This message was posted by a user wishing to remain anonymous
the receiving party, and any party receiving Confidential Information that is NPI from the receiving party or its Representatives, will at all times have in place an information security program with respect to such NPI that is designed to fulfill the objectives set forth in the "Standards for Safeguarding Customer Information", 67 Fed. Reg. 36484, May 23, 2002 (codified in 16 C.F.R. part 314, "GLBA"). The Representatives will, upon request no more frequently than annually or after a significant security event, provide materials that evidence the information security program. The receiving party's obligations under this Agreement and its obligation to maintain an information security program with respect to such NPI, shall survive for as long as that party holds any NPI. Representatives certify that they comply with the Interagency Standards for Safeguarding Customer Information issued pursuant to the GLBA.
Original Message:
Sent: 05-06-2025 01:50 PM
From: Anonymous Member
Subject: Right to Due Diligence clause
This message was posted by a user wishing to remain anonymous
Hello,
I am looking for sample verbiage for contracts to ensure we have access to due diligence as we need it based on risk, this may be financials for a private company, requesting physical copies vs just access to a data room with read only access.
I have been asked to provide a list of documents we require, but as you know that can change from vendor to vendor and that is not practical.
So is there a generic term that states we have the right to receive due diligence per regulation guidelines including but not limited to the FFIC, CFPB, and NCUA?
Can you all provide samples of what you add to your contracts that you can leverage for a full due diligence package?
I really appreciate it.