REQUEST FOR PROPOSAL (RFP) FOR IMPLEMENTATION OF PAYMENT GATEWAY SOLUTION AND ACCESS CONTROL SERVER SOLUTION UNDER OUTSOURCED MODEL

REQUEST FOR PROPOSAL (RFP) FOR IMPLEMENTATION OF PAYMENT GATEWAY SOLUTION AND ACCESS CONTROL SERVER SOLUTION UNDER OUTSOURCED MODEL

Tender Notice Union Bank of India invites sealed offers from established vendors for Implementation of Payment Gateway Solution and Access Control Server Solution under outsourced model. Please visit the bank s website www.unionbankofindia.co.in or the Government portal www.tenders.gov.in for details. RFP forms can be downloaded from the website. Page 2 of 59

TABLE OF CONTENTS INTRODUCTION...5 1. OBJECTIVE... 5 2. BID SCHEDULE... 5 DISCLAIMER... 7 3. INSTRUCTIONS FOR BIDDERS... 8 3.1. Introduction... 8 3.2. Broad Scope of Work... 8 3.3. Eligibility Criteria... 9 3.4. RFP Ownership... 10 3.5. Proposal ownership... 10 3.6. Cost of Bidding... 10 3.7. Content of Bidding Documents... 10 3.8. Clarification on Bidding Documents... 10 3.9. Amendment of Bidding Documents... 11 3.10. Language of Bid... 11 3.11. Proposed Costs... 11 3.12. Bid Prices... 11 3.13. Bid Currencies... 12 3.14. Documents Establishing Bidder s Eligibility and Qualifications... 12 3.15. Documents Establishing Eligibility of Services... 12 3.16. Bid Security... 12 3.17. Period of Validity of Bids... 13 3.18. Format for Signing the Bid... 13 3.19. Deadline for Submission of Bids... 14 3.20. Late Bids... 14 3.21. Modification and Withdrawal of Bids... 14 3.22. Evaluation of Bids... 14 3.23. Rules for Re-auction... 15 3.24. No Price Variation... 15 3.25. Contacting the Bank... 15 3.26. Bank s Right to Accept Any Bid and to Reject Any or All Bids... 16 3.27. Notification of Award... 16 3.28. Signing of Contract... 16 3.29. Service Level Agreement... 16 3.30. Performance Security... 17 3.31. Delays in the Bidders Performance... 17 3.32. Liquidated damages... 17 3.33. Arbitration / Resolution of Disputes... 18 3.34. Jurisdiction... 18 3.35. Audit... 18 3.36. Payment Terms... 18 3.37. Designing and Implementation Plan... 19 3.38. Project Support Personnel... 19 Page 3 of 59

3.39. Start of Services... 19 3.40. Business Continuity Plan / DR Site... 19 3.41. On-site visit / Reference Site Visit... 20 3.42. Right of Rejection... 20 3.43. Penalty for Non-performance during Production and Operation... 20 3.44. Termination for Default / Order Cancellation / Exit Clause... 20 3.45. Liability on account of any System Compromise... 21 3.46. Force Majeure... 21 3.47. Bidder Utilisation of Know- How and Personnel for Competitors... 22 3.48. Limitation on Promotion... 22 3.49. Indemnity... 22 3.50. Patent Rights... 23 3.51. Confidentiality... 23 3.52. Limitation of Liability... 24 4. TECHNICAL AND FUNCTIONAL SPECIFICATIONS... 25 4.1. Compatibility with the Banks infrastructure... 25 4.2. Infrastructure and Connectivity... 25 4.3. System Uptime... 26 4.4. Reconciliation... 27 4.5. Certification... 27 4.6. Solution Specification... 27 i. Payment Gateway... 27 ii. Access Control Server Solution... 34 ANNEXURE 1: DECLARATION BY THE BIDDER... 36 ANNEXURE 2: BIDDER S ORGANISATION PROFILE... 37 ANNEXURE 3: UNDERTAKING BY THE BIDDER... 38 ANNEXURE 4: BID FORM... 39 ANNEXURE 5: LETTER OF AUTHORISATION TO SUBMIT THE BID... 41 ANNEXURE 6: BID SECURITY... 42 ANNEXURE 7: PERFORMANCE BANK GUARANTEE... 43 ANNEXURE 8: NON DISCLOSURE AGREEMENT... 44 ANNEXURE 9: INDICATIVE COMMERCIAL BID FORMAT... 47 ANNEXURE 10: ELIGIBILITY CRITERIA COMPLIANCE CHECKLIST... 49 ANNEXURE 11: REVERSE AUCTION PROCESS... 50 ANNEXURE 12: COMPLIANCE STATEMENT FOR REVERSE AUCTION... 56 ANNEXURE 13: LETTER OF AUTHORISATION FOR REVERSE AUCTION... 58 ANNEXURE 14: UNDERTAKING FOR DR SITE AVAILABILITY... 59 Page 4 of 59

INTRODUCTION: Union Bank of India, headquartered at Union Bank Bhavan, 239, Vidhan Bhavan Marg, Nariman Point, Mumbai 400020, having its Technology Centre at 1/1A, Adi Sankaracharya Marg, Opposite Powai Lake, Andheri East, Mumbai 400072, is one of the top five public sector banks in India. Bank has over 4100+ CBS branches and 6450+ ATMs installed across the country. Union Bank of India is also sponsoring the RRB - Kashi Gomti Samyut Gramin Bank, which is having 400+ CBS branches with 35 ATMs. 1. Objective Union Bank of India (hereinafter called as Bank or the Bank ) has decided to outsource Payment Gateway (PG) solution which supports and enables e- payments and e-commerce through Visa / MasterCard / Maestro / RuPay cards and also through Internet Banking /IVR / IMPS/ Wallets etc. The solution should include fraud risk management for payment gateway transactions and also Access Control Server Solution for providing additional authentication and validation for use of the Visa/MasterCard/RuPay debit/credit cards issued by the Bank and the RRB sponsored by the Bank. 2. Bid Schedule 2.1. Union Bank of India intends to issue this Bid document, hereinafter called RFP or Bid, to eligible Service Provider in India, hereinafter called as Bidders or Vendors or Service Providers, to participate in the competitive bidding for Payment Gateway Solution and Access Control Server Solution under outsourced model. The Bank, for this purpose, invites proposal from Bidders. The Request for Proposal (RFP) document is now being issued to enable Bidders to submit their responses to the Bank. 2.2. Bidder who is interested in participating in this RFP must fulfill the eligibility criteria mentioned in the document and should also be in a position to provide a comprehensive solution which complies with technical and functional specifications sought by the Bank 2.3. The Bidder must also agree to all our terms and conditions mentioned under this RFP. 2.4. The Bidding Document may be obtained from the Bank as under or downloaded from Bank s website www.unionbankofindia.co.in and the Bid should be submitted to the office of Union Bank of India as under. 2.5. Incorrect or incomplete information in the Bid may lead to non-selection / disqualification. Page 5 of 59

Important dates and other details: Fees for RFP Document (Nonrefundable) Earnest Money Deposit (Bid Security) RFP (Bid) Validity Date of commencement RFP Last date for receipt of RFP queries Last date for receipt of RFP responses Date and time of opening of Bids Contact to Bidders Address for communication, pre-bid meeting and submission of Bids ` 10,000/- Rupees Ten Thousand Only ` 10,00,000/- only Rupees Ten Lakhs Only 180 days from the last date stipulated for the receipt of RFP (Bid) responses 21-05-2015 at 1100 hrs 28-05-2015 at 1500 hrs 15-06-2015 at 1600 hrs 15-06-2015 at 1615 hrs Interested Bidders are requested to send an email to: rakeshkmittal@unionbankofindia.com kmr@unionbankofindia.com nabarunmajumder@unionbankofindia.com atmswitch@unionbankofindia.com sameerwadkar@unionbankofindia.com The email should contain the following information so that in case of any clarification, the same may be issued to them: Name of the Company, Contact Person, Mailing Address with PIN code, Telephone Nos. email-id etc. Union Bank of India, Technology Centre, 1/1A, Adi Sankaracharya Marg, Opposite Powai Lake, Andheri East, Mumbai 400072 Page 6 of 59

DISCLAIMER a) The information contained in this Request for Proposal (RFP) document or information provided subsequently to Bidder(s) or applicant(s) whether verbally or in documentary form by or on behalf of Union Bank of India (Bank), is provided to the Bidder(s) on the terms and conditions set out in this RFP document and all other terms and conditions subject to which such information is provided. b) This RFP is neither an agreement nor an offer and is only an invitation by Bank to the interested parties for submission of Bids. The purpose of this RFP is to provide the Bidder(s) with information to assist the formulation of their proposals. This RFP does not claim to contain all the information each Bidder may require. Each Bidder should conduct its own investigations and analysis and should check the accuracy, reliability and completeness of the information in this RFP and where necessary obtain independent advice. Bank makes no representation or warranty and shall incur no liability under any law, statute, rules or regulations as to the accuracy, reliability or completeness of this RFP. Bank may in its absolute discretion, but without being under any obligation to do so, update, amend or supplement the information in this RFP. c) This is not an offer by the Bank but only an invitation to Bid in the selection process initiated by the Bank. No contractual obligation whatsoever shall arise from the RFP process until a formal contract is executed by the duly authorized signatory of the Bank and the Bidder. d) Bank reserves the right to change the dates, timings mentioned above or elsewhere mentioned in the RFP, which will be communicated by placing the same as corrigendum under Tender section on Bank s web-site. e) The Bank reserves the right to reject this invitation to offer in part or full, or cancel the entire process at any stage without assigning any reason. f) Subject to any law to the contrary, and to the maximum extent permitted by law, Bank and its officers, employees, contractors, agents, and advisers disclaim all liability from any loss or damage (whether foreseeable or not) suffered by any person acting on or refraining from acting because of any information, including forecasts, statements, estimates, or projections contained in this RFP document or conduct ancillary to it whether or not the loss or damage arises in connection with any negligence, omission, default, lack of care or misrepresentation on the part of Bank or any of its officers, employees, contractors, agents, or advisers. Page 7 of 59

3. Instructions for Bidders 3.1. Introduction 3.1.1. Bank invites offers from prospective Bidders for implementation of Payment Gateway Solution and Access Control Server Solution under outsourced model. 3.1.2. The selected Bidder would be responsible for the solution in the entirety and would also have to support the requisite certifications etc. 3.1.3. The selected Bidder will also have to manage the day-to-day operations including, reconciliations. 3.1.4. The solution should consist of the payment gateways, fraud risk management along with the access control server. Solution proposed in the Bid should cover all theses functionalities. Bids in which the proposed solution does not cover any or all of these functionalities are liable to be rejected. 3.2. Broad Scope of Work 3.2.1. The solution should accept Debit / Credit cards (Visa, MasterCard, Maestro and RuPay) in addition to internet banking / wallet transactions done through various channels like Internet, Mobile phone, IVR etc. The Bank will use existing tie-up with aggregators for acquiring Internet Banking transactions. 3.2.2. The solution should be scalable and should comply with international standards like PCI DSS etc and domestic standards specified by regulatory authorities like RBI / NPCI / Ministry of Finance or any other Government guidelines issued from time to time 3.2.3. The solution should have a rule based and real time fraud risk management capability. 3.2.4. The solution should interface with Visa/MasterCard/NPCI or any other interchange as desired by the Bank and have a direct interface to the Bank s debit/credit card host without any additional cost to the Bank. 3.2.5. The access control server component should provide for Verified by Visa/MasterCard SecureCode/RuPay PaySecure authentication of e- commerce transactions initiated from the cards issued by the Bank. 3.2.6. The solution should have an uptime of 99.5% and should have a dedicated connection to the Bank s switch at Mumbai and DR site at Bangalore. Page 8 of 59

3.3. Eligibility Criteria 3.3.1. Bidder should be a company / partnership firm registered in India and should have been in operation for a period at least five years as on date of RFP. 3.3.2. Bidder should have implemented and/or managed Payment Gateway Solution successfully either on own premises or customer premises, for at least in one Bank or Banking, Financial Services and Insurance (BFSI) organisation in India or globally. 3.3.3. The Bidder should have yearly sales turnover of not less than Rs. 5 Crores during last three financial years i.e. 2011-12, 2012-13 and 2013-14. 3.3.4. The Bidder should be in operating profit excluding interest and taxes for the last three financial years i.e. 2011-12, 2012-13 and 2013-14. (Please provide audited annual reports, Balance Sheet, Profit and Loss Accounts for the same. In case the annual reports of the last financial year are not audited or financial year is not completed, the Bidder shall provide audited annual reports for the previous three financial years). 3.3.5. The hosting site for the proposed solution should be ISO 27001 certified. The proposed payment gateway and access control server solution should be PCI DSS certified. 3.3.6. The Bidder should not have been blacklisted by any of the Government/Regulatory Authorities or Public Sector Undertakings (PSUs). The Bidder shall give an undertaking on their letter head stating that the Bidder has not been black listed by any of the Government Authority or PSU. In case, in the past, the Bidder s company / firm was blacklisted by any Govt. Authority or PSU, the name of such company / firm should have been removed from the black list as on date of submission of the tender, failing which the Bid shall be rejected. A declaration is to be provided to that effect as prescribed in Annexure 3. 3.3.7. The Bidder should have branch/ service centres at any one centre in India and list of branch / service centre / franchises with full details of Name, Address / Telephone Number should be attached. Note: Bidder must comply with all the above mentioned criteria. Noncompliance of any of the criteria will entail rejection of the offer summarily. Photocopies of relevant documents / certificates should be submitted as proof in support of the claims made. The Bank reserves the right to verify / evaluate the claims made by the Bidder. The Bank also reserves the right to inspect such installation/s while evaluating the Bid. Page 9 of 59

3.4. RFP Ownership 3.4.1. The RFP and all supporting documentation are the sole property of Union Bank of India and should NOT be redistributed without the prior consent of Union Bank of India. Violation of this would be a breach of trust and shall, inter-alia, cause the Bidder to be irrevocably disqualified. 3.5. Proposal ownership 3.5.1. The proposal and all supporting documentation submitted by the Bidder shall become the property of Union Bank of India unless the Bidder specifically requests, in writing, that the proposal or the document be returned or destroyed. 3.6. Cost of Bidding 3.6.1. The Bidder should pay the Bid fees as prescribed in the Bid Schedule towards cost of RFP document. The cost of RFP fees shall be paid by a Banker s Cheque / Demand Draft, issued by a nationalized / private / foreign bank in India, drawn in favour of Union Bank of India payable at Mumbai. 3.6.2. The Bidder shall bear all costs associated with the preparation and submission of its Bid, and the Bank will in no case be responsible or liable for these costs, regardless of the conduct or outcome of the Bidding process. 3.7. Content of Bidding Documents 3.7.1. The Bidder is expected to examine all instructions, forms, terms and specifications in the Bidding document. Failure to furnish all information required by the Bidding document or to submit a Bid not substantially responsive to the Bidding document in every respect will be at the Bidder s risk and may result in the rejection of the Bid. 3.8. Clarification on Bidding Documents 3.8.1. Bidder requiring any clarification of the Bidding document may notify the Bank in writing an e-mail. The e-mail ids for seeking clarifications and the date and time up to which clarifications / queries can be sought are indicated in the Bid Schedule. 3.8.2. Relaxation in any of the terms contained in the Bid, in general, will not be permitted, but if granted, the same will be put up on Bank s website. Page 10 of 59

3.8.3. The document fees shall not be refunded in case the Bidder fails to submit the bids or submits a Bid which is not substantially responsive to the Bidding document in every respect. 3.9. Amendment of Bidding Documents 3.9.1. At any time prior to the deadline for submission of Bids, the Bank, for any reason, whether at its own initiative, or in response to a clarification requested by a prospective Bidder, may modify the Bidding Document, by amendment. 3.9.2. Notification of amendments will be put up on the Bank s Website and will be binding on all Bidders. 3.9.3. In order to allow prospective Bidders reasonable time, in which to take the amendment into account in preparing their Bids, the Bank, at its discretion, may extend the deadline for the submission of Bids for a reasonable period as decided by the Bank. 3.10. Language of Bid 3.10.1. The Bid prepared by the Bidder, as well as all correspondence and documents relating to the Bid exchanged by the Bidder and the Bank, and supporting documents and printed literature shall be written in English. 3.11. Proposed Costs 3.11.1. The costs proposed for the proposed solution under outsourced model should be given for a contract period of 5 (five) years. Costs should be quoted in the manner as prescribed in Annexure 9. 3.11.2. The Bank reserves the right to extend the contract period for a period of two years at the same terms and conditions. 3.12. Bid Prices 3.12.1. Prices quoted as above shall be valid for a minimum period of 180 days from last date for submission of the tender 3.12.2. The Bidder cannot quote for the project in part. 3.12.3. Prices quoted by the Bidder shall be fixed during the Bidder s performance of the Contract and shall not be subject to variation on any account, including exchange rate fluctuations, changes in taxes, duties, levies, charges etc. A Bid submitted with an adjustable price quotation will be treated as non-responsive and will be rejected. Page 11 of 59

3.13. Bid Currencies 3.13.1. Bids should be quoted in Indian Rupees only. 3.14. Documents Establishing Bidder s Eligibility and Qualifications 3.14.1. The Bidder shall furnish, as part of its Bid, documents establishing the Bidder s eligibility to Bid and its qualifications to perform the Contract, if its Bid is accepted. 3.14.2. The documentary evidence of the Bidder s qualifications to perform the Contract, if its Bid is accepted, shall establish to the Bank s satisfaction that adequate, specialized hardware and related software expertise are already available, to ensure that the support services are responsive and the Bidder will assume total responsibility for the faultfree operation of the solution proposed and maintenance of the same. 3.15. Documents Establishing Eligibility of Services 3.15.1. The documentary evidence of conformity of the services to the Bidding Documents may be in the form of literature, drawings, and data, and shall consist of: a) A detailed description of the solution as mentioned in Technical and Functional requirements section. b) A confirmation that, if the Bidder offers services through its partners, such services operates efficiently and the Bidder is willing to accept responsibility for its successful operation. 3.16. Bid Security 3.16.1. The Bidder shall furnish, as part of its Bid, a Bid security as mentioned in the Bid Schedule. 3.16.2. The Bid security is required to protect the Bank against the risk of Bidder s conduct, which would warrant the security s forfeiture. 3.16.3. The Bid security shall be denominated in Indian Rupees and shall be in one of the following forms: a) a bank guarantee issued by a nationalised / private / foreign bank in India (other than Union Bank of India), acceptable to the Bank, in the form as per format prescribed in Annexure 6 provided in the Bid document and valid for forty-five (45) days beyond the validity of the Bid, OR Page 12 of 59

b) a Banker s Cheque / Demand Draft, issued by a nationalized / private / foreign bank in India (other than Union Bank of India), drawn in favour of Union Bank of India and valid for three months. 3.16.4. Any Bid, not secured as above, will be rejected by the Bank, as non - responsive. 3.16.5. Unsuccessful Bidders Bid security will be discharged or returned as promptly as possible but not later than sixty (60) days after the expiration of the period of Bid validity prescribed by the Bank. 3.16.6. The successful Bidder s Bid security will be discharged upon the Bidder signing the Contract and furnishing the performance security as prescribed in Annexure 7. 3.16.7. The Bid security may be forfeited: a) if a Bidder withdraws its Bid during the period of Bid validity specified by the Bidder on the Bid Form; or b) if a Bidder makes any statement or encloses any form which turns out to be false/incorrect at any time prior to signing of Contract; or c) in the case of a successful Bidder, if the Bidder fails; i. to sign the contract; or ii. to furnish Performance Security, as prescribed in Annexure 7. 3.17. Period of Validity of Bids 3.17.1. Bid shall remain valid for a period of 180 days from the last date of the submission of the Bid. A Bid valid for a shorter period shall be rejected by the Bank as non-responsive. 3.17.2. In exceptional circumstances, the Bank may solicit the Bidders consent for an extension of the period of validity. The request and the responses thereto shall be made in writing. The Bid security provided shall also be suitably extended. A Bidder may refuse the request without forfeiting its Bid security. 3.18. Format for Signing the Bid 3.18.1. The Bid shall be typed or written in indelible ink and shall be signed by the Bidder or a person or persons duly authorized to bind the Bidder to the contract. The person or persons signing the Bids shall initial all pages of the Bid, except for un-amended printed literature. 3.18.2. In case the Bidder authorizes its agent, business partner or authorized distributor to submit the proposal on its behalf, a separate Authorization Letter as per format in Annexure 5, with a commitment to fulfil the terms of the RFP should be submitted. Page 13 of 59

3.18.3. Any inter-lineation, erasures or overwriting shall be valid only if they are initialled by the person signing the Bids. The Bank reserves the right to reject Bids not confirming to above. 3.19. Deadline for Submission of Bids 3.19.1. Bids must be received by the Bank at the address specified, no later than the date & time specified in the Bid Schedule. 3.19.2. The Bank may, at its discretion, extend this deadline for the submission of Bids by amending the Bid Documents, in which case, all rights and obligations of the Bank and Bidders previously subject to the deadline will thereafter be subject to the deadline as extended. 3.20. Late Bids 3.20.1. Any Bid received by the Bank after the deadline for submission of Bids prescribed, will be rejected. 3.21. Modification and Withdrawal of Bids 3.21.1. The Bidder may modify or withdraw its Bid after the Bid s submission, provided that written notice of the modification, including substitution or withdrawal of the Bids, is received by the Bank, prior to the deadline prescribed for submission of Bids 3.21.2. The Bidder s modification or withdrawal notice shall be prepared, sealed, marked and dispatched. A withdrawal notice may also be sent by fax, but followed by a signed confirmation copy, postmarked no later than the deadline for submission of Bids. 3.21.3. No Bid may be modified after the deadline for submission of Bids. 3.21.4. No Bid may be withdrawn in the interval between the deadline for submission of Bids and the expiration of the period of Bid validity specified by the Bidder on the Bid Form. Withdrawal of a Bid during this interval may result in the Bidder s forfeiture of its Bid Security. 3.22. Evaluation of Bids 3.22.1. For commercial evaluation, the Bank will adopt Reverse Auction process to finalise the Bidder for the project. The procedure for the reverse auction is mentioned in Annexure 11. 3.22.2. The Bidder should furnish indicative prices for the project in their Indicative Commercial Offer (C.O.) to facilitate finalizing the start Bid for Reverse auction under E-Procurement process. The lowest Indicative commercials offer (total cost) may be considered as the Page 14 of 59

starting Bid of the reverse auction and not for deciding the L-1 status. Bank may also decide the starting Bid for reverse auction. Bidders should note that the indicative commercial offer is only considered for the purpose of conducting Reverse auction process only. 3.22.3. The project would be awarded to the L-1 Bidder emerging from Reverse auction process. 3.23. Rules for Re-auction 3.23.1. During the process of reverse auctions, if there is either no Bids from logged in Bidders or only one Bidder puts up Bid/s, Bank may decide a re-auction by taking fresh Indicative prices from all qualified Bidders in sealed cover only, to amend the start price for Re-auction. 3.23.2. In case the start price for the Reverse Auction event is decided by Bank and there are no Bids or only one Bid/s by a single Bidder in the Reverse Auction, Bank may decide Re-Auction while further amending the start price. 3.23.3. Reverse auction will be valid only if two or more Bidders are participating in the reverse auction event. 3.24. No Price Variation 3.24.1. The commercial offer shall be in India Rupees and on a fixed price basis for 5 years. No price variation should be asked for relating to increases/decrease in customs duty, excise tax, other taxes and foreign currency price variation etc during offer validity period. However Bank may review the services and annual charges on yearly basis. 3.24.2. Similarly, there should not be any price variation relating to increase in customs duty, excise tax, other taxes and foreign currency price variation etc., during contract period. However, during contract period, if there is any reduction in government levies / taxes, the same shall be passed on to the Bank. 3.24.3. During contract period, the increase or decrease in service taxes and any new tax levied by Government for the services subscribed by the Bank under this tender will be to the Bank s account. 3.25. Contacting the Bank 3.25.1. No Bidder shall contact the Bank on any matter relating to its Bid, from the time of opening of Bid to the time the Contract is awarded. Page 15 of 59

3.25.2. Any effort by a Bidder to influence the Bank in its decisions on Bid evaluation, Bid comparison or contract award may result in the rejection of the Bidder s Bid. 3.26. Bank s Right to Accept Any Bid and to Reject Any or All Bids 3.26.1. The Bank reserves the right to accept or reject any Bid, and to annul the Bidding process and reject all Bids at any time prior to contract award, without thereby incurring any liability to the affected Bidder or Bidders, or any obligation to inform the affected Bidder or Bidders of the grounds for the Bank s action. 3.27. Notification of Award 3.27.1. Prior to expiration of the period of Bid validity, the Bank will notify the successful Bidder in writing or by fax, that its Bid has been accepted. 3.27.2. The notification of award will constitute the formation of the Contract. 3.27.3. Upon the successful Bidder s furnishing of Performance Security, the Bank will promptly notify each unsuccessful Bidder and will discharge its Bid Security. 3.28. Signing of Contract 3.28.1. At the same time as the Bank notifies the successful Bidder that it s Bid has been accepted, the Bidder shall be required to sign an agreement within 45 days from the date of notification of award. 3.28.2. The contract period would be for a period of five years. 3.28.3. The Bank reserves the right to extend the contract period of two years at the same terms and conditions. 3.29. Service Level Agreement 3.29.1. At the same time as the Bank notifies the successful Bidder that it s Bid has been accepted, the Bidder shall be enter into a Service Level Agreement (SLA) with the Bank, containing all the Terms and Conditions of this RFP, including confidentiality, non-disclosure and penalty clauses, and any other clause relevant to the services offered. 3.29.2. The contract period will be for a period of five years from the project going live or the date of SLA, whichever is earlier. 3.29.3. Though the contract will be signed only with the selected principal Bidder, it shall be the selected Bidder s responsibility to ensure that the Page 16 of 59

quality of work contracted with agents/associates/partners will not be compromised and will be in tune with industry standards. 3.30. Performance Security 3.30.1. Performance Security in the required format to be submitted by the successful Bidder as prescribed in Annexure 7. 3.30.2. Failure of the successful Bidder to sign the contract shall constitute sufficient grounds for the annulment of the award and forfeiture of the Bid security. 3.31. Delays in the Bidders Performance 3.31.1. If at any time during performance of the Contract, the Bidder or its subcontractor(s) should encounter conditions impeding timely delivery of the Products and performance of Services, the Bidder shall promptly notify the Bank in writing of the fact of the delay, its likely duration and its cause(s). As soon as practicable after receipt of the Bidder s notice, the Bank shall evaluate the situation and may, at its discretion, extend the Bidders time for performance, with or without liquidated damages, in which case, the extension shall be ratified by the parties by amendment of the Contract. 3.31.2. Except as provided in the above clause, a delay by the Bidder in the performance of its delivery obligations shall render the Bidder liable to the imposition of liquidated damages, unless an extension of time is agreed upon without the application of liquidated damages. 3.32. Liquidated damages 3.32.1. If the selected Bidder fails to provide any of the services after starting of operations, as per the terms of this RFP, the Bank shall be entitled to charge penalty/ liquidated damages @ 5% of the monthly bill, per week or part thereof. 3.32.2. Liquidated Damages is not applicable for the reasons attributable to the Bank and Force Majeure. 3.32.3. The LD shall be deducted / recovered by the Bank from any money due or becoming due to the Bidder under the contract or may be recovered by invoking the bank guarantees or otherwise from the Bidder or from any other amount payable to the Bidder in respect of other orders. 3.32.4. However, the Bank may, at its discretion, waive the liquidated damages in case the delay cannot be attributed to the Bidder. Page 17 of 59

3.33. Arbitration / Resolution of Disputes 3.33.1. The Bank reserves the right to customize the contract to meet its requirements. 3.33.2. The Bank and the selected Bidder will make every effort to resolve all disputes amicably through direct talks and negotiations. In case of failure to resolve the disputes and differences amicably the matter may be referred to a sole arbitrator mutually agreed upon after issue of at least 30 days notice in writing to the other party clearly setting out there in the specific disputes. In case sole Arbitrator not acceptable to both parties, each party will appoint one Arbitrator and the two Arbitrators will appoint a third Presiding Arbitrator. 3.34. Jurisdiction 3.34.1. The Contract shall be governed by the Laws and Regulations of India for the time being in force and will be subject to the exclusive jurisdiction of the Courts in Mumbai, India. 3.35. Audit 3.35.1. The Bank may, at its discretion, audit the software, books and services of the Bidder by its external / internal / RBI / Ministry auditors. The Service Provider will facilitate the same without any demur. The Bidder shall, whenever required, furnish all relevant information, records, and data to inspecting officials of Bank and the external / internal / RBI / Ministry auditors. The Bank reserves the right to call for any relevant material information/report. Bank will provide the information in advance to the service provider for the same. 3.35.2. The Bidder should get the activities and or functions audited from time to time as per the requirements of the Bank, VISA, Master Card, NPCI, Reserve Bank of India or any other statutory body, where ever applicable. Cost of such audit should be borne by the Bidder throughout the period of agreement. 3.36. Payment Terms 3.36.1. No advance payments shall be made. 3.36.2. The Bank shall make the payments on a monthly basis or receipt of invoice from the selected Bidder, after verifying its correctness. The invoice should be accompanied by the detailed payment gateway and online authentication transactions along with uptime reports for verification by the Bank authorities. 3.36.3. Payment terms for implementation would be as follows: Page 18 of 59

a) 50% on UAT signoff, installation, successful commissioning and acceptance of the solution by the Bank. b) 50% after production signoff and on submission of performance bank guarantee. 3.37. Designing and Implementation Plan 3.37.1. Bank expects the Bidder to submit a detailed plan for implementation of the project which should include the full scope of the project. On acceptance of such plan by the Bank, the Bidder is required to carry out the implementation of the project. 3.38. Project Support Personnel 3.38.1. Bidder shall provide a dedicated Project Manager during and post deployment and should have a 24 X 7 X 365 monitoring / proactive monitoring, technical and functional support team with skilled man power for support, monitoring and operations. 3.38.2. In addition, the Bidder should deploy one resource on the Banks premises during the Banks business hours for proactive monitoring, reporting, and providing support to Bank officials, addressing and resolving customer grievances, if any. 3.39. Start of Services 3.39.1. The selected Bidder shall be responsible for making all the services of the solution operational within 6 to 10 weeks from the date of acceptance of Purchase Order, which will be restricted to 10 days from the date of Purchase Order. 3.39.2. For the purpose of this clause, start of services shall mean conducting successful test and live transactions for all possible scenarios. 3.40. Business Continuity Plan / DR Site 3.40.1. The Bidder should mandatorily have a business continuity plan in place, including a DR site to host the proposed solution, to continue operations in a scenario where the primary place of business is affected by a disaster. 3.40.2. The Bidder should provide an undertaking stating the availability of the DR site as prescribed in Annexure 14. Page 19 of 59

3.41. On-site visit / Reference Site Visit 3.41.1. The Technical Team of the Bank may visit the management centre and other facilities of the Bidder who qualify the eligibility criteria, in case of need, besides onsite visit to other Banks where such Bidder is providing the said services, to evaluate the technical capability of the Bidder and costs incurred by the team representing the Bank will be borne by the Bank. 3.41.2. The Bidder should provide references of organisations which have implemented/procured the solution proposed by the Bidder. The reference sites should be fully implemented and live on the current version of the solution being offered. 3.41.3. References shall be contacted, including an on-site visit, as a part of the solution evaluation process 3.42. Right of Rejection 3.42.1. Union Bank of India reserves the right to reject the solution in its entirety during the evaluation period and to change the suggested plan. 3.43. Penalty for Non-performance during Production and Operation 3.43.1. In case any complaint registered by the cardholder at Card Centre and forwarded by the Bank to the Bidder, remains unresolved/ open beyond 24 hours, solely on account of inaction by the selected Bidder, a penalty of ` 1,000/- (Rupees One thousand only) per instance per day will be levied from the 2nd day, besides recovery of the damages suffered by the Bank, if any, due to such action. 3.44. Termination for Default / Order Cancellation / Exit Clause 3.44.1. The Bank, without prejudice to any other remedy for breach of Contract, may terminate this Contract in whole or in part, by written notice of default to the Selected Bidder, if: a) The Selected Bidder fails to make the Project live or deliver/ execute any or all of the Services within the period(s) specified elsewhere in this RFP/ the Work Order / Purchase Order; or b) Non satisfactory performance of the solution during the evaluation phase c) Failure to integrate/implement the project as per the requirements of the Bank. d) Serious discrepancies are noted in the implementation of the solution. Page 20 of 59

e) The performance of the solution adversely affects the business of the Bank. f) Failure to maintain commitment with respect to Uptime, Performance of the solution etc. g) The Selected Bidder fails to perform any other obligations(s) under the Contract specified elsewhere in this RFP/ the Work Order/ Purchase Order. 3.44.2. Further, the Bank shall be entitled to terminate the agreement at any time by giving notice if the bidder: a) has a winding up order made against it; or b) has a receiver appointed over all or substantial assets; or c) is or becomes unable to pay its debts as they become due; or d) enters into any arrangement or composition with or for the benefit of its creditors; or e) passes a resolution for its voluntary winding up or dissolution or if it is dissolved. 3.44.3. In the event of the Bank terminating the Contract in whole or in part, the Bank may procure the Services similar to those undelivered, upon such terms and in such manner, as it deems appropriate and the Selected Bidder shall be liable to the Bank for any excess costs for procuring such similar Services. However, the Selected Bidder shall continue performance of the Contract to the extent not terminated. 3.44.4. In addition to the cancellation of purchase order, Bank reserves the right to appropriate the Bid Security / Performance Bank Guarantee given by the Bidder. 3.45. Liability on account of any System Compromise 3.45.1. Bidder shall inform the Bank immediately with full details of any security lapse / compromise for taking necessary steps against misuse on account of such occurrence and also take steps to mitigate the risk. Bidder shall be fully liable in case of any Security lapse / Compromise and liability arising in such cases shall be reimbursed by the Bidder to the Bank. 3.46. Force Majeure 3.46.1. Force Majeure is herein defined as any cause, which is beyond the control of the selected Bidder or Bank as the case may be which they could not foresee or with a reasonable amount of diligence could not Page 21 of 59

have foreseen and which substantially affect the performance of the contract, such as: a) Natural phenomenon, including but not limited to floods, droughts, earthquakes and epidemics b) Acts of any government, including but not limited to war, declared or undeclared priorities, quarantines and embargos c) Terrorist attack, public unrest in work area etc. 3.46.2. Provided either party shall within 10 days from occurrence of such a cause, notify the other in writing of such causes. The Bidder or Bank shall not be liable for delay in performing his/her obligations resulting from any force majeure cause as referred to and/or defined above. Any delay beyond 30 (thirty) days shall lead to termination of contract by parties and all obligations expressed quantitatively shall be calculated as on date of termination, notwithstanding this, provisions relating to indemnity, confidentiality survives termination of the contract. 3.47. Bidder Utilisation of Know- How and Personnel for Competitors 3.47.1. The Bank will request a clause that would require a NOC to be obtained from the Bank for using any know-how gained in this contract, if awarded, for another organisation whose business activities are similar in part or in whole to any of those of Union Bank of India anywhere in the world, without prior written consent of the Bank. Non-disclosure Agreement shall be executed by the Bidder with the Bank as per the format prescribed in Annexure 8 3.48. Limitation on Promotion 3.48.1. The Bidder shall agree to make no reference to the Bank for the procurement of products and services hereunder or the agreement in any literature, promotional material, brochures, sales presentation or the like without the express prior written consent of the Bank. 3.49. Indemnity 3.49.1. The Bidder shall, at its own expense, defend and indemnify the Bank against all third party claims for infringement of patent, trademark, design or copyright arising from use of products or any part thereof supplied by Bidder. Bidder will provide infringement remedies and indemnities for third party products, on a pass through basis. The Bidder shall expeditiously extinguish any such claims and shall have full rights to defend itself there from. If the Bank is required to pay Page 22 of 59

compensation to a third party resulting from such infringement, the Bidder shall be fully responsible to pay such compensation along with all costs, damages and attorney s fees and other expenses that a court may finally awards, in the event of the matter being adjudicated by a court or that be included in a Bidder approved settlement. The Bank will issue notice to the Bidder of any such claim without delay and provide reasonable assistance to the Bidder in disposal of such claim, and shall at no time admit to any liability for, or express any intent, to settle the claim. The Bidder shall also reimburse all incidental costs, which the Bank incurs in this regard. 3.49.2. In the event of the Bidder not fulfilling its obligations under this clause within the period specified in the notice issued by the Bank, Bank has the right to recover the amounts due to it under this provision from any amount payable to the Bidder under this project. 3.49.3. The indemnities under this clause are in addition to and without, prejudice to the indemnities given elsewhere in this agreement. 3.50. Patent Rights 3.50.1. The Bidder shall, at their own expense, defend and indemnify the Bank against all third party claims or infringement of intellectual Property Right, including Patent, trademark, copyright, trade secret or industrial design rights arising from use of the products or any part thereof in India or abroad. 3.50.2. The Bidder shall expeditiously extinguish any such claims and shall have full rights to defend it there from. If the Bank is required to pay compensation to a third party resulting from such infringement, the Bidder shall be fully responsible for, including all expenses and court and legal fees. 3.50.3. The Bank will give notice to the Bidder of any such claim without delay, provide reasonable assistance to the Bidder in disposing of the claim, and shall at no time admit to any liability for or express any intent to settle the claim. 3.50.4. The Bidder shall grant to the Bank a fully paid-up, irrevocable, nonexclusive license throughout the territory of India or abroad to access, replicate and use software (and other software items) provided by the Bidder, including-all inventions, designs and marks embodied therein in perpetuity. 3.51. Confidentiality 3.51.1. This document contains information confidential and proprietary to Union Bank of India. Additionally, the Bidder may be exposed by Page 23 of 59

virtue of the contracted activities to internal business information of Union Bank of India, affiliates, and/or business partners. Disclosure of receipt of this RFP or any part of the afore-mentioned information to parties not directly involved in providing the services requested could result in the disqualification of the Bidder, pre-mature termination of the contract, or legal action against the Bidder for breach of trust. 3.51.2. No news release, public announcement, or any other reference to this RFP or any program there under shall be made without written consent from Union Bank of India. Reproduction of this RFP, without prior written consent of Union Bank of India, by photographic, electronic, or other means is strictly prohibited. 3.51.3. Non-disclosure Agreement shall be executed by the Bidder with the Bank as per the format prescribed in Annexure 7 3.51.4. The Bidder (and his employees) shall not, unless the Bank gives permission in writing, disclose any part or whole of this RFP document, of the proposal and/or contract, or any specification, plan, drawing, pattern, sample or information furnished by the Bank (including the users), in connection therewith to any person other than a person employed by the Bidder in the performance of the proposal and/or contract. Disclosure to any such employed person shall be made in confidence and shall extend only as far as may be necessary for purposes of such performance. The employees or the third party engaged by the Bidder will maintain strict confidentiality. 3.51.5. The Bidder, his employees and agents shall not, without prior written consent from the Bank, make any use of any document or information given by the Bank or its Authorized personnel, except for purposes of performing the contract award. 3.51.6. In case of breach the Bank shall take such legal action as it may be advised. 3.52. Limitation of Liability 3.52.1. Bidder's aggregate liability under the contract shall be limited to a maximum of the Contract value. This limit shall not apply to third party claims for a) IP infringement indemnity; b) Bodily injury (including death) and damage to real property and tangible personal property caused by Bidder's gross negligence. 3.52.2. Bidder shall not in any event be liable for any indirect, consequential damage, or loss of profit, business, revenue, goodwill, anticipated saving or data, or third party claim except with respect to bodily injury Page 24 of 59

(including death) and damage to real and tangible personal property for which Bidder is legally liable. 3.52.3. For the purpose of this section, Contract value at any given point of time, means the aggregate value of the purchase orders placed by Bank on the Bidder that gave rise to claim, under this tender. 4. Technical and Functional Specifications 4.1. Compatibility with the Banks infrastructure 4.1.1. An essential component of the implementation will be the integration with Banks existing/future systems and features, not limited to the following: Banks existing Base24 ATM switch or any other switch in future. Basks existing Credit Card switch service provider. 4.1.2. The Bidder should migrate / integrate the existing merchants of the Bank from the Bank s existing service provider. 4.1.3. The Bidder should migrate the data of card holders registered for access control server from the Bank s existing service provider. 4.1.4. The Bidder should ensure that the security and integrity of the data being migrated is maintained and no data loss occurs. 4.1.5. The cost for migration / integration from the Bank s existing service provider shall be borne by the Bidder. 4.2. Infrastructure and Connectivity 4.2.1. The Bidder needs to establish network connectivity through leased lines/isdn lines/vpn/wireless etc. In case of failure, the connectivity should also have a backup, from a network service provider who is different from the one providing the primary link. The costs for such connectivity from the Bidders centre to the Bank s switch at Mumbai and DR site at Bangalore has to be borne by the Bidder. A team should be earmarked for monitoring of the links 24 X 7 X 365 at Bidder s NOC. 4.2.2. The Bidder shall have to make the necessary integration and required customisation to communicate with the Bank s Base24 ATM switch and credit card service provider s switch or any other Switch, ATM network, Finacle Core Banking Solution or any other Core Banking Solution Page 25 of 59

4.2.3. The Bidder shall be responsible for first level monitoring of these network/devices. 4.2.4. The Bidder shall ensure that sufficient bandwidth is available to handle the transactions. 4.2.5. The Bidder shall do proactive monitoring and do capacity planning at regular intervals and advise the Bank on upgrades. However, there should not be any cost to the Bank for application software upgrade. 4.2.6. The Bidder shall make the arrangement to send SMS for alerts and OTP generation/re-generation during online authentication transactions. The cost for SMS gateway shall be borne by the Bidder. The Bidder should have SLA with the SMS aggregator. The Bank may levy penalty in cases where the transactions fail due to non-delivery of SMS / OTP messages. 4.3. System Uptime 4.3.1. The solution should be configured in high availability mode and should have a fully functional DR site. The Bidder should maintain an uptime of 99.5% calculated on a monthly basis. The "Uptime" is, for calculation purposes, equals to the Total contracted minutes in a month less Downtime. The "Downtime" is the time between the Time of Failure of the service and Time of Restoration within the contracted minutes. "Failure" is the condition that renders the Bank unable to perform any of the defined functions on the Solution. "Restoration" is the condition when the selected Bidder demonstrates that the Solution is in working order and the Bank acknowledges the same. 4.3.2. The Downtime calculated shall not include the time on account of any failure due to Bank, third party and Force Majeure. 4.3.3. The Mean Time Between Failures (MTBF) should be 90 days barring scheduled and mutually agreed upon downtime for maintenance. 4.3.4. The Solution Provider shall provide an Uptime report on monthly basis. The report vetted by the Bank Officials is to be presented for payment by the Bidder. 4.3.5. Following will be excluded while calculating the down time: Down time due to Bank issues. Schedule down time for maintenance activity. Bidder should inform to the Bank at least a week before for the schedule down time and for urgent situation at least 24 hours before. Down time due to Force Majeure Page 26 of 59

4.4. Reconciliation 4.4.1. The Bidder shall be responsible for the daily reconciliation of the PG transactions. 4.4.2. Reconciliation should be comprehensive to handle Interchange, Settlement, Chargeback s, etc. 4.4.3. Bidder should provide files of required format compatible to our reconciliation system. 4.5. Certification 4.5.1. The selected Bidder should also support the requisite certifications, integration, maintenance, patching, and audit compliance, etc. 4.5.2. The Bidder should ensure that the solution complies with the mandates released by interchanges such as Visa, MasterCard, and NPCI etc. 4.5.3. The solution should also be should comply with international standards like PCI /ISO etc. 4.5.4. The Bidder should get the activities and or functions audited from time to time as per the requirements of the Bank, VISA, Master Card, NPCI, Reserve Bank of India or any other statutory body, where ever applicable. Cost of such audit should be borne by the Bidder throughout the period of agreement. 4.6. Solution Specification 4.6.1. The solution s admin interface should implement the changes on four eye principle i.e. maker checker. 4.6.2. The solution should allow the administrator to monitor critical activities like user addition, user profile changes, and parameter / configuration changes and also should be capable of triggering alerts for the same. Additionally, it should also monitor all user activities on regular basis and on any deviation alert should be triggered. 4.6.3. All the said components of the proposed solution should operate efficiently and such components are expected to have, but not limited to, the functionalities as listed below: i. Payment Gateway 4.6.4. The solution should support Visa, MasterCard, Maestro and RuPay; also transactions through Internet Banking /IVR / IMPS/ Wallets etc. The solution should be configurable / scalable / capable to support Page 27 of 59

any cards of any other card association that the Bank may wish to support in future. 4.6.5. The Solution should comprise of Payment Gateway, Merchant Plug-In, Merchant Accounting, Clearing, EFT Switch to route transactions to VISA, MasterCard, and NPCI etc. 4.6.6. The solution should be easy-to-use/ pluggable on merchant/ biller platform, configurable, scalable, compliant with various standards like PCI, etc. and can be easily integrated on a wide range of platforms. 4.6.7. The solution should be able to process various cards - credit and debit, Internet Banking, Wallet transaction, etc. on various channels like Web, Mobile, IVR, Mail Order etc. 4.6.8. The solution should provide convenient access via web Interface to various reports online/ offline/ real time merchant/ biller/ settlement / usage/ charge back claims, status, transaction status / summary, etc. and admin interface for parameterization, monitor, control, etc. should be the feature of the solution. 4.6.9. The Payment Gateway solution should provide the following, but not limited to, basic features / functionality: a) Merchant Setup Merchant Accounting b) Customizing/ Imposing at various levels/ frequency c) Second factor authentication like 3 D Secure, etc. d) Blocking international transactions and selectively allowing international card transactions for merchants decided by the Bank. e) Process Risk and Compliance f) Comprehensive Reconciliation to handle Interchange, Settlement, Chargeback s, etc. g) Comprehensive Reporting and MIS Capability h) Comprehensive Auditing and Journaling i) Web Interface for Administrators and reports j) Compliance and adherence to various Standards like PCI k) Adherence to regulatory and statutory guidelines. l) Configuration / parameterisation / customization of solution as per the Banks requirement 4.6.10. The solution should support multi-channel/ multi-currency/ multiparticipant/ multi merchant configuration. 4.6.11. The solution should have the ability to process only authorization leg in a specific requirement where the authentication is done directly by merchant or through third party processors (TPP). 4.6.12. The solution should check for URL tampering while the request is sent for and other relevant information. Page 28 of 59

4.6.13. The solution should support velocity checks and behavioural anomalies. 4.6.14. The solution should be able to provide different types and level of rights and access to various interfaces, web interfaces, databases, reports and functionalities to different teams, as desired by the Bank from time to time. 4.6.15. The solution should provide secure web interface to merchant for viewing of transaction/ transaction status/ upload and downloads of files (file fields and formats should be customizable for merchant/s i.e. vary from merchant to merchant) in secure manner. 4.6.16. The system should support online/ real-time comprehensive and customizable management dashboard. 4.6.17. The solution should provide comprehensive reporting system. Report/s should be available in any format like- pdf, xlsx, html, csv, txt etc. The report format must be flexible to customize 4.6.18. The solution should have ability to generate various reports as per regulators / statutory requirements 4.6.19. The solution should provide comprehensive Clearing and Settlement system as per the requirement of various card associations like VISA/ MasterCard / RuPay or of any other card association that the Bank may decide to support in future 4.6.20. The solution should provide comprehensive Dispute Management System. 4.6.21. The Bidder shall give an undertaking to comply with all Visa/MasterCard/NPCI/RBI regulations where ever applicable. 4.6.22. The solution should provide comprehensive audit trail and logging for various activities like reporting, admin, transaction processing, etc. at various stages of transaction flow. 4.6.23. The solution should provide: a) Merchant definition to be based on: Channel Type of integration Type of cards accepted Type of transactions accepted b) Merchant status on the basis of the integration from the following options: Active Inactive Page 29 of 59

c) Control on transaction processing needs to be assigned based the status of the Merchant d) Setting up of handling of differential fee structures for merchant/ group of merchants. Fee components, like Application or set-up fee Minimum Use fee Statement fee Discount rate fee (based on percentage, flat rate, varying rate for debit/credit cards) Batch Fee Transaction Fee - may be fixed amount per transaction or a percentage of the transaction value or both may vary from merchant to merchant Gateway fees e) Hierarchy driven set-up of merchants is required for assignment accesses and reports at various levels f) The following channels of transactions need to be supported Online MOTO (Mail Order Telephone Order) Standing instruction / Recurring billing g) The following type of transactions are supported on the Payment Gateway Sale Refund Pre-auth Void Reversal h) Platform to be supported for processing the transactions: APIs File Uploads Direct action of transaction through web interface provided (Merchant and Back office) i) Simplified Merchant Integration - System is capable to integrate with the merchants on various platforms - JAVA, ASP, ASP.NET, PERL, PHP etc. Page 30 of 59

j) Documentation and integration guide for the merchant s technical team to complete integration seamlessly without much support k) Reports which would help the technical support team helping the merchant trouble shoot at the time of facing issues with integration l) For online merchant, payment gateway to integrate for both a) Card details taken on our web page b) Card details taken on merchant web page m) Integration with 3D secure (For Visa, MasterCard, RuPay, etc.) system for 2nd factor authentication. n) Blocking of BIN s at MID level and system level o) Merchant velocity checks on amount and transaction count p) Functionality to specify BIN s which will be assigned to Merchant for approving of rejecting the transactions. q) Validation enabled for checking, validating and taking action of whether transaction needs to be approved or rejected at Merchant level in case of any tampering of value on 3D secure leg of the transaction for both online as well as IVR transactions. r) Ability to show the current and past approval rate on Payment gateway, merchant wise, product wise s) On daily basis chargeback are updated online in the system and refund processing should be blocked once chargeback is received on a transaction. 4.6.24. The solution for interchange, settlement and chargeback should provide/ support a) Complete chargeback management system as per the rules and regulations of the respective card associations (VISA,MasterCard, RuPay, etc.) with tracking and exception management features b) Posting of VISA,MasterCard for In and creation of Out transactions c) Creation of Settlement and Funding Reports d) Reports on the chargeback life cycle e) Support the following on VISA, MasterCard (IN and OUT files) for following also in the respective file formats/ frequency for other Card like RuPay etc. Chargeback Charge back for certain type of un-authorized transactions Presentment Re-presentment Page 31 of 59

Retrieval Request Retrieval Response Track fee / Funds Pre-paid card settlement On-us card settlement Miscellaneous Transactions Staging of interchange file, multiple times a day f) Facility to settle acquired transactions from the authorization file and subsequently does a reconciliation with the settlement file and initiate refunds for all voids g) Facility to upload the currency tables in the system as specified by VISA, MasterCard, RuPay, etc. from time to time. h) Facility to upload the BIN tables in the system as specified by VISA, MasterCard, RuPay, etc. from time to time i) Reports on settlement reconciliation j) The settlement period can be customized for merchant/ group of merchant as under Same day Next Day/ Next Business Day 2 nd Business Day 3 rd Business Day k) The settlement timing can be customized for merchant/ group of merchant as under Multi day Consolidated 4.6.25. The solution for merchant/ billers should provide/ support a) System to support VISA, MasterCard, RuPay and Internet Banking(via Banks aggregator) for authorization and settlement for Ecommerce transactions b) Support full EMV (VISA & MasterCard) merchant acquiring specifications for authorizations and settlement. c) Multi-currency support for PG merchants. Various combinations required for Purchase, Settlement and Payment currencies. Ability to handle transaction in one currency, settle with association in another currency and pay the merchant the currency as per his choice. Page 32 of 59

d) Option to enter Master data pertaining to the central office, regional offices and city offices. Multiple address requirements and also the linking of the same with the relationship. e) Addition of new MCC codes, BIN, exchange rates (both online updates and file upload should be possible), MPE file (MasterCard)/VISA etc. files etc. f) Flexibility to apply different MSF schemes for on-us and off-us cards (Product based, Volume based, Slab based, interchange). g) Support for following elements of a merchant plan: Different Payment Frequencies Various Payment Methods Billing Frequency Statement Frequency Currency Code h) Provision for settlements with the payment association, merchant and aggregators. i) Merchant setup checks Validations for both online and batch upload should be possible j) Generation of Merchant, Outlet ID s. k) Support for Merchant Chaining and defining hierarchy within the chain. The hierarchy would impact statement etc. l) Provision for Batch Authorizations m) Process merchant upload provided by the Bank n) Multiple out file processing at predefined frequency 4.6.26. The Fraud Management System should be closely integrated with the Payment Gateway Solution 4.6.27. The fraud risk management component should be able to integrate with any of the Banks existing/future Fraud Management Systems and also with other third party systems like NPCI fraud monitoring system and VISA /Master /CBS or any other if Bank so desires. 4.6.28. Solution should have rule based, real time fraud risk management capabilities. 4.6.29. Solution should provide comprehensive real time fraud monitoring, advices and alerts. 4.6.30. Solution should have the capability to configure Acquirer based rules based on MCC, Merchant, Terminal, Brand, Type of Transaction, etc. Page 33 of 59

4.6.31. Solution should be able to generate cases or alerts. 4.6.32. Solution should provide recommended actions for the Fraud Analysts 4.6.33. Solution should be able to identify the false-positive cases and block the rule automatically 4.6.34. Solution should provide an web based interface for Banks fraud analysts to work on the cases 4.6.35. Solution should provide options to Fraud Analysts to work on the queues and identify the case as a dispute, confirmed by customer, block the card, block BIN, block merchant or terminal, etc. 4.6.36. Solution should be able to send alerts via SMS and email. ii. Access Control Server Solution 4.6.37. It should support all debit/credit/prepaid cards of Visa / MasterCard / RuPay etc. issued by the Union Bank of India as well as cards issued by the RRB sponsored by the Bank i.e. Kashi Gomti Samyut Gramin Bank. 4.6.38. It should provide a website where the cardholder can visit and register for the program. 4.6.39. In addition, it should also provide registration option during first time on-line use of cards. 4.6.40. The registration should be based on the card number, expiry date and ATM PIN to authenticate the card holder and on successful authentication, should allow the card holder to set his 3D Secure password. 4.6.41. The registration process as also every subsequent online transactions needs to be authenticated by an OTP sent to the customer s registered mobile number. This is in addition to the static password set by the user during registration. 4.6.42. The solution should provide an alert message for each successful registration 4.6.43. Mobiles numbers will be stored at the Bank s end and will be used by the Bidder s application for sending the OTP. However, it shall not be stored by the Bidder. 4.6.44. For the Cardholders where there is no mobile number available with the Bank, the ecommerce facility will not be available. 4.6.45. The solution should provide an option to regenerate the OTP in case the OTP is not received by the customer in the specified time. The time for which the OTP is to be valid should be configurable by the Bank. Page 34 of 59

4.6.46. OTP will be expired if used once within the active time. 4.6.47. In case cardholder fails to register himself for the first time and tries to register again then the cardholder should receive the same OTP that was generated before, if the earlier OTP has not expired and has not been used. 4.6.48. If the OTP is expired and has not been used, then cardholder should receive a different OTP from the OTP that was generated before. 4.6.49. For IVR transactions, authentication will only be through OTP. 4.6.50. The product supplied should be capable of approving transactions for onward/inward routing and authorization through Bank s debit/credit card switches 4.6.51. The solution should provide administrator access to Bank through dedicated URL to the application for performing the standard functions like cardholder enquiry, adding/ deleting cardholders, locking/ unlocking cardholder, marking a card for re-registration etc. 4.6.52. The solution should provide on-line Real Time Admin facility to Bank to view & download the Reports 4.6.53. The solution should provide for Reports to be customized as per mutually agreed formats. 4.6.54. The selected Bidder has to provide networking equipments including point to point connectivity with fail over backup from Bidder s primary Data Centre & Disaster Recovery site to Bank s switch Centre DC (Mumbai) and DR Site (Bangalore). 4.6.55. The solution should be in compliance with Reserve Bank of India / Govt. of India/ other payments system authority guidelines. 4.6.56. The Service Provider should comply with industry standards of security such as, but not limited to, Payment Card Industry Data Security Standard (PCI DSS) without any additional cost to the Bank 4.6.57. The solution should support session time outs, connection time outs, account locking after number of failed attempts etc. Note: Notwithstanding anything said above, the Union Bank reserves the right to reject/award the contract to any Bidder or cancel the entire process without assigning reasons thereto. Page 35 of 59

Annexure 1: DECLARATION BY THE BIDDER DECLARATION: We hereby undertake to agree to abide by all the terms & conditions stipulated in the RFP document for Implementation of Payment Gateway solution and Access Control Server solution under outsourced model. The following documents/items are enclosed: 1. Bidder details as per Annexure 2 2. Undertaking as per Annexure 3 3. Bid form as per Annexure 4 4. Authorisation letter format to submit the Bid document per Annexure 5 5. Bid Security form as per Annexure 6 6. Eligibility criteria compliance as per Annexure 10 7. Certified copies of Certificate of Incorporation and Certificate of Commencement of Business (for Public Limited Companies) issued by the Registrar of Companies. 8. Bank Guarantee / DD / PO towards Bid Security as specified under BID SCHEDULE 9. Indicative Commercial Bid as per Annexure 9 10. Please mention any other annexure below. a) b) c) (Signature with date and seal) (In the capacity of) Duly authorised to sign the Bid with seal for and on behalf of (Name and address of the Bidder) Page 36 of 59

Annexure 2: BIDDER S ORGANISATION PROFILE ORGANISATION PROFILE A. Profile of the Bidder Name of the Bidder Location of Registered Office and IT Centre Constitution Date of Incorporation Date of commencement of Business Major change in the management in the last three years Names of Banker(s) B. Financial position of the Bidder for the last three years Details 2011-12 2012-13 2013-14 Paid up capital Tangible Net worth (excluding revaluation reserve) Total outside liabilities/tangible Net worth Net Sales of the Company as a whole Gross Profit Net Profit (Profit after Tax) Summary of Financial Position and Working Results Growth in Operations (%) Growth in Profitability (%) Note: Enclose copies of audited balance sheets along with the Bid. C. Proposed Service details in brief: Description of service Details of similar service provided to banks in India (Signature with date and seal) (In the capacity of) Duly authorised to sign the Bid with seal for and on behalf of (Name and address of the Bidder) Page 37 of 59

Annexure 3: UNDERTAKING BY THE BIDDER To: The General Manager, Union Bank of India 1/1A, Adi Sankaracharya Marg, Andheri East, Mumbai 400072 (To be submitted on the Bidder s letterhead) Date: We (Bidder name), hereby undertake that- As on date of submission of tender, we are not blacklisted by the Central Government / any of the State Governments in India or any Financial Institution in India. We also undertake that, we are not involved in any legal case that may affect the solvency / existence of our firm or in any other way that may affect capability to provide / continue the services to the Bank. Dated this... day of... 2015 Place: (Signature with date and seal) (In the capacity of) Duly authorised to sign the Bid with seal for and on behalf of (Name and address of the Bidder) Page 38 of 59

Annexure 4: BID FORM Ref No: Date: To: The General Manager, Union Bank of India 1/1A, Adi Sankaracharya Marg, Andheri East, Mumbai 400072 Dear Sir, We the undersigned, having examined the Request for Proposal (RFP) for Implementation of Payment Gateway solution and Access Control Server solution under outsourced model, in conformity with the said RFP, for such amount as may be ascertained in accordance with the Schedule of Prices submitted. If our proposal is accepted, to commence operations within six to ten weeks calculated from the date of acceptance of your notification of award / letter of intent / purchase order, as provided under Clause Start of Services - of RFP. We agree to hold this proposal valid for a period of 180 days from the last date of submission of proposal, which shall remain binding upon us and may be accepted at any time before the expiry of the period. We further confirm that- 1. We agree to abide by the Bid and the rates quoted therein for the orders awarded by the Bank up to the period prescribed in the Bid which shall remain binding upon us. 2. In case we offer system and/or other software manufactured by another company, such software operates effectively on the system offered by us and we are willing to accept responsibility for its successful operations. 3. Until a formal contract is prepared and executed, this proposal, together with your written acceptance thereof and Notification of Award, shall constitute a binding Contract between us. We undertake that, in competing for (and, if the award is made to us, in executing the above contract); we will strictly observe the laws against fraud and corruption in force in India. We agree that Union Bank of India is not bound to award the contract to the L1 bidder emerging from the reverse auction process. We have not been barred/black-listed by any regulatory / statutory authority in India during the last five years. Page 39 of 59

Dated this... day of... 2015 Place: (Signature with date and seal) (In the capacity of) Duly authorised to sign the Bid with seal for and on behalf of (Name and address of the Bidder) Page 40 of 59

Annexure 5: LETTER OF AUTHORISATION TO SUBMIT THE BID Ref No: Date: To: The General Manager, Union Bank of India 1/1A, Adi Sankaracharya Marg, Andheri East, Mumbai 400072 Sub: Letter of Authorisation to submit Bid for Implementation of Payment Gateway solution and Access Control Server solution under outsourced model. Dear Sir, We M/s... (Name and address of the Principal) hereby authorize M/s.... (Name and Address), our Business Partner/ Authorised Distributors to submit a proposal, and sign the proposal on behalf of us for all the systems/ services required by the Bank, as called for vide the Bank's request for proposal bearing reference RFP for Implementation of Payment Gateway solution and Access Control Server solution under outsourced model We hereby undertake to bind ourselves with the Bank if the proposal submitted as above is duly accepted by the Bank. Yours faithfully, Name: Designation: (Name and Address of the Bidder on whose behalf the proposal is submitted) Note: This letter of authority should be on the letter head of the Bidder, on whose behalf the proposal is submitted and should be signed by a person competent and having the Power of Attorney to bind the Bidder. It should be included by the Bidder in its proposal. Page 41 of 59

Annexure 6: BID SECURITY Whereas hereinafter called the Bidder has submitted its proposal dated for undertaking Implementation of Payment Gateway solution and Access Control Server solution under outsourced model in your Bank (hereinafter called the Bid ), KNOW ALL PEOPLE by these presents that WE OF having our registered office at (hereinafter called the Bank ) are bound unto Union Bank Bhavan, 239, Vidhan Bhavan Marg, Nariman Point, Mumbai 400020, (hereinafter called the Purchaser ) the sum of ` 10, 00,000/- (Rupees Ten Lakhs only) for which payment well and truly to be made to the said purchaser, the Bank binds itself, its successors and assigns by those presents. THE CONDITIONS of these obligations are: 1. If the Bidder withdraws his Bid during the period of the proposal validity; or 2. If the Bidder, having been notified of the acceptance of its Bid by the purchaser during the period of Bid validitya) Fails or refuses to execute the Contract in accordance with clause 7 (12) of the RFP; or b) Fails or refuses to furnish the Performance Security, in accordance with the terms of the Bid; We undertake to pay the purchaser up to the above amount upon receipt of its first written demand, without the purchaser having to substantiate its demand, provided that in its demand the purchaser will note that the amount claimed by it is due to it, owing to the occurrence of one or both of the two conditions, specifying the occurred condition or conditions. This guarantee will remain in force up to and any demand in respect thereof should reach the Bank not later than the above date. Sealed with the common seal of the said Bank this day of 2015. SIGNATURE AND SEAL OF BANK Page 42 of 59

Annexure 7: PERFORMANCE BANK GUARANTEE To, Union Bank of India Union Bank Bhavan, 239, Vidhan Bhavan Marg, Nariman Point, Mumbai 400020 Whereas, a company incorporated under the Companies Act, 1956 and having its principal office at, represented by its authorised signatory Mr., hereafter called Third Party Processor, which expression shall, unless repugnant to the context thereof, mean and include its successors and permitted assigns has undertaken, in pursuance of contract no. dated for undertaking Implementation of Payment Gateway solution and Access Control Server solution under outsourced model for hereinafter called the Bid. And whereas it has been stipulated by you in the said contract that the Bidder shall furnish you with a Performance Guarantee by a scheduled commercial bank for the sum specified therein as security for compliance with the Bidder s performance obligations under the contract for the proposal for a period of 60 months. And whereas we have agreed to give the Third Party Processor a guarantee. Therefore we hereby affirm that we are the guarantors and responsible to you on behalf of the Third Party Processor, for `../- (Rupees. only). And we undertake to pay you upon your first written demand declaring the Third Party Processor to be in default under the contract and without cavil or argument, any sum or sums within the limit of `../- (Rupees. only) as aforesaid, without your needing to prove or to show ground or reasons for your demand or the sum specified therein. This guarantee is valid until (Date) Sealed with the common seal of the said Bank this day of 2015. SIGNATURE AND SEAL OF BANK Page 43 of 59

Annexure 8: NON DISCLOSURE AGREEMENT AGREEMENT, made effective this day of, <ddmmyyyy> between Union Bank of India and (Hereinafter "THE VENDOR"). With respect to CONFIDENTIAL INFORMATION furnished by the parties to each other, the parties agree as follows: 1. That Confidential Information is received by each party for purposes of implementation of security system for online card transactions for Union Bank of India & carrying on its activities. Confidential Information is defined as meaning information of Union Bank of India or the VENDOR identified as or relating to its activities, data made available or accessible, data generated during operations, business strategies, business arrangements, computer and network operations, functions and systems architecture which may be disclosed in oral, written, graphic, machine-recognizable, and/ or sample form, inclusive but not limited to any statistical data, MIS reports, client confidential information of Union Bank of India, any information relating to Banks Products, Services and transactions which may be exchanged between the parties and also information which is clearly designated, labelled, or marked as confidential and/ or proprietary or its equivalent. In the event of confidential information shared orally, the disclosing party will confirm, in writing within thirty (30) days after such oral disclosure. Each party shall limit dissemination of Confidential Information to only those people or employees of the Bidder, demonstrating and requiring a need to know. 2. That up to a period of 3 years after the date of termination of this Agreement, each party shall a) restrict dissemination of Confidential Information to only those employees who must be directly involved in evaluation of the Confidential Information b) use the same degree of care as for its own information of like importance and take reasonable care, in safeguarding against disclosure of Confidential Information. 3. That each party shall not copy, transmit or otherwise communicate the CONFIDENTIAL INFORMATION, in any form to anyone not having a need to know, without the prior written approval of the other party. 4. At the disclosing party's request or upon termination of the Contract for implementation of security system for online card transactions [or if the proposed transaction is not consummated], the receiving party will within 30 days of receipt of such notification: i) return to the disclosing party all copies of the Confidential Information in its possession [or in the possession of its representatives/ agents/ Page 44 of 59

employees], [whether in written form, electronically stored or otherwise] provided by the disclosing party; ii) destroy all copies of those portions of any documents containing any Confidential Information, and iii) if so requested by the disclosing party, deliver to the disclosing party a certificate executed by one of its duly authorized officers confirming compliance with the return or destruction obligation. 5. The Bidder shall maintain full confidentiality of the data obtained while answering queries/ complaints of Union Bank of India s customers. Under no circumstances the Bidder shall divulge/ reveal/ share such data with any third party without the prior written permission. Bidder shall execute appropriate confidentiality agreements with their employees to maintain confidentiality of such data. Such data collected, if any shall be the property of Union Bank of India and shall be handed over to Union Bank of India on expiry of the contract or when asked for during the currency of the contract. The facility should have appropriate electronic access control systems to ensure only authorized personnel have access. 6. That nothing contained in this Agreement shall be construed as granting or conferring any rights by license or otherwise, expressly or implied, or otherwise for any patents, copyrights, trademarks, know-how or other proprietary rights of either party acquired prior to or after the date of this Agreement. 7. That during the term of this Agreement and notwithstanding the other provisions of this Agreement, nothing received by Bidder shall be construed as CONFIDENTIAL INFORMATION which is now available to the public or is disclosed pursuant to the lawful requirement of a Government Agency disclosure is permitted by operation of law, provided that the Bidder before making the disclosure has given prior notice to Union Bank of India and has made a reasonable attempt to obtain a protective order limiting disclosure and use of the information so disclosed. 8. A waiver of any provision or breach of this Agreement must be in writing and signed by an authorized official of the Party executing the same. No such waiver shall be construed to affect or imply a subsequent waiver of the same provision or subsequent breach of this Agreement. 9. This Agreement shall be governed by and construed in accordance with the laws of India. Page 45 of 59

10. It is understood that this Agreement does not obligate either of the Parties to enter into further or continued discussions and assumes no commitment, financial or otherwise. IN WITNESS WHEREOF, the parties have caused this Agreement to be executed by their duly authorized representatives and to become effective as of the date first written above. AGREED: Union Bank of India By: (Authorized Signature) Title: Date: By_: (Authorized Signature) Title: Date: Page 46 of 59

Annexure 9: INDICATIVE COMMERCIAL BID FORMAT A. Payment Gateway Sr. No Particulars Volume (per year) * Per Unit Cost Taxes (description and percentage) Total Cost for 1 years In `. 1. One time setup and implementation fees, if any 2. Merchant On-boarding Fees 3. Per payment gateway transaction cost 4. Per online payment authentication transactions cost (including registrations) # 5. TCO 5,000 2.5 crore 1.0 crore TCO in words (including taxes): * Indicative volume with an expected growth of 20% per annum # Currently 16 lakh cards are registered for authentication during online debit/credit card transactions Note: 1. TCO must be quoted in WORDS AND FIGURES. 2. The rates will be valid for five years from the date of purchase order and may be extended for another 2 years on renewal of the contract at the banks discretion. 3. The prices quoted above are for TCO calculation purposes only. Payment would be done on pro rata basis per transaction. 4. Customizations required in future would be made on mutually agreed terms. 5. Cost of on-going software maintenance / updates / patches / bug fixes / enhancements shall be borne by Bidder. 6. Bank will not evaluate and consider any terms and conditions mentioned in the commercial Bid. Bank reserve the right to disqualify the Bidder if any deviation is mentioned in the commercial Bid. 7. All prices are mandatory to be quoted else Bid is liable to be rejected. (Signature with date and seal) (In the capacity of) Page 47 of 59

Duly authorised to sign the Bid with seal for and on behalf of (Name and address of the Bidder) Page 48 of 59

Annexure 10: ELIGIBILITY CRITERIA COMPLIANCE CHECKLIST Sr. No. 1 2 3 4 Eligibility Criteria Bidder should be a company / partnership firm registered in India and should have been in operation for a period at least five years as on date of RFP. Bidder should have implemented and/or managed Payment Gateway Solution successfully either on own premises or customer premises, for at least in one Bank or Banking, Financial Services and Insurance (BFSI) organisation in India or globally. The Bidder should have yearly sales turnover of not less than Rs. 5 Crores during last three financial years i.e. 2011-12, 2012-13 and 2013-14. The Bidder should be in operating profit excluding interest and taxes for the last three financial years i.e. 2011-12, 2012-13 and 2013-14. Compliance (Yes/No) Details of proof submitted 5 6 7 The hosting site for the proposed solution should be ISO 27001 certified. The proposed payment gateway and access control server solution should be PCI DSS certified. The Bidder should not have been blacklisted by any of the Government/Regulatory Authorities or Public Sector Undertakings (PSUs). The Bidder should have branch/ service centres at any one centre in India and list of branch / service centre / franchises with full details of Name, Address / Telephone Number should be attached. (Signature with date and seal) (In the capacity of) Duly authorised to sign the Bid with seal for and on behalf of (Name and address of the Bidder) Page 49 of 59

Annexure 11: REVERSE AUCTION PROCESS Reverse Auction through E-Procurement The detailed procedure for Reverse Auction to be followed in the RFP for Implementation of Payment Gateway solution and Access Control Server solution under outsourced model: The response to the present tender will be submitted by way of submitting the Indicative Commercial offers in sealed covers. The details of the proposed solution offered by the Bidder with the relevant information/documents/acceptance of all terms and conditions strictly as described in this tender document will have to be submitted by the Bidders. The Bidders whose Bids are accepted by the Bank will be invited to participate in the online Reverse Auction to be conducted by the company selected by the Bank. Bidders, who are invited, will be trained by the Reverse Auction Company for this purpose, and they will have to abide by the E-business rules framed by the Bank in consultation with Reverse Auction Service provider. The e-business rules are furnished hereunder in this document. Business Rules for Reverse Auction 1. Applicability 1.1. Reverse Auctions are carried out under the framework of rules that are called Business Rules. 1.2. All Bidders participating in Reverse Auction shall understand/accept and give an undertaking for compliance with the same to the Bank in the prescribed format Annexure 12. 1.3. Any Bidder not willing to submit such an undertaking shall be disqualified for further participation respecting the procurement in question. 2. Eligibility 2.1. Only Bidders who are technically qualified and who submit the prescribed undertaking to the Bank alone can participate in Reverse Auction for procuring the services as mentioned in the RFP. 3. Compliance/Confirmation from Bidders 3.1. The Bidders participating in Reverse Auction shall submit the following duly signed by the same Competent Authority who signs the offer documents in response to the RFP: Acceptance of Business Rules for Reverse Auction and undertaking as per format in Annexure 12. Agreement between service provider and Bidder. (This format will be given by the service provider prior to announcement of Reverse Auction.) Page 50 of 59

Letter of authority authorizing the name/s of official/s to take part in Reverse Auction as per format in Annexure E-2. 4. Training 4.1. The Bank will facilitate training for participation in Reverse Auction either on its own or through the service provider for the Reverse Auction. 4.2. Where necessary, the Bank/service provider may also conduct a mock reverse auction to familiarize the Bidders with Reverse Auction process. 4.3. Any Vendor / Bidder not participating in training and/or mock reverse auction shall do so at his own risk and it shall not be open for him to make any complaint/grievance later. 5. Date and Time for Training 5.1. The Venue, Date, Time etc. for training in Reverse Auction shall be advised at the appropriate time. 5.2. The Bank shall Endeavour to fix such Date/Time at mutual convenience to the Bidder/s, service provider and the Bank. 5.3. No request for postponement/fixing of Training Date/Time shall be entertained which in the sole view and discretion of the Bank might result in any avoidable delay to either the Reverse Auction or the whole process of selection of Bidder. 6. Date and Time of Reverse Auction 6.1. The Date and Time of commencement of Reverse Auction as also Duration of Reverse Auction Time shall be communicated at least 7 working Days prior to such auction Date. 6.2. Any force majeure or other condition leading to postponement of auction shall entitle the Bank to postponement of auction even after communication, but, the Bank shall be obliged to communicate to all participating Bidders the postponement prior to commencement of such Reverse Auction. 7. Conduct of Reverse Auction 7.1. The Reverse Auction shall be conducted on a specific web portal meant for this purpose. 7.2. The Reverse Auction may be conducted by the Bank itself or through a service provider specifically identified/appointed/empanelled by the Bank. 8. Reverse Auction Service Provider s Roles and Responsibilities 8.1. In all Reverse Auctions conducted by the Bank through a Service Provider, the Bank shall enter into a separate agreement clearly detailing the role and responsibilities of the service provider hosting the web portal for the Reverse Auction. 8.2. For creating necessary obligations and rights, the service provider will also enter into an agreement with each Bidder as per a format designed by him for Page 51 of 59

this purpose. The Bank shall resolve any points/issues concerning such agreement of Bidder and service provider. 8.3. While a Service Level Agreement (SLA) by the Bank with the service provider is an arrangement for smooth and fair conduct of the Reverse Auction, the Bank shall be directly responsible to Bidders for fair and transparent conduct of Reverse Auction. 8.4. The service provider at the end of each Reverse Auction shall provide the Bank with all details of the Bids and reports of reverse auction. 8.5. The service provider shall also archive the data pertaining to the Reverse Auction for a minimum period of 3 years. 9. Training and Auction 9.1. Service provider / auctioneer is responsible for conduct of adequate training to all technically qualified Bidders representing the reverse auction and Bidding process. 9.2. Each vendor / Bidder shall participate in the training at his / their own cost. 9.3. Wherever it is considered necessary and asked by the Bidders or as decided by the auctioneer or by Bank a mock auction may also be conducted for the benefit of all concerned. 9.4. Authorized representatives of the Bidders named in the authorization letter given by the Bidder shall be given unique user name, password by the service provider / auctioneer. 9.5. Each Bidder shall change the password and edit the information in the registration page after receipt of initial password. 9.6. All the Bids made from the log-in ID given to Bidder shall ipso-facto be considered Bid made by the vendor / Bidder to whom log-in ID and password were assigned by the service provider / auctioneer. 9.7. Any Bid once made through registered log-in ID / password by the vendor / Bidder cannot be cancelled. The Bidder, in other words, is bound to sell the Offering as per the RFP at the Bid price of TCO. 9.8. Every successive Bid by the Bidder / vendor being detrimental Bidding shall replace the earlier Bid automatically and the final Bid as per the time and login ID shall prevail over the earlier Bids. 9.9. The Bank shall conduct the reverse auction as per the Standard English reverse auction, that is, no two Bids can have identical price from two different Bidders. In other words, there shall never be a Tie in Bids. 10. Proxy Bid 10.1. A proxy Bid is one where Bidder can submit the lowest Bid amount by him in strict confidence to the system directly. This obviates the need for him participating in the Bidding process until the proxy Bid amount is decrementally reached by other Bidders. 10.2. When proxy Bid amount is reached, the Bidder has an option to revise the proxy Bid amount or he can prefer to start participating in Bidding process. Page 52 of 59

10.3. Since it is an English auction with no ties, two Bidders submitting identical proxy Bid amount and succeeding in auction simultaneously does not arise. 10.4. During training, the issue of proxy Bidding will be clarified in detail by the service provider. 11. Transparency in Bids 11.1. All Bidders will be able to view during the auction time the current lowest price in portal. Bidder shall be able to view not only the lowest Bid but also the last Bid made by him at any point of time during the auction time. 12. Masking of Names 12.1. Names of Bidders/ vendors shall be anonymously masked in the Reverse Auction process and Bidders will be given suitable dummy names. 12.2. After completion of Reverse Auction, the service provider / auctioneer shall submit a report to the Bank with all details of Bid and the original names of the Bidders as also the L1 Bidder with his / their original names. 13. Start Price 13.1. The lowest Indicative commercials offer (total cost) may be considered as the starting Bid of the reverse auction and not for deciding the L-1 status. Bank may also decide the starting Bid for reverse auction. Bidders should note that the indicative commercial offer is only considered for the purpose of conducting Reverse auction process only. 14. Decremental Bid Value 14.1. The Bidders shall be able to Bid only at a specified decrement value and not at any other fractions. The Bid decrement value shall be Rs.7500/- or 0.25% of the Start price of the Reverse Auction, whichever is higher. 14.2. The Bid decrement value shall be rounded off to the nearest thousands of rupees. 14.3. For the sake of convenience of Bidders, the web portal shall display the next possible decremented value of Bid. It is not, however, obligatory on the part of Bidders to Bid at the next immediate lower level only. (That is, Bids can be even at 2 or 3 lower levels than the immediate lower level.) 15. Copy of Business Rules 15.1. The Bank shall supply copy of the Business rules to any Bidders / Bidders, wishing to participate in the reverse auction. Such request shall be made in writing to the Bank by an authorized representative of the Bidder. 15.2. The Bank shall also handover a copy of the Business Rules with a covering letter duly signed by an authorized signatory of the Bank. 15.3. For any dispute concerning the Business Rules, the hard copy of Business Rules supplied by the Bank for the reference of reverse auction process will alone be considered final and binding. Page 53 of 59

16. Reverse Auction Process 16.1. In order to reduce the time involved in the procurement process, Bank shall be entitled to complete the entire procurement process through a single Reverse Auction. For this purpose, Bank shall do all it can to award the contract to L1 Bidder or in the circumstances where awarding of contract may have to be done to the L2, L3 Bidder as provided for in the RFP. 16.2. The Bank shall however, be entitled to cancel the procurement of Reverse Auction process, if in its view procurement or reverse auction process cannot be conducted in a fair manner and / or in the interest of the Bank. 16.3. The successful Bidder shall be obliged to provide a Bill of Material at the last Bid price at the close of auction. 17. Expenditure of Reverse Auction 17.1. All expenses of reverse auction shall be borne by the Bank. Bidders, however, shall attend the training or mock auction at their own cost. 18. Changes in Business Rules 18.1. Any change in Business Rules as may become emergent and based on the experience gained shall be made only by a Committee of senior / top executives of the Bank. 18.2. Any / all changes made in Business Rules shall be uploaded in the Website immediately. 18.3. If any reverse auction process has commenced and a change is made in Business Rules, it shall be informed immediately to each vendor/ Bidder and his concurrence to / acceptance of the change shall be obtained in writing by the Bank. 19. Don ts Applicable to the Bidder / Vendor 19.1. No Bidder shall involve himself / itself or any of his / its representatives in any price manipulation directly or indirectly with other Bidders. If any such practice comes to the notice, Bank shall disqualify the vendor / Bidders concerned from the reverse auction process. 19.2. Bidder shall not disclose details of his Bids or any other details concerning Reverse Auction process of the Bank to any other third party without specific permission in writing from the Bank. 19.3. Neither Bank nor service provider / auctioneer can be held responsible for consequential damages such as no power supply, system problem, inability to use the system, loss of electronic information, power interruptions, UPS failure, etc. (Bank shall, however, entertain any such issues of interruptions, problems with open mind and fair degree of transparency in the process before deciding to stop or extend the auction.) Page 54 of 59

20. Grievances Redressal 20.1. Any aggrieved vendor / Bidder through Reverse Auction process can make complaint in writing within 48 hours of the Reverse Auction to the Chief Compliance Officer of the Bank. 20.2. The Chief Compliance Officer along with the Chief Law Officer of the Bank and Chief of Audit Dept. shall give personal hearing to the aggrieved Bidder / vendor and decide upon the complaint / grievance. 20.3. Decision of the Grievance Redressed Committee shall be binding on the Bank as well as on all Bidders participating in the Reverse Auction. 21. Errors and Omission 21.1. On any issue or area of material concern respecting Reverse Auction not specifically dealt with in these Business Rules, the decision of the Bank shall be final and binding on all concerned. Page 55 of 59

Annexure 12: COMPLIANCE STATEMENT FOR REVERSE AUCTION (To be submitted by all the vendors participating in Reverse Auction) Ref No: Date: To: The General Manager, Union Bank of India 1/1A, Adi Sankaracharya Marg, Andheri East, Mumbai 400072 DECLARATION We (name of the company) hereby confirm having submitted our bid for participating in Bank s RFP dated for Implementation of Payment Gateway solution and Access Control Server solution under outsourced model. We also confirm having read the terms of RFP as well as the Business Rules relating to the Reverse Auction for this RFP process. We hereby undertake and agree to abide by all the terms and conditions stipulated by Union Bank of India in the RFP document including all annexures and the Business Rules for Reverse Auction. We shall participate in the on-line auction conducted by Ltd. (Auction Company) and submit our commercial bid. We shall also abide by the procedures prescribed for online auction by the auction company. We, hereby confirm that we will honour the Bids placed by us during the auction process, failing which we shall forfeit the EMD. We also understand that the bank may debar us from participating in future tenders. We confirm having nominated Mr., designated as of our company to participate in the Reverse Auction on behalf of the company. We undertake that the company shall be bound by the bids made by him in Reverse Auction. We undertake to submit the confirmation of last bid price by us to the auction company/bank within 48 working hours of the completion of event. We also undertake to submit the Bill of Materials for the TCO (Total Cost of Ownership) in terms of RFP. Page 56 of 59

(Signature with date and seal) (In the capacity of) Duly authorised to sign the Bid with seal for and on behalf of (Name and address of the Bidder) Name of Authorised Representative: Signature of Authorised Representative: Verified above signature Competent Authority Signature: Page 57 of 59

Annexure 13: LETTER OF AUTHORISATION FOR REVERSE AUCTION Ref No: Date: To: The General Manager, Union Bank of India 1/1A, Adi Sankaracharya Marg, Andheri East, Mumbai 400072 We (name of the company) have submitted our bid for participating in Bank s RFP dated for Implementation of Payment Gateway solution and Access Control Server solution under outsourced model. We also confirm having read and understood the terms of RFP as well as the Business Rules relating to the Reverse Auction for this RFP process. As per the terms of RFP and Business rules, we nominate Mr., designated as of our company to participate in the Reverse Auction. We accordingly authorize Bank and / or the Auction Company to issue user ID and password to the above named official of the company. Both Bank and the auction company shall contact the above named official for any and all matters relating to the Reverse Auction. We, hereby confirm that we will honour the Bids placed by Mr. on behalf of the company in the auction process, failing which we will forfeit the EMD. We agree and understand that the bank may debar us from participating in future tenders for any such failure on our part. (Signature with date and seal) (In the capacity of) Duly authorised to sign the Bid with seal for and on behalf of (Name and address of the Bidder) Name of Authorised Representative: Signature of Authorised Representative: Verified above signature Competent Authority Signature: Page 58 of 59

Annexure 14: UNDERTAKING FOR DR SITE AVAILABILITY (To be submitted on the Bidder s letterhead) To: The General Manager, Union Bank of India 1/1A, Adi Sankaracharya Marg, Andheri East, Mumbai 400072 Date: We (Bidder name), hereby unconditionally and irrevocably undertake that- As on date of submission of tender, we have a fully functional Disaster Recovery site. The Disaster Recovery site is fully equipped to keep the solution fully functional in case the solution is not able to function from the primary site. The address and contact details for the DR site is as follows: Address: Telephone Number: Dated this... day of... 2015 Place: (Signature with date and seal) (In the capacity of) Duly authorised to sign the Bid with seal for and on behalf of (Name and address of the Bidder) Page 59 of 59