Amended and Restated Agreement; Transition Services.

Effective as of the Effective Date, this Agreement shall amend and restate the Prior Agreement in its entirety, and such amended and restated agreement shall thereafter govern the rights and obligations of the Parties with respect to the matters subject to the Prior Agreement and this Agreement. Without limiting the foregoing, and for avoidance of doubt, the Parties acknowledge and agree that the provisions of Sections 3(b), 4(b), 4(d), 5(c), 8, 12(e), 12(f), 13 and 15 shall apply with respect to acts, omissions or circumstances existing or occurring during the Prior Agreement or this Agreement.

The Parties acknowledge their mutual intent and agreement to end the on-going relationship between the Parties, and that the Sponsorship Services provided by BofA after the Effective Date are intended as an accommodation to Company for a limited transition period. Company agrees that during the Term of this Agreement, Company will attempt to enter into a relationship with a new provider for the Sponsorship Services previously provided by BofA and to be provided under this Agreement by BofA. Company shall require that any new provider assume the transfer of all BINs / ICAs currently used by Company on terms and conditions reasonably acceptable to BofA, and Company shall cooperate (and cause such new provider to cooperate) with BofA with respect to the transfer of such BINS / ICAs to such new provider. The Parties recognize the importance of Company’s ability to transition to a new provider of sponsorship services by the end of the Term, and shall cooperate in good faith to achieve such transition by the end of the Term. If Company enters into an agreement with a new provider of sponsorship services, the Parties will cooperate in good faith with each other and with the new provider with respect to the transfer of the BINS/ICAs currently used by Company to such new provider, and BofA will provide Company and such new provider with other commercially reasonable transition assistance services that are requested to allow Company to fully transition to such new provider by the end of the Term.

Company acknowledges and agrees that as of the expiration or termination of this Agreement, BofA and its Affiliates shall have absolutely no obligation to provide any Sponsorship Services to Company or with respect to any Customer businesses, whether or not Company has entered into an agreement with a new provider to obtain new sponsorship services, and that Company bears the entire risk of loss and business disruption of Company is unable to obtain such sponsorship services from another provider.

General. BofA agrees to provide the Sponsorship Services with respect to Company and the operations of its Customers in the United States or any United States territory (as defined by each applicable Network), including Terminals located in the United States, on the terms and conditions set forth in this Agreement; provided, however, that (1) BofA may perform such Sponsorship Services, in whole or in part, by causing an Affiliate to perform such Sponsorship Services, (2) BofA shall remain liable to Company for performance of Sponsorship Services by an Affiliate of BofA, and (3) references to performance by BofA of Sponsorship Services in this Agreement shall be deemed to include BofA’s option to cause an Affiliate to provide such Sponsorship Services. BofA acknowledges that Company in some instances provides certain of its Payment Services through its Affiliate Cash Systems, Inc. (“CSI”), and that the Sponsorship Services shall extend to CSI; provided that Company shall remain liable for CSI’s compliance with the terms and conditions of this Agreement.

Performance by Customers. Company hereby unconditionally guarantees performance of, and agrees that it is jointly and severally liable with each Customer, for each Customer’s obligations and liabilities under each Customer Agreement, including, without limitation, for any Claims which in any way directly or indirectly relate to, result from or arise out of, any Customer’s violation of, or failure to comply with, the Operating Rules or Applicable Law. For the avoidance of doubt, the Sponsorship Services shall not include providing vault cash to Company or any Customer, and the Parties acknowledge that the provision of vault cash by BofA or its Affiliate to Company and Customers is subject to a separate agreement between BofA or its Affiliate and Company, and that this Agreement shall in no way affect the obligations or the parties to that agreement, including the termination date thereof, unless and to the extent expressly provided herein.

Existing Sponsorships. Subject to the terms and conditions of this Agreement, BofA agrees to continue to provide the Sponsorship Services with respect to each Customer with respect to which BofA was providing such Sponsorship Services on the Effective Date, provided that (1) Company provides BofA with information mutually agreed between the Parties from time to time to evaluate such Customer, and (2) each such Customer has entered into a written Customer Agreement in form and substance acceptable to BofA. Notwithstanding the foregoing, BofA may cease providing Sponsorship Services with respect to an existing Customer to the extent that BofA determines in its reasonable judgment, that (A) such action is required by a Network, the Operating Rules or Applicable Law, or (B) continuing to provide such Sponsorship Services would present a significant financial or reputational risk to BofA.

Requests for New Sponsorships. As a condition of BofA providing Sponsorship Services with respect to any new Customer on or after the Effective Date, except as otherwise agreed between the Parties, Company will (1) provide BofA with information mutually agreed between the Parties from time to time to evaluate such Customer, and (2) ensure that each such Customer enters into a written Customer Agreement in form and substance acceptable to BofA. Notwithstanding the foregoing, BofA has sole and absolute discretion to determine whether to provide or cause its Affiliate to provide Sponsorship Services with respect to any new Customer; provided that, to the extent reasonably practicable, BofA will attempt to (A) discuss with Company its decision not to provide Sponsorship Services to a specific Customer in advance and (B) work in good faith with Company to determine if there are any remedial measures that can be implemented to address the underlying basis for BofA’s intent to deny Sponsorship Services.

Underwriting Standards. BofA reserves the right, at all times, to establish the underwriting standards and eligibility criteria for Customers with respect to which it will provide Sponsorship Services. BofA may refuse to provide Sponsorship Services with respect to the operations of any Customer or at any Customer location that BofA determines in its sole and absolute discretion does not meet BofA’s underwriting standards or eligibility criteria; provided that, to the extent reasonably practicable, BofA will attempt to (1) discuss with Company its decision not to provide Sponsorship Services to a specific Customer and (2) work in good faith with Company to determine if there are any remedial measures that can be implemented to address the underlying basis for BofA’s intent to deny Sponsorship Services. If BofA makes such a determination with respect to an existing Customer, BofA and its Affiliates shall have no liability with respect to any failure by Company to perform its obligations under any Customer Agreement with such Customer, and Company expressly assumes all such risk.

Customer Agreements. All Customer Agreements shall be in form and substance reasonably acceptable to BofA, and shall meet any requirements set forth in the applicable Operating Rules and Applicable Law, including any substantive provisions required by the applicable Operating Rules, and shall obligate the Customer to abide by the Operating Rules and Applicable Law. Customer Agreements may contain such other terms and conditions as may be mutually agreed between any Customer and Company, provided that such additional terms and conditions do not conflict with any provisions of this Agreement, the Operating Rules or Applicable Law. Notwithstanding the foregoing, BofA may require modifications to the Customer Agreement of an existing Customer as of the Effective Date to the extent that BofA determines, in its reasonable judgment, that (1) such modifications are required by a Network, the Operating Rules or Applicable Law, or (2) such modifications are required to avoid a significant financial or reputational risk to BofA.

Network Registration and Requirements. BofA will complete and maintain records with respect to all registration forms, applications and/or other documents (“Network Forms”) that are required by the Networks from time to time in connection with this Agreement and/or the Sponsorship Services provided by BofA to Company and/or with respect to Customers. Company will be solely responsible for all Network fees and charges associated with such registration or application. Company will be solely responsible for timely preparing and providing to BofA any reports or certifications required under any Operating Rules for filing with the Networks in connection with the Sponsorship Services (including, without limitation, the sponsorship of Customers and/or their Terminals) and the provision of Payment Services for which Sponsorship Services are provided, including, without limitation, reports relating to transaction activity, fee billing, adjustments and enhanced network management reports, and such other reports as are specified in Exhibit B, which reports will be distributed by Company in the formats and using communications circuits and files designated by the Networks. BofA shall review and file such reports or certifications with the Network promptly after receipt from Company. Company shall promptly provide such other reports, in hard copy or in “view access,” as BofA may require from time-to-time. Without limiting the foregoing, Company acknowledges and agrees that, for purposes of this Agreement, it is responsible for any and all obligations related to the Payment Services arising under the Operating Rules (including connection to each of the Networks) and for Customers’ compliance with the Operating Rules.

Terminal Ownership.

No later than the Effective Date, Company shall provide BofA with a list of all current Terminals that are owned, established, operated or maintained by a Person other than Company. Company shall comply with, and shall cause each Customer to comply with, all applicable Operating Rules and any Applicable Law that requires Company or Customer to obtain a License or otherwise regulates or restricts the ability of Company or a Customer to own, establish, operate or maintain a Terminal. If any applicable Operating Rules or Applicable Law requires that a Customer or any Person which owns or operates a Terminal at a Customer location enter into an agreement with BofA or its Affiliate, Company shall ensure that, prior to BofA’s provision of any Sponsorship Services with respect to such Terminal, such Person enters into such an agreement that is in compliance with such Operating Rules or Applicable Law and acceptable in form and substance to BofA in BofA’s reasonable discretion. Notwithstanding the foregoing, BofA may cease providing Sponsorship Services with respect to a Terminal, or require modifications to any agreement of an owner or operator of a Terminal, to the extent that BofA determines in its reasonable judgment that such action (A) is required by a Network, the Operating Rules or Applicable Law, or (B) is required to avoid a significant financial or reputational risk to BofA.

With respect to new Terminals that become owned, established, operated or maintained by a Person other than Company after the Effective Date, Company shall obtain BofA’s prior consent to obtain Sponsorship Services, which consent shall not be unreasonably withheld or delayed; provided, however, that such Terminals otherwise meet all of the requirements of Section 3(h)(1).

Network Membership. Subject to the terms and conditions of this Agreement, BofA will use commercially reasonable efforts to obtain and maintain the categories of membership or licenses in the Networks required to provide Sponsorship Services pursuant to this Agreement and shall use reasonable efforts to notify Company as soon as practicable if it is no longer able to maintain such memberships or licenses.

Regulatory Compliance. Notwithstanding anything in this Agreement, BofA shall have no obligation to undertake to perform or continue to perform any function or service relating to the Sponsorship Services or this Agreement with respect to any Customer or Terminal in the event that: (1) such performance would contravene any Applicable Law or Operating Rule, or any directive from a Governmental Authority or a Network; or (2) BofA reasonably suspects fraud or suspicious activity in connection with such Customer or Terminal.

Dissemination of Operating Rules and Updates. To the extent permitted by the applicable Network, Operating Rules or Applicable Law, BofA shall undertake good faith efforts to provide Company with copies of applicable Operating Rules and/or amendments thereto that BofA reasonably determines may be of interest or relevance to Company.

Other Limitations. Notwithstanding anything in this Agreement, BofA will be responsible only for performing the services expressly provided for in this Agreement and BofA undertakes no duties other than those expressly provided herein. Without limiting the generality of the foregoing, BofA will not be responsible for: (1) the acts or omissions of Company, any Processor or any Customer or any of their respective representatives, employees or agents or any other Person, including, without limitation, any Network Party, and no such person or entity will be deemed BofA’s agent for any purpose whatsoever; or (2) breach of its duties hereunder, to the extent such breach was caused by legal constraint, interruption in transmission or communication facilities, equipment failure, war, terrorist act, riot, fire, flood, earthquake or other natural disaster, strike, emergency or other circumstance beyond BofA’s control.

Terminal Operation. As between BofA and Company, Company will be solely responsible for (1) the cost, installation, operation, maintenance and repair of each Terminal including, but not limited to, electrical and communications connections in compliance with the equipment manufacturer specifications and the applicable graphic standards and technical specifications established by Networks from time to time; (2) the cost and provision of all signage to comply with requirements of any Network or Regulatory Authority, including disclosures approved by BofA agreed between the Parties from time to time, which includes the resigning of all Terminals for a change in Sponsorship Services. Company shall ensure that all Terminals meet all lighting, security and accessibility requirements.

Terminal Reports. Company shall: (1) complete a Customer Agreement and associated due diligence prior to activating any Terminal as required by the Network(s) and agreed between the Parties from time to time; (2) provide quarterly reports to BofA which for each Customer with respect to which BofA provides Sponsorship Services includes a listing of all Networks that Company is acquiring Transactions for such Customer; and (3) providing all processing services and settlement for each Terminal sponsored under or in connection with this Agreement; and (4) provide written notice to BofA of each new Terminal location on a daily basis and will properly register and continue to register each Terminal as may be required by each of the Networks and/or Applicable Law. BofA may identify additional data files or reports to be generated by Company and delivered to BofA on an ad hoc or periodic basis. Nothing in this Agreement shall limit BofA’s ability to communicate with any Customer to the extent that BofA reasonably determines that such communication is necessary to comply with a Network, Operating Rules or Applicable Law, or to avoid significant financial or reputational risk to BofA.

Compliance. Company will comply, and will ensure that each Customer complies, with the Operating Rules and all Applicable Laws related to the Terminals, the performance of Company’s obligations hereunder and the obligations of each Customer under a Customer Agreement. Company acknowledges and agrees that (1) only a Network has authority to interpret its Operating Rules, and (2) BofA shall not make any representation or warranty, and Company shall not rely on BofA or its Affiliates in any way, including any oral or written statement, regarding the requirements imposed by the Operating Rules or Applicable Law on Company or Company’s Customers or operations. BofA. BofA and Company shall negotiate in good faith to amend this Agreement to the extent an amendment is necessary to comply with any Operating Rules or Applicable Law.

Use of BofA’s Name and GCA’s Name. Company agrees that it will not, and will ensure that each Processor does not, use the name, marks or logos of BofA or any of its Affiliates (the “Bank Marks”) for any reason, or use or refer to BofA or its Affiliate (orally or in writing) in any advertisements, sales, presentations or marketing materials without the express prior written consent of BofA, which consent shall not be unreasonably withheld. Company may accurately describe its relationship with BofA in response to questions and in its dealings with Customers. BofA agrees that it will not, and will ensure that it and its Affiliates do not, use the name, marks or logos of GCA or any of its Affiliates (the “GCA Marks”) for any reason, or use or refer to GCA or its Affiliate (orally or in writing) in any advertisements, sales, presentations or marketing materials without the express prior written consent of GCA, which consent shall not be unreasonably withheld.

Processor Agreement. Prior to the sponsorship into any Network by BofA or an Affiliate with respect to a Customer or a Terminal or the provision by Company of any Payment Services for which the BofA provides Sponsorship Services under this Agreement (1)Company will have become a Certified Processor or have obtained a Certified Processor for such Network acceptable to BofA; and (2)such Certified Processor shall have entered into a Processor Agreement with such Network as required by the applicable Network’s Operating Rules. Company shall ensure that such Certified Processor shall comply with the terms thereof and otherwise maintain itself in good standing with the Network. The Parties acknowledge and agree that TSYS Acquiring Solutions, L.L.C. is acting as a Certified Processor of Company.

Indirect Processors. Company shall obtain BofA’s prior written consent, which BofA may grant or deny in its sole discretion, before using any Indirect Processor to provide processing services on Company’s behalf. Notwithstanding that BofA consents to Company’s use of an Indirect Processor, Company will cause such Indirect Processor to comply with the applicable Network’s Operating Rules (including, but not limited to, any requirement to enter into an agreement with the applicable Network(s)) and all Applicable Law, and otherwise maintain itself in good standing with the Network.

Access to Processor Systems. To the extent that Company uses any Processor in connection with Card Transactions, Company shall use commercially reasonable efforts to cause such Processor to provide BofA with “view access” to such Processor’s systems to enable BofA to access and view information concerning transactions processed by such Processor on behalf of Company.

Service Providers. Company agrees that it shall cause any Service Provider or provider of vault cash services to promptly furnish BofA with any relevant information requested by BofA relating to BofA’s Sponsorship Services, the Networks, or the Terminals or Customers with respect to which BofA provides Sponsorship Services hereunder and to otherwise use commercially reasonable efforts to cooperate with BofA in connection therewith. Company will timely pay all obligations that have not been otherwise disputed in good faith by Company to any Person as they become due, whether arising under the Operating Rules or otherwise, in connection with the Payment Services or the Sponsorship Services.

Card Transactions.

Company shall ensure that Card Transactions are limited to (A) cash withdrawals or disbursements or balance inquiries at Terminals, (B) the issuance of Negotiable Instruments in a manner that conforms to the Operating Rules and Applicable Law, and (C) transactions involving the merchant category codes (“MCCs”) specified in Exhibit C.

Except to the extent approved by BofA in writing, in no event shall Company (A) allow, or permit any Customer to allow, a Cardholder to use a Card for any Internet transaction or electronic commerce transaction, other than a transaction in which a Cardholder uses a Card at a Terminal located at a Customer location open to the public, (B) allow, or permit any Customer to allow, a Cardholder to use a Card for any type of Card Transaction that BofA or its Affiliates have not expressly approved in writing as of the Effective Date, or (C) develop, introduce or announce any new product or service that involves the use of Cards without the prior written approval of BofA or its Affiliates.

Negotiable Instruments. Company shall ensure that each Negotiable Instrument that is issued in a Card Transaction complies with all Applicable Law and all applicable Operating Rules, including Network requirements relating to proper transaction identifiers to enable Company and the Network(s) to properly charge interchange fees due from each location. Any attempt on the part of a Customer or Company to receive improper or inappropriate fees may result in (1) full repayment of all fees collected with respect to such Negotiable Instrument, and (2) immediate termination of this Agreement or the provision of Sponsorship Services with respect to such Customer.

Implementation of First Annapolis Recommendations. Company acknowledges that the consulting firm First Annapolis performed a review of Company’s practices and procedures and made certain recommendations, which are summarized in Exhibit D. Company shall implement the remediation steps set forth in the column entitled “GCA Comments” in the table set forth in Exhibit D. Company hereby (1)represents and warrants to BofA that it has fully and independently evaluated the merits of each such recommendation and determined that taking the remediation steps set forth in the column entitled “GCA Comments’ in the table set forth in Exhibit D is in the Company’s best interests, and (2)acknowledges and agrees that BofA makes no representation or warranty with respect to the merits of such recommendations, and shall have no liability to Company or any other Person as a result of Company following such recommendations.

Security Procedures. Company agrees to establish and maintain, and to ensure that each Customer establishes and maintains, operations, policies and procedures in place for the protection of Cardholder Data and comply with the Payment Card Industry (“PCI”) Data Security Standard, and meet the objectives of the Interagency Guidelines Establishing Standards for Safeguarding Customer Information; provided, however, that Company shall be required to cause a Customer to comply with the foregoing only to the extent that such Customer is subject to such requirements under the Operating Rules or Applicable Law. Company further agrees to monitor and ensure that it and its Customers: (1) have, maintain, and use at all times, proper controls as specified in the Operating Rules for secure storage and transmission of, and limited access to, and shall render unreadable prior to discarding, all records containing Cardholder Data, Card imprints and Cardholder signatures; (2) do not retain or store magnetic stripe or PIN data after a transaction has been authorized; and (3) if Company or a Customer stores any electronically captured Cardholder signature, that Company or a Customer can reproduce such signature upon the request of BofA.

Network PIN Security. Key management and PIN security systems will at all times be in compliance with each Network of which BofA or its Affiliate is a member. Company will, at its sole expense complete within the required time frame or upon BofA’s demand, but at least annually, a PIN security review required by each Network (including, but not limited to, the Visa PIN review and the ANSI//X9 TR-39-2009 TG-3 review) and provide BofA a copy of each such review upon completion.

Background Checks; Employee Responsibility. Company shall establish, implement and maintain reasonable policies and procedures with respect to the conduct of background checks on (1) each of its officers and directors, and (2) each of its employees and sales representatives engaged in providing the Payment Services. Company understands and acknowledges that Company is solely responsible for the actions and representations of all of its sales representatives and other employees.

Security Breach. Company agrees that if it becomes aware or suspects that there has been a breach of security that may result in unauthorized disclosure of Cardholder Data or any other proprietary information relating to Card Transactions or Cards, including with respect to any information obtained from a Terminal or in connection with processing Card Transactions, Company shall notify BofA in writing of such situation promptly, but in no event later than twenty —four (24) hours after such a situation occurs. Company agrees to use commercially reasonable efforts to cooperate with BofA and take corrective action to respond to the situation.

Disaster Recovery. Company agrees to maintain reasonable disaster recovery plans designed to allow Company to recover and perform the basic obligations under this Agreement in the event of a disaster or other failure of Company’s operations and systems. Company agrees to perform reasonable tests of such disaster recovery plans on a regular basis. At the request of BofA, Company shall provide BofA with a summary of the results of any such test performed by Company.

Financial Statements. Company agrees to provide BofA with the consolidated financial statements of Global Cash Access Holdings, Inc. (“GCAH”), which may include quarterly or audited annual financial statements, within thirty (30) days of request by BofA. Such financial statements shall be certified in writing by a duly authorized officer or principal owner of GCAH as to the accuracy of the data contained therein and the preparation of such statements in accordance with generally accepted accounting principles, and Company shall provide an unqualified opinion of an independent certified accountant retained by Company or GCAH with respect to such financial statements. Company also shall provide such other information concerning Company’s business and compliance with this Agreement as BofA may reasonably request, including, but not limited to, information describing the differences between the financial condition of Company and GCAH. Company and the undersigned official of Company authorize BofA to obtain financial and credit information relating to Company and the undersigned official of Company from credit bureaus and other Persons.

BofA Audits. During the Term, and for a period of two (2) years thereafter, BofA and its Affiliates (or their respective contractors) may conduct procedural audits of Company as reasonably necessary to confirm compliance with this Agreement, the Operating Rules and Applicable Law, including a review of Company’s facilities, books and records related to this Agreement upon reasonable advance written notice by BofA. Company will promptly supply auditors with reasonable access to Company’s facilities and requested information. Company will provide BofA with a copy of any audits performed by a Network, Governmental Authority or other Person, to the extent (1) such Network, Governmental Authority or other Person does not prohibit the provision of such audits to BofA and (2) that such audit relates to this Agreement, the Sponsorship Services, or any Operating Rules or Applicable Law relating to this Agreement or the Sponsorship Services. If Company is examined by a Governmental Authority pursuant to the federal Bank Service Corporation Act, Company will notify BofA when any report of examination is available, and will provide such report to BofA unless prohibited by Applicable Law or the applicable Governmental Authority from doing so. Company agrees to request permission from each Governmental Authority to provide such reports to BofA.

Regulatory Audits. Company acknowledges that it will be subject to regulation or examination by Governmental Authorities (including the Office of the Comptroller of the Currency) and the Networks by virtue of this Agreement and the arrangements contemplated hereby. Company shall, promptly upon request, submit and furnish to BofA any reports (including transaction reports) or other data requested by BofA (1)in order to comply with applicable regulatory or supervisory requirements; (2)to respond to requests by regulatory or supervisory authorities; or (3)as otherwise requested by BofA to demonstrate that Company is in compliance with its obligations hereunder.

Notice to BofA. Company will provide BofA with written notice, together with all supporting documentation, within two (2) days whenever: (1) Company or, to Company’s knowledge, a Customer, receives notice from a Network or a Governmental Authority relating to this Agreement, the Sponsorship Services, any Terminal, ATM or Card with respect to which BofA provides Sponsorship Services, the modification or revocation of any License, or the compliance of Company or any Customer with the Operating Rules or Applicable Law; (2) any suit, litigation or other proceeding is brought against Company or, to Company’s knowledge, its Customers, which alleges any violation of any Operating Rules or Applicable Law; (3) Company reasonably believes that any event of default has occurred or that any other representations or warranty made by Company in this Agreement has ceased to be true and complete in all material respects; (4) any Material Adverse Event occurs; (5) Company’s relationship with any Customer has been discontinued, whether at Company’s request or at such Customer’s request, provided that any such notice shall identify the portion of Company’s revenues represented by such Customer; or (6) Company learns of any criminal investigation of Company or its Customers, or of their respective officers or directors.

Reserve Amount. (1) Beginning no later than five (5) Business Days after the date of this Agreement, and until BofA releases Company from the obligation pursuant to Section 8(d), Company shall maintain a letter of credit and/or a balance in a Reserve Account in an amount equal to the Reserve Amount, as established by BofA in accordance with this Agreement. The initial Reserve Amount shall be two million, five-hundred thousand dollars ($2,500,000). In the event that Company experiences any security breach of the type described in Section 6(d), BofA may increase the Reserve Amount in its reasonable discretion by providing written notice to Company.

Letter of Credit. The letter of credit required from Company under this Section 8 shall be irrevocable, and issued by a depository institution acceptable to BofA and in a form and content satisfactory to BofA, both in BofA’s sole and absolute discretion. BofA shall be entitled to make multiple draws on such letter to obtain funds in satisfaction of Company’s obligations to BofA under this Agreement (including, but not limited to, paying any fees or penalties imposed by Networks on BofA or its Affiliates with respect to Card Transactions involving Company’s Customers) without prior demand or notice. The letter of credit shall have a term that extends no more than nine (9) months beyond the end of the Term of this Agreement.

Reserve Account. The Reserve Account in which all or a portion of the Reserve Amount shall be maintained will be a deposit account with an Affiliate of BofA or other depository institution acceptable to BofA in its sole discretion. Company’s funds held in the Reserve Account may be commingled with other BofA customer funds without involvement of an independent escrow agent. To secure Company’s obligations under this Agreement (including, but not limited to, paying any fees or penalties imposed by Networks on BofA or its Affiliates with respect to Card Transactions involving Company’s Customers), Company irrevocably grants BofA and its Affiliates a first priority lien and security interest in any funds in the Reserve Account and all proceeds of such funds. Company agrees to execute and deliver to BofA, upon request, any instruments and documents necessary to perfect its first priority lien and security interest in and to such funds. If Company fails to perform such obligations under this Agreement, BofA shall have the right, in its sole discretion, to exercise its lien and security interests in the monies in the Reserve Account, without prior demand or notice to Company.

Release of Credit Support. After expiration or termination of this Agreement for any reason, BofA shall promptly, but in no event later than nine (9) months following such expiration or termination, return to Company any funds held in the Reserve Account or surrender the letter of credit to Company upon BofA’s determination in its sole and absolute discretion that Company has performed all of its obligations under this Agreement and there is no material risk of liability of Company under this Agreement, including for any indemnity, chargebacks or Network fines or assessments or other contingent obligation.

Use of Network Marks.

Network Fees and Charges. Company will pay (or immediately upon demand, reimburse BofA and its Affiliates) for any and all applicable fees and charges which may be imposed from time to time by Networks on BofA or its Affiliates, Company, any Customer, or any Processor used by Company, which in any way relate to this Agreement, the Customers, the Sponsorship Services or relevant payment transactions, including, without limitation, (1) all applicable Network fees relating to registration and licensing of independent sales organizations and merchant service providers, (2) all fees associated with the sponsorship by BofA and its Affiliates of Company or Terminals or the provision Sponsorship Services with respect to any Customer and (3) all fees associated with the provision of Payment Services by Company. For the avoidance of doubt, as of the Effective Date neither BofA nor its Affiliates shall be obligated to provide any assessment credit to Company.

Network Settlement. All settlement, funding and adjustments for all payment transactions generated by Company or its Customers for a particular Network will be handled by a Certified Processor in accordance with the applicable Operating Rules. BofA or its Affiliate will instruct Networks to settle all payment transactions in a manner consistent with the provisions of this Agreement; provided, however, that Company will use best efforts change or alter its method of settlement in a manner designated by BofA if BofA and its Affiliates reasonably determine that such changes or alterations are necessary or appropriate to reduce or manage risk of settlement failure.

Expenses. Company will reimburse BofA and its Affiliates upon demand for (1) all reasonable costs and expenses, including all out-of-pocket costs (including attorneys’ fees) paid or incurred by BofA or its Affiliates in connection with the preparation, negotiation, execution, delivery and review of this Agreement and any enforcement, amendment or modification thereof; and (2) all reasonable costs and expenses incurred as a result of changes in Company’s business and operations, including without limitation Company’s use of a new Processors or Service Providers or the transfer of the Sponsorship Services and/or BINs and ICAs to a new service provider upon termination of this Agreement.

Representations and Warranties by Company. Company represents and warrants to BofA as of the date of this Agreement, and on each day on which a Card Transaction occurs, that:

Good Standing. Company is a corporation organized, validly existing and in good standing under the laws of the State of Delaware, and has its principal office in Las Vegas, Nevada. Company is duly licensed or qualified to do business and is in good standing in all jurisdictions in which the nature of the activities conducted or proposed to be conducted by it, or the character of the assets owned or leased by it, makes such licensing or qualification necessary to perform its obligations required hereunder, except where the failure to be so licensed or qualified would not have a material adverse effect on its ability to fulfill its obligations under this Agreement. Company shall provide BofA with copies of all such licenses, from time to time, promptly upon demand.

Capacity; Authority; Validity. Company has all necessary corporate power and authority to enter into this Agreement and to perform all of the obligations to be performed by it under this Agreement. This Agreement has been duly authorized by all necessary corporate action and has been duly executed and delivered by Company, and upon execution by the Parties, shall constitute the valid and binding obligation of Company, enforceable against Company in accordance with its terms, subject to applicable bankruptcy laws and general principles of equity.

Conflicts; Defaults. Neither the execution and delivery of this Agreement by Company, nor the consummation of the transactions contemplated herein by Company, shall (1) conflict with, result in the breach of, constitute a default under or accelerate, terminate, modify or cancel or require any notice or consent under any agreement, contract, lease, license, instrument or other arrangement to which Company is a party or by which it is bound or to which any of its assets is subject, except for such violations, conflicts, breaches, defaults, accelerations, terminations or modifications that would not have a material adverse effect on its ability to fulfill its obligations under this Agreement; (2) violate the certificate of incorporation, bylaws, or any other equivalent organizational document of Company; or (3) require any consent or approval under any judgment, order, writ, decree, permit or license to which Company is a party or by which it is bound. Except as disclosed in writing to BofA, Company is not subject to any agreement (A) requiring fundamental changes in the operation of the Program; or (B) with any Governmental Authority that would prevent the consummation of the transactions contemplated by, or its ongoing performance of, the Agreement.

No Consents, Etc. No consent of any Person (including any stockholder or creditor of Company) and no consent, license, permit, approval, authorization or exemption by notice of, report to or registration, filing or declaration with, any Governmental Authority is required in connection with the execution or delivery of this Agreement by Company, the validity of this Agreement with respect to Company, the enforceability of this Agreement against Company, the consummation by Company of the transactions contemplated hereby or the performance by Company of its obligations hereunder.

No Defaults. Company is not in default with respect to any material contract, agreement, lease or other instrument, including with respect to debt or securitization arrangements, except for defaults which would not result in a material adverse affect on its ability to perform its obligations hereunder.

Card Information. Company will not (1) disclose, sell, purchase, provide or exchange Card account number information, Card Transaction Data or any other Confidential Information of BofA or any Affiliate of BofA to any Affiliate of Company or other Person, or (2) use any such information or data, for any purpose other than performance of its obligations under this Agreement, including for marketing purposes, in violation of any Operating Rules or Applicable Law.

Performance. Company’s performance of this Agreement will not violate any Applicable Law or any material agreement to which Company may now or hereafter be bound.

Compliance with Law. Company will comply with the terms of this Agreement, the Operating Rules, and with Applicable Law as related to the performance by Company of its obligations hereunder.

Insurance. Company has and agrees to maintain policies of worker’s compensation, employee’s liability, and general liability insurance with such limits as required by law. Promptly upon the written request of BofA, Company will furnish BofA with the written certificate(s) from its insurers or their agents, addressed to Company as certificate holder, indicating the existence of Company’s insurance coverage, the amount and nature of such coverage, the expiration date or dates of each policy, and a thirty (30) day written notice of cancellation. In the alternative, Company may be a self-insurer upon meeting those requirements of the applicable regulatory authorities for any or all of the areas set forth above for which Company customarily self-insures. Company will provide proof of such self-insurance upon BofA’s request.

Pending Litigation and Claims. Except as disclosed in writing to BofA, neither Company nor any of its officers or directors are a party to any pending litigation brought by a Customer, Network or Network Member alleging a violation of any Operating Rules, or have ever been fined or penalized by any Network or Network Member.

Accuracy of Information. All information provided to BofA and its Affiliates with respect to existing Customers and prospective Customers shall be true and correct in all material respects.

No Reliance. Company acknowledges and agrees that BofA and its Affiliates have not made, and Company is not relying on, any representation or warranty, express or implied, with respect to the subject matter hereof, except as expressly set forth in this Agreement.

Representations and Warranties of BofA. BofA represents and warrants to Company that:

Good Standing. BofA is a national banking association organized, validly existing and in good standing under the laws of the United States, and has its principal office in Charlotte, N.C. BofA is duly licensed or qualified to do business and is in good standing in all jurisdictions in which the nature of the activities conducted or proposed to be conducted by it, or the character of the assets owned or leased by it, makes such licensing or qualification necessary to perform its obligations required hereunder, except where the failure to be so licensed or qualified would not have a material adverse effect on its ability to fulfill its obligations under this Agreement.

Capacity; Authority; Validity. BofA has all necessary corporate power and authority to enter into this Agreement and to perform all of the obligations to be performed by it under this Agreement. This Agreement has been duly authorized by all necessary corporate action and has been duly executed and delivered by BofA, and upon execution by the Parties, shall constitute the valid and binding obligation of BofA, enforceable against Company in accordance with its terms, subject to applicable bankruptcy laws and general principles of equity.

Conflicts; Defaults. Neither the execution and delivery of this Agreement by BofA, nor the consummation of the transactions contemplated herein by BofA, shall (1) conflict with, result in the breach of, constitute a default under or accelerate, terminate, modify or cancel or require any notice or consent under any agreement, contract, lease, license, instrument or other arrangement to which BofA is a party or by which it is bound or to which any of its assets is subject, except for such violations, conflicts, breaches, defaults, accelerations, terminations or modifications that would not have a material adverse effect on its ability to fulfill its obligations under this Agreement; (2) violate the certificate of incorporation, bylaws, or any other equivalent organizational document of BofA; or (3) require any consent or approval under any judgment, order, writ, decree, permit or license to which BofA is a party or by which it is bound.

Standard of Performance. BofA shall perform all services hereunder consistent with the standards of performance utilized by BofA in performing such services for its other similarly situated customers. However, BofA does not represent or warrant that its services will be uninterrupted or error free nor will it be liable for damages resulting therefrom. BofA will not be liable for loss of data in transit between BofA or its Affiliates and Company, or a Customer, or between BofA or its Affiliates or Company and the authorizing or settling institutions.

No Reliance. BofA acknowledges and agrees that Company has not made, and BofA is not relying on, any representation or warranty, express or implied, with respect to the subject matter hereof, except as expressly set forth in this Agreement.

THE WARRANTIES SET FORTH IN THIS SECTION 12 CONSTITUTE THE ONLY WARRANTIES BY BOFA OR ITS AFFILIATES TO COMPANY AND ARE IN LIEU OF ANY OTHER WARRANTIES WRITTEN OR ORAL, STATUTORY, EXPRESS OR IMPLIED, INCLUDING, WITHOUT LIMITATION, THE WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.

Indemnification.

Company agrees to indemnify, defend and hold harmless each BofA Indemnitee from and against any and all Claims, imposed on, incurred by or asserted against any BofA Indemnitee which in any way directly or indirectly relate to, result from or arise out of: (A) any breach of any representation, warranty or covenant of Company contained in this Agreement; (B) any act or omission of Company, any Customer, any Processor, any Indirect Processor, any Service Provider or any other Person arising out of or relating to the Sponsorship Services, the Payment Services, the Customer Agreements, and/or the Provider Agreements; (C) violation of, or failure to comply with, Applicable Law, the Operating Rules, the Customer Agreements, the Provider Agreements or any agreement in connection with which Payment Services are provided or received by (i) Company, (ii) any Customer, (iii) any Processor or any Service Provider or (D) any Claim of any Person directly or indirectly relating to, resulting from or arising out of this Agreement, BofA’s sponsorship of any Customer or Terminal, the provision of Payment Services by Company, any Processor or any Service Provider or BofA’s termination of this Agreement or refusal to extend the Term hereof (including, without limitation, any Claim for indemnification by any Network Party), except to the extent that any such Claim arises from the gross negligence or willful misconduct of BofA or its Affiliates.

If any Claim is asserted against any BofA Indemnitee (an “Indemnified Party”) by any person who is not a Party to this Agreement in respect of which the Indemnified Party may be entitled to indemnification under the provisions of this Section 13, the Indemnifying Party shall have the right, by notifying the Indemnified Party within ten (10) calendar days of its receipt of the notice of the Claim, to assume the entire control of the defense, including, at the Indemnifying Party’s expense, employment of counsel. The Indemnified Party may participate in such defense at the Indemnified Party’s expense and with counsel of the Indemnified Party’s choice. In any third party claim, suit or proceeding the defense of which the Indemnifying Party shall have assumed, the Indemnified Party will not consent to the entry of any judgment or enter into any settlement with respect to the matter without the consent of the Indemnifying Party and the Indemnifying Party will not consent to the entry of any judgment or enter into any settlement affecting the Indemnified Party to the extent that the judgment or settlement involves more than the payment of money without the written consent of the Indemnified Party.

Limitation of Liability. EXCEPT WITH RESPECT TO CLAIMS RELATING TO BOFA’S GROSS NEGLIGENCE OR WILLFUL MISCONDUCT, BOFA’S CUMULATIVE AGGREGATE LIABILITY FOR ANY CLAIMS ARISING OUT OF OR RELATED TO THE PRIOR AGREEMENT OR THIS AGREEMENT WILL BE LIMITED TO TEN THOUSAND DOLLARS ($10,000) DURING THE TERM.

Exclusion Of Damages. IN NO EVENT WILL EITHER PARTY OR ITS AFFILIATES BE LIABLE UNDER ANY THEORY OF TORT, CONTRACT (WHETHER RELATING TO THE PRIOR AGREEMENT OR THIS AGREEMENT), STRICT LIABILITY, OR OTHER LEGAL OR EQUITABLE THEORY FOR ANY LOST PROFITS, EXEMPLARY, PUNITIVE, SPECIAL INCIDENTAL, INDIRECT OR CONSEQUENTIAL DAMAGES, EACH OF WHICH IS HEREBY EXCLUDED BY AGREEMENT OF THE PARTIES REGARDLESS OF WHETHER OR NOT EITHER PARTY OR ITS AFFILIATE HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

Term.

This Agreement shall become effective on the Effective Date and shall continue in full force and effect until November 12, 2010 (the “Term”). This Agreement shall automatically terminate upon the end the Term, without notice or other action by a Party, and shall not be renewed or otherwise extended beyond the end of the Term except pursuant to a writing signed by both Parties in their sole and absolute discretion.

If, prior to the end of the Term, Company has entered into an agreement with a new provider of sponsorship services as required under Section 2(b) and such new provider has agreed to assume liability with respect to the BINs / ICAs on terms acceptable to BofA, but despite the Parties’ and such new provider’s good faith efforts, the transfer of the BINs / ICAs to such new Provider cannot reasonably be completed before the end of the Term, BofA will engage in good faith negotiations with Company regarding the terms and conditions under which BofA might agree to an extension of the term of this Agreement for a limited period in order to complete such transfer, provided that (A) the terms of any such extension may include revisions to any of the provisions of this Agreement, including, but not limited to, an increase in the Reserve Amount, and (B) any extension must be in writing and signed by both Parties.

Termination Rights.

Either Party (the “Terminating Party”) may terminate this Agreement immediately if the other Party (the “Non-Terminating Party”) materially breaches this Agreement and fails to remedy such breach within ten (10) days (or 5 business days in the event of a payment default) after receipt of written notice from the Terminating Party thereof specifying the nature of such failure.

Notwithstanding the provisions of Section 14(b)(1), BofA may terminate or suspend this Agreement, or cease providing Sponsorship Services with respect to a Customer, by providing written notice to Company in the event that: (A) a Network or Governmental Authority directs BofA or an Affiliate to terminate this Agreement in whole or with respect to a Customer; (B) BofA reasonably determines that such termination or suspension is required to prevent significant financial or reputational risk to BofA; or (C) a Material Adverse Event occurs.

Company may terminate this Agreement without cause and without penalty by providing BofA with ten (10) days’ advance notice of termination, provided that (A) Company has entered into a relationship with a new provider for the Sponsorship Services previously provided by BofA and its Affiliates; (B) such new provider agrees to assume the transfer of all BINs / ICAs currently used by Company on terms and conditions acceptable to BofA; and (C) Company cooperates (and causes such new provider to cooperate) with BofA and its Affiliates with respect to the transfer of such BINS / ICAs to such provider. In the event the transfer of such BINS / ICAs to the new provider is completed prior to the end of such ten (10) day period, this Agreement shall terminate on the date that the BINS / ICAs are transferred to such new provider.

Confidential Information. Except as required by law or as expressly permitted under this Agreement, the Parties shall keep confidential and shall not disclose, and shall cause their employers, independent contractors and agents to keep confidential and not to disclose, to any third party any Confidential Information obtained from a Party to this Agreement. For purposes of this Agreement, “Confidential Information” shall mean any of the following:

Information that is provided by or on behalf of any Party to another Party or its agents in connection with this Agreement;

Information not of a public nature concerning the business or properties of any Party, including the terms and conditions of this Agreement (as well as proposed terms and conditions of any amendments, renewals, or extensions of this Agreement), sales volumes, test results, trade secrets, business and financial information, source codes, business methods, procedures, know-how and other information (including intellectual property) of every kind that relates to the business of any Party; and

Information about a Party or its affiliates, or its respective businesses or employees, that is otherwise obtained by a Party in connection with this Agreement, in each case including: (A) information concerning marketing plans, marketing philosophies, objectives and financial results; (B) information regarding business systems, methods, processes, financing data, programs and products; (C) information unrelated to the Agreement obtained by a Party in connection with this Agreement, including by accessing or being present at the business location of a Party; (D) proprietary technical information, including source codes; and (E) competitive advantages and disadvantages, customer names and addresses, technological development, sales volume(s), business relationships and methods of transacting business, customers and dealers, operational and data processing capabilities, systems software and hardware and the documentation thereof or other information of the business or affairs of each of the Parties and their respective affiliates which a Party reasonably considers confidential or proprietary and any other information relating to the transactions contemplated by this Agreement, including any copies, excerpts, summaries, analyses or notes of the foregoing.

Exclusions. Confidential Information shall not include information (1) obtained from information already in the possession of the Receiving Party (other than in connection with the structuring, negotiation and execution of this Agreement and the other related documents and the transactions contemplated herein) and is not otherwise subject to an agreement as to confidentiality; (2) that becomes generally available in the public domain other than as a result of an unauthorized disclosure by a Party; (3) that is lawfully received on a non-confidential basis from a third party authorized to disclose such information without restriction and without breach of this Agreement; (4) that is contained in, or is capable of being discovered through examination of publicly available records or products; and (5) that is developed by a Party without the use of any proprietary, non-public information provide by a Party under this Agreement.

Maintenance of Confidentiality. If a Receiving Party receives Confidential Information of the Disclosing Party, the Receiving Party shall do the following with respect to such Confidential Information: (1) keep Confidential Information of the Disclosing Party secure and confidential; (2) treat all Confidential Information of the Disclosing Party with the same degree of care as it accords it own Confidential Information, but in no event less than a reasonable degree of card: and (3) implement and maintain commercially reasonable physical, electronic, administrative and procedural security measures, including commercially reasonable authentication, access controls, virus protection and intrusion detection practices and procedures.

Permitted Uses. Except as specifically set forth herein, each Receiving Party shall not use or disclose Confidential Information of the Disclosing Party except: (1) to perform its obligations or enforce its rights with respect to this Agreement; (2) as expressly permitted by this Agreement; (3) with the prior written consent of the Disclosing Party; or (4) pursuant to a summons, order or other judicial or governmental process issued by a Governmental Authority, or in connection with any regulatory report, audit, inquiry or other request for information from such a Governmental Authority, or as required by Applicable Law. Notwithstanding the foregoing, BofA and its Affiliates may provide Confidential Information to the Networks as necessary to provide the Sponsorship Services or comply with the Operating Rules.

Limited Access. Each Receiving Party shall: (1) limit access to the Disclosing Party’s Confidential Information to those employees, authorized agents, vendors, consultants, service providers and contractors who have a reasonable need to access such Confidential Information in connection with this Agreement; and (2) be bound by obligations with respect to each such Person substantially similar to those set forth in this Section 15.

Requests for Disclosure. In the event that a Receiving Party receives a request of the type described in Section 15(d) to disclose any Confidential Information, such Receiving Party shall: (1) notify the Disclosing Party thereof promptly after receipt of such request; (2) consult with the Disclosing Party on the advisability of taking steps to resist or vary such request; and (3) if disclosure is required or deemed advisable, cooperate with the Disclosing Party in any attempt that it may make to obtain a protective order or other reliable assurance that confidential treatment will be accorded to the Confidential Information.

Public Filings. Each Party shall obtain the other Party’s consent, not to be unreasonably withheld or delayed, if such Party believes that it is required to file this Agreement as an exhibit to one or more of its SEC filings.

Compliance with Applicable Law. Notwithstanding anything else contained in this Agreement, no Party shall be obligated to take any action that such Party believes in good faith would violate, or is reasonably likely to cause it to violate, any Applicable Law.

Governing Law. This Agreement will be governed by, interpreted and construed in accordance with, the laws of the State of New York, regardless of the laws that might otherwise govern under applicable principles of conflicts of laws thereof.

Jurisdiction; Venue. The Parties irrevocably consent to the exclusive personal jurisdiction and exclusive venue of the federal and state courts in New York, New York for any court action or proceeding relating to the Prior Agreement, this Agreement, or the relationships contemplated thereby. THE PARTIES HEREBY EXPRESSLY WAIVE ANY RIGHT TO TRIAL BY JURY OF ANY CLAIM, DEMAND, ACTION OR CAUSE OF ACTION RELATING TO THE PRIOR AGREEMENT, THIS AGREEMENT OR THE RELATIONSHIPS CONTEMPLATED THEREBY.

Amendments; Waivers. This Agreement may be amended only by a writing signed by all of the Parties. Course of dealing, implication or failure or a delay in exercising any Party’s rights and remedies hereunder will not effect any amendment or modification of this Agreement or the waiver of any such rights.

Counterparts. This Agreement may be executed in multiple counterparts, each of which will constitute an original hereof, and all of which taken together will constitute one and the same agreement.

Entire Agreement. This Agreement contains the entire agreement of the Parties and supersede any prior or contemporaneous written or oral agreements between the Parties with respect to the subject matter hereof. In the event that this Agreement, or any portion hereof, conflicts with a Network’s Operating Rules, the applicable Operating Rules or relevant provision thereof will govern. There are no representations, warranties, agreements, arrangements, or understandings, oral or written between the Parties relating to the subject matter of this Agreement which are not fully expressed herein, or in the Operating Rules.

Notices. All notices permitted or required by this Agreement shall be in writing and shall be deemed to have been duly given (1) upon personal delivery (whether by messenger, overnight delivery, telegram, or otherwise), (2) upon facsimile transmission (receipt of which is orally confirmed by the recipient) or upon transmission by tested telex, or (3) three (3) business days after deposit, postage prepaid, in the United States mail, if sent by certified or registered mail, return receipt requested, and addressed:

in the case of notice to BofA, to:

 

 

 

 

 

 

and in the case of notice to Company, to:

 

 

 

 

Assignment. A Party shall not assign this Agreement or any of its rights hereunder without the prior written consent of the other Party; provided, however, that BofA may, without the prior written consent of Company, assign this Agreement or otherwise transfer any of its rights and obligations hereunder to any of its Affiliates, any successor-in-interest of BofA, or any entity which acquires a majority of BofA’s assets or operations. For avoidance of doubt, a change of control or ownership of a Party shall constitute an assignment of this Agreement. Subject to the foregoing, this Agreement shall be binding on the parties hereto and their respective successors and permitted assigns.

No Third-Party Beneficiaries. This Agreement will be binding upon and inure to the benefit of the Parties and their respective legal representatives, successors and assigns. This Agreement is not for the benefit of any other person, and no other person will have any rights against Company or BofA hereunder.

Construction. Section headings in this Agreement are included for convenience only and shall not affect the meaning or interpretation of any provision of this Agreement. References in this Agreement to any Section are to such Section of this Agreement. Unless the context of this Agreement clearly requires otherwise, references to the plural include the singular, references to the singular include the plural, and the term “including” or “includes” is not limiting. The schedules, exhibits and attachments referred to herein shall be construed with and as an integral part of this Agreement to the same effect as if it were set forth verbatim herein.

Waiver. None of the provisions of this Agreement will be deemed to have been waived by any act or acquiescence on the part of either Party, their agents, or employees and may be waived only by instruments in writing signed by the authorized officer of the respective Party. No waiver of any provision or of the same provision on any occasion will operate as a waiver on another occasion.

Severability. If any clause, sentence or other provision or portion of this Agreement will for any reason become illegal, null or void, or be held by any court of competent jurisdiction to be illegal, null or void, the remaining portions of this Agreement will remain in full force and effect.

Further Assurances. The Parties from time to time after execution of this Agreement, without further consideration, will execute and deliver, as appropriate, such documents and take such actions as may be reasonably necessary or proper to carry out and consummate the transactions contemplated by this Agreement.

 

 

 

Copy of executed agreement

“Doing Business As” (DBA) name

Merchant legal name

Merchant outlet location, including street address, city, state and nine-digit ZIP code

Federal “Taxpayer Identification Number,” and identification of the number as either a “Federal Employer Identification Number (FEIN)” or “Social Security Number (SSN)

Incorporation status (e.g., corporation, partnership, sole proprietor, non-profit, or other)

Gaming Licensing

Telebet (non face to face) requires legal opinion merchant, legal opinion GCA, Effective controls by 3^rd party

Full first and last name, including middle initial, if merchant is a sole proprietor

MCC and, if applicable, any secondary MCCs

PCI DSS compliance

MATCH-clear

Physical site inspection

Add location for ATM and/or POS location

Ability to view the following data on a daily basis by client:

Gross sales volume

Average transaction amount

Number of transaction receipts

Number of chargebacks

Number of credits

Authorizations — indicate controls established at the individual merchant and/or MCC level and subsequent reporting of exceptions

Key entered — High rates of key entered transactions

Deposits — Large out-of-pattern deposits and large individual transactions suspended and reviewed

Same card # — Multiple sales with the same card number is reviewed

Average transaction size — Large changes in the average transaction size.

New/inactive merchants — Deposit activity for new/inactive merchants.

Reduction in sales volume.

Increasing or excessive draft retrieval request rates.

Increasing or excessive chargeback rates by merchant location.

Address changes

DDA changes

Key Management Reports 2009 — include at minimum # and $ transactions by card type, losses, chargeback, fraud, data compromise, chargeback by merchant location ID

Exception reports — fraud/suspicious activity, settlement failure, interchange monitoring/rejects, ATM outage, chargeback programs, significant fraud event or theft of a device

Organization charts indicating material organization changes — Executive Level

Location reporting/datafile — provide monthly list of all current open and closed MIDS (last 12 months) — provide MID # and Corp name, DBA name, address, MCC, transaction $ and # by location, returns/credits $ & # by location, CB $&# by location, fraud by location $  and # (CB reason code for fraud), date open, date closed, DBA name, SIC MCC(s), Visa POS Condition code, Visa Processing code, MasterCard TCC

Merchants placed on MATCH

TC 50

MasterCard Data Integrity

Changes to surcharging — validation in compliance with network rules and state rules

Customer PCI compliance — monthly report PCI compliance status of customers

Any material changes to responsible gaming policy procedures and controls

PCI — Quarterly Scan — Annual ROC, Visa PIN & ANSI TR-39/TG3

Visa volume reporting

Visa PLUS reporting

MasterCard [***] & [***] location reporting

List of all third party vendors that have possession of CH data or perform ATM related services, encrypted or non encrypted include full description of function performed by third party

List by ATM location, who owns device, who loads cash, performs maintenance receipt paper etc, performs hardware software maintenance and PIN encryption

1

•     GCA will develop a credit risk and reserve account requirement policy as part of its standard practices by 7/31 which will be commensurate with GCA business risk and regulatory oversight. The policy and steps required to establish the policy will be documented and reviewed with Sponsor Bank.

•     GCA will further develop control procedures in conjunction with the policies to be managed via our TranSending development project. These procedures and system are targeted for completion by Q1, 2011

•     Using the exception management Business Requirements document as a framework GCA will develop interim procedures will be completed by 7/31

•     Recommendations:

•     GCA should develop a credit risk policy and make it a standard practice to conduct actual underwriting and business validation. The credit policy, which should be reviewed and approved by Bank of America, should address both initial underwriting of new applicants and ongoing credit monitoring of existing customers. Both the credit policy and the level of underwriting should fully take into consideration all of the investigation and diligence performed by the gaming authorities while striking a balance of meeting the card network requirements. At a minimum, GCA should perform a MATCH query, OFAC screening, a credit review (e.g., D&B report or a review of financial statements), and validation of PCI compliance.

•     As a best practice, GCA should develop more robust policies and/or procedures, as appropriate, including settlement & reconciliation; chargeback management; and fraud monitoring.

•     Resources: Business managers, finance, risk, legal, underwriting, relationship managers, and compliance.

•     Timeframe: May vary by process (and in many cases is simply a matter of documenting existing practices); estimated timeframe for completion is approximately three months. Initial timeframe to develop underwriting policy and functional process and to validate the current financial standing and PCI compliance of each customer is approximately three to six months, depending on staffing capacity.

2

•     Recommendation: GCA should expand its internal audit function to encompass specific practices and requirements related to ATM operations and card acceptance for compliance to network regulations, including (but not limited to): new account underwriting; fraud monitoring; settlement; ongoing credit monitoring; network regulations compliance; chargeback processing; etc.

•     Resources: Compliance (may require the addition of a compliance resource with significant experience in card network regulations and/or payments industry experience, which we recommend).

•     Timeframe: Timeframe to expand the scope of the internal audit is estimated to be six to twelve months.

3

•     Implementation of the Automated AML feature of Transending is scheduled for Q4 2010.

•     GCA currently has an established manual process in place with respect to Title 31 compliance.

•     Recommendation: GCA should continue its migration to an electronic environment for AML monitoring and compliance, as highlighted in the McDonald report.

•     Resources: Compliance, IT.

4

•     GCA will analyze what is required to conduct OFAC reviews. The analysis will result in the development of technical and procedural changes to current practices. This analysis will be completed by Q4, 2010 and the process changes will be in effect by Q2, 2011.

•     Recommendation: GCA should continue to conduct an annual run of patrons against the OFAC list as a back-up compliance procedure; in addition, GCA, should address OFAC filtering of international transactions, as recommended in the McDonald report.

•     Resources: Compliance, IT.

•     Timeframe: Developing a manual process to check OFAC listings in the short-term could take a few weeks; implementing an automated screening solution could take three to six months.

5

•     The legal department has completed the implementation of a formalized method of tracking legal and regulatory developments through a subscription-based tracking service offered by WestLaw.

•     GCA will formalize and document it’s compliance management including roles/responsibilities with accountability as well as notifications and internal/external communications against all legal/regulatory governing bodies for all services provided by Q1, 2011

•     Recommendation: GCA should expand its regulatory monitoring to include financial industry regulations, and may want to consider the addition of a resource with expertise in financial industry regulations.

•     Resources: Compliance, legal, HR, additional FTE.

•     Timeframe: Timeframe to identify and hire the appropriate resource and develop monitoring processes may take three to twelve months.

6

•     GCA has a defined process to track regulations. The process is continually being refined, roles and responsibilities clarified and specified.

•     GCA has a central location where appropriate notifications are stored and tracked. There is also a regulatory calendar that tracks significant compliance dates.

•     GCA is implementing a system to automated document flow and electronic retention to further ensure that compliance requirements are tracked, completed and stored for future review. This system will is targeted for implementation Q4, 2010

•     GCA accepts the recommendation to work closely with its sponsor to monitor its ongoing compliance with network rules and asks that BofA assist us in addressing these concerns by setting up a formal notification process to keep GCA abreast of association compliance changes and assists GCA in interpreting the changes and their impacts on our business.

•     Roles and Responsibilities need to be clarified with BofA as to how. Network changes are interpreted and communicated. GCA does not have direct access to network publications and is reliant upon BofA to notify us of these changes. To date, we feel the notification process has been spotty and inconsistent; we have been situations where the notification was received well after implementation dates

•     Recommendation: GCA should work closely with its sponsor to monitor its ongoing compliance with network rules and assess the impact of rules changes. As an industry best practice, GCA should consider the addition of a resource that is highly knowledgeable of the network rules and regulations.

•     Resources: IT, compliance, legal, HR, additional FTE.

•     Timeframe: Timeframe to identify and hire the appropriate resource and develop monitoring processes may take three to twelve months.

7

•     As a standard practice, interchange is reviewed by both Finance and the Settlement departments, who review interchange on an ongoing basis. In addition, this is a key control for SOX compliance testing.

•     As part of the Transcending initiative, GCA has specified requirements for robust Interchange reporting to facilitate the manual monitoring already performed by both the Settlement and Finance Departments. Delivery is expected in Q4 2010.

8

9

•     As discussed previously, there is very little financial risk to GCA due to the unique nature of the cash and quasi-cash based business. In addition, GCA is contractually protected if a customer does not pay or if a customer poses a reputational risk to GCA in that it can terminate its contract with a customer without liability in any instance. GCA opts to accept the very minimal business risk associated with this concern.

10

11

12

13

14

•     GCA feels that there is minimal business risk to this issue and opts to continue it’s current practice. Should a project opportunity present itself, GCA in the future, GCA will expand the PIN field at that time. GCA also considers this to be a common practice in the industry.

15

•     GCA has supplied BofA continued quarterly reports.

•     GCA agrees with the recommendation that we work with BofA to develop a process to ensure the card networks receive updated lists on quarterly basis. To that end we have asked BofA for guidance to develop this process. GCA has not submitted to the networks, does not know the guidelines and process on how to submit to the networks. This is another example of the reliance we have on BofA as our sponsor to be a partner with GCA. This is underway and will be completed by Q3, 2010

16

•     Same as above.

17

•     GCA posts a static sign that indicates a fee will be charged.

•     GCA continues to work with BofA on all signage and will swap out requires signage as part of its ongoing business practice

•     NOTE: we have received tentative approval on signage from BofA.

18

•     The legal department is reviewing its standard operator agreements and will include all applicable required information. Complete by Q4,2010

19

20

•     TSYS is on track to deliver this capability August 2010 and GCA will provide updates as noted below.

21

22

23

24

•     GCA feels this is minimal risk in that we do not transmit unencrypted information as well as conduct routine penetration tests. GCA is proactively reducing this risk even further by:

•     GCA is currently in the process of installing WinCore’s Proview fleet management software which offers security consistent with PCI requirements. The software includes security features for Encryption, Window Lockdown, Malware Protection and Access Control.

•     Working with our QSA to ensure that we meet all requirements for PCI including shared network related risks. This will be reviewed as part of our yearly PCI compliance audit.

25

26