body of this Master, in Modules, SOW(s) and/or Exhibits.

“Affiliate” means an entity owned by, controlling, controlled by, or order common control with, directly or indirectly, one of the Parties. For this purpose, one entity “controls” another entity if it has the power to direct the management and policies of the other entity, whether through the ownership of voting equity, agreement, representation on its board of directors, acts of a Regulatory Authority, by contract or otherwise.

“Business Day” means a day other than a Saturday, Sunday or a bank or public holiday in the country where the Hardware, Software or Services are provided.

“Charges” means the sums payable by Northern to provider in consideration of the supply of Hardware, licensing of Software and/or the provision of the Services as specified in this Agreement and includes any expenses specifically allowed in the applicable Module, Schedule and/or SOW.

“Client” or “Northern Client” means a person or entity that has an account at or is obtaining financial services from Northern or any of its Affiliates.

“Confidential Information” means all tangible and intangible information (whether oral, written, visual, electronic or in other form) of a Party (“Disclosing Party”) that is disclosed or otherwise becomes known to the other party (“Receiving Party”) as a result of this Agreement, that is not generally known to the public and at the time of disclosure is identified as, or which a reasonable person would understand (based on the type of information or the circumstances of its disclosure) to be, proprietary or confidential. Confidential Information includes but is not limited to: (a) business plans, strategies, forecasts, projects and analyses; (b) financial information and fee structures; (c) business processes, methods and models; (d) trade secret, confidential or proprietary information or documentation of entities with which each Party contracts or about employees, Clients, customers, directors, outside directors, retirees, spouses and families (whether past, current and prospective); (e) PII; (f) hardware and system designs, architectures, structure and protocols; (g) product and service specifications; (h) manufacturing, purchasing, logistics, sales and marketing information; (i) user IDs and or passwords allowing access to Northern’s systems; (j) all non-public information that is learned by Provider by reason of the relationship established by this Agreement; and (k) all copies of any of the foregoing and any materials that contain, are derived from, or reflect any of the foregoing. Confidential Information shall include the terms of this Agreement. Because of the sensitive nature of the information a Receiving Party may become aware of as a result of the Agreement, the Parties intend that these provisions be interpreted as broadly as reasonably possible to protect Confidential Information.

NORTHERN TRUST CONFIDENTIAL

“Deliverable” means any tangible work product produced as a result of a Service under an applicable SOW.

“Documentation” means all (i) Provider response to Requests for Proposal and supplements thereto, (ii) user, programmer and technical documentation and other tangible or intangible information relating to Services, Hardware and/or Software, irrespective of when delivered or disclosed by Provider to Northern, including the manuals and materials listed in the applicable SOW and/or Schedule, and all revisions and additions to the foregoing made by or on behalf of Provider or its suppliers, (iii) marketing materials, documentation and other written information provided to Northern by or on behalf of Provider with respect to the Products and/or Services (including Deliverables) and (iv) any other material included within such definition by the applicable SOW and/or Schedule.

“Hardware” means computer, telecommunication, information processing and/or related equipment and peripherals sold by Provider to Northern under this Agreement as identified in an applicable SOW or Purchase Order.

“Intellectual Property Rights” means all right, title and interest in and to all current and future: (i) U.S. or non-U.S. patents or any division, continuation, reissue or extension thereof and any applications, including provisional applications, for such patent rights; (ii) trade secret rights arising under the common law and any state, federal and/or international laws or treaties; (iii) copyrights and all other literary property and author rights and moral rights, whether or not copyrightable, and any registrations and applications for registration, including without limitation, any copyright related rights under any international treaties; and (iv) trademarks, trade names and service marks, whether registered or arising under the common law, and any state, federal and/or international laws, and all associated registrations, goodwill, and applications for registration.

“Key Personnel” means those Provider Personnel who are specifically listed in a SOW as Key Personnel.

“Law” or “Regulation” means any law, enactment, regulation and regulatory policy, guideline, requirement and/or industry code of any Regulatory Authority (including good practice codes) applicable to a Party, any activities relating to this Agreement, any Products or Services hereunder and all interpretations of and changes, supplements or replacements to, any of the foregoing.

“Malicious Code” means any computer code, programs, procedures, mechanisms or programming devices (including, without limitation, any code typically identified as a virus, Trojan horse or worm) that are designed to, or would enable Provider or any third party, to disrupt, modify, delete, damage, deactivate, disable, harm, access without authorization or otherwise impede the operation of the any Northern system or any other associated software, firmware, hardware, computer system or network.

NORTHERN TRUST CONFIDENTIAL

“Module(s)” means the respective documents entered into between the Parties applicable to Services, Software and Support (Software) and/or Hardware. Additional Modules may be added hereunder by mutual written agreement of the Parties. A Module must be signed by both Parties to be effective.

“Northern Personnel” means employees, contractors, agents and representatives of Northern.

“Northern Premises” means any location owned, operated or contracted by Northern.

“Open Source Software” means any software that is licensed under any license currently listed or described at http://www.opensource.org/docs/definitions.php or at http://www.opensource.org/licenses, “Free Code” as defined by the Free Software Foundation or software that: (i) prohibits imposing restrictions on (a) distribution of the software or derivatives, or (b) aggregations with any other software; (ii) prohibits royalties, fees or other charges for software or derivatives; (iii) requires and/or permits distribution of the software or derivatives in Source Code form; or (iv) requires users or licensees to have the right to access any Source Code of the software or derivatives.

“Personnel” or “Provider Personnel” means employees, contractors (including Subcontractors), agents and representatives of Provider performing any Services under the Modules or in Account Management roles.

“Personally Identifiable Information” or “PII” means nonpublic personal information regarding a Northern Client (individual or institutional), Northern Personnel or another party for whose information Northern is legally accountable or for whose information Northern is contractually obligated to protect (e.g., vendors, visitors, consultants, etc.) that is made available to Provider by or at the direction of Northern, or directly by the individual concerned, or to which access was provided in the course of Provider’s performance of the Agreement, that identifiers or can be used to identify, either directly or indirectly, an identifiable natural person. Examples of PII include, but are not limited to: name; address; Tax Identification Number; Social Security Number, National Identity number; date of birth; transaction account numbers; credit/debit card numbers; online banking user names or passwords; biometric data, racial or ethnic origin; political opinions; religious beliefs; union membership status; physical or mental health or condition; sexual life; and/or criminal history. PII shall be deemed Northern Confidential Information.

“Products” means any Hardware, Software and/or Third-Party Software provided to Northern by Provider pursuant to the Agreement.

“Public Official” means any official, agent, employee, or representative of (or person acting in an official capacity of): a national, supranational, regional, or local government; an agency, department or instrumentality of a government; an entity with an aggregate twenty-five percent (25%) or more government ownership or control by one of the foregoing; a judicial body; a public international organization; a political party; or any body that exercises regulatory authority over Northern. Public Official also includes any candidates for public office or for political party positions as well as members of royal or ruling families. Public Official includes immediate family members and close associates of all parties mentioned above.

NORTHERN TRUST CONFIDENTIAL

“Purchase Order” means Northern’s written order to Provider, that incorporates the Agreement by reference, for the license of Software and/or the purchase of Hardware, Hardware maintenance and/or Software Maintenance Services.

“Regulatory Authority” means any foreign, federal, state or local governmental or regulatory agency or body or other competent authority that enforces Laws or otherwise regulates and/or supervises Northern (or its Affiliates), Provider (or its Affiliates if they provide Hardware, Software or Services under the Agreement) and/or either of their activities relating to this Agreement (including Northern’s use of the Products and/or Services).

“Relationship Manager” shall mean each Party’s primary point of contact with respect to this Agreement,

“Requirement(s)” means Northern’s technical, functional, operational and/or performance specifications applicable to the Hardware, Software or Services (including Deliverables) to be provided pursuant to the applicable SOW and/or Schedule and shall include agreed upon Service Levels.

“Schedule” means the document Northern and Provider execute pursuant to a Module for the provisions of specific Software and Software Maintenance Services. For a Schedule to be effective, it must be signed by both Parties.

“Security Event” means a disclosure of Northern PII and/or Confidential Information to unauthorized parties or an actual or attempted bypass or breach of security controls intended to protect Northern PII and/or Confidential Information.

“Service(s)” means the performance of a task or tasks by Provider pursuant to an applicable Module under this Agreement and as specifically set forth in the relevant SOW and/or Schedule. For the avoidance of doubt, Services include any Deliverables resulting therefrom.

“Service Commencement Date” the date on which Services are first provided to Northern under a SOW and/or Schedule.

“Site” means the location at which Products and/or services are to be provided by Provider to Northern in connection with each SOW, Schedule and/or Purchase Order is to be delivered, installed or performed as provided in each SOW.

“Software” means the object code version (unless specified otherwise in an applicable Schedule) of any computer program, firmware or operating system that is licensed to Northern by Provider. Software includes any third-party software and any client utilities, including program routines or database features provided by Provider that are necessary to access and use the Software. Software also includes any Updates (as defined in the Software Module) provided to Northern by Provider and any modifications and/or customizations prepared by Provider for Northern under a SOW.

“Source Code” means computer code that is written in a human-readable, recognized programming language that can be converted into machine or object code form.

NORTHERN TRUST CONFIDENTIAL

“Statement of Work” or “SOW” means the document Northern and Provider execute pursuant to a Module for the provisions of specific Hardware and/or Services. For a SOW to be effective, it must be signed by both Parties.

“Subcontractor” means any third-party (whether an individual not directly employed by Provider or an entity), regardless of level or tier, that performs all or any part of Provider’s obligations to Northern under the Agreement.

“Work Product” means all materials, tangible work and software (in both source code and object code), computer system design, data, documentation, tangible records, models, inventions, ideas, concepts, techniques, methods, processes, formula, works of authorship, designs compilations and other materials, and all tangible embodiments of the foregoing, regardless of the media in which they may be stored or rendered, which are conceived, created, discovered, reduced to practice or recorded by Provider as a result of Provider’s performance of services for Northern, including all Intellectual Property Rights therein. Work Product includes, but is not limited to, Deliverables.

2.1 Any Northern Affiliate may purchase Hardware, license Software or procure Services under the Agreement by executing a SOW, a Schedule or in the case of Hardware, either a SOW or an applicable Purchase Order in its own name with Provider that incorporates by reference the terms of the Agreement. In such event, the applicable Affiliate shall be solely responsible for its performance and all obligations to Provider thereunder.

2.2 In the event that an applicable Schedule, SOW or Purchase Order calls for the delivery of Hardware, the use of Software or the provision of Services outside the United States, certain additional or different terms may be applicable to such transaction (“Country Unique Terms,” attached hereto as Exhibit 1). The Country Unique Terms shall prevail over the terms of the Agreement in the event the Agreement does not address the specific provision or of an actual conflict or inconsistency with the terms of the Agreement and only with respect to any transaction for the delivery of Hardware, the use of Software or the provision of Services outside the United States.

3.1 Term. The Agreement shall begin on the Effective Date and shall remain in force until the later of (a) five (5) years from the Effective Date, or (b) the expiration or termination of the last surviving SOW and/or Schedule (the “Term”). Northern may extend the Term for a period of twelve (12) months by providing written notice to Provider of its intention to do so not less than sixty (60) days prior to the expiration date of the then current Term. For the avoidance of doubt, the term of any Module, regardless of when executed by the Parties, shall expire or terminate on the termination or expiration of this Master, unless earlier terminated by Northern.

3.2 Termination for Cause. Either Party may terminate the Agreement immediately upon written notice to the other Party if the other Party: (i) materially breaches the Agreement or the terms of a SOW Schedule and/or Purchase Order, other than with respect to a payment obligation, and fails to remedy such breach within thirty (30) days after receiving written notice thereof from the other Party, or (ii) materially breaches a payment obligation under the Agreement or such SOW, Schedule and/or Purchase Order and fails to remedy such breach within ninety (30) days after receiving written notice thereof from the other Party. Northern may terminate this Agreement immediately for cause upon written notice to Provider, if Provider: (a) commences bankruptcy or dissolution proceedings, has a receiver appointed for a substantial part of its assets, or ceases to operate in the ordinary course of business; (b) materially breaches its obligations set forth in Sections 4 (“Confidential Information”), 5 (“Data Privacy and Information Security”); 13.5 (“Publicity”); and/or 14.3 “Anti-Bribery and Supplier Code of Conduct” (including, but not limited to the Northern Global Anti-Bribery and Anti-Corruption Policy for Providers (Exhibit 2)); or (c) materially breaches the Agreement or a SOW, Schedule or Purchase Order in a manner that cannot be remedied.

NORTHERN TRUST CONFIDENTIAL

3.3 Termination for Convenience. Either Party may terminate this Agreement or any SOWs, Schedules and/or Purchase Orders for convenience, in whole or in part, at any time, without cause, and without penalty by giving Provider written notice at least sixty (60) day’s prior to the specified termination date.

3.4 Resolution Provisions. Due to Northern’s obligations to Regulatory Authorities under applicable Laws and Regulations related to financial institution Resolution planning, including but not limited to Section 165(d) of the Dodd-Frank Wall Street Reform and Consumer Protection Act (12 U.S.C. § 5301, et seq.), the additional provisions regarding termination and related matter set forth in Exhibit 3 (“Resolution Provisions”) shall apply and shall supersede any conflicting provisions set forth in the Agreement on the occurrence of a Resolution Event.

3.5 Effect of Termination. Termination or expiration of the Master shall not affect the Parties rights and obligations under any other SOWs, Schedules or Purchase Orders executed by the Parties prior to such termination or expiration. Termination of one or more SOWs, Schedules and/or Purchase Orders shall not affect the Parties’ right and obligations under any other SOWs, Schedules and/or Purchase Orders executed by the Parties prior to such termination or expiration, and all such other SOWs, Schedule and/or Purchase Orders shall remain in full force and effect unless and until terminated in accordance with these terms. If Northern terminates the Agreement as a result of Provider’s default, in addition to any other remedies Northern may have at law or in equity, Provider shall refund to Northern all Charges paid pursuant to this Agreement, including executed SOWs, Schedules and/or Purchase Orders for Services not yet rendered or Products not yet delivered.

4.1 Transactions Under the Agreement. Provider shall sell and Northern shall purchase those pieces of Hardware, licenses to Software and/or Services that are specifically set forth in an applicable SOW, Schedule and/or Purchase Order between the Parties. The only Charges applicable thereto shall be those set forth in the relevant SOW, Schedule and/or Purchase Order.

4.2 Payment. Unless otherwise set forth in an applicable Module, Schedule, SOW or Purchase Order, on a monthly basis, Provider shall deliver to Northern an invoice, consistent with the requirements in Exhibit 4 (“Invoicing”) and the applicable purchase order, of all Charges then due. Northern shall pay all undisputed invoices, in local currency, within thirty (30) days of receipt of a correct invoice. Northern shall have no obligation to pay any Charges that Provider fails to invoice to Northern within ninety (90) days of the date on which the Charges were incurred, unless otherwise agreed by the Parties. Unless otherwise agreed by the Parties, any credits due to Northern shall be applied on the next invoice for the applicable SOW, Schedule and/or Purchase Order against amounts then due and owing. If any credit is due to Northern after the termination or expiration of the applicable SOW, Schedule and/or Purchase Order, Provider shall pay the amount of the credit to Northern within thirty (30) days after the credit accrues. Unless otherwise directed by Northern, all credits shall be applied and/or paid in local currency.

NORTHERN TRUST CONFIDENTIAL

4.3 Disputed Amounts. Northern shall not be obligated to pay incorrect invoices or invoices disputed in good faith. Northern must pay undisputed amounts on incorrect invoices and such payment shall not affect its rights to challenge disputed amounts. In the event of a good faith dispute with regard to an item appearing on an invoice, Northern may withhold the disputed amount while the Parties attempt to resolve the dispute in accordance with Section 12 (“Dispute Resolution”) and Northern’s actions shall not constitute a breach of this Agreement, be grounds for Provider to suspend its obligations under this Agreement or be cause to charge Northern for any interest, late fees or attorneys’ fees related to the disputed amount. In the event Northern is found to be the originating fault resulting in the Dispute, any reasonable expenses incurred in the Dispute Resolution are recoverable by the Provider from Northern. Once the dispute has been resolved, Northern shall pay the agreed upon Charges within thirty (30) days of its receipt of a corrected invoice.

4.4 Expenses. Except as expressly set forth in an applicable Module and/or SOW, Schedule and/or Purchase Order, Northern shall not be responsible for any out of pocket expenses of Provider, including but not limited to travel, hotel and/or meals. To the extent Northern agrees to reimburse Provider for specified expenses pursuant to a Module and/or SOW, Schedule and/or Purchase Order, all such expenses shall be actual (without mark-up), reasonable and shall be reimbursed in accordance with Northern’s “Northern Trust Corporate Travel Policy for Providers” (Exhibit 5 hereto), which Northern may modify time to time in its sole and exclusive discretion.

NORTHERN TRUST CONFIDENTIAL

4.6 Benchmarking. Northern may, at any time after six (6) months from the Effective Date of any applicable SOW or Schedule (and not more than once a year), subject any Charges for, or terms and conditions applicable to, any Hardware, Software or Services, either in part or as a whole, to a benchmarking exercise by providing notice thereof to Provider. In such event, Northern shall retain an independent organization (“Benchmarking Advisor”) to compare, using generally accepted benchmarking process, the specific Charges at issue to substantially equivalent Hardware, Software or Services. Both Parties shall provide the Benchmarking Advisor with such assistance and supporting information as may reasonably be requested and shall cooperate with the Benchmarking Advisor in good faith. The Benchmarking Advisor shall present, within sixty (60) days of its appointment, a written report to both Parties analyzing the Charges at issue. In the event that the report indicates that any Charges provided or charged to Northern are materially greater than those that Provider charges to other customers receiving substantially similar Hardware, Software or Services under substantially similar terms and conditions, Provider shall adjust the Charges such that they are no higher than those for such similarly situated customers and refund an amount of Charges previously paid equal to the excess of such amount over the amount which would have been paid under the revised Charges.

5.1 Confidentiality Obligations. Receiving Party shall not: (i) disclose, distribute or convey Confidential Information of the Disclosing Party to any third party except after prior written approval of Disclosing Party; (ii) make copies or reproductions of any such Confidential Information, except solely to further the purposes of this Agreement; and/or (iii) use any such Confidential Information for any purpose other than performing its obligations under the Agreement. A Receiving Party may disclose Confidential Information of the Disclosing Party to those of its employees, agents or contractors that have a need to know such Confidential Information and who are subject to binding confidentiality obligations at least as protective as those set forth herein. Northern may also disclose the terms and conditions of the Agreement (including the Charges under any applicable SOWs, Schedules and/or Purchase Orders) to a Benchmarking Advisor, subject to appropriate confidentiality protections, in the event that it invokes its rights under Section 4.6 (“Benchmarking”) above. In the event that Northern is the Disclosing Party, neither Provider nor Provider Personnel shall remove any Confidential Information (or any copy or summary thereof) from Northern’s premises or from any Site without the prior written consent of Northern. Upon written request by Northern, Provider shall: (a) provide Northern with a list of Provider Personnel (if any) that have had or shall have access to any Northern Confidential Information; and/or (b) cause each of Provides’s Personnel with access to Northern Confidential Information to enter into an agreement with Northern related to protection of Northern Confidential Information and related matters. Upon the termination or reassignment of any Provider Personnel, Provider shall secure and return to Northern all Northern property, including all Northern Confidential Information, in the terminated or reassigned Provider Personnel’s custody, possession or control. For the avoidance of doubt, Provider shall be liable for any unauthorized disclosure and/or unauthorized use of Confidential Information by any Provider Personnel.

5.2. Standard of Care. Receiving Party acknowledges that all Confidential Information of Disclosing Party is considered proprietary and strictly confidential. Receiving Party shall exercise, at a minimum, the same degree of care to protect Confidential Information received from Disclosing Party, or which it becomes aware of about Disclosing Party as a result hereof, that it would employ for its own comparable confidential information (but in no event less than a reasonable degree of care).

NORTHERN TRUST CONFIDENTIAL

5.3 Confidentiality Period. The obligations of each party set forth in this Section shall survive the completion or termination of this Agreement and shall remain in effect for three (3) years after completion or termination of the applicable Schedule or the termination of this Agreement. Notwithstanding the foregoing, to the extent that any Northern Confidential Information relates to Northern Clients, the obligations set forth in this Section shall continue indefinitely.

5.4 Ownership. Receiving Party agrees that Confidential Information of the Disclosing Party shall at all times remain the sole property of Disclosing Party and, if in tangible form such as (by way of example and not limitation), in writing or on tape, disk, or other electronic media, such tangible material and all copies shall be returned to Disclosing Party within five (5) Business Days after termination of this Agreement or the applicable SOW or upon demand at any other time. Except as otherwise expressly set forth in the Agreement, no rights or licenses are granted by Disclosing Party to Receiving Party under any patents, copyrights, trademarks, trade secrets or other proprietary rights of Disclosing Party as a result of or related to this Agreement.

5.5 Legally Required Disclosures. If Receiving Party is legally required to disclose any Confidential Information of Disclosing Party in connection with any legal or regulatory proceeding, Receiving Party shall (unless prohibited by applicable Law) notify Disclosing Party within a reasonable time prior to disclosure to allow Disclosing Party a reasonable opportunity to seek appropriate protective measures, or other appropriate remedies prior to disclosure. Subject to any protective measures or other remedies imposed by the applicable legal or regulatory body, Receiving Party may disclose only that portion of that Confidential Information that it is legally required to disclose and shall exercise reasonable efforts to obtain assurances that confidential treatment shall be accorded to that Confidential Information.

5.6 Exceptions to Confidentiality Obligations. The obligations set forth in this Section 5 shall not apply to: (a) any disclosure specifically authorized in writing by Disclosing Party; or (b) Confidential Information that: (1) has become well known in the trade; (2) was disclosed to Receiving Party by a third party not under an obligation of confidentiality to Disclosing Party; (3) was independently developed by Receiving Party not otherwise in violation or breach of this Agreement or any other obligation of Receiving Party to Disclosing Party; or (4) was rightfully known to Receiving Party prior to entering into this Agreement.

5.7 Unauthorized Disclosure of Confidential Information. Receiving Party acknowledges that the unauthorized use or disclosure of any Confidential Information of the Disclosing Party may cause irreparable harm to Disclosing Party. Accordingly, Receiving Party agrees that Disclosing Party shall be entitled to seek equitable relief, including injunctive relief, in addition to all other remedies available at law for any threatened or actual breach of this Agreement or any threatened or actual unauthorized use or disclosure of Confidential Information. If Receiving Party becomes aware of a threatened, suspected or actual breach of its confidentiality obligations set forth in this Section or a Security Event, Receiving Party shall immediately (but in no event more than 24 hours from the time that it reasonably believes such a threatened, suspected or actual breach has occurred) so notify Disclosing Party. In the event that Provider is the Receiving Party and has disclosed such Northern Confidential Information, such notice shall (in addition to the requirements set forth in section 13.2 (“Notice”) be to: vendor_breach_notification_team@ntrs.com. For the avoidance of doubt, the foregoing applies to, but is not limited to, the unauthorized disclosure of Northern PII.

NORTHERN TRUST CONFIDENTIAL

6.1 Compliance with Northern’s Information Security Policies. Provider shall comply with the terms, including all requirements and obligations, set out in Exhibit 6 (“Information Technology Security”) attached hereto. Northern reserves the right to modify Exhibit 6 from time to time in its sole and exclusive discretion. Northern shall use commercially reasonable efforts to notify Provider promptly of any such modifications.

6.2 Provider Privacy Policy; Compliance with Applicable Law. Provider shall maintain a privacy policy that complies with applicable Laws and Regulations in each jurisdiction where it provides Products and/or Services to Northern and in each jurisdiction in which any Northern data subjects reside. Further, Provider shall comply with all data privacy Laws, including but not limited to all Laws concerning data protection and data security applicable to Northern and/or Provider with respect to Provider’s activities hereunder in each jurisdiction in which any Northern data subjects reside.

6.3 Provider Information Security Program. During the Term, Provider shall maintain and follow a written information security program (“WISP”) that complies with all applicable Laws and Regulations in each and Regulations in each jurisdiction where it provides Products and/or Services to Northern. Such WISP shall include appropriate technical, organizational, administrative, physical and other safeguards designed to: (i) ensure the security and confidentiality of Confidential Information; (ii) protect against any threats or hazards to the security or integrity of Confidential Information; (iii) prevent against unauthorized destruction, modification, disclosure, access to or use of Confidential Information, (iv) prevent against accidental loss of or damage to Confidential Information; and (v) ensure the proper disposal of Confidential Information.

6.4 Limitation of Access to PII. The Parties agree that Provider shall not have access to or process PII of Northern or of its Clients under the Agreement unless the provision of Products and/or Services under an applicable SOW and/or Schedule require access to or processing of such PII. Provider shall take all reasonable steps to minimize such access as may be required. Provider agrees to reasonably cooperate with Northern and to cause its Subcontractors and Affiliates to execute and implement all other mutually agreed documentation and agreements to safeguard and protect such PII in accordance with all Laws and Regulations applicable to Northern and/or Provider.

6.5 Provider’s Obligations in Event of a Security Event. In the event of a Security Event, in addition to the notification requirements set forth in Section 5.7 above, Provider shall: (a) promptly and fully cooperate with Northern in the investigation and remediation of the Security Event and permit Northern Trust to interview Provider’s personnel without Provider’s presence where the Security Event, in the sole discretion of Northern, so warrants; (b) assist Northern, at its own expense, in notifying any applicable Regulatory Authorities or other interested parties; and (c) reimburse Northern within seven (7) calendar days of receipt of a valid invoice for the costs and expenses related to Northern’s notifications to impacted Personnel, Clients or other third parties, including any credit monitoring that Northern determines, in good faith, is appropriate under the circumstances.

NORTHERN TRUST CONFIDENTIAL

7.1 Compliance with Laws and Regulations. Each Party shall comply with all Laws and Regulations that apply to that Party and/or its activities relating to this Agreement. Provider shall provide Products and Services in a manner so that Northern is able to comply with all applicable Laws and Regulations, and in the case of a conflict, compliance with Laws and Regulations shall take precedence over any other terms of this Agreement. Provider shall not take any act, or fail to take any act, which causes Northern to be in breach of applicable Laws and/or Regulations. Provider shall maintain such authorizations, approvals, licenses and permits from Regulatory Authorities required to perform its obligations under this Agreement.

7.2 Export Compliance. Both Parties shall comply with all applicable export and import laws, including, but not limited to the Export Administration Regulations (15 CFR Parts 730-774, as amended). Each Party shall obtain any required export licenses and/or authorizations, imposed by any country in which the Products and/or Services are to be provided or used or either Party is resident or subject to jurisdiction. Provider shall not be entitled to any adjustment of the Charges, Service Levels or its obligations hereunder related to its compliance with any such requirements.

7.3 Communication with Regulatory Authorities. Unless otherwise agreed in writing by Northern, Northern shall be responsible for all communications and correspondence with any Regulatory Authority having authority over Northern and/or its activities relating to this Agreement. Except to the extent prohibited by any Regulation, Provider shall promptly notify Northern of, and pass on to Northern, any requests (including meeting requests) made by any Regulatory Authority that relate to subject matter of this Agreement, and Northern shall be entitled to attend any meetings with Provider required by the Regulatory Authority. Provider shall provide Northern (and at the request of Northern, those authorized by Northern, including its legal advisors, auditors and Regulatory Authorities), with copies of all reports to and correspondence with Regulatory Authorities that relates to its business or part of its business that provides Products or performs the Services or activities relating to this Agreement.

7.4 Notification of Regulatory Matters and Cooperation with Regulatory Authorities. Provider shall notify Northern immediately if it becomes aware, or has reasonable cause to suspect, that any act, matter or event has arisen or occurred or may arise or occur which may constitute or give rise to a violation of Regulations. As reasonably requested by Northern, Provider shall cooperate with Regulatory Authorities and shall assist Northern in its dealings with Regulatory Authorities.

NORTHERN TRUST CONFIDENTIAL

8.1 Sufficient and Suitable Provider Personnel. Provider shall assign sufficient Personnel to provide Services in accordance with each SOW, Schedule or in Account Management roles. Provider shall ensure that each of the Provider Personnel has suitable competence, ability, education, training, licensing (as applicable) and other qualifications for their assigned role. In addition, Provider shall ensure that: (i) all Provider Personnel who perform Services or Relationship Management tasks under the Agreement are authorized to accept employment with Provider (or allowed Subcontractors) in the country in which they work; and (b) comply with any additional requirements in any Module (or Attachment thereto).

8.2 Use of Subcontractors. Provider shall not use Subcontractors to provide any Services hereunder without: (a) notifying Northern of the components of the Services affected, the scope of the proposed subcontract, the identity and qualifications of the proposed Subcontractor and the reasons for subcontracting the work in question; and (b) obtaining Northern’s prior written approval of that Subcontractor. Northern may revoke its approval thereof by giving Provider thirty (30) day’s prior notice describing the basis for the revocation. Notwithstanding any approval by Northern, Provider shall remain solely responsible for the performance of all Services and all other obligations under this Agreement and under any applicable SOWs, Schedules and/or Purchase Orders and shall be liable for any Subcontractor’s failure to perform or abide by the provisions of this Agreement. Provider shall be solely responsible of assessing whether any Subcontractor’s financial condition is sufficiently strong to fulfill its obligations with respect to Northern.

8.3 Status of Provider Personnel. Provider Personnel shall not, directly or indirectly, be deemed an employee, agent, servant or joint employee of Northern. Provider (or its allowed Subcontractor(s)), as the employer, shall be the pay-rolling employer and shall have the complete and sole discretion to hire and fire, discipline, evaluate, supervise, train, maintain records of hours, handle payroll, provide insurance and determine all other terms and conditions of employment. Provider shall be responsible for all risks incurred in the operation of its business and shall enjoy all the benefits thereof. Provider Personnel shall be under the sole control and direction of Provider (or its allowed Subcontractor(s)) and shall be solely responsible for all liabilities and expenses thereof. Northern shall have no right or authority with respect to the selection, control, direction or compensation of Provider Personnel. Provider shall have the full power and authority to select the means, mode and methods of performing any Services hereunder. Notwithstanding the foregoing, Provider and Northern may agree in a SOW as to limitations on Key Personnel, the right of Northern to request the removal of certain Personnel from the provision of Services, Service Levels and other performance, security and quality control standards; provided that this shall not affect the classification of the Parties as independent contractors or the Provider (or its allowed Subcontractor(s)) as the employer or contractor of the Personnel. Provider Personnel are not eligible for, nor may they participate in, any employee benefit plans of Northern, and Northern shall not insure Provider Personnel for workers’ compensation coverage or for unemployment insurance. Provider is solely responsible for, and agrees to comply with all Laws and Regulations with respect to: (i) salaries and compensation (including unemployment compensation), (ii) deductions and withholdings, (iii) employee benefits, including but not limited to healthcare insurance; and (iv) payment of any and all contributions, taxes and assessments with respect to Provider Personnel.

NORTHERN TRUST CONFIDENTIAL

8.4 On-Site Security. To the extent that Provider Personnel perform Services or Account Management activities on Northern Premises, Provider Personnel shall at all times comply with all Northern health, safety and security requirements.

8.5 Nondiscrimination. Provider shall not discriminate against any of its Personnel or applicants for employment because of age, race, color, religion, sex, sexual orientation, creed, alienage, marital status, national origin, ancestry, disability or veteran status or any other basis prohibited by applicable Laws. Unless exempt, Provider shall abide by the requirements of 41 C.F.R. §§ 60-1.4(a), 60-300.5(a) and 60- 741.5(a). If applicable, the Provider shall also abide by the requirements 41 CFR § 61-300.10 regarding veteran’s employment reports and 29 CFR Part 471, Appendix A to Subpart A regarding posting a notice of employee rights.

8.6 Supplier Diversity. Provider acknowledges Northern’s diversity efforts to support: Minority Business Enterprises; Women Business Enterprises; Small Business Enterprises; Disabled Business Enterprises; Veteran Business Enterprises; Service Disabled Veterans; and Lesbian, Gay, Bisexual and Transgender Business Enterprises (collectively “Diverse Suppliers”) and its commitment to the participation of such suppliers in Northern’s overall procurement requirements. During the Term, at no additional charge to Northern and consistent with the efficient performance hereof, Provider shall obtain from Diverse Suppliers (as suppliers to, or Subcontractors of Provider), a quantity of Products and Services that is reasonable in relation to the total Charges under this Agreement.

9.1 Mutual Representations and Warranties. In addition to any representations and warranties contained in the applicable Module(s) or SOW(s), each Party hereby represents and warrants that:

(a) it is duly organized, validly existing, has full and adequate power to own its property and conduct its business as now conducted, is in good standing and duly licensed, and has procured all necessary licenses, registrations, approvals, consents and any other communications in each jurisdiction as required to enable it (including Provider’s personnel) to perform its obligations under this Agreement;

(b) the execution, delivery and performance of this Agreement and any transactions hereunder have been duly and validly authorized by all necessary action, corporate or otherwise, and this Agreement constitutes a valid, legal and binding obligation of the Party;

(c) it is not and shall not be subject to any agreement or other constraint that does, would, or with the passage of time would, prohibit or restrict its right or ability to enter into, or carry out, its obligations hereunder; and

(d) with respect to Confidential Information of the other Party in its possession, it shall maintain, at a minimum, reasonable and customary security measures applicable to the manner in which it possesses such information (e.g., physically, electronically or otherwise) to protect the Confidential Information from unauthorized use and/or disclosure.

NORTHERN TRUST CONFIDENTIAL

9.2 Provider’s Representations and Warranties. In addition to any representations and warranties contained in the applicable Module(s) or SOW(s), Provider hereby represents and warrants that:

(a) all written information (including financial information) furnished to Northern prior to the Effective Date by or on behalf of Provider in connection with this Agreement, and all the information made a part of this Agreement is true, accurate and complete, and contains no false statements of material fact or omits any material fact necessary to make such information not misleading;

(b) it has not and shall not provide to any Northern employee or contractor any gift, gratuity, service or other inducement or favor to influence or reward that employee or contractor in connection with this Agreement or any SOW;

(c) it shall comply (and ensure its Personnel comply) with the Northern Supplier Code of Conduct, and further represents and warrants that in the course of performing its obligations under the Agreement, no expenditures for other than lawful purposes have been nor shall be made and that no payments or things of value have been or shall be offered or made by it to government officials or political parties or candidates, either directly or indirectly, and no government official or employee or official has any direct or indirect ownership or investment interest or interest in the revenues or profits of Provider;

(d) its exercise of its rights and performance of its obligations hereunder it shall comply with all Laws and Regulations and that any payments to it under this Agreement do not contravene the law of the country in which the Agreement is to be performed and in the event any payment to Provider hereunder is requested to be made at a place outside of Provider’s home country: (i) the payment shall not violate any applicable foreign currency control laws, (ii) that Provider shall seek all necessary approvals related thereto, and (iii) that Provider shall pay such income and other taxes as may be properly due as a result of the payment of such compensation;

(e) it has binding agreements with each of its Personnel to protect Northern’s Confidential Information to the same or greater extent than required herein and to convey any intellectual property and/or moral rights necessary to grant Northern any rights or licenses under an applicable SOW;

(f) there is no action, suit, claim, investigation or proceeding pending, or to the best of Provider’s knowledge, threatened or anticipated, nor does Provider know of any basis for any such action against, by or affecting Provider or the Documentation, Hardware, Software or Services which, if adversely decided, may adversely affect: (i) Provider’s ability to enter into this Agreement; (ii) Provider’s performance of its obligations herein; or (iii) Northern’s use of the Documentation, Hardware, Software or Services. Provider further represents and warrant that it shall notify Northern in writing, within ten (10) days of Provider’s knowledge of any action, suit, claim, investigation, or proceeding initiated by or against Provider that may adversely affect Provider’s ability to perform under this Agreement, including where amounts in dispute may result in a material adverse change in the financial status of Provider; and

(g) it shall pay all vendors and Subcontractors in a timely manner and that the Documentation, Products and/or Services shall be provided to Northern free of any liens or encumbrances.

NORTHERN TRUST CONFIDENTIAL

9.3 Remedies. In addition to any other right or remedies that Northern may have at law or in equity, upon written notice from Northern of noncompliance with any representation or warranty set forth in this Agreement, Provider shall, at its sole expense, promptly take all steps necessary to correct the non conformity, at no additional cost to Northern.

9.4 Disclaimer. EXCEPT AS SET FORTH IN THIS AGREEMENT (INCLUDING, FOR THE AVOIDANCE OF DOUBT, IN ANY APPLICABLE MODULES AND/OR SOW(s)), NEITHER PARTY MAKES ANY OTHER REPRESENTATIONS AND/OR WARRANTIES, INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND/OR FITNESS FOR A PARTICULAR PURPOSE.

10.1 Intellectual Property Indemnification. Provider shall indemnify, defend and hold harmless Northern, its Affiliates and their respective directors, officers, employees and agents (collectively, the “Indemnified Parties”) from and against any and all third party claims, losses, damages, suits, fees, judgments, costs and expenses (collectively, “Third Party Claims”), including reasonable attorney’s fees and expenses, incurred in responding to such Third Party Claims, that the Indemnified Parties may suffer or incur due to a claim that any Documentation, Products, Services (including Deliverables thereunder) or Northern’s use or possession thereof infringes or violates any Intellectual Property Rights of a third party. In addition to the indemnification obligations above, if Provider reasonably believes that Northern’s use of any Documentation, Products or Service is, or is reasonably likely to be, disrupted by such a Third Party Claim, it shall promptly so notify Northern and shall, within seven (7) days thereof, at Northern’s discretion and without additional charge: (i) replace the Documentation, Products or Service (including Deliverable thereunder) with a compatible, functionally equivalent and non-infringing alternative; (ii) modify the Documentation, Products or Service (including Deliverable thereunder) so as to provide Northern with a functionally equivalent, compatible and non-infringing Product or Service; (iii) obtain a license for Northern to continue use of the Documentation, Products or Service (including Deliverable thereunder) for the remainder of the term and pay for any additional fees required for such license; or (iv) if none of the foregoing alternatives are reasonably practicable after Provider’s best efforts to achieve them, then, in addition to any other remedies available to Northern under this Agreement or at law or in equity, Northern may terminate this Agreement and/or any applicable SOW and receive a refund of all fees paid thereunder to date. Provider’s obligations under this Section shall apply on a worldwide basis and include both U.S. and non-U.S. jurisdictions.

10.2 Indemnification for Other Matters. Provider shall indemnify, defend and hold harmless the Indemnified Parties from and against any and all Third Party Claims, including reasonable attorney’s fees and expenses incurred in responding to such Third Party Claims, that the Indemnified Parties may suffer or incur due to: (i) Provider’s negligence, willful misconduct or other tortious action; (ii) Provider’s breach of any privacy, confidentiality or data security obligation under this Agreement; (iii) Provider’s acts or omissions resulting in any personal injury (including death) or damage to property; (iv) Provider’s violation of any Law or Regulation; or (v) any claims or liabilities relating to work status, compensation, tax, insurance or benefit matters related to Provider’s Personnel. Provider’s obligations under this Section shall apply on a worldwide basis and include both U.S. and non-U.S. jurisdictions.

NORTHERN TRUST CONFIDENTIAL

10.3 Indemnification Procedure. If a Third Party Claim is commenced with respect to which the Indemnified Party is entitled to indemnification under Sections 10.2 or 10.3, the Indemnified Party shall provide prompt notice thereof to Provider. Provider shall be entitled, if it so elects in a notice promptly delivered to the Indemnified Party, to immediately take control of the defense, settlement and investigation of any Third Party Claim and to employ and engage attorneys reasonably acceptable to the Indemnified Party to handle and defend the same, at Provider’s sole cost. The Indemnified Party shall cooperate in all reasonable respects, at Provider’s cost and request, in the investigation, trial and defense of such Third Party Claim and any appeal arising therefrom. Failure of the Indemnified Parties to satisfy the foregoing notice and cooperation requirements shall relieve Provider of its obligations in this Section only if and to the extent that Provider suffers actual material prejudice as a result thereof. Provider shall not consent to the entry of any order or judgment or enter into any settlement with respect to a Third Party Claim that imposes any obligations on an Indemnified Party without the Indemnified Party’s prior written consent. An Indemnified Party may also, at its own cost, participate through its attorneys or otherwise in such investigation, trial and defense of any Third Party Claim and related appeals. If Provider does not assume full control over the defense of a Third Party Claim as provided in this Section, the Indemnified Party shall have the right to defend the Third Party Claim in such manner as it may deem appropriate, and Provider shall be responsible for all such costs and expenses.

EXCEPT FOR ANY: (i) DAMAGES ARISING OUT OF A PARTY’S FRAUD, GROSS NEGLIGENCE OR WILLFUL MISCONDUCT; (ii) AMOUNTS RESULTING FROM THE OBLIGATIONS UNDER SECTION 10 (“INDEMNITY”) (NO MATTER HOW SUCH AMOUNTS ARE CHARACTERIZED); (iii) DAMAGES AND/OR LIABILITY RESULTING FROM A PARTY’S BREACH OF ITS CONFIDENALITY OBLIGATIONS; AND (iv) DAMAGES AND/OR LIABILITY RESULTING FROM A PARTY’S BREACH OF ITS PRIVACY OR DATA SECURITY OBLIGATIONS HEREUNDER, NEITHER PARTY SHALL BE LIABLE TO THE OTHER FOR ANY INDIRECT, INCIDENTAL, CONSEQUENTIAL, EXEMPLARY, PUNITIVE OR SPECIAL DAMAGES, INCLUDING LOST PROFITS OR LOST BUSINESS WHETHER BASED IN CONTRACT, TORT (INCLUDING NEGLIGENCE), STRICT LIABILITY OR ANY OTHER LEGAL THEORY, EVEN IF THAT PARTY HAS BEEN ADVISED OF THEIR POSSIBILITY.

12.1. Dispute Resolution. If a dispute arises between the Parties relating to this Agreement, the Parties shall initially attempt to resolve such dispute in good faith. The Parties shall ensure that senior executives with decision-making authority, shall attend such negotiation to attempt to reach a mutually agreeable resolution, within fifteen (15) Business Days of either party’s request in writing for such meeting. All negotiations pursuant to this Section are confidential and shall be treated as compromise and settlement negotiations for purposes of applicable rules of evidence.

12.2 Mediation. If the Parties have not resolved any dispute described above within thirty (30) days of the first negotiation, the Parties shall engage in good faith mediation under the then-current mediation procedure of JAMS. Each party shall bear equally the costs of the mediation. The Parties jointly shall appoint a mutually acceptable neutral mediator. If they cannot agree on a mediator within twenty (20) days of the negotiation identified in Section 12.1 above, they shall use a JAMS appointed mediator. The mediation shall take place in Chicago, IL, within thirty (30) days following the selection of a mediator or such date agreed to by the Parties.

NORTHERN TRUST CONFIDENTIAL

12.3 Arbitration; Alternatively, Waiver of Jury Trial. Any dispute, claim or controversy (not amicably resolved pursuant to Sections 12.1 or 12.2) arising out of or relating to this Agreement or the breach, termination, enforcement, interpretation or validity thereof, including the determination of the scope or applicability of this agreement to arbitrate, shall be determined by arbitration in Chicago, Illinois before a single arbitrator. The arbitration shall be administered by JAMS pursuant to its Comprehensive Arbitration Rules and Procedures. Judgment on the award may be entered in any court having jurisdiction. This clause shall not preclude either Party from seeking provisional remedies (including but not limited to injunctive relief) in aid of arbitration from a court of appropriate jurisdiction. The Parties shall maintain the confidential nature of the arbitration proceeding and the award, including the hearing, except as may be necessary to prepare for or conduct the arbitration hearing on the merits or as may be necessary in connection with a court application for a preliminary remedy, a judicial challenge to an award or its enforcement or unless otherwise required by Law or judicial decision. Each Party shall bear its own costs and attorney’s fees. All costs of the arbitration (including but not limited to the fees and expenses of JAMS) shall be split evenly between the Parties. The findings, reasoning and decision of the arbitrator shall be in writing. IN THE EVENT THE PARTIES MUTUALLY AGREE THAT A DISPUTE ARISING OUT OF, CONNECTED WITH, RELATED TO OR INCIDENTAL TO THE AGREEMENT SHALL NOT BE SUBMITTED TO BINDING ARBITRATION, AND INSTEAD AN ACTION SHALL BE BROUGHT IN COURT, THEN BOTH PARTIES EXPRESSLY ACKNOWLEDGE AND AGREE THAT THEY HEREBY WAIVE AND RELINQUISH THEIR (AND THEIR AFFILIATES’) RESPECTIVE RIGHT TO A TRIAL BY JURY ON ANY AND ALL ISSUES.

12.4. Injunctive Relief. In addition to any other available legal and/or equitable remedies, each Party may seek preliminary and/or permanent injunctive relief enjoining the other Party from violating any provision of the Agreement for which the law or equity allows such relief.

13.1 Relationship Managers. Each Party shall appoint a Relationship Manager who shall develop and direct procedures to manage and monitor the relationship between the Parties, including, but not limited to performance, compliance and/or procedural issues under the Agreement, and set a defined schedule (monthly or as otherwise required by Northern) for meetings to address issues directly relevant to thee Agreement. (collectively, “Relationship Management”). Each Party may change its Relationship Manager from time to time by providing written notice to the other Party.

13.2 Notices. All consents, requests, demands, communications, and notices permitted or required to be given hereunder shall be in writing and shall be deemed given only when sent by first class mail (return receipt requested), hand-delivered or sent by documented overnight delivery service with tracking capabilities to the party to whom the notice is directed, at its address indicated below, all delivery charges prepaid. In addition, where this Agreement states that notice shall be given “immediately” after an event occurs, the notifying party shall also send an immediate e-mail message to the other party’s Relationship Manager. Notices to be given “promptly” shall be given within five (5) Business Days. A party may change its address for notices by sending a change of address notice using this notice procedure. The Parties shall send a copy of each notice required to the other Party to:

NORTHERN TRUST CONFIDENTIAL

13.3 Audits. Northern and/or its representative(s) shall have the right to audit, examine and/or make copies of all data (excluding Provider source code, trade secrets, intellectual property and PII), billing records, invoices, payments, documents, information, procedures and records of any type and form, in the possession or control of Provider that relate to or concern the Hardware, Software, Services or Provider’s relationship with Northern including, without limitation, those relevant to the protection of Confidential Information or to the protection of other sensitive data. Provider shall grant reasonable access to its facilities and afford all assistance reasonably necessary so that Northern and/or its representative(s) may complete any audit. Northern shall not be held responsible for reasonable time or miscellaneous costs incurred by Provider in association with any audit.

13.4 Publicity. Provider agrees that it shall not, without the express prior written consent of Northern: (i) use in advertising, publicity, or otherwise, the name of Northern, or any of its Affiliates, or any partner or employee of Northern, nor any trade name, trademark, trade device, service mark, symbol or any abbreviation, contraction or simulation thereof owned by Northern or any of its Affiliates; (ii) represent, directly or indirectly, that any Product or Service supplied by Provider has been approved or endorsed by Northern; or (iii) reveal the existence or terms and conditions of the Agreement, or that Provider is providing Products and/or Services to Northern. Notwithstanding the foregoing, upon prior written notice to Northern, Provider may make any disclosure specifically required by Law or Regulation. If Provider is a publicly traded company and is required to make a disclosure related to the Agreement under Item 601(b)(10) of Regulation S-K of the Securities and Exchange Commission (SEC), a confidential treatment request in a form satisfactory to Northern shall be filed with the SEC.

13.5 Financial Information and Notice of Change of Status. At Northern’s request, Provider shall provide adequate information (as determined by Northern) to allow Northern to assess Provider’s financial status and ability to perform its obligations under this Agreement. Provider shall promptly notify Northern of any material adverse changes in Provider’s sources of capital, cash flow, management, product direction, ownership or financial stability. In addition, Provider shall notify Northern promptly of any actual or threatened occurrence of any event (whether financial or otherwise) that materially affects, or that could reasonably be expected to materially affect, Provider’s ability to perform fully its obligations to Northern.

13.6 Reports and Management Information. In addition to requirements set forth in any applicable Modules and/or SOW(s), Schedules and/or Purchase Orders, Provider shall provide Northern such reports, management information and other information as Northern may reasonably require or request at such times and in such form as may be required by Northern, or by Regulatory Authorities, including, but not limited to monthly compliance reports and monthly Service Level reports. In the event that Provider has direct contact with Northern’s Clients, Provider shall notify Northern of any Client complaints. If Provider is responsible for Northern Client complaint resolution, Provider shall provide monthly reports to Northern detailing the event and resolution status of the complaints to Northern’s Relationship Manager.

NORTHERN TRUST CONFIDENTIAL

14.1 Insurance. Provider shall, during the term of this Agreement, maintain at its expense all appropriate insurance for itself and its Personnel, including but not limited to, the insurance requirements set forth in Exhibit 7 (“Insurance Requirements”) attached hereto.

14.2 Business Continuity Plan. With respect to any Services, Provider shall implement a mutually acceptable Disaster Recovery/Business Continuity Plan (“Business Continuity Plan”) defining its policies, procedures and standards for disaster recovery and business continuity. Additional requirements for the Business Continuity Plan shall be set forth in the applicable Module(s). Any proposed change to the Business Continuity Plan shall not be implemented without Northern’s prior review and written consent.

14.3 Anti-Bribery and Supplier Code of Conduct. With respect to its conduct related to this Agreement, Provider shall adhere to the highest standards related to all legal, environmental, health & safety, human rights and ethical matters and shall, at a minimum comply with the “Northern Global Anti-Bribery and Anti-Corruption Policy for Providers” (Exhibit 2, hereto) and Northern’s “Supplier Code of Conduct” (Exhibit 8, hereto), which may be amended from time to time by Northern.

15.1 Order of Precedence. Any conflict or inconsistency between the terms in the Master and any specific Module shall be resolved in favor of (a) the Master, then (b) the relevant Module and its respective SOWS, Schedules and/or Purchase Orders unless a SOW, Schedule and/or Purchase Order to such Module expressly states that it take precedence over the Master, then (c) the Exhibit(s) unless such Exhibit expressly states that it take precedence over the Master.

15.2 Interpretation. Section titles are for convenience only and shall not affect the meaning or interpretation of this Agreement in any way. As used in this Agreement, “will”means the same thing as “shall,” and the words “include,” “includes,” and “including,” shall always be construed as if followed by the words “without limitation.” The singular includes the plural and vice versa. No warranty, remedy or obligation pursuant to this Agreement shall be conditioned on any other provision of this Agreement unless expressly so provided. THIS AGREEMENT SHALL BE CONSTRUED WITHOUT REGARD TO THE PARTY OR PARTIES RESPONSIBLE FOR ITS PREPARATION AND SHALL BE DEEMED AS PREPARED JOINTLY BY THE PARTIES HERETO. ANY AMBIGUITY OR UNCERTAINTY EXISTING HEREIN SHALL NOT BE INTERPRETED OR CONSTRUED AGAINST EITHER PARTY. EACH OF THE PARTIES AGREES THAT IT HAS READ EACH OF THE PARAGRAPHS OF THIS AGREEMENT, HAS HAD THE OPPORTUNITY TO AVAIL ITSELF OF LEGAL COUNSEL AND IS FREELY AND VOLUNTARILY ENTERING INTO THIS AGREEMENT.

15.3 Assignment. Subject to the additional provisions regarding assignment and related matters set forth in Exhibit 3 (“Resolution Provisions”), neither party may assign any rights or delegate any obligations under this Agreement without the prior written consent of the other Party, which consent shall not be unreasonably withheld or delayed. However, Northern may assign this Agreement, any SOW, Schedule and/or Purchase Order, or any of its rights or obligations, in whole or in part, without Provider’s consent: (a) to any of its Affiliate or (b) to an acquirer or successor-in-interest to Northern or any of its Affiliates in the case of a Northern merger, acquisition, divestiture, consolidation, Resolution Event or corporate reorganization (whether or not Northern is the surviving entity) that is financially viable. Any assignment or attempted assignment contrary to this Section shall be a material breach of this Agreement and null and void. This Agreement and each SOW, Schedule and/or Purchase Order shall be binding upon the successors, legal representatives and permitted assigns of the Parties. For purposes of this Section, any merger, sale or other change in ownership of a majority of the voting stock of Provider or other combination by operation of law with respect to Provider constitutes an assignment requiring consent.

NORTHERN TRUST CONFIDENTIAL

15.4 Acquisition of Entity with Existing Relationship. If any merger or acquisition results in Northern and Provider having in effect other agreement(s) with the same general subject matter as the Agreement or any SOW, Schedule and/or Purchase Order, Northern may, at its option: (a) terminate the Agreement or the other agreement(s) in whole or in part (without liability or additional cost); or (b) require Provider to enter into SOWs, Schedules and/or Purchase Orders or other appropriate documents to move Provider’s obligations, in whole or in part, from any terminated agreement to any continuing agreement.

15.5 Counterparts. The Agreement may be executed and delivered by facsimile or electronic mail and shall constitute the final agreement of the Parties and conclusive proof of such agreement. For the convenience of the Parties, any number of counterparts of this Agreement may be executed by any one or more Parties hereto, and each such executed counterpart (including any facsimile thereof) shall be deemed to be an original, and in the aggregate but one and the same instrument.

15.6 Relationship of the Parties. Provider is an independent contractor of Northern, and this Agreement shall not be construed as creating a relationship of employment, agency, partnership, joint venture or any other form of legal association. Neither Party shall have the power to bind the other or to assume or to create any obligation or responsibility on behalf of the other Party or in the other Party’s name.

15.7 No Modification. No amendment, modification or waiver of or consent with respect to, any provision of this Agreement (including the Master, Modules and/or SOWs, Schedules and/or Purchase Orders thereto) shall be effective unless signed by an authorized representative for each Party. Notwithstanding the foregoing, any Exhibit to this Agreement may be amended or modified at Northern’s discretion. Northern shall use commercially reasonable efforts to notify Provider of any changes that are, in its opinion, material. No course of dealing or usage of trade shall be invoked to modify the terms and conditions of the Agreement. No pre-printed information on invoices, purchase orders or shrink-wrap, click-wrap, browse-wrap or similar agreements shall have any force or effect between the Parties. Payment of an invoice shall not constitute an agreement to the content of the invoice or the acceptance of any Products or Services (including related Deliverables).

15.8 Severability. If any provision of this Agreement conflicts with the Law under which this Agreement is to be construed or if any provision of this Agreement is held to be illegal, invalid or unenforceable by a court of competent jurisdiction, that provision shall be deemed to be restated to reflect as nearly as possible the original intentions of the Parties in accordance with applicable law. The remaining provisions of this Agreement and the application of the challenged provision to persons or circumstances other than those as to which it is invalid or unenforceable shall not be affected, and each of those provisions shall be valid and enforceable to the full extent permitted by law.

15.9 Survival. After this Agreement or any SOW terminates, the terms of this Agreement and SOW that expressly or by their nature contemplate performance after termination or expiration shall survive and continue in full force and effect. Without limiting the generality of the foregoing, the following Sections of this Master shall survive any termination: 1 (“Definitions”); 3 (“Term and Termination”); 5 (“Confidentially”); 6 (“Data Privacy and Information Security”); 7 (“Legal and Regulatory Compliance”); 10 (“Indemnity”); 11 (“Limitation of Liability”); 12 (“Dispute Resolution”); 13.2 (“Notices”); 13.3 (“Audit”); 13.4 (“Publicity”); and 15 (“General”).

NORTHERN TRUST CONFIDENTIAL

15.10 Other Suppliers; Commitment; No Exclusivity. Provider acknowledges that this is not an exclusive agreement and that Northern uses (and reserves the right to continue to use) other suppliers to provide similar or related goods and services. Provider shall, to the extent reasonably requested by Northern, cooperate in good faith and in a timely manner with Northern’s other suppliers. Except as specifically stated in an applicable SOW, Schedule and/or Purchase Order, Northern shall have no obligation to purchase any minimum volume or quantity of Products or Services or to ensure the expenditure of any minimum monetary amount. Nothing herein or in any Module shall be construed as prohibiting or restricting: (a) Northern from independently developing or acquiring goods and/or services that are competitive with the Products or Service; or (b) Provider from providing similar goods and/or services to any other customer; provided, however, that Provider may not during the term of the applicable SOW, provide substantially similar services to any other customer except as and to the extent specifically permitted by a SOW, Schedule and/or Purchase Order; and provided further, that Provider continues to comply with the provisions of Section 4 (“Confidential Information”) above and consistent with Northern’s ownership rights in any Products or Deliverables.

15.11 Rights and Remedies Cumulative. Unless expressly stated otherwise in this Agreement, all rights and remedies provided for in this Agreement shall be cumulative and in addition to, and not in lieu of, any other remedies available to either party at law, in equity or otherwise. If either Party has a choice of one action or another action, the Party may take either or both of those actions at its discretion.

15.12 Waivers. The failure of either Party to enforce strict performance by the other Party of any provision of this Agreement or to exercise any right under this Agreement shall not be construed as a waiver to any extent of that Party’s right to assert or rely upon any provision of this Agreement or right in that or any other instance. A delay or omission by either Party to exercise any right or power under this Agreement shall not be construed to be a waiver of that right or power. For any waiver to be effective, it must be in writing and signed by the Party waiving such right.

15.13 Force Majeure. Each party shall be excused from performance under this Agreement and shall have no liability to the other party for any period it is prevented from performing any of its obligations, in whole or in part, as a result of material delay caused by the other party or by an act of God, war, terrorism, civil disturbance, court order (except for such court order as may prohibit Northern’s payment for the Services provided) or natural disaster (each, a “Force Majeure Event”), but specifically excluding: (a) labor and union-related activities, (b) the non-performance of any Provider Personnel (unless such non performance is due to a Force Majeure Event), and (c) the acts or omissions of the suppliers of Provider. If any of the above circumstances prevent, hinder or delay performance or are expected to hinder or delay performance of Provider’s obligations under this Agreement for more than ten (10) calendar days, Northern may, at its option, terminate this Agreement (in whole or in part) without liability or penalty as of the date Provider receives written notice of termination.

15.14 Rights of Affiliates. All rights and benefits to Parties under this Agreement shall be deemed to extend and inure to the benefit of all Parties Affiliates, as permitted by Law.

NORTHERN TRUST CONFIDENTIAL

15.15 Governing Law; Jurisdiction. This Agreement shall be governed by and construed in accordance with the applicable substantive laws of the State of Illinois, without giving effect to its conflicts of laws rules. The United Nations Convention on the International Sale of Goods shall not apply to the transactions contemplated by this Agreement. The Uniform Computer Information Transactions Act (“UCITA”) shall not apply to this Agreement regardless of when and howsoever adopted, enacted and further amended under the laws of the State of Illinois or any other state. If UCITA is adopted and enacted in the state of Illinois or any other state having jurisdiction over any dispute related to the Agreement, the Parties agree to opt out of the applicability of UCITA pursuant to the opt-out provision(s) contained therein. Subject to the terms of Section 12 (“Dispute Resolution”), each party irrevocably agrees that any legal action, suit or proceeding brought by it in a court in any way arising out of this Agreement shall be brought solely and exclusively in, and shall be subject to the services of process and other applicable rules of, the state courts of Cook County, Illinois or the U.S. District Court for the Northern District of Illinois and each party irrevocably submits to the sole and exclusive personal jurisdiction of the courts in Illinois generally and unconditionally, with respect to any action, suit or proceeding brought by it or against it by the other party. Notwithstanding the foregoing, claims for equitable relief may be brought in any court with proper jurisdiction within the United States.

15.16 Entire Agreement. This Master (including the Exhibits), all Modules (including any Attachments), any applicable Schedules and/or SOWs (including any Appendices) and any applicable Purchase Orders, constitute the entire agreement between the Parties with regard to the subject matter of the Agreement and supersedes any and all prior agreements, understandings, representations, negotiations or communications, written or oral, regarding the subject matter of this Agreement. There are no understandings or representations, express or implied, not expressly set forth in the Agreement.

[SIGNATURE PAGE TO FOLLOW]

NORTHERN TRUST CONFIDENTIAL

IN WITNESS WHEREOF, the Parties have executed and delivered this Master Agreement as of the Effective Date.

ACCEPTED AND AGREED:

THE NORTHERN TRUST COMPANY

WELLTEQ PTE LTD

1 and 2

Insert relevant NT entity and registered office address depending on region

NORTHERN TRUST CONFIDENTIAL

EXHIBIT 1

COUNTRY UNIQUE TERMS

SINGAPORE

In the event that a Northern Affiliate located outside the United States enters into any transactions under the Master Agreement (“Master”) and/or the Software as a Service Agreement (“SaaS Agreement”), the terms thereof shall apply except as specifically set forth below. For the avoidance of doubt, the following terms and conditions constitute an amendment to the Master, the SaaS Agreement and/or any of the Modules or Schedule under those agreements. Any terms or conditions in the Master, the SaaS Agreement and/or Modules or Schedules not specifically modified below remain unchanged and in full force and effect. This Exhibit may be modified by Northern from time to time and it will use commercially reasonable efforts to notify Provider of any changes hereto.

A. MASTER

1. Section 4.5 of the master (“Taxes”) is deleted in its entirety and replaced with the following:

Northern will pay any goods and services tax, excise, sales, use or other similar tax based upon charges or Services and Deliverables rendered pursuant to the Agreement, any of which may be paid by the Provider and added to Northern’s invoice on actual. Northern shall not be obligated to pay any taxes based on the Service Provider’s net income or on any property owned by the Service Provider.

2. Section 12 of the Master (“Dispute Resolution”) is deleted in its entirety and replaced with the following:

Any dispute arising out of or in connection with this Agreement, including any question regarding its existence, validity or termination (a “Dispute”) shall be resolved in accordance with this Section. The Parties agree that they will each use all reasonable endeavors to resolve any Dispute promptly and fairly. Senior representatives of each Party with the requisite authority to resolve a Dispute shall meet within two (2) weeks of a Party’s initial request for a meeting to resolve a Dispute. The Parties shall then have thirty (30) days from the date of the meeting to resolve the Dispute.

Subject to the requirements set out in the clause above having been met, all Disputes arising out of or in connection with this Agreement shall be finally settled in accordance with arbitration in Singapore at the Singapore international Arbitration Centre (“SIAC”) or at such venue in Singapore as the Parties may agree in writing in accordance with the SIAC Arbitration Rules. A tribunal shall consist of a single arbitrator to be appointed by the Chairman of SIAC. The language of the arbitration shall be English. The Parties undertake to keep the arbitration proceedings and all information, pleadings, documents, evidence and all matters relating thereto confidential.

If a Party has not made the election to refer a Dispute to arbitration, each Party shall submit to the non-exclusive jurisdiction of the courts of Singapore for the Dispute to be resolved. Once a Party has commenced legal proceedings in the courts of Singapore to resolve a Dispute, neither Party may elect to refer the Dispute to arbitration in Singapore or elsewhere, and no Party shall be bound to have the Dispute to be resolved by arbitration in Singapore or elsewhere.

NORTHERN TRUST CONFIDENTIAL

The language of the arbitration shall be in English. The decision of the arbitrator shall be final and binding on the Parties and may be used (without limitation) as a basis for judgment in any country which has ratified the 1958 New York Convention on the Recognition and Enforcement of Foreign Arbitral Awards.

Unless prohibited from doing so, until a Dispute is resolved, the Parties are obliged to perform their obligations under this Agreement.

3. Section 8.5 of the Master (“Nondiscrimination”) is deleted in its entirety.

4. Section 8.5 of the Master (“Supplier Diversity”) is deleted in its entirety.

5. Section 15.15 of the Master (“Governing Law and Jurisdiction”) is deleted in its entirety and replaced with the following:

Governing Law; Jurisdiction. This Agreement shall be governed by and construed in accordance with the applicable substantive laws of the country in which the Northern entity involved is incorporated or otherwise established, without giving effect to its conflicts of laws rules. Subject to the terms of Section [9] (“Dispute Resoultion”), each party irrevocably agrees that any legal action, suit or proceeding brought by it in a court in any way arising out of this Agreement shall be brought solely and exclusively in, and shall be subject to the services of process and other applicable rules of the jurisdiction where the Northern entity involved is incorporated and each party irrevocably submits to the sole and exclusive personal jurisdiction of that jurisdiction’s courts generally and unconditionally, with respect to any action, suit or proceeding brought by it or against it by the other Party.

B. SERVICES MODULE

1. Section 3.2 of the Service Module (“Location of Performance”) is deleted in its entirety and replaced with the following:

Location of Performance. Provider shall perform all Services under this Services Module at Northern’s Site(s), unless otherwise specifically set forth in the applicable SOW. In the event that the Parties agree that Service may be provided from Provider’s facilities, unless otherwise set forth in the applicable SOW, they shall be provided solely from locations within the country in which the Northern entity involved is incorporated or otherwise established.

2. Section 8.1 of the Services Module (“Ownership of Deliverables”) is deleted in its entirely and replaced with the following:

8.1 Ownership of Deliverables. Except as otherwise set forth herein, Northern shall exclusively own all right, title and interest (including ownership of Intellectual Property Rights) in and to all items that are conceived, made, discovered, written or created by Provider Personnel alone or jointly with third parties under this Agreement, including the Deliverables, whether completed or works-in-progress, but excluding all and any antecedent methodologies or templates used or created, and any general methods of working developed by the provider, or may have been utilized in creating any of the Deliverables. Any Deliverables that may be considered copyrightable works shall be deemed “works made for hire” of Northern for all purposes of copyright law, and the copyright shall belong solely to Northern. To the extent that any such Deliverables do not fall within the specifically enumerated works that constitute “works made for hire” under the copyright laws, and to the extent that any Deliverables include materials subject to Intellectual Property Rights and/or other proprietary rights protection, Provider hereby irrevocably assigns to Northern all its right, title and interest that it may be deemed to have in and to any and all Intellectual Property Rights and other proprietary rights therein (including renewals thereof). Provider shall obtain, at its expense, such assignments to Northern and any other documentation from Provider’s Personal as are necessary to effectuate the purposes of the previous sentence.

NORTHERN TRUST CONFIDENTIAL

3. Items “(c) and “(d)” of Section 9.1 of the Services Module (“Services”) are deleted in their entirety.

4. Section 9.3 of the Service Module (“Provider personal”) is deleted in its entirety and replaced with the following:

Provider Personnel. In addition to the representations and warranties set forth in the Master and in any applicable SOW, Provider hereby represents and warrants that with respect to any and all Provider Personnel providing Services to Northern pursuant to an applicable SOW:

5. Section 11 of the Services Module (“Security Standards and Certifications”) is deleted in its entirety.

C. HARDWARE MODULE

1. Section 9.5 of the Hardware Module (‘Provider Personnel”) is deleted in its entirety and replaced with the following:

Provider Personnel. In addition to the representations and warranties set forth in the Master and in any applicable SOW, Provider hereby represents and warrants that with respect to any and all Provider Personnel providing Services to Northern pursuant to an applicable SOW:

NORTHERN TRUST CONFIDENTIAL

D. SOFTWARE MODULE

1. Section 11.2 of the Software module (“Source Code Escrow”) is deleted in its entirety.

E. SOFTWARE AS A SERVICE AGREEMENT

1. The definition of “System  Availability” is Section 1 of the SaaS Agreement is modified by deleting the phrase “excluding the hours of midnight Saturday to 6:00 a.m. Sunday U.S. Central Time” and replacing it with the phrase “excluding the hours of midnight Saturday to 6:00 a.m. of the time zone where Northern is incorporated”

2. Section 7.3 of the SaaS Agreement (“Location of Data”) is deleted in its entirety and replaced with the following:

Location of Data. During the Term, Provider shall not store, back up or process (or allow any sub processing of) Northern Data outside the country where Northern is incorporated, unless specifically agreed to in an applicable Schedule. Provider shall identify each data center where Northern Data is stored, backed up and/or processed (or where subprocessing occurs) in each Schedule. Storage of Northern Data is in the most proximal cloud infrastructure data centre where supported by Amazon Web Services (AWS) to where Northern is incorporated and processing of some Northern Data may occur in Singapore or Sydney data centers from time to time.

3. Section 9.5 of the SaaS Agreement (“Maintenance Window”) is modified by deleting the phrase “between 12:00 a.m. and 6:00 a.m. U.S. Central Standard Time” and replacing it with the phrase “between 12:00 a.m. and 6:00 a.m. of the time zone where Northern is incorporated”

4. Section 10.3 of the SaaS Agreement (“Nondiscrimination”) is deleting in its entirety.

5. Section 10.4 of the SaaS Agreement (“Supplier Diversity”) is deleted in its entirety.

6. Section 17 of the SaaS Agreement (“Dispute Resolution”) is deleted in its entirety and replaced with the following:

Any dispute arising out of or in connection with this Agreement, including any question regarding its existence, validity or termination (a “Dispute”) shall be resolved in accordance with this Section. The Parties agree that they will each use all reasonable endeavors to resolve any Dispute promptly and fairly. Senior representatives of each Party with the requisite authority to resolve a Dispute shall meet within two (2) weeks of a Party’s initial request for a meeting to resolve a Dispute. The Parties shall then have thirty (30) days from the date of the meeting to resolve the Dispute.

NORTHERN TRUST CONFIDENTIAL

Subject to the requirements set out in the clause above having been met, all Disputes arising out of or in connection with this Agreement shall be finally settled in accordance with arbitration in Singapore at the Singapore International Arbitration Centre (“SIAC”) or at such venue in Singapore as the Parties may agree in writing in accordance with the SIAC Arbitration Rules. A tribunal shall consist of a single arbitrator to be appointed by the Chairman of SIAC. The language of the arbitration shall be English. The Parties undertake to keep the arbitration proceedings and all information, pleadings, documents, evidence and all matters relating thereto confidential.

If a Party has not made the election to refer a Dispute to arbitration, each Party shall submit to the non-exclusive jurisdiction of the courts of Singapore for the Dispute to be resolved. Once a Party has commenced legal proceedings in the courts of Singapore to resolve a Dispute, neither Party may elect to refer the Dispute to arbitration in Singapore or elsewhere, and no Party shall be bound to have the Dispute to be resolved by arbitration in Singapore or elsewhere.

The language of the arbitration shall be in English. The decision of the arbitrator shall be final and binding on the Parties and may be used (without limitation) as a basis for judgment in any country which has ratified the 1958 New York Convention on the Recognition and Enforcement of Foreign Arbitral Awards.

Unless prohibited from doing so, until a Dispute is resolved, the Parties are obliged to perform their obligations under this Agreement.

7. Section 20.15 of the SaaS Agreement (“Governing Law; Jurisdiction”) is deleted in its entirety and replaced with the following:

Governing Law; Jurisdiction. This Agreement shall be governed by and construed in accordance with the applicable substantive laws of the country in which the Northern entity involved is incorporated or otherwise established, without giving effect to its conflicts of laws rules. Subject to the terms of Section [9] (“Dispute Resolution”), each party irrevocably agrees that any legal action, suit or proceeding brought by it in a court in any way arising out of this Agreement shall be brought solely and exclusively in, and shall be subject to the services of process and other applicable rules of the jurisdiction where the Northern entity involved is incorporated and each party irrevocably submits to the sole and exclusive personal jurisdiction of that jurisdiction’s courts generally and unconditionally, with respect to any action, suit or proceeding brought by it or against it by the other Party.

NORTHERN TRUST CONFIDENTIAL

AUSTRALIA

In the event that a Northern Affiliate located outside the United States enters into any transactions under the Master Agreement (“Master”) and/or the Software as a Service Agreement (“SaaS Agreement”), the terms thereof shall apply except as specifically set forth below. For the avoidance of doubt, the following terms and conditions constitute an amendment to the Master, the SaaS Agreement and/or any of the Modules or Schedule under those agreements. Any terms or conditions in the Master, the SaaS Agreement and/or Modules or Schedules not specifically modified below remain unchanged and in full force and effect. This Exhibit may be modified by Northern from time to time and it will use commercially reasonable efforts to notify Provider of any changes hereto.

A. MASTER

1. Section 4.5 of the Master (“Taxes”) is deleted in its entirety and replaced with the following:

Northern will pay any goods and services tax, excise, sales, use or other similar tax based upon charges or Services and Deliverables rendered pursuant to the Agreement, any of which may be paid by the Provider and added to Northern’s invoice on actual. Northern shall not be obligated to pay any taxes based on the Service Provider’s net income or on any property owned by the Service Provider.

2. Section 12 of the Master (“Dispute Resolution”) is deleted in its entirety and replaced with the following:

Where a dispute arises in connection with this Agreement which cannot be settled immediately between the Parties or their representatives, the Parties shall:

Except where clearly prevented by the area in dispute, both Parties agree to continue performing their respective obligations under this Agreement (including the payments) while the dispute is being resolved unless and until such obligations are terminated or expire in accordance with the provisions of this Agreement.

Nothing in this Agreement prevents either Party at any time seeking injunctive or other equitable relief in order to protect its rights.

3. Section 8.5 of the Master (“Nondiscrimination”) is deleted in its entirety.

4. Section 8.6 of the Master (“Supplier Diversity”) is deleted in its entirety.

5. Section 15.15 of the Master (“Governing Law and Jurisdiction”) is deleted in its entirety and replaced with the following:

Governing Law; Jurisdiction. This Agreement shall be governed by and construed in accordance with the applicable substantive laws of the country in which the Northern entity involved is incorporated or otherwise established, without giving effect to its conflicts of laws rules. Subject to the terms of Section [12] (‘Dispute Resolution”), each party irrevocably agrees that any legal action, suit or proceeding brought by it in a court in any way arising out of this Agreement shall be brought solely and exclusively in, and shall be subject to the services of process and other applicable rules of the jurisdiction where the Northern entity involved is incorporated and each party irrevocably submits to the sole and exclusive personal jurisdiction of that jurisdiction’s courts generally and unconditionally, with respect to any action, suit or proceeding brought by it or against it by the other Party.

NORTHERN TRUST CONFIDENTIAL

B. SERVICES MODULE

1. Section 3.2 of the Service Module (“Location of Performance”) is deleted in its entirety and replaced with the following:

Location of Performance. Provider shall perform all Services under this Services Module at Northern’s Site(s), unless otherwise specifically set forth in the applicable SOW. In the event that the Parties agree that Services may be provided from Provider’s facilities, unless otherwise set forth in the applicable SOW, they shall be provided solely from locations within the country in which the Northern entity involved is incorporated or otherwise established.

2. Section 8.1 of the Services Module (“Ownership of Deliverables”) is deleted in its entirety and replaced with the following:

8.1 Ownership of Deliverables. Except as otherwise set forth herein, Northern shall exclusively own all right, title and interest (including ownership of Intellectual Property Rights) in and to all items that are conceived, made, discovered, written or created by Provider Personnel alone or jointly with third parties under this Agreement, including the Deliverables, whether completed or works-in-progress, but excluding all and any antecedent methodologies or templates used or created, and any general methods of working developed by the provider, or may have been utilized in creating any of the Deliverables. Any Deliverables that may be considered copyrightable works shall be deemed “works made for hire” of Northern for all purposes of copyright law, and the copyright shall belong solely to Northern. To the extent that any such Deliverables do not fall within the specifically enumerated works that constitute “works made for hire” under the copyright laws, and to the extent that any Deliverables include materials subject to Intellectual Property Rights and/or other proprietary rights protection, Provider hereby irrevocably assigns to Northern all its right, title and interest that it may be deemed to have in and to any and all Intellectual Property Rights and other proprietary rights therein (including renewals thereof). Provider shall obtain, at its expense, such assignments to Northern and any other documentation from Provider’s Personnel as are necessary to effectuate the purposes of the previous sentence.

3. Items “(c)” and “(d)” of Section 9.1 of the Service Module (“Services”) are deleted in their entirety.

4. Section 9.3 of the Services Module (“Provider Personnel”) is deleted in its entirety and replaced with the following:

Provider Personnel. In addition to the representations and warranties set forth in the Master and in any applicable SOW, Provider hereby represents and warrants that with respect to any and all Provider Personnel providing Services to Northern pursuant to an applicable SOW:

NORTHERN TRUST CONFIDENTIAL

5. Section 11 of the Services Module (“Security Standards and Certifications”) is deleted in its entirety.

C. HARDWARE MODULE

1. Section 9.5 of the Hardware Module (“Provider Personnel”) is deleted in its entirety and replaced with the following:

Provider Personnel. In addition to the representations and warranties set forth in the Master and in any applicable SOW, Provider hereby represents and warrants that with respect to any and all Provider Personnel providing Services to Northern pursuant to an applicable SOW:

D. SOFTWARE MODULE

1. Section 11.2 of the Software Module (“Source Code Escrow”) is deleted in its entirety.

E. SOFTWARE AS A SERVICE AGREEMENT

1. The definition of “System Availability” is Section 1 of the SaaS Agreement is modified by deleting the phrase “excluding the hours of midnight Saturday to 6:00 a.m. Sunday U.S. Central Time” and replacing it with the phrase “excluding the hours of midnight Saturday to 6:00 a.m. of the time zone where Northern is incorporated”.

2. Section 7.3 of the SaaS Agreement (“Location of Data”) is deleted in its entirety and replaced with the following:

Location of Data. During the Term, Provider shall not store, back up or process (or allow any sub processing of) Northern Data outside the country where Northern is incorporated, unless specifically agreed to in an applicable Schedule. Provider shall identify each data center where Northern Data is stored, backed up and/or processed (or where subprocessing occurs) in each Schedule. Storage of Northern Data is in the most proximal cloud infrastructure data centre where supported by Amazon Web Services (AWS) to where Northern is incorporated and processing of some Northern Data may occur in Singapore or Sydney data centers from time to time.

NORTHERN TRUST CONFIDENTIAL

3. Section 9.5 of the SaaS Agreement (“Maintenance Window”) is modified by deleting the phrase “between 12:00 a.m. and 6:00 a.m. U.S. Central Standard Time” and replacing it with the phrase “between 12:00 a.m. and 6:00 a.m. of the time zone where Northern is incorporated”

4. Section 10.3 of the SaaS Agreement (“Nondiscrimination”) is deleted in its entirety.

5. Section 10.4 of the SaaS Agreement (“Supplier Diversity”) is deleted in its entirety.

6. Section 17 of the SaaS Agreement (“Dispute Resolution”) is deleted in its entirety and replaced with the following:

Where a dispute arises in connection with this Agreement which cannot be settled immediately between the Parties or their representatives, the Parties shall:

Except where clearly prevented by the area in dispute, both Parties agree to continue performing their respective obligations under this Agreement (including the payments) while the dispute is being resolved unless and until such obligations are terminated or expire in accordance with the provisions of this Agreement.

Nothing in this Agreement prevents either Party at any time seeking injunctive or other equitable relief in order to protect its rights.

7. Section 20.15 of the SaaS Agreement (“Governing Law; Jurisdiction”) is deleted in its entirety and replaced with the following:

Governing Law; Jurisdiction. This Agreement shall be governed by and construed in accordance with the applicable substantive laws of the country in which the Northern entity involved is incorporated or otherwise established, without giving effect to its conflicts of laws rules. Subject to the terms Section [9] (“Dispute Resolution”), each party irrevocably agrees that legal action, suit or proceeding brought by it in a court in any way arising out of this Agreement shall be brought solely and exclusively in, and shall be subject to the services of process and other applicable rules of the jurisdiction where the Northern entity involved is incorporated and each party irrevocably submits to the sole and exclusive personal jurisdiction of that jurisdiction’s courts generally and unconditionally, with respect to any action, suit or proceeding brought by it or against it by the other Party.

NORTHERN TRUST CONFIDENTIAL

HONG KONG

In the event that a Northern Affiliate located outside the United States enters into any transactions under the Master Agreement (“Master”) and/or the Software as a Service Agreement (“SaaS Agreement”), the terms thereof shall apply except as specifically set forth below. For the avoidance of doubt, the following terms and conditions constitute an amendment to the Master, the SaaS Agreement and/or any of the Modules or Schedule under those agreements. Any terms or conditions in the Master, the SaaS Agreement and/or Modules or Schedules not specifically modified below remain unchanged and in full force and effect. This Exhibit may be modified by Northern from time to time and it will use commercially reasonable efforts to notify Provider of any changes hereto.

A. MASTER

1. Section 4.5 of the Master (“Taxes”) is deleted in its entirety and replaced with the following:

Northern will pay any goods and services tax, excise, sales, use or other similar tax based upon charges or Services and Deliverables rendered pursuant to the Agreement, any of which may be paid by the Provider and added to Northern’s invoice on actual. Northern shall not be obligated to pay any taxes based on the Service Provider’s net income or on any property owned by the Service Provider.

2. Section 12 of the Master (“Dispute Resolution”) is deleted in its entirety and replaced with the following:

Any dispute arising out of or in connection with this Agreement, including any question regarding its existence, validity or termination (a “Dispute”) shall be resolved in accordance with this Section. The Parties agree that they will each use all reasonable endeavors to resolve any Dispute promptly and fairly. Senior representatives of each Party with the requisite authority to resolve a Dispute shall meet within two (2) weeks of a Party’s initial request for a meeting to resolve a Dispute. The Parties shall then have thirty (30) days from the date of the meeting to resolve the Dispute.

Subject to the requirements set out in the clause above having been met, all Disputes arising out of or in connection with this Agreement shall be finally resolved by arbitration in Hong Kong in accordance with the UNCITRAL Arbitration Rules in force at the date of the request for arbitration. The place of arbitration shall be Hong Kong. The arbitration shall be settled by a sole (1) arbitrator to be jointly appointed by the Parties, failing which the appointment shall be made by the Hong Kong International Arbitration Centre (“HKIAC”). The language of the arbitration will be English.

A request for interim measures or equitable remedies, including injunctive relief, by a Party to a court shall not be deemed to be or construed as incompatible with, or a waiver of, this Agreement to arbitrate. The arbitral tribunal shall have the authority and power to make such orders for interim relief, including injunctive relief, as it may deem just and equitable.

The arbitration shall be kept confidential and the existence of the proceeding and any element of it (including but not limited to any pleadings, submissions or other documents submitted or exchanged, any evidence and any awards) shall not without prior consent by the Parties be disclosed beyond the Parties to the arbitration and their representatives, the arbitral tribunal, the administering institution (if any) and any person necessary to the conduct of the proceeding, except as may be lawfully required whether in judicial proceedings or otherwise in the normal course of business of the Parties.

NORTHERN TRUST CONFIDENTIAL

The awards rendered by the arbitrator shall be in writing (which shall include a statement of the reasons for the award), final and binding on the Parties. The Parties agree to be bound by the awards and agree to execute the awards accordingly.

No provision of this Section shall limit the right of a Party to exercise self-help remedies, including set-off, foreclosure against or sale of any collateral or security, or to obtain provisional or ancillary remedies from a court of competent jurisdiction before, during or after the arbitration proceeding, provided the exercise of any such rights is subject to the other provisions of this Agreement.

Unless prohibited from doing so, until a Dispute is resolved, the Parties are obliged to perform their obligations under this Agreement.

3. Section 8.5 of the Master (“Nondiscrimination”) is deleted in its entirety.

4. Section 8.5 of the Master (“Supplier Diversity”) is deleted in its entirety.

5. Section 15.15 of the Master (“Governing Law and Jurisdiction”) is deleted in its entirety and replaced with the following:

Governing Law; Jurisdiction. This Agreement shall be governed by and construed in accordance with the applicable substantive laws of the country in which the Northern entity involved is incorporated or otherwise established, without giving effect to its conflicts of laws rules. Subject to the terms of Section [9] (“Dispute Resolution”), each party irrevocably agrees that any legal action, suit or proceeding brought by it in a court in any way arising out of this Agreement shall be brought solely and exclusively in, and shall be subject to the services of process and other applicable rules of the jurisdiction where the Northern entity involved is incorporated and each party irrevocably submits to the sole and exclusive personal jurisdiction of that jurisdiction’s courts generally and unconditionally, with respect to any action, suit or proceeding brought by it or against it by the other Party.

B. SERVICES MODULE

1. Section 3.2 of the Services Module (“Location of performance”) is deleted in its entirety and replaced with the following:

Location of Performance. Provider shall perform all Services under this Services Module at Northern’s Site(s), unless otherwise specifically set forth in the applicable SOW. In the event that the Parties agree that Services may be provided from Provider’s facilities, unless otherwise set forth in the applicable SOW, they shall be provided solely from locations within the country in which the Northern entity involved is incorporated or otherwise established.

NORTHERN TRUST CONFIDENTIAL

2. Section 8.1 of the Services Module (“Ownership of Deliverables”) is deleted in its entirety and replaced with the following:

8.1 Ownership of Deliverables. Except as otherwise set forth herein, Northern shall exclusively own all right, title and interest (including ownership of Intellectual Property Rights) in and to all items that are conceived, made, discovered, written or created by Provider Personnel alone or jointly with third parties under this Agreement, including the Deliverables, whether completed or works-in-progress, but excluding all and any antecedent methodologies or templates used or created, and any general methods of working developed by the provider, or may have been utilized in creating any of the Deliverables. Any Deliverables that may be considered copyrightable works shall be deemed “works made for hire” of Northern for all purposes of copyright law, and the copyright shall belong solely to Northern. To the extent that any such Deliverables do not fall within the specifically enumerated works that constitute “works made for hire” under the copyright laws, and to the extent that any Deliverables include materials subject to Intellectual Property Rights and/or other proprietary rights protection, Provider hereby irrevocably assigns to Northern all its right, title and interest that it may be deemed to have in and to any and all Intellectual Property Rights and other proprietary rights therein (including renewals thereof). Provider shall obtain, at its expense, such assignments to Northern and any other documentation from Provider’s Personnel as are necessary to effectuate the purposes of the previous sentence.

3. Items “(c)” and “(d)” of Section 9.1 of the Services Module (“Services”) are deleted in their entirety.

4. Section 9.3 of the Services Module (“Provider Personnel”) is deleted in its entirety and replaced with the following:

Provider Personnel. In addition to the representations and warranties set forth in the Master and in any applicable SOW, Provider hereby represents and warrants that with respect to any and all Provider Personnel providing Services to Northern pursuant to an applicable SOW:

5. Section 11 of the Services Module (“Security Standards and Certifications”) is deleted in its entirety.

NORTHERN TRUST CONFIDENTIAL

C. HARDWARE MODULE

1. Section 9.5 of the Hardware Module (“Provider Personnel”) is deleted in its entirety and replaced with the following:

Provider Personnel. In addition to the representations and warranties set forth in the Master and in any applicable SOW, Provider hereby represents and warrants that with respect to any and all Provider Personnel providing Services to Northern pursuant to an applicable SOW:

D. SOFTWARE MODULE

1. Section 11.2 of the Software Module (“Source Code Escrow”) is deleted in its entirety.

E. SOFTWARE AS A SERVICE AGREEMENT

1. The definition of “System Availability” is Section 1 of the SaaS Agreement is modified by deleting the phrase “excluding the hours of midnight Saturday to 6:00 a.m. Sunday U.S. Central Time” and replacing it with the phrase “excluding the hours of midnight Saturday to 6:00 a.m. of the time zone where Northern is incorporated”

2. Section 7.3 of the SaaS Agreement (“Location of Data”) is deleted in its entirety and replaced with the following:

Location of Data. During the Term, Provider shall not store, back up or process (or allow any sub processing of) Northern Data outside the country where Northern is incorporated, unless specifically agreed to in an applicable Schedule. Provider shall identify each data center where Northern Data is stored, backed up and/or processed (or where subprocessing occurs) in each Schedule. Storage of Northern Data is in the most proximal cloud infrastructure data centre where supported by Amazon Web Services (AWS) to where Northern is incorporated and processing of some Northern Data may occur in Singapore or Sydney data centers from time to time.

3. Section 9.5 of the SaaS Agreement (“Maintenance Window”) is modified by deleting the phrase “between 12:00 a.m. and 6.00 a.m. U.S. Central Standard Time” and replacing it with the phrase “between 12:00 a.m. and 6.00 a.m. of the time zone where Northern is incorporated”

4. Section 10.3 of the SaaS Agreement (“Nondiscrimination”) is deleted in its entirety.

5. Section 10.4 of the SaaS Agreement (“Supplier Diversity”) is deleted in its entirety.

NORTHERN TRUST CONFIDENTIAL

6. Section 17 of the SaaS Agreement (“Dispute Resolution”) is deleted in its entirety and replaced with the following:

Any dispute arising out of or in connection with this Agreement, including any question regarding its existence, validity or termination (a “Dispute”) shall be resolved in accordance with this Section. The Parties agree that they will each use all reasonable endeavors to resolve any Dispute promptly and fairly. Senior representatives of each Party with the requisite authority to resolve a Dispute shall meet within two (2) weeks of a Party’s initial request for a meeting to resolve a Dispute. The Parties shall then have thirty (30) days from the date of the meeting to resolve the Dispute.

Subject to the requirements set out in the clause above having been met, all Disputes arising out of or in connection with this Agreement shall be finally resolved by arbitration in Hong Kong in accordance with the UNCITRAL Arbitration Rules in force at the date of the request for arbitration. The place of arbitration shall be Hong Kong. The arbitration shall be settled by a sole (1) arbitrator to be jointly appointed by the Parties, failing which the appointment shall be made by the Hong Kong International Arbitration Centre (“HKIAC”). The language of the arbitration will be English.

A request for interim measures or equitable remedies, including injunctive relief, by a Party to a court shall not be deemed to be or construed as incompatible with, or a waiver of, this Agreement to arbitrate. The arbitral tribunal shall have the authority and power to make such orders for interim relief, including injunctive relief, as it may deem just and equitable.

The arbitration shall be kept confidential and the existence of the proceeding and any element of it (including but not limited to any pleadings, submissions or other documents submitted or exchanged, any evidence and any awards) shall not without prior consent by the Parties be disclosed beyond the Parties to the arbitration and their representatives, the arbitral tribunal, the administering institution (if any) and any person necessary to the conduct of the proceeding, except as may be lawfully required whether in judicial proceedings or otherwise in the normal course of business of the Parties.

The awards rendered by the arbitrator shall be in writing (which shall include a statement of the reasons for the award), final and binding on the Parties. The Parties agree to be bound by the awards and agree to execute the awards accordingly.

No provision of this Section shall limit the right of a Party to exercise self-help remedies, including set-off, foreclosure against or sale of any collateral or security, or to obtain provisional or ancillary remedies from a court of competent jurisdiction before, during or after the arbitration proceeding, provided the exercise of any such rights is subject to the other provisions of this Agreement.

Unless prohibited from doing so, until a Dispute is resolved, the Parties are obliged to perform their obligations under this Agreement.

7. Section 20.15 of the SaaS Agreement (“Governing Law; Jurisdiction”) is deleted in its entirety and replaced with the following:

Governing Law; Jurisdiction. This Agreement shall be governed by and construed in accordance with the applicable substantive laws of the country in which the Northern entity involved is incorporated or otherwise established, without giving effect to its conflicts of laws rules. Subject to the terms of Section [9] (“Dispute Resolution”), each party irrevocably agrees that any legal action, suit or proceeding brought by it in a court in any way arising out of this Agreement shall be brought solely and exclusively in, and shall be subject to the services of process and other applicable rules of the jurisdiction where the Northern entity involved is incorporated and each party irrevocably submits to the sole and exclusive personal jurisdiction of that jurisdiction’s courts generally and unconditionally, with respect to any action, suit or proceeding brought by it or against it by the other Party.

NORTHERN TRUST CONFIDENTIAL

EXHIBIT 2

NORTHERN GLOBAL ANTI-BRIBERY AND

ANTI-CORRUPTION POLICY FOR PROVIDERS

The following provisions apply to all Providers to Northern globally. These provisions are given force in Northern’s detailed Anti-Bribery and Corruption Program which is regularly revised to capture changes in law and its business and affirms the continuing commitment of Northern and its subsidiaries to comply with anti-corruption laws in force to combat corrupt practices globally.

1. Neither Provider nor any of its principals, shareholders, directors, officers, or employees, are Public Officials. The Provider shall promptly notify Northern if circumstances during the term of the Agreement render the preceding representation and warranty inaccurate with respect to any of the Provider’s Personnel. Upon such notification, Northern may impose such restrictions on the participation of such Personnel in the performance of the Provider’s obligations as Northern deems necessary.

2. Northern does not tolerate any form of bribery in any of its business dealings. Provider and any person acting on its behalf understands Northern’s anti-corruption standard as well as relevant anti corruption laws and regulations (such as, the U.K. Bribery Act 2010 as well as the U.S. Foreign Corrupt Practices Act and any supporting legislation, together the “Anti-Corruption laws”), relevant to the Agreement and has not and will not violate these laws. In particular, the Provider shall not engage in any form of bribery, collusive practice or any other form of corruption and confirms that it will not receive, offer, promise or give any undue financial or other advantage whether directly or indirectly in connection with the Agreement or any other dealings with Northern.

3. In performance of their obligations under the Agreement, neither the Provider, nor any person acting on their behalf, shall: (a) authorize the giving of, offer or promise to give any undue advantage, or anything of value to a Public Official or any other person, with the intention of influencing or inducing the recipient to act improperly, or refrain from acting, in order to obtain or retain business or in connection with a legal or regulatory requirement or to obtain any other improper advantage; or (b) authorize the giving of, offer, or give anything of value to any person with knowledge or firm belief that all or a portion of the payment or gift will be offered, given, or promised, directly or indirectly, to any Public Official or any other person, for any of the purposes stated in subparagraph (a).

The Provider shall not, in the performance of its obligations under the Agreement, transfer anything of value to a Public Official that has discretion over the Products and/or Services subject to the Agreement or is otherwise closely connected thereto, without the prior written consent of Northern. Transactions subject to such prior approval include: monetary payments; business entertainment; meals, lodging or travel expenses; and gifts.

NORTHERN TRUST CONFIDENTIAL

EXHIBIT 3

RESOLUTION PROVISIONS

In the event that Northern becomes insolvent, bankrupt or otherwise subject to a receivership, conservatorship, administration or the like by a governmental or self-regulatory authority or court (a “Resolution Event”), then:

A. Provider shall use all commercially reasonable efforts to continue to provide the applicable Products and/or Services to Northern for the period provided in the applicable SOW, Schedule and/or Purchase Order or for a period of not less than six (6) months from the conclusion of the Resolution Event, whichever is longer. For the avoidance of doubt, Northern shall pay or cause Provider to be paid for such Products and/or Services at the rates set forth in the applicable SOW, Schedule and/or Purchase Order. Provider shall use all commercially reasonable efforts to accommodate any changes to the Products and/or Services required by Northern resulting from a Resolution Event in a manner that minimizes, to the maximum extent possible, any material disruption to Northern’s business and operations. In addition, Provider shall provide other Products and/or Services, mutually agreed to by the Parties, so long as Northern continues to make or causes to be made timely payment for such Products and/or Services. During the period of a Resolution Event, upon Northern’s request, provider agrees to cooperate with Northern in any transition of the Products and/or Services to a replacement provider in a manner that minimizes, to the maximum extent possible, any material disruption to Northern’s business and operations.

B. If the Agreement or any applicable SOW, Schedule and/or Purchase Order expires or terminates during a Resolution Event, in addition to continuing to perform, without interruption, its obligations thereunder as set forth above, Provider shall, at Northern’s discretion: (i) negotiate in good faith to extend or renew the Agreement or any such SOW, Schedule and/or Purchase Order; or (ii) cooperate with Northern in any transition of the Products and/or Services to a replacement provider in a manner that minimizes, to the maximum extent possible, any material disruption to Northern’s business and operations. For the avoidance of doubt, Provider’s provision of products and/or Services described in any applicable SOW, Schedule and/or Purchase Order during such transition period shall be at the rates set forth therein as of the date of the expiration or termination of the Agreement or applicable SOW, Schedule and/or Purchase Order. Reimbursement of extraordinary costs and expenses incurred outside of the Agreement must be agreed upon by the Provider and Northern in writing prior to their occurrence. If the Agreement or any applicable SOW, Schedule and/or Purchase Order is terminated by Northern due to a material breach by Provider, the transition services will be provided to Northern at no Charge.

C. Northern shall have the right to assign any of its rights and obligations under the Agreement without the consent of Provider to: (i) the surviving entity with or into which Northern or any Affiliate of Northern may merge or consolidate; (ii) an entity to which Northern or any Affiliate of Northern transfers its business and/or assets; or (iii) an entity that is a successor entity of Northern (such as a receiver, bridge bank or similar entity).

D. Notwithstanding any provision contained within the Agreement to the contrary, all of Northern’s direct and indirect subsidiaries and affiliates shall be third party beneficiaries of the Agreement for purposes of the Resolution Event.

NORTHERN TRUST CONFIDENTIAL

EXHIBIT 4

INVOICING

On each invoice submitted to Northern related to the Agreement, Provider shall include the following information, in addition to any additional information specified in an applicable SOW, Schedule or Purchase Order.

General Information

Invoice Detail

NORTHERN TRUST CONFIDENTIAL

Invoice Totals

NORTHERN TRUST CONFIDENTIAL

EXHIBIT 5

NORTHERN CORPORATE TRAVEL POLICY FOR

PROVIDERS NOT APPLICABLE

NORTHERN TRUST CONFIDENTIAL

EXHIBIT 6

INFORMATION TECHNOLOGY SECURITY

This Information Technology Security Exhibit (“Information Security Exhibit”) sets forth the minimum information security requirements that Provider shall implement to protect the confidentiality, integrity, and availability of all information processed under the Agreement. The requirements set forth herein are in addition to any information security requirements and service levels specified in the Agreement. Any terms defined elsewhere in the Agreement shall have the same meaning in this Information Security Exhibit. As used herein, all references to Provider shall also be deemed to include, where applicable Provider’s Personnel and Subcontractors.

A. DEFINITIONS

The following terms, as used herein, have the meanings set forth below.

“Data Privacy Laws” mean Laws and Regulations relating to data privacy, transborder data flow and/or data protection, including, without limitation, the Gramm Leach Bliley Act of 1999 (GLBA) and its implementing regulations, the Fair and Accurate Credit Transactions Act of 2003 (FACTA), the Health Insurance Portability and Accountability Act of 1996 and its implementing regulations (45 C.F.R. Parts 160 and 164) (“HIPAA”), the implementing legislation and regulations of the European Union member states under the European Union Directive 95/46/EC, the General Data Protections Regulation (GDPR), and all other similar Laws and Regulations applicable to data privacy, transborder data flows and/or data protection.

“European Economic Area” or “EEA” means the areas within which the Agreement on the EEA of 1994 provides for the free movement of persons, goods, services and capital within the internal markets of the European Union (EU).

“Nonpublic Personal Data” means any information: (a) a consumer provides to Northern to obtain a financial product or service from Northern; (b) about a consumer resulting from a transaction involving a financial product or service between Northern and a consumer; or (c) Northern otherwise obtains about a consumer in connection with providing a financial product or service to that consumer.

“Northern Data” means all data (including Pll and any data relating to authorized users of a Northern product or service), information, text, drawings, images, content and other materials that are embodied in any print or non-print medium that: (a) are supplied to Provider by or on behalf of Northern in connection with this Agreement; or (b) Provider and any Subcontractors are or are in future required to produce, supply, collect, process, store or transmit in the course of performing Provider’s obligations under this Agreement (but excluding any business processes, business tools and the Provider materials).

NORTHERN TRUST CONFIDENTIAL

“Written Information Security Program” or “WISP” means Provider’s written documentation regarding the people, processes and technologies that serve to protect an entity’s assets (people, technology, facilities, information). Provider’s WISP shall have been approved by its management and addresses information security, management’s commitment thereto and shall define Provider’s approach to managing information security. Provider’s WISP shall be published and communicated to all Subcontractors, services providers and Personnel and shall include:

B. ASSET PROTECTION

1. Provider shall establish, implement and comply with information security policies, processes and procedures that meet or exceed the standards and controls set forth in ISO/IEC/BS 17799:2005, ISO/IEC 27001:2013 and ISO/IEC 27002:2013. In the absence of such certification, Provider shall provide evidence of policies and protocols similar and deemed reasonably acceptable to Northern.

2. Provider shall encrypt all Northern Confidential Information and Personally Identifiable Information while in transit over non-private networks or when transporting electronic media.

3. Provider shall encrypt the following data while at rest if applicable to the Provider’s Service: (a) Northern Client personal identification numbers (“PINs”); (b) Client PIN block numbers; (c) PIN encryption keys; (d) track data (e.g., primary account numbers, card verification values, and full card track); (e) Northern Confidential Information, Northern Personnel PII and/or Northern Client PII; and (f) and any other data required to be encrypted pursuant to any standard, Law or Regulation.

4. Provider shall implement adequate controls that prevent the transfer (whether intentional or non-intentional) of Malicious Code within or to Northern excluding when the Provider’s services run external to Northern’s network.

NORTHERN TRUST CONFIDENTIAL

C. COMPLIANCE WITH REGULATIONS AND STANDARDS

With respect to the Agreement and its relationship thereunder with Northern, Provider shall comply with all applicable Data Privacy Laws and or applicable industry standards, including, but not limited to the following.

1. Sarbanes Oxley. To the extent that Provider handles (e.g., transmits, manipulates or manages) Northern financial information, it shall comply with the Sarbanes Oxley Act of 2002.

2. Information Security Standards Established by Regulatory Agencies. To the extent that Provider is provided or has access to any Personally Identifiable Information (including Northern Client Nonpublic Personal Data or Personally Identifiable Information of Northern Personnel), it shall follow the guidelines establishing information security standards as adopted by federal bank regulatory agencies, as well as any standards established by the U.S. Securities and Exchange Commission, including but not limited to implementing reasonable measures designed to: (a) ensure the security and confidentiality of any of Northern’s consumer customer, client or personnel or Northern “Highly Sensitive”, “Sensitive” or “Not Sensitive - Business Use” information in Provider’s possession or control; (b) protect against any anticipated threat or hazards to the security or integrity of this information; (c) protect against unauthorized access to or use of this information that could result in substantial harm or inconvenience to any consumer customer of Northern; and (d) ensure the proper disposal of this information.

3. HIPAA. To the extent that Northern reasonably determines that the provisions of HIPAA are, or may be, applicable to any information and/or Services under the Agreement, Provider shall comply with the HIPAA. In the event that Provider has access to any Identifiable Health Information as defined in HIPAA, both Parties agree to enter into and be bound by an appropriate “Business Associate Agreement” applicable only if the Provider’s Services collect PHI.

4. PCI-DSS. To the extent that Provider processes or is involved with Northern’s issuance of debit cards, it shall comply with the Payment Card Industry Data Security Standards (“PCI-DSS”), and as applicable for the Provider’s line of business, produce an annual Report on Compliance (ROC) which shall be provided to its vendor manager at Northern.

5. ANS X9 Requirements for PIN Management. To the extent that Provider manages in any way Northern PINs or any Hardware Security Modules (HSMs) used to encrypt and transmit PINs it shall adhere to ANS X9 requirements for PIN security and key management. Provider shall be TG-3 assessed and approved by a certified entity at least twice a year. Provider shall provide a copy of all approved TG-3 reports to its vendor manager at Northern.

6. FFIEC Guidelines. To the extent that Provider provides a function integral to handling Northern Client Information it shall comply with the authentication standards set forth in the FFIEC Interagency Guidance on Authentication in an Internet Banking Environment, as amended.

NORTHERN TRUST CONFIDENTIAL

7. Cross-Border Data Transfers and/or Processing. To the extent that Provider stores, processes or hosts Northern or Client PII for individuals residing in the EEA, it shall comply with the requirements set forth in Directive 95/46/EC of the European Parliament and of the Council 24 October 1995 (“European Directive on Data Protection”). Provider’s compliance with the European Directive on Data Protection includes, but is not limited to, compliance with the requirements set forth in the Standard Clauses for the Transfers of Personal Data to Processors (“Standard Clauses”). Upon Northern’s written request, Provider agrees to execute, without modification thereto, such Standard Clauses with Northern. In addition, upon Northern’s request, Provider will obtain self-certification under the EU-US Privacy Shield Framework and maintain such certification during the Term of the Agreement.

(a) Storage or Processing Outside of the EEA. In the event Provider is located outside the European Economic Area, or it is otherwise necessary for Provider to transfer Northern Personal Data related to data subjects within the EEA to a country outside the EEA for processing, Provider shall enter into an agreement with Northern obligating the Provider to adhere to the requirements imposed by the standard contractual clauses for the transfer of Northern Personal Data to processors established in third countries issued by the European Commission pursuant to Article 26(2) and (4) of EU Directive 95/46/EC, unless the country of transfer is a country the European Commission has determined ensures an adequate level of privacy protection by reason of its domestic law, in accordance with Article 25(6) of EU Directive 95/46/EC.

(b) Requirements in the event of Forward Processing. In the event Provider is located in the EEA or a country the European Commission has determined ensures an adequate level of privacy protection under Article 25(6) of EU Directive 95/46/EC, Provider shall ensure that any Subcontractors and other third parties with whom it contracts to process Northern Personal Data comply with data security requirements of the applicable Data Privacy Laws and any relevant data protection contractual terms entered into between Northern and Provider. Provider shall not, and shall ensure that Subcontractors and other third parties with whom it contracts to process Northern Personal Data on its behalf shall not: (i) transfer Northern Personal Data to a territory outside the EEA, except on terms substantially in accordance with the standard contractual clauses issued by the European Commission pursuant to the European Directive on Data Privacy; and (ii) operate in relation to such Northern Personal Data in any way that could put Northern or a Northern in breach of its obligations under the Data Privacy Laws.

D. INCIDENT HANDLING

1. Provider shall provide initial notification of any Security Event to the Northern Relationship Manager and to vendor_breach_notification_team@ntrs.com as soon as practicable but in no event greater than twenty-four (24) hours. Provider shall provide detailed event documentation to Northern within five (5) working days of a Security Event. Initial notification shall include: at minimum, the following: (a) a summary of Northern Confidential Information types subject to the event (e.g., PIN, Name, etc.); (b) a list of actual or suspected unauthorized recipients of Northern Confidential Information; (c) the steps taken by Provider to prevent further unauthorized access or disclosure of Northern Confidential Information; (d) the status and available details of Provider’s investigation into the incident; and (e) such other information as Northern requests. Provider’s investigation report shall, at a minimum, include a detailed list of all Northern Confidential Information that was or may have been compromised and each unauthorized recipient thereof, Provider’s controls that were or may have been compromised or proven ineffective and Provider’s proposal to implement new or additional controls to prevent reoccurrence.

2. Provider shall maintain a documented and tested incident handling program, and ensure that all Security Events are considered incidents as pertains to the Provider’s incident handling program. For purposes of this requirement, the term incident handling refers strictly to those events that compromise the confidentiality of non-public Northern Confidential Information. Provider may choose to more broadly define an incident to include events that impact the integrity or availability of Provider resources that are necessary to provide the contracted service or product.

NORTHERN TRUST CONFIDENTIAL

E. AUDIT

1. Audit by Northern. Provider shall permit Northern or its agent to conduct audits of Provider’s systems, policies and procedures, including: (a) assessments of Provider’s WISP to validate that it incorporates appropriate industry standards and governmental requirements; (b) Provider’s adherence to its WISP; (c) Provider’s adherence to the terms and conditions of the Agreements between Provider related to data protection and data privacy; and (d) Provider’s handling (transmitting, manipulating managing) of Northern Confidential Information.

2. Third-Party Audits. Provider shall provide Northern with executive summaries of all security assessments performed, whether internal or performed by a third party on behalf of the Provider.

3. Remediation of Deficiencies Provider shall remediate, and shall provide attestation of remediation for, any deficiencies identified during any security assessment or audit (whether by Northern or a third-party) that could have a negative impact on the Provider’s ability to: (a) maintain the security, confidentiality or integrity of Northern Confidential Information; (b) prevent its unauthorized destruction, modification, disclosure or use; and/or (c) prevent its accidental loss of or damage.

F. DISPOSITION

1. Destruction by Provider to Northern. Upon termination of the Agreement, , Provider shall certify the destruction of Northern Data, such that all Northern Data is rendered unreadable, undecipherable, and otherwise incapable of recovery.

2. Destruction by Northern to Provider. To the extent that Northern must return assets back to the Provider, Northern reserves the right to remove all Northern Confidential Information and Data from any Provider assets in Northern’s possession. Removal of Northern Confidential Information and Data may take the following forms: Where feasible, Northern may securely erase Northern Confidential Information and Data from Provider systems/assets, leaving all other non-Northern information intact. Where infeasible to technically or practically leave non-Northern information intact, Northern will securely erase all information necessary to ensure the removal of Northern Confidential Information and Data from the Provider asset, or remove and replace all applicable memory components of Provider system.

3. Disposition shall include all assets of the parties to the Agreement, including paper hardcopies, and electric softcopies, and be based upon specific triggers as outlined in the Agreement (e.g., termination, aging).

NORTHERN TRUST CONFIDENTIAL

EXHIBIT 7

INSURANCE REQUIREMENTS

Provider shall, at its own expense, provide and keep in full force and effect during the Term of the Agreement, each of the following insurance coverages underwritten by insurance carriers licensed to do business in the jurisdiction in which the Services are to be performed, with an AM Best rating of “A-” or better.

Cyber Liability -- Cyber Liability insurance with limits of not less than $2,000,000 covering claims involving privacy violations, information theft, damage to or destruction of electronic information, intentional and/or unintentional release of Confidential or Personally Identifiable Information, alteration of electronic information, extortion, regulatory enforcement, denial of services and network security. Provider shall maintain, and ensure any Subcontractors that have access to Northern Confidential Information (including, but not limited to PII), maintain such coverage for claims involving Services for such length of time necessary to cover any and all claims.

Workers Compensation-- Workers Compensation statutory coverage as required by the laws of the jurisdiction in which the services are performed.

Employee Liability -- Mandatory Employers Liability per employing country or jurisdiction. “Neither Provider, nor its Affiliates, nor any Subcontractor hired by it, nor its insurer shall have any claim, right of action or right of subrogation against Northern, its Affiliates or agents based on any occurrence insured against, in whole or in part, under the workers compensation insurance of the Provider or the workers compensation insurance of any subcontractor hired by Provider.”

Commercial General Liability -- Commercial General Liability insurance with limits of not less than: $1,000,000 per occurrence, $1,000,000 for damages to rented premises each occurrence; $1,000,000 personal and advertising injury; $2,000,000 products and completed operations; $10,000 medical expense and $2,000,000 Aggregate. The foregoing limits for Commercial General Liability coverage may be met with the combination of general liability as primary coverage and Excess Umbrella Liability as excess thereto. Proof of Excess Umbrella Liability coverage shall be provided to Northern upon request. Where allowable by law, Northern shall be named as an Additional Insured.

Professional Errors & Omissions -- Professional Liability insurance covering the errors and omissions of Provider and/or its Personnel providing professional Service to Northern with limits of not less than $10,000,000 per occurrence.

Property Insurance -- All risk property insurance covering all personal property and equipment owned, leased or rented by Provider, and used in the scope of its business to provide Products or Services under the Agreement. For the avoidance of doubt, Northern shall have no liability, and shall not maintain insurance coverage for, any Provider property used with respect to Provider’s activities under the Agreement.

Additional Requirements -- If Provider performs any work on Northern’s Premises, it shall provide, on an annual basis and at no cost to Northern, current Certificate(s) of Insurance that comply with the above requirements. In addition, Northern may at any time request that Provider provide it with copies of such Certificate(s). Provider shall provide to Northern prompt notice of cancellation or non-renewal of any of the coverages set forth above.

NORTHERN TRUST CONFIDENTIAL

EXHIBIT 8

SUPPLIER CODE OF CONDUCT

The Northern Trust Company (“Northern”) is committed to conducting business in an ethical, legal and socially responsible manner. Northern expects its suppliers to support this commitment and, therefore, has established this Supplier Code of Conduct (“Code of Conduct”). All Northern suppliers shall meet the following minimum requirements in the areas of compliance with laws, environmental practices, health and safety practices, human rights and labor practices and ethical business conduct in order to do business with Northern.

Compliance with Law Suppliers with whom Northern chooses to conduct business are expected to obey the laws and regulations of the countries from where they provide services to Northern.

Environmental Practices All suppliers to Northern shall comply with all environmental laws and regulations applicable to their operations worldwide. Such compliance shall include, among other things, the following items:

Health and Safety Practices All suppliers to Northern are expected to provide their employees with a safe and healthy working environment in order to prevent accidents and injury and minimize exposure to health risks. Suppliers shall, among other things, comply with the health and safety laws and regulations in the jurisdictions in which they operate and provide:

Human Rights and Labor Practices All suppliers to Northern are expected to adopt sound labor practices and treat their workers fairly in accordance with local laws and regulations. In addition, suppliers must comply with the following standards:

NORTHERN TRUST CONFIDENTIAL

Ethical Business Conduct All suppliers to Northern are expected to conduct their businesses in accordance with the highest standards of ethical behavior.

Acknowledgement, Monitoring and Compliance Suppliers acknowledge receipt of this Code of Conduct. Lack of adherence to the Code of Conduct will be addressed with suppliers by Procurement during the supplier evaluation and via the supplier management process, if necessary.

All suppliers to Northern shall monitor their activities to insure their compliance with this Code of Conduct and applicable legal requirements. If a supplier identifies areas of non-compliance, the supplier agrees to notify Northern Global Procurement as to its plans to remedy any such non-compliance. Without limiting the foregoing, in the event that a supplier becomes aware of any acts of slavery or human trafficking by it or any of its subcontractors or suppliers, it shall promptly notify Northern in writing and reasonably cooperate in any related Northern investigation thereof.

Northern Global Procurement may request additional information from suppliers regarding their compliance efforts and/or engage in additional monitoring activities to confirm supplier’s compliance to this Code of Conduct, including on-site inspections of facilities, use of questionnaires, review of publicly available information or other measures necessary to assess supplier’s performance. Any Northern employee that becomes aware of violations of this policy shall notify Northern Global Procurement for review and appropriate action. Based on the assessment of information made available to the Northern Global Procurement, Northern reserves the right (in addition to all other legal and contractual rights) to disqualify any potential supplier from participation in the bidding process and/or terminate any relationship with any current supplier found to be in violation of this Code of Conduct without liability to Northern.

MODULE No. 3

SOFTWARE LICENSE AND SUPPORT

This MODULE No. 3 (SOFTWARE LICENSE AND SUPPORT) (“Software Module”) is entered into this 1^st March, 2021 by and between The Northern Trust Company¹, Singapore Branch (“Northern”), a company incorporated and existing under the laws of State of Illinois, whose principal place of business is at One George Street, #12-06, Singapore 049145 and WellteQ Pte Ltd (“Provider”), a company with offices at CIDC Building, 90 Eu Tong Sen Street, #03-02B, Singapore 059811. This Software Module is part of the Agreement between the Parties (having an Effective Date of [1st March, 2021]) and the terms and conditions thereof are incorporated herein by reference. This Software Module applies to the licensing of any Software (as defined in the Master) between Northern and Provider and any Software maintenance support related thereto. Any terms defined elsewhere in the Agreement shall have the same meaning in this Software Module. The Parties hereby agree as follows:

1. DEFINITIONS

The following terms, as used in this Software Module (or elsewhere in the Agreement), have the meanings set forth below.

“Critical Program Error” means any Program Error or Key, whether or not known to Northern, that has or may have substantial adverse impact on the operations of Northern or on use of the Software.

“Key” means any key, node lock, time-out or other function, whether implemented by electronic, mechanical, or other means, which restricts or may restrict exercise of any of the licenses granted under this Software Module, based on residency in certain Software, frequency or duration of use, or other limiting criteria.

“Program Error” means code in the Software that causes it to be inoperable, that produces unintended results or actions, or that produces results or actions other than those described in the Documentation or the applicable Schedule. Program Error includes, without limitation, any Critical Program Error.

“Purchase Order” means Northern’s written order to Provider, that incorporates the Agreement (including this Software Module) by reference, for the license of Software and/or Software Maintenance Services.

“Schedule” means the document Northern and Provider execute pursuant to this Software Module for the provisions of specific Software and/or Software Maintenance Services. For a Schedule to be effective, it must be signed by both Parties.

“Specification” means the features, components, operating requirements, performance capabilities and compatibility listings with respect to the Software set forth in the applicable Documentation.

“Updates” means upgrades, versions, new versions, releases and/or other changes to the Software developed or acquired by Provider and made generally available to its commercial customers. For the avoidance of doubt, Updates also include any successor product(s) that incorporates the functionality of the Software, with or without the inclusion of more functions or features, even though it may be offered under a new software name or names.

“User” means any Northern (or Northern Affiliate) Personnel that Northern has authorized to access and Use the Software in the performance of their duties on behalf of Northern and/or its Affiliates.

2. TERM AND TERMINATION

2.1 Effective Date and Term. This Software Module shall be effective upon execution by both Parties (“Module Effective Date”). In the event that any pending Schedule or Purchase Order for Software predates the Module Effective Date, then the Parties specifically agree that the terms and conditions contained herein apply to such Schedule or Purchase Order. Unless terminated earlier as set forth in the Agreement or below, or the Parties agree otherwise, the term of this Software Module (“Module Term”) shall end on the same date as the Master.

2.2 Termination. Northern may terminate this Software Module and/or any Schedules under it pursuant to the terms set forth in the Master. In addition, either Party may terminate an applicable Schedule pursuant to any additional termination rights set forth therein. Provider may terminate the license granted herein only if Northern materially breaches its obligations under Section 4.3 (“Ownership and License Restrictions”) or Section 5.1 (“Software License Charges”).

2.3 Effect of Termination/Expiration. Upon termination or expiration of this Software Module or any Schedule(s) hereunder, Provider shall promptly deliver to Northern all papers, documents, software programs and other tangible items (including all copies) constituting Northern Confidential Information related hereto or the applicable Schedule(s) in Provider’s possession, custody or control. Upon written request from Northern, Provider shall promptly certify in writing that it has delivered to Northern (or, as applicable, successfully destroyed) all such Northern Confidential Information. If Provider is not otherwise in breach of its obligations under the Agreement or an applicable Schedule, Northern shall pay all undisputed outstanding invoices for Software delivered and Accepted prior to the date of termination or expiration hereof in accordance with the terms of the Agreement. In no event shall Northern be required to reimburse Provider for any unabsorbed overhead or anticipated profits for periods after the effective date of termination. In the event that Northern has pre-paid any Charges under an applicable Schedule related to Software Maintenance Services that have not been delivered, Provider shall promptly refund all such amounts unless otherwise agreed and authorized by Northern. Any termination or expiration of this Software Module, except due to a material breach by Northern, shall not affect any licenses granted herein.

3. SCHEDULES; ORDERS FOR SOFTWARE AND SOFTWARE MAINTENANCE SERVICES

3.1 Licensing of Software and Documentation. Provider shall provide to Northern pursuant to the license terms set forth in Section 4 below, those pieces of Software and related Documentation specifically identified in a Schedule under this Software Module and that are requested by Northern in an applicable Purchase Order. Unless otherwise agreed by the Parties in the applicable Schedule, all Software provided hereunder shall include all modules, run-time libraries and similar components required to enable the operation of the Software in accordance with the Specifications.

3.2 Schedules; Purchase Orders. From time to time, Provider may issue a quote for various pieces of Software identified and requested by Northern. In the event that Northern chooses to license such Software, it and Provider shall execute a Schedule that reflects the information in Provider’s quote. Each such Schedule shall include: (i) the period during which Northern can license the Software and/or purchase Software Maintenance Services under the terms and conditions (including the Charges) set forth in that Schedule (“Schedule Term”); (ii) a description of the Software; (iii) the applicable Software Acceptance Criteria; (iv) the applicable Charges for the Software and Software Maintenance Services; (v) Provider’s billing information; and (vi) such other information as may be relevant to the Software and/or Software Maintenance Services to be provided by Provider. No Schedule shall be effective unless signed by authorized representatives of both Parties. When Northern wishes to order Software and/or Software Maintenance Services under the applicable Schedule, it shall issue a Purchase Order.

3.3 Changes to and Cancellation of Purchase Orders. Northern may make changes to any Purchase Order at any time prior to Delivery, including, without limitation, the quantity of Software (i.e., number of Users) to be licensed, delivery method and/or location for delivery of Software. Provider shall comply immediately with such direction and avoid unnecessary costs related thereto. Northern may cancel an individual Purchase Order, in whole or in part, in the event that Provider: (i) fails to Deliver (in whole or in part) any of the Software licensed within the time provided; (ii) breaches any material term(s) of the Agreement (including this Software Module); or (iii) Northern reasonably believes that Provider is not acting with diligence sufficient to permit Delivery by the scheduled Delivery Date. Northern shall not be required under any circumstances to pay cancellation, restocking or any similar fees or penalties relating to its cancellation of a Purchase Order.

4. LICENSES TO SOFTWARE AND DOCUMENTATION

4.1 Software. Provider hereby grants to Northern and its Affiliates a fully paid-up (as per purchased licenses), enterprise-wide, non-exclusive, irrevocable (except for cause), worldwide license to: (1) use, execute, operate, display and perform (collectively “Use”) the Software on any and all CPU’s, processing complexes, servers, networks, work stations and other platforms operated by or on behalf of Northern or its Affiliates, wherever located, subject to the terms and conditions set forth in this Software Module and in accordance with the Documentation; (2) make additional copies of the Software as reasonably necessary for backup, disaster recovery and/or archival purposes, or for benchmark or other temporary testing. Northern may allow up to the number of Users identified in the applicable Schedule to Use the Software. This license includes the right to authorize Northern Personnel and suppliers of Northern and its Affiliates to perform any of the activities described in this Section 4.1.

4.2 Documentation. Provider hereby grants to Northern and its Affiliates a fully paid-up (as per purchased licenses), enterprise-wide, irrevocable (except for cause), worldwide license to: (1) use the Documentation; (2) change, modify the Documentation, including, without limitation, to edit and reformat any of the Documentation, for on-line or other forms of electronic access. This license includes the right to authorize Northern Personnel and suppliers of Northern and its Affiliates to perform any of the activities described in this Section 4.2.

4.3 Ownership and License Restrictions. Provider retains all right, title and interest in and to the Software, and any intellectual property rights associated with it, unless expressly granted to Northern in this Software Module or an applicable Schedule. Northern shall not: (a) sublicense, sell, rent, lease, transfer, assign, or distribute the Software to third parties; (b) host the Software for the benefit of unaffiliated third parties in a service bureau mode; (c) disclose or permit any third party (other than a permitted User) to access the Software; (d) hack or modify any license key, or try to avoid or change any license registration process embodied in the Software; (e) modify or create derivative works of the Software, or merge the Software with other software; (f) disassemble, decompile or otherwise reverse engineer the Software or attempt to derive any of its Source Code, in whole or in part, except to the extent such activities are expressly permitted by law notwithstanding this prohibition; or (g) modify, obscure or delete any proprietary rights notices included in or on the Software or Documentation. For the avoidance of doubt, the foregoing restrictions shall not limit Northern’s right to build interfaces with and/or otherwise link the Software with other software or systems not owned or licensed by Provider.

5. CHARGES

5.1 Software License Charges. Each Schedule shall set forth the one-time license Charge for the Software described in that Schedule. Such license Charge for additional instances of the Software shall not be raised during the Schedule Term without the Parties executing an amendment to that Schedule. Provider shall issue invoices for Software licensed under this Software Module pursuant to the specific schedule and terms set forth in the applicable Schedule and consistent with Exhibit [4] to the Master (“Invoicing”).

5.2 Charges for Software Maintenance Services. After the Initial Software Maintenance Term (as defined below), in the event that Northern elects to procure Software Maintenance Services, Provider shall deliver such Services for the fee specified in the applicable Schedule. Charges for Software Maintenance Services set forth in each Schedule shall be fixed for the first three (3) years following the Software Acceptance Date. Northern may renew the Software Maintenance Services for additional terms of one (1) year each (“Renewal Terms”). After the third anniversary of the Software Acceptance Date, Provider may increase the Charges for each Renewal Term; provided, however, that any such increase shall not exceed the lesser of the then current U.S. Consumer Price Index or one percent (1%) of the amount paid in the previous year. For the avoidance of doubt, Northern shall not be obligated to purchase Software Maintenance Services from Provider unless it executes an applicable Schedule for such Services and issues a related Purchase Order.

6. DELIVERY; RISK OF LOSS

Unless otherwise set forth in an applicable Schedule and/or Purchase Order, within two (2) business days of the date set forth in the applicable Purchase Order, Provider shall: (a) make the Software available to Northern for download on a secure, password-protected website; \All Software shall be provided in executable code form, and shall be accompanied by instructions sufficient to allow Northern to install and Use such Software without the assistance of Provider. As Updates become available, Provider provide Northern written notice thereof and make all such Updates available for download on the same website as identified above. Contemporaneous with any Updates, Provider shall deliver to Northern any revisions and/or additions to the Documentation necessary to keep the Documentation current. In the event that the Software and/or Documentation is lost and/or damaged in transit, Provider shall promptly provide a replacement copy to Northern at no additional cost.

7. SOFTWARE ACCEPTANCE OR REJECTION

7.1 Software Acceptance. Within the time period mutually agreed to in the Schedule, Northern shall notify Provider that the Software has been installed and is ready for acceptance testing (“Test Availability Date”). Northern shall have thirty (30) days (“Software Acceptance Period”) following the test Availability Date in which to test and use the Software to determine whether, in Northern’s reasonable judgment, the Software materially conforms to the Requirements, Documentation and Specifications applicable thereto and/or any mutually agreed upon acceptance test plan set forth in the applicable Schedule (collectively, the “Software Acceptance Criteria”). If Northern reasonably determines that the Software meets the Software Acceptance Criteria, it shall promptly provide written notice to Provider that it has accepted the Software. The date of such notice shall be deemed the “Software Acceptance Date”. Failure of Northern to share written notice to accept the software within 60 days, the software will be deemed accepted.

7.2 Software Rejection. If Northern reasonably determines that the Software does not meet the Software Acceptance Criteria, it shall provide Provider with written notice of any non-conformities (“Initial Notice of Software Rejection”). Provider shall promptly deliver to Northern a written plan identifying the steps it shall take to remedy any deficiencies identified by Northern (“Deficiency Plan”). Provider shall have thirty (30) days from the date of the Initial Notice of Software Rejection (“Software Correction Period”) to correct, consistent with the Deficiency Plan, all identified material non-conformities in the Software so that it meets the Software Acceptance Criteria. Northern shall then retest the Software to determine if the corrected Software meets the Software Acceptance Criteria. If Northern reasonably determines that the corrected Software meets the Software Acceptance Criteria, it shall promptly provide written notice to Provider that it has accepted the Software. In the event that Northern reasonably determines that the Software still does not meet the Software Acceptance Criteria, Northern shall notify Provider in writing of its rejection of the Software (“Final Notice of Software Rejection”), and Northern may, in its sole discretion, either allow Provider additional time to correct the deficiencies or terminate the applicable Schedule and/or Purchase Order immediately. If Northern elects to terminate the applicable Schedule and/or Purchase Order, Provider shall promptly deliver to Northern a full refund of all applicable Charges excluding any customization or consultancy. Within thirty (30) days of Final Notice of Software Rejection or the date of Northern’s receipt of such refund, whichever occurs later, Northern shall destroy all copies of the Software and Documentation and may pursue any rights that it has under the Agreement, at law or in equity.

8. SOFTWARE MAINTENANCE SERVICES

8.1 Initial Software Maintenance Term. For a period of one (1) year from Software Acceptance Date (“Initial Software Maintenance Term”), Provider covenants that: (a) the Software shall not contain any material defects or Critical Program Errors and shall function properly and in conformity with its Specifications; (b) it shall provide to Northern any and all Updates; and (c) Provider shall provide to Northern all reasonably necessary telephone or written consultation requested by Northern in connection with its Use of the Software or any problems therewith (items (a) through (c) comprising (“Software Maintenance Services”). The Software Maintenance Services during the Initial Software Maintenance Term shall be provided by Provider at no additional charge to Northern. Provider’s specific obligations with respect to Software Maintenance Services (e.g., problem classification, response times, etc.) shall be set forth in Software Support Attachment to the applicable Schedule.

8.2 Renewal Software Maintenance Term(s). After expiration of the Initial Software Maintenance Term, if Northern, in its sole and exclusive discretion, chooses to purchase Software Maintenance Services, Provider shall provide such Software Maintenance Services for a period of not less than three (3) years pursuant to the terms set forth in the applicable Schedule. Northern, in its sole discretion, may renew Software Maintenance Services for successive one-year (1 year) terms by providing written notice to Provider not less than thirty (30) days prior to the end of the then current term. For the avoidance of doubt, in the event that Northern elects not to renew the Software Maintenance Service, Northern shall not be precluded from Use of the Software subject to the terms and conditions of this Agreement.

8.3 Discontinuation of Software Maintenance Service. In the event that Provider discontinues Software Maintenance Services to all of its commercial customers for any Software licensed hereunder, or replaces the applicable Software with another software program or programs with substantially similar functionality (“New Program”), Provider shall, at Northern’s sole option, either: (a) continue to provide Software Maintenance Services for such discontinued features or functionality for a period of one (1) year; (b) provide Northern with a license to the New Program, in accordance with this Agreement, at no additional charge; or (c) provide the Source Code to the applicable Software to Northern so it can support and maintain the Software.

9. REPRESENTATIONS AND WARRANTIES

9.1 Noninfringement. In addition to the representations and warranties set forth in the Master and in any applicable Schedule, Provider hereby represents and warrants that with respect to the Software and/or Documentation provided hereunder, there is currently no actual or threatened suit by any third party based on an alleged violation of such third party’s Intellectual Property Rights, proprietary information or nondisclosure rights by Provider or other licensee known to Provider and that, for so long as this Software Module is in effect, it shall notify Northern immediately, in writing, in the event that it becomes aware of any action, suit, or proceeding (pending or threatened), that it reasonably believes may have a material impact on Northern’s continued use of the Software or Documentation.

9.2 Sufficient Rights. In addition to the representations and warranties set forth in the Master and in any applicable Schedule, Provider hereby represents and warrants that has the full power and authority to grant the rights contained in this Software Module to Northern with respect to the Software, Documentation.

9.4 Software and Documentation. In addition to the representations and warranties set forth in the Master and in any applicable Schedule, Provider hereby represents and warrants that:

(a) for a period of one (1) year from Software Acceptance Date, any Software provided hereunder does not and shall not contain any material defects, including any Critical Program Errors and will in all material respects operate in conformity with its Specifications;

(b) any Software provided hereunder shall accurately address, present, produce, store and calculate data involving leap years, daylight savings time and multi-century dates and will not produce incorrect results involving such dates or times;

(b) any Software provided hereunder does not and shall not contain or incorporate any Malicious Code;

(c) any Software provided hereunder does not and shall not contain or incorporate any Open Source Software components that reasonably may cause or require other Northern software or systems to become subject to license terms requiring such Northern software or systems to be: (i) disclosed or distributed in Source Code form; (ii) licensed for the purpose of making derivative works; or (iii) redistributable at no charge; and

(d) in the event that any Software provided hereunder is not delivered via electronic download, then the media containing it is and shall be free from all defects in materials and workmanship; and

(e) any Documentation provided hereunder shall be complete and shall describe the Software and all components thereof accurately so as to enable reasonably skilled information technology professionals to operate, diagnose and maintain the Software properly, safely and efficiently.

9.5 Remedies. Without limiting any other right or remedy available to Northern, under the Agreement (including any applicable Schedule), at law or in equity, if Provider breaches any of the representations and warranties set forth above that are subject to correction, Provider shall promptly correct or cause the correction of the deficiencies giving rise to the breach and, as applicable bring, the Software into compliance with these representations and warranties without additional charge to Northern. If any breach prevents or substantially interferes with Northern’s ability to conduct its business, Provider shall use all commercially reasonable efforts to correct the deficiency within twenty-four (24) hours after Provider learns of the deficiency (or such other correction period as may be set forth in the applicable Schedule) at no cost to Northern. If Provider fails to comply with this Section 9, Northern may, at its option and with prejudice to any other of its rights, terminate the applicable Schedule(s) or this Software Module without additional cost.

9.6 Disclaimer. EXCEPT AS SET FORTH IN THE AGREEMENT (INCLUDING, FOR THE AVOIDANCE OF DOUBT, THIS SOFTWARE MODULE AND ANY SCHEDULE(s) UNDER IT), NEITHER PARTY MAKES ANY OTHER REPRESENTATIONS AND/OR WARRANTIES, INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND/OR FITNESS FOR A PARTICULAR PURPOSE.

11. OTHER OBLIGATIONS; GENERAL

11.1 Disablement. Provider shall not, subject to any maintenance and/or upgrades and any temporary loss of service due to same or the temporary loss of service due to a supplier of the Provider outage, disable with, in whole or in part, any software (including, but not limited to Software provided hereunder), hardware, systems or data owned, leased, licensed, utilized or held by Northern, its Affiliates or their respective Clients (“Disablement”), without the prior written permission of a Northern senior executive. Under no circumstances shall Provider undertake any Disablement in connection with any dispute between the Parties. Any breach by Provider of this Provision shall constitute a material breach of the Agreement and/or this Software Module and any applicable Schedules.

11.2 Source Code Escrow. In the event that Northern determines that it requires the Source Code for Software provided hereunder to be placed in escrow with a third-party, the Parties shall negotiate in good faith an appropriate Appendix to the applicable Schedule (“Escrow Agreement”). Notwithstanding the foregoing, in addition to any rights to the deposited materials under such Escrow Agreement, in the event that Provider is the subject of a petition for relief under Title 11 of the United States Code (“Bankruptcy Code”), Northern has and shall have all of the rights afforded a license under section 365(n) thereof in the event of a rejection of the Agreement (including this Software Module and any Schedules under it) and any failure by Northern to assert its rights to ‘retain its benefits’ to the intellectual property encompassed by the Software, pursuant to §365(n)(1)(B) of the Bankruptcy Code under an executory contract rejected by the trustee in bankruptcy shall not be construed as a termination of the contract by Northern under §365(n)(1)(A) of the Bankruptcy Code.

11.3 Order of Precedence. Any conflict or inconsistency between the terms in the Master and this Software Module shall be resolved in favor of the Master. Any conflict or inconsistency between the terms of this Software Module and any Attachment hereto or a Schedule under it shall be resolved in favor of this Software Module unless such Attachment or Schedule expressly states that it take precedence over the Master and/or this Software Module and constitutes an amendment hereto.

11.4 Entire Agreement. This Software Module (including any Attachments), the Master (and its Exhibits) and any applicable Schedules (including any Appendices and/or Purchase Orders) hereunder, constitute the entire agreement between the Parties with regard to the subject matter hereof and supersedes any and all prior agreements, understandings, representations, negotiations or communications, written or oral, regarding the subject matter hereof. There are no understandings or representations, express or implied, not expressly set forth in herein.

11.5 Electronic Contracting Methods Contained in Software, etc.. Electronic agreement methods contained in any Software, any Provider websites or in any other medium (including, but not limited to “I Agree” or “I Accept” buttons) shall not be sufficient to supersede or otherwise modify the terms of this Software Module. All such “click-wrap,” “click-through,” “browse-wrap” or “shrink-wrap” terms and conditions shall be of no force or effect and shall be null and void.

13.6 Counterparts. This Software Module may be executed and delivered by facsimile or electronic mail and shall constitute the final agreement of the Parties and conclusive proof of such agreement. For the convenience of the Parties, any number of counterparts of this Software Module may be executed by any one or more Parties hereto, and each such executed counterpart (including any facsimile thereof) shall be deemed to be an original, and in the aggregate but one and the same instrument.

[SIGNATURE PAGE TO FOLLOW]

IN WITNESS WHEREOF, the Parties have executed and delivered this Software Module as of the last date set forth below.

ACCEPTED AND AGREED: